On 6/7/05, Rohan Shrivastava <
[EMAIL PROTECTED]> wrote:
Hello,
I am new to OpenSSL programming through C.
This is my first program, so I am not sure whether
I have achieved secure session between client and server or not,
though they are able to communicate
using SSL_write/read functions.
This is how I did the things
At server I loaded certificate & private key & after accepting
TCP connection I accepted SSL session request.
& then started communicating with Client.
At client I just used SSLv3_method() & SSL_CTX_new() functions to get new
ctx object.
Here after setting up TCP connection I initiated SSL connection request,
& on success it communicates with server.
I tired to load Random file with the following code, but could not get
through,
so I did without random source (for both client & server).
#defile RANDOM "/dev/random"
if (!(RAND_load_file(RANDOM,1024*1024))) {
printf("\n Error in loading random file");
exit(0);
}
I generated Certificate & Keys with the following commands
openssl -genrsa 1024 -out key.pem
openssl req -new -key key.pem -x509 -days 3650 -out server_crt.pem
Now my queries are:
[#]. How can I be sure that session is secure?
[#]. If they are able to communicate in a secured session,
then how come they completed SSL handshake without random number source
(I think it is required at time of Handshake)?
[#]. How can I authenticate Clients (any sample code will help me a lot)
or what is function used for asking Client's certificate ?
[#]. Is the loading CAs list, required at the server/client (as here I did
not load) ,if required then how can I create such list as I am using this
in local network?
[#]. Also can I place the code here?
Any help will be highly appreciated
Thanks
-Rohan
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
--
Thank you,
Best Regards
Riaz Ur Rahaman
