Gnu
 » 
Gnu - TLS

How are the PSK keys read

View: New views
2 Messages — Rating Filter:   Alert me  

How are the PSK keys read

by Ram G :: Rate this Message:

Reply to Author | View Threaded | Show Only this Message

Hello,
 
Does any body have any experience how the pre-shared keys are read from when doing a DH key exchange with PSK authentication ? Other than hard coding it into the application, what are the other sources it is read from ( database ? file ? ) and how ?
 
I have looked at the sample code provided in the examples directory. The client sample (ex-client-psk.c) assigns the pre shared key as follows:
 
const gnutls_datum_t key = { (char*) "DEADBEEF", 8 };
 
The server sample (ex-serv-psk.c) does the key assignment in the callback function pskfunc as follows:
 
  key->data = gnutls_malloc (4);
  key->data[0] = 0xDE;
  key->data[1] = 0xAD;
  key->data[2] = 0xBE;
  key->data[3] = 0xEF;
  key->size = 4;
 
Obviously these are hard coded values. How are the keys read in the real world ?
 
If anyone has any samples to share, I would really appreciate it.
 
I'm working on a prototype and I have to report to my boss whether we can use GnuTLS. I'm trying to assign a dynamic value to the keys but I cannot make the TLS handshake to happen.
 
Thanks and Regards
 
Ramg

_______________________________________________
Help-gnutls mailing list
Help-gnutls@...
http://lists.gnu.org/mailman/listinfo/help-gnutls

Re: How are the PSK keys read

by Bugzilla from bradh@frogmouth.net :: Rate this Message:

Reply to Author | View Threaded | Show Only this Message

On Wednesday 15 July 2009 12:44:32 Ram G wrote:
> Does any body have any experience how the pre-shared keys are read from
> when doing a DH key exchange with PSK authentication ? Other than hard
> coding it into the application, what are the other sources it is read from
> ( database ? file ? ) and how ?
Surely this is a bit implementation specific? What does your specific
application need to do?

I haven't tried this, but the documentation suggests that gnutls has some
built-in support for using a password file:
http://www.gnu.org/software/gnutls/manual/html_node/Authentication-using-
PSK.html#Authentication-using-PSK

<snip>
> Obviously these are hard coded values. How are the keys read in the real
> world ?
Just provide them however suits your application.

> If anyone has any samples to share, I would really appreciate it.
There is an example of using gnutls_srp_set_server_credentials_file() in
src/serv.c

Brad



_______________________________________________
Help-gnutls mailing list
Help-gnutls@...
http://lists.gnu.org/mailman/listinfo/help-gnutls
Free embeddable forum powered by Nabble Forum Help