Welcome to GnuTLS project pages

  • Overview

    GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols as well as APIs to parse and write X.509, PKCS #12, and other required structures.

    The project strives to provide a secure communications back-end, simple to use and integrated with the rest of the base Linux libraries. A back-end designed to work and be secure out of the box, keeping the TLS and PKI complexity outside the applications.

  • Features
    • Support for TLS 1.3, 1.2, 1.1, 1.0 protocols, and (optionally) SSL 3.0
    • Support for DTLS 1.2, and DTLS 1.0, protocols
    • Support for certificate path validation, as well as DANE and trust on first use.
    • Support for the Online Certificate Status Protocol (OCSP).
    • Support for public key methods, including RSA and Elliptic curves, as well as password and key authentication methods such as SRP and PSK protocols.
    • Support for all the strong encryption algorithms, including AES and Camellia.
    • Support for CPU-assisted cryptography with VIA padlock and AES-NI instruction sets.
    • Support for cryptographic accelerator drivers via /dev/crypto.
    • Supports natively HSMs and cryptographic tokens, via PKCS #11 and the Trusted Platform Module (TPM).
    • Runs on most Unix platforms and Windows.
  • License

    The core library licensed under the GNU Lesser General Public License version 2.1 (LGPLv2.1+). The LGPL license is compatible with a wide range of free licenses, and even permit you to use GnuTLS in non-free proprietary programs.

For more information on GnuTLS features, see the wikipedia article comparing different TLS implementations.

News flashes  
2018-07-16

Released GnuTLS 3.6.3 of the next branch with support for TLS1.3, and, GnuTLS 3.5.19, GnuTLS 3.3.30 which are bug-fix releases on the stable and previous stable branches.

2018-05-04

A heads-up with the most prominent GnuTLS changes for TLS 1.3 published in Nikos' blog.

2018-02-16

Released GnuTLS 3.6.2, GnuTLS 3.5.18, and GnuTLS 3.3.29 which are bug-fix releases on the next, stable and previous stable branches.

2018-01-17

Released GnuTLS 3.5.17 which is a bug-fix release on the current stable branch.