Hello, Going through various posts, I have come across references to Bodo Moeller's example code showing SSL communication without certificates and using anonymous DH key exchange. If anybody has that sample, can you please forward it ?
I have written a client and server taking help from the sample programs. I'm generating the DH params in the server and setting it in the SSL context. I'm setting the cipher as ADH-AES256-SHA in both server and client. The client and server are communicating. To generate the DH parameters P & G, I have done this: 1) Calling DH_generate_parameters() in the server will generate the Prime P 2) Calling DH_generate_key() performs the first step of a Diffie-Hellman key exchange by generating private and public DH values. Documentation also talks about this call to generate the shared key: 3) Calling DH_compute_key(), these are combined with the client's public value to compute the shared key. (My program is working even without the DH_compute_key() call in the server - which is strange I think) What I'm not sure is : What is the call I need to make in the client to pass the client's public key ( G (power X) mod P ) to the server ? I'm working on a prototype and beginning to get my hands dirty with OpenSSL. Your help is greatly appreciated. -Ramg
