@node Anonymous authentication
@section Anonymous authentication
-@cindex Anonymous authentication
+@cindex anonymous authentication
The anonymous key exchange performs encryption but there is no
indication of the identity of the peer. This kind of authentication
@node More on certificate authentication
@chapter More on certificate authentication
-@cindex Certificate authentication
+@cindex certificate authentication
@menu
* X.509 certificates::
@node Verifying X.509 certificate paths
@subsection Verifying @acronym{X.509} certificate paths
-@cindex Verifying certificate paths
+@cindex verifying certificate paths
Verifying certificate paths is important in @acronym{X.509}
authentication. For this purpose the following functions are
@node Verifying a certificate in the context of TLS session
@subsection Verifying a certificate in the context of TLS session
-@cindex Verifying certificate paths
+@cindex verifying certificate paths
@tindex gnutls_certificate_verify_flags
When operating in the context of a TLS session, the trusted certificate
@node Certificate requests
@subsection @acronym{PKCS} #10 certificate requests
-@cindex Certificate requests
+@cindex certificate requests
@cindex @acronym{PKCS} #10
A certificate request is a structure, which contain information about
@node Hardware tokens
@section Hardware tokens
@cindex PKCS #11 tokens
-@cindex Hardware tokens
+@cindex hardware tokens
+@cindex smart cards
@subsection Introduction
This section copes with hardware token support in @acronym{GnuTLS} using
@node Abstract key types
@section Abstract key types
-@cindex Abstract types
+@cindex abstract types
Since there are many forms of a public or private keys supported by @acronym{GnuTLS} such as
@acronym{X.509}, @acronym{OpenPGP}, or @acronym{PKCS} #11 it is desirable to allow common operations
@node Digital signatures
@section Digital signatures
-@cindex Digital signatures
+@cindex digital signatures
In this section we will provide some information about digital
signatures, how they work, and give the rationale for disabling some
@node Supported ciphersuites in GnuTLS
@appendix Supported Ciphersuites in @acronym{GnuTLS}
@anchor{ciphersuites}
-@cindex Ciphersuites
+@cindex ciphersuites
@include algorithms.texi
@node Error codes
@appendix Error Codes and Descriptions
-@cindex Error codes
+@cindex error codes
The error codes used throughout the library are described below. The
return code @code{GNUTLS_E_SUCCESS} indicate successful operation, and
@node Function reference
@appendix Function Reference
-@cindex Function reference
+@cindex function reference
@menu
* Core functions::
@node How to use GnuTLS in applications
@chapter How to use @acronym{GnuTLS} in applications
@anchor{examples}
-@cindex Example programs
+@cindex example programs
+@cindex examples
@menu
* Preparation::
@node Parameter generation
@subsection Parameter generation
-@cindex Parameter generation
-@cindex Generating parameters
+@cindex parameter generation
+@cindex generating parameters
Several TLS ciphersuites require additional parameters that
need to be generated or provided by the application. The
@node Keying Material Exporters
@subsection Keying material exporters
-@cindex Keying material exporters
-@cindex Exporting keying material
+@cindex keying material exporters
+@cindex exporting keying material
The TLS PRF can be used by other protocols to derive data. The API to
use is @funcref{gnutls_prf}. The function needs to be provided with the
@node Channel Bindings
@subsection Channel bindings
-@cindex Channel bindings
+@cindex channel bindings
In user authentication protocols (e.g., EAP or SASL mechanisms) it is
useful to have a unique string that identifies the secure channel that
@node Symmetric cryptography
@subsection Symmetric cryptography
-@cindex Symmetric cryptography
+@cindex symmetric cryptography
The available functions to access symmetric crypto algorithms operations
are shown below. The supported algorithms are the algorithms required by the TLS protocol.
@node Hash and HMAC functions
@subsection Hash and HMAC functions
-@cindex Hash functions
+@cindex hash functions
@cindex HMAC functions
The available operations to access hash functions and hash-MAC (HMAC) algorithms
@node Random number generation
@subsection Random number generation
-@cindex Random numbers
+@cindex random numbers
Access to the random number generator is provided using the @funcref{gnutls_rnd}
function.
@node Internal architecture of GnuTLS
@chapter Internal Architecture of GnuTLS
-@cindex Internal architecture
+@cindex internal architecture
This chapter is to give a brief description of the
way @acronym{GnuTLS} works. The focus is to give an idea
@node The transport layer
@section The transport layer
-@cindex Transport protocol
-@cindex Transport layer
+@cindex transport protocol
+@cindex transport layer
@acronym{TLS} is not limited to any transport layer and can be used
above any transport layer, as long as it is a reliable one. @acronym{DTLS}
@node The TLS record protocol
@section The TLS record protocol
-@cindex Record protocol
+@cindex record protocol
The record protocol is the secure communications provider. Its purpose
is to encrypt, authenticate and ---optionally--- compress packets.
@node Encryption algorithms used in the record layer
@subsection Encryption algorithms used in the record layer
-@cindex Symmetric encryption algorithms
+@cindex symmetric encryption algorithms
Confidentiality in the record layer is achieved by using symmetric
block encryption algorithms like @code{3DES}, @code{AES}
@node Compression algorithms used in the record layer
@subsection Compression algorithms used in the record layer
-@cindex Compression algorithms
+@cindex compression algorithms
The TLS record layer also supports compression. The algorithms
implemented in @acronym{GnuTLS} can be found in the table below.
@node On Record Padding
@subsection On record padding
-@cindex Record padding
-@cindex Bad record MAC
+@cindex record padding
+@cindex bad_record_mac
The TLS protocol allows for random padding of records, to prevent
statistical analysis based on the length of exchanged messages (see @xcite{RFC5246} section 6.2.3.2).
@node The TLS Alert Protocol
@section The TLS alert protocol
@anchor{The Alert Protocol}
-@cindex Alert protocol
+@cindex alert protocol
The alert protocol is there to allow signals to be sent between peers.
These signals are mostly used to inform the peer about the cause of a
@node The TLS Handshake Protocol
@section The TLS handshake protocol
@anchor{The Handshake Protocol}
-@cindex Handshake protocol
+@cindex handshake protocol
The handshake protocol is responsible for the ciphersuite negotiation,
the initial key exchange, and the authentication of the two peers.
@node Client Authentication
@subsection Client authentication
-@cindex Client Certificate authentication
+@cindex client certificate authentication
In the case of ciphersuites that use certificate authentication, the
authentication of the client is optional in @acronym{TLS}. A server
@node Resuming Sessions
@subsection Resuming sessions
@anchor{resume}
-@cindex Resuming sessions
+@cindex resuming sessions
+@cindex session resuming
The @funcref{gnutls_handshake} function, is expensive since a lot of
calculations are performed. In order to support many fast connections
@subsection Maximum fragment length negotiation
@cindex TLS extensions
-@cindex Maximum fragment length
+@cindex maximum fragment length
This extension allows a @acronym{TLS} implementation to negotiate a
smaller value for record packet maximum length. This extension may be
@subsection Server name indication
@anchor{serverind}
@cindex TLS extensions
-@cindex Server name indication
+@cindex server name indication
A common problem in @acronym{HTTPS} servers is the fact that the
@acronym{TLS} protocol is not aware of the hostname that a client
@subsection Session tickets
@cindex TLS extensions
-@cindex Session tickets
-@cindex Ticket
+@cindex session tickets
+@cindex tickets
To resume a TLS session the server normally store some state. This
complicates deployment, and typical situations the client can cache
@node Callback functions
@section Callback functions
-@cindex Callback functions
+@cindex callback functions
There are several cases where @acronym{GnuTLS} may need out of
band input from your program. This is now implemented using some
@node Downloading and Installing
@section Downloading and Installing
-@cindex Installation
-@cindex Download
+@cindex installation
+@cindex download
GnuTLS is available for download at:
@url{http://www.gnutls.org/download.html}
@node Bug Reports
@section Bug Reports
-@cindex Reporting Bugs
+@cindex reporting bugs
If you think you have found a bug in GnuTLS, please investigate it and
report it.
@node Contributing
@section Contributing
-@cindex Contributing
-@cindex Hacking
+@cindex contributing
+@cindex hacking
If you want to submit a patch for inclusion -- from solving a typo you
discovered, up to adding support for a new feature -- you should