I'm also interested in such sample program. Anyone?
On Thu, Aug 27, 2009 at 4:39 PM, Ram G <mydevfor...@gmail.com> wrote: > Things are getting clearer as I dig deeper. The book "Network Security with > OpenSSL" by John Viega et al has some explanation of how the DH key exchange > takes place. > > With that knowledge, I went through the source code and found that > DH_Compute_Key() is being called in s3_clnt.c and s3_srvr.c. So there is no > need to call it in client applications. > > BRs > > Ramg > On Thu, Aug 27, 2009 at 12:23 PM, Ram G <mydevfor...@gmail.com> wrote: > >> Hello, >> >> Going through various posts, I have come across references to Bodo >> Moeller's example code showing SSL communication without certificates and >> using anonymous DH key exchange. If anybody has that sample, can you please >> forward it ? >> >> I have written a client and server taking help from the sample programs. >> I'm generating the DH params in the server and setting it in the SSL >> context. I'm setting the cipher as ADH-AES256-SHA in both server and client. >> The client and server are communicating. >> >> To generate the DH parameters P & G, I have done this: >> >> 1) Calling DH_generate_parameters() in the server will generate the Prime >> P >> 2) Calling DH_generate_key() performs the first step of a Diffie-Hellman >> key exchange by generating private and public DH values. >> >> Documentation also talks about this call to generate the shared key: >> >> 3) Calling DH_compute_key(), these are combined with the client's public >> value to compute the shared key. (My program is working even without the >> DH_compute_key() call in the server - which is strange I think) >> >> What I'm not sure is : >> >> What is the call I need to make in the client to pass the client's public >> key ( G (power X) mod P ) to the server ? >> >> I'm working on a prototype and beginning to get my hands dirty with >> OpenSSL. Your help is greatly appreciated. >> >> -Ramg >> > >
