TLS加密协议库-GnuTLS
2012-05-23 09:51:55 
阿炯
GnuTLS(GNU Transport Layer Security Library的缩写),一个开放源代码的软件库包,支持SSL与TLS协议与DTLS协议。它提供了一系列应用程序接口(API),提供利用网络传输层进行安全通信的服务,提供解析和读写 X.509、PKCS #12、OpenPGP 和其他相关结构,特点是可移植性和高效。该软件项目最早属于GNU计划,但在2012年12月之后,因为其维护者对自由软件基金会的若干政策不满,这个项目与GNU计划分开。
GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and other required structures. It is aimed to be portable and efficient with focus on security and interoperability.
Features
Support for TLS 1.2, TLS 1.1, TLS 1.0, SSL 3.0 and Datagram TLS protocols
Support for authentication using both X.509 and OpenPGP certificates.
Support for password and key authentication methods such as SRP and PSK protocols.
Support for elliptic curves in addition to RSA and DSA.
Support for the Online Certificate Status Protocol (OCSP).
Support for all the strong encryption algorithms, including AES and Camellia.
Support for CPU-assisted cryptography with VIA padlock and AES-NI instruction sets.
Support for cryptographic accelerator drivers via /dev/crypto.
Supports natively cryptographic tokens such as smart-cards, via PKCS #11.
Runs on most Unix platforms and Windows.
最新版本:3.2
加 RSA-PSK 密钥交换方法,修复了会话令牌处理以及服务器端证书请求处理的问题。增加了新的 Camellia、SHA2-256 和 SHA2-384 密码套件,修复了 DANE 库中的缓冲区溢出问题。
最新版本:3.6
引入了一个新的无锁的随机发生器和添加新的1.2和1.3共用的TLS TLS扩展。
项目主页:http://www.gnu.org/software/gnutls/
该文章最后由 阿炯 于 2022-03-05 14:57:17 更新,目前是第 2 版。