GnuTLS

by Daniel Pimentel — Thu 08 August 2002

GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and other required structures. It is aimed to be portable and efficient with focus on security and interoperability.

Features

  • Support for TLS 1.2, TLS 1.1, TLS 1.0, and SSL 3.0 protocols;
  • Support for DTLS 1.2, and DTLS 1.0, protocols;
  • Support for certificate path validation, as well as DANE and trust on first use;
  • Support for the Online Certificate Status Protocol (OCSP);
  • Support for multiple certificate types including X.509 and OpenPGP certificates;
  • Support for public key methods, including RSA and Elliptic curves, as well as password and key authentication methods such as SRP and PSK protocols;
  • Support for all the strong encryption algorithms, including AES and Camellia;
  • Support for CPU-assisted cryptography with VIA padlock and AES-NI instruction sets;
  • Support for cryptographic accelerator drivers via /dev/crypto;
  • Supports natively HSMs and cryptographic tokens, via PKCS #11 and the Trusted Platform Module (TPM);
  • Runs on most Unix platforms and Windows.
GnuTLS
2000-2016 by Daniel Pimentel under GFDL