Nios® V/II Embedded Design Suite (EDS)
Support for Embedded Development Tools, Processors (SoCs and Nios® V/II processor), Embedded Development Suites (EDSs), Boot and Configuration, Operating Systems, C and C++
12603 Discussions

Encryption for remote upgrade

Altera_Forum
Honored Contributor II
‎10-30-2006 08:35 PM
1,023 Views

Hi, 

 

Our system is running a webserver. We want to be able to remotely upgrade the unit, i.e. be able to email a customer a file which he can install on a local computer. Than you would browse to our unit and point to the sent file. The file is saved to flash upgrading both the fpga configuration and the nios code. We want to use an encrypted file. We want to be able to encrypt the file using a C/C++ app written in Viusal Studio and decrypt it in the nios processor. I've seached around a bit, seems like there is plenty of free code implementing AES but I don't really know where to start. I don't want to learn a lot about encryption. Any suggestions about where I should start? Thanks.  

 

Mike
0 Kudos

Link Copied

2 Replies
Altera_Forum
Honored Contributor II
‎11-01-2006 03:47 PM
341 Views

Hello Mike, 

 

In the past I had to solve a similar task so it’s possible that I have some good information for you. I decided to use 3DES (please don’t ask why). Under the following link you can get a very useful source-code: http://jean.downloads.port5.com/3des_src.htm (http://jean.downloads.port5.com/3des_src.htm

The source code can be used within the Nios firmware and within the Visul Studio Project. It’s very likely that you can get some ready components for Visual Studio too. 

 

In my opinion these steps are necessary:  

1. Merge the binary flash data for the FPGA configuration and the Nios firmware. 

2. Calculate the CRC32 of the data 

3. Encrypt all with 3DES or something else (block code) 

4. Send the whole data to your Nios 

5. The Nios firmware decrypts all 

6. Check the CRC32 - it must be the same  as above 

7. Program your flash with it 

 

Unfortunately I don’t have ready source code you can use. But if you have questions feel free to ask. 

 

 

Regards, 

niosIIuser
0 Kudos
Copy link
Altera_Forum
Honored Contributor II
‎11-06-2006 04:56 PM
341 Views

Hello niosIIuser, 

 

Thanks so much for your advice. Your description of the steps necessary to do this totally makes sense to me. A small description of how to execute the code in the link you mention would be a big help. I need to first set keys by calling des_set_key and des3_set_2keys and des3_set_2keys, is that right? Then I can call des_encrpt sending it 8 bytes of data from my combined file at a time? Anyway, I can largely follow it but not completely. Any additional info you can give me would be a big help. Thanks. 

 

Mike
0 Kudos
Copy link
Reply

Community support is provided during standard business hours (Monday to Friday 7AM - 5PM PST). Other contact methods are available here.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

For more complete information about compiler optimizations, see our Optimization Notice.