Welcome to GnuTLS project pages
GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols
and technologies around them. It provides a simple C language application programming interface (API)
to access the secure communications protocols as well as APIs to parse and
write X.509, PKCS #12, OpenPGP and other required structures. It is
aimed to be portable and efficient with focus on security and interoperability.
- Support for TLS 1.2, TLS 1.1, TLS 1.0, and SSL 3.0 protocols
- Support for DTLS 1.2, and DTLS 1.0, protocols
- Support for certificate path validation, as well as DANE and trust on first use.
- Support for the Online Certificate Status Protocol (OCSP).
- Support for multiple certificate types including X.509 and OpenPGP certificates.
- Support for public key methods, including RSA and Elliptic curves, as well as password and key authentication methods such as SRP and PSK protocols.
- Support for all the strong encryption algorithms, including AES and Camellia.
- Support for CPU-assisted cryptography with VIA padlock and AES-NI instruction sets.
- Support for cryptographic accelerator drivers via /dev/crypto.
- Supports natively HSMs and cryptographic tokens, via PKCS #11 and the Trusted Platform Module (TPM).
- Runs on most Unix platforms and Windows.
The core library licensed under
Lesser General Public License version 2.1 (LGPLv2.1+). The
LGPL license is compatible with a wide range of free licenses,
and even permit you to use GnuTLS in non-free proprietary
For more information on GnuTLS features, see the
wikipedia article comparing different TLS implementations.