| [ < ] | [ > ] | [ << ] | [ Up ] | [ >> ] | [Top] | [Contents] | [Index] | [ ? ] |
4.5 Authentication and credentials
In GnuTLS every key exchange method is associated with a credentials type. So in order to enable to enable a specific method, the corresponding credentials type should be initialized and set using gnutls_credentials_set. A mapping is shown in tab:key-exchange-cred.
| Key exchange | Client credentials | Server credentials |
|---|---|---|
KX_RSA,
KX_DHE_RSA,
KX_DHE_DSS,
KX_ECDHE_RSA,
KX_ECDHE_ECDSA,
KX_RSA_EXPORT | CRD_CERTIFICATE | CRD_CERTIFICATE |
KX_SRP_RSA, KX_SRP_DSS | CRD_SRP | CRD_CERTIFICATE |
KX_SRP | CRD_SRP | CRD_SRP |
KX_ANON_DH,
KX_ANON_ECDH | CRD_ANON | CRD_ANON |
KX_PSK,
KX_DHE_PSK, KX_ECDHE_PSK | CRD_PSK | CRD_PSK |
Table 4.2: Key exchange algorithms and the corresponding credential types.