TLS 1.2 server
Daiki Ueno
ueno at unixuser.org
Wed Sep 30 03:53:45 CEST 2009
Hello,
I've just pushed TLS 1.2 server fix. While it was done in the same way
as I did for client, I'd appreciate if someone will take a look at the
changes:
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=e0b1124f72e3d5210000b3f677b401d8b2654ea4
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=4b48a9e8e28bbd468b48ed5cb95ba0cce7508be6
The latter change is not essential by now but it will be needed when we
will use a hash algorithm other than SHA1 to compute a signature of DH
params.
Anyway, TLS 1.2 server works again. I tried it with Opera 10 and the
test output from GnuTLS says:
Server Name: localhost
Ephemeral DH using prime of 1024 bits.
Protocol version: TLS1.2
Certificate Type: X.509
Key Exchange: DHE-RSA
Compression NULL
Cipher AES-256-CBC
MAC SHA256
Ciphersuite DHE_RSA_AES_256_CBC_SHA256
Regards,
--
Daiki Ueno
More information about the Gnutls-devel
mailing list