I would like to implement pre-shared keys using OpenSSL (another mechanism is being used to provide for a common secret at all nodes to be used as a symmetric key). My goal is for OpenSSL to simply load the key from a local location and use it. No certificates should be involved.
I notice two functions: SSL_set_psk_client_callback() and a corresponding server callback. I assume I don’t need the SSL_CTX_use_psk_identity_hint(). 1. Is an identify hint function required? 2. Where would be the best place to call the client/server callback functions? 3. Is this all that is required to enable pre-shared keys to work? If there is any further information regarding how to implement pre-shared keys (particularly examples), it would be greatly appreciated.
