SSL is the most commonly used protocol for secure transmission over the Internet. It is implemented in every web browser, and used for most web purchases (it is unwise to transmit your credit card number without it). Whenever you see the dialog box in Figure 1 followed by a page that puts a lock icon in the status bar and an address beginning with "https://..." as shown in Figure 2, you are using SSL.

Figure 1.

Figure 2.

SSL wasn't designed for small, low-powered processors, it was designed for desktops, but Z-World/Rabbit Semiconductor has made SSL feasible, economical and fast for small embedded systems by implementing special block arithmetic instructions in silicon to speed up encryption and decryption algorithms. SSL is integrated into our web server to give you security as strong as the security you use on your PC. Without additional hardware acceleration such as a Trusted Platform Module, a processor such as an 8051 or a Z180 cannot do the initial SSL handshake fast enough for a browser interface. If users have to wait 20 seconds or more before they even enter a password to access a secure page, they are likely to think the embedded device or the browser is hung, and give up. A 44 MHz Rabbit processor handles the initial handshake in under 3 seconds. Throughput thereafter is about 120 Kbit per second. Using an embedded, secure HTTP webserver (HTTPS) in your embedded device is the easiest way to add a secure interface to it. A proprietary solution will require proprietary PC software which means maintenance and support headaches. Combine SSL with RabbitWeb, and you can add a secure user interface to existing devices in hours!

Adding SSL to a Rabbit application only takes a few lines of code. Figure 5 shows the C and HTML code for a small program implementing a secure web server. The code needed to add SSL is highlighted in red. The program first puts up the index page shown in Figure 3 when end users access the device in their browsers. If a user clicks on the "Open a secure web page" link, the initial SSL handshake is performed and the password dialog box appears. If the user enters the correct user name and password, the secure page in Figure 2 opens. Adding SSL to an existing application only adds about 44 Kbytes of code. Figure 3. Figure 4. SSL requires the use of digital certificates. Z-World's SSL includes an easy-to-use certificate utility that lets you create certificates to be signed by a signing service such a VeriSign, or self-signed certificates. Z-World's SSL module works with the default browser settings of all major commercial browsers. In summary, the Z-World/Rabbit SSL advantages are: Low cost, no royalties Highly optimized for speed & size Full integration with HTTPS for ease of use Certificate creation tools included Responsive, quality support SSL is sold separately and requires a Rabbit 3000A or later processor and Dynamic C 8.51 or later. More information: SSL Manual (471 Kbyte PDF) White paper: Cryptography for Engineers Who Couldn't Care Less

Figure 5. C Source #define TCPCONFIG 1 #define USE_HTTP_SSL #define HTTP_SSL_SOCKETS 1 #ximport "certs\ca2.dcc" SSL_CERTIFICATE #use "dcrtcp.lib" #use "http.lib" #ximport "index.html" index_html #ximport "secure.html" secure_html SSPEC_MIMETABLE_START SSPEC_MIME(".html", "text/html") SSPEC_MIMETABLE_END SSPEC_RESOURCETABLE_START SSPEC_RESOURCE_XMEMFILE("/", index_html), SSPEC_RESOURCE_XMEMFILE("/index.html", index_html), SSPEC_RESOURCE_XMEMFILE("/admin/secure.html", secure_html) SSPEC_RESOURCETABLE_END main() { int user_id; sock_init(); http_init(); tcp_reserveport(80); // HTTP tcp_reserveport(443); // HTTPS sspec_addrule("/admin", "admin", 1, 1, SERVER_HTTPS, SERVER_AUTH_BASIC, NULL); user_id = sauth_adduser("joeshmo", "rosebud",SERVER_HTTPS); sauth_setusermask(user_id, 1, NULL); while(1) { http_handler(); } } Index Page HTML Source <HTML><HEAD><TITLE>SSL Information</TITLE> <BODY> <A HREF="https://10.10.6.206/admin/secure.html"> Open a secure web page.</A> </BODY></HTML> Secure Page (Figure 2) HTML Source <HTML> <HEAD> <TITLE>Secure page</TITLE> </HEAD> <BODY> This is a secure page. <A HREF="http://10.10.6.206/index.html">Back</A> </BODY> </HTML>