Hello, thank you for your reply :-) How could I realize your mentioned option with openssl (functions): public keys (asymmetric keys) without certificates ( In this situation neither A and B need to know about a previous secret.) Thank you so much
>>> Sergio <[EMAIL PROTECTED]> 04.09.2008 00:04 >>> Manuel Sahm escribió: > Hello, > > thanks for reply,... > > Maybe you could help me. > > Is it possible to use a password instead of a Certification file and a > Certification Key File to make the tcp connection secure via openssl ? > > Thank you > > >>> Sergio <[EMAIL PROTECTED]> 03.09.2008 16:44 >>> > Manuel Sahm escribió: > > Hello, > > > > I want to make my network connection encrypted/secure using ssh. > > > > At the moment I open a socket in my embedded device, so that an client > > (PC) is able to connect to it: > > > > //initialization of the socket > > handle = socket(AF_INET, SOCK_STREAM, 0); > > serv_addr.sin_family = AF_INET; > > serv_addr.sin_add.s_addr = htonl(INADDR_ANY); > > serv_addr.sin_port = htons(10001); > > > > bind(handle, &serv_adr, size_of(serv_adr)); > > listen(handle, 0); > > > > In my communication thread I have the functions > > - accept > > - read > > - write > > - close > > > > How is it possible to make my network secure via ssl and the sockets > > used in the sample code... > > > > Thank you very very much > > > > Manuel Sahm > > <http://www.eset.com> > Hi, > > i have never used SSL api directly, only command line but, i suposse you > want to encrypt the communication under your TCP socket. You need to > establish a TLS session and, i think your question is too ambiguous > because i suspect you need to use many functions and data structures > from ssl implementation. What you want is to establish a complete ssl > environment and my only advice (a recommendation from a newbie) is to > read and to study SSL api doc to see your needs more clear. > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager [EMAIL PROTECTED] > I think you have a conflict with your ideas. A and B want to secure its communication. They need to be agree about which key to use. I suppose you can encrypt the information at the origin using a symmetric key (aes, des, idea etc) and decrypt ir at destination with the same key. A and B must know the key. But also i suppose you can establish a ssl connection to perform a key exchange (key negotiation) using certificates or public keys (asymmetric keys) without certificates. In this situation neither A and B need to know about a previous secret. This is the normal situation of a client-server environment. If your socket is a TCP socket i think is better for you to establish a ssl session, more than using a symmetric key. I think symmetric keys are more suitable for UDP but i'm not an expert and i don't assure anything. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]