TLS 1.2 server

Daiki Ueno ueno at
Wed Sep 30 03:53:45 CEST 2009


I've just pushed TLS 1.2 server fix.  While it was done in the same way
as I did for client, I'd appreciate if someone will take a look at the

The latter change is not essential by now but it will be needed when we
will use a hash algorithm other than SHA1 to compute a signature of DH

Anyway, TLS 1.2 server works again.  I tried it with Opera 10 and the
test output from GnuTLS says:

 Server Name: localhost
 Ephemeral DH using prime of 1024 bits.

 Protocol version:	TLS1.2
 Certificate Type:	X.509
 Key Exchange:	DHE-RSA
 Compression	NULL
 Cipher	AES-256-CBC
 Ciphersuite	DHE_RSA_AES_256_CBC_SHA256

Daiki Ueno

More information about the Gnutls-devel mailing list