| [ << ] | [ < ] | [ Up ] | [ > ] | [ >> ] | [Top] | [Contents] | [Index] | [ ? ] |
7.4 Associating the credentials
| 7.4.1 Certificates | ||
| 7.4.2 SRP | ||
| 7.4.3 PSK | ||
| 7.4.4 Anonymous |
Each authentication method is associated with a key exchange method, and a credentials type. The contents of the credentials is method-dependent, e.g. certificates for certificate authentication and should be initialized and associated with a session (see gnutls_credentials_set). A mapping of the key exchange methods with the credential types is shown in Table 7.1.
| Authentication method | Key exchange | Client credentials | Server credentials |
|---|---|---|---|
| Certificate | KX_RSA,
KX_DHE_RSA,
KX_DHE_DSS,
KX_ECDHE_RSA,
KX_ECDHE_ECDSA,
KX_RSA_EXPORT | CRD_CERTIFICATE | CRD_CERTIFICATE |
| Password and certificate | KX_SRP_RSA, KX_SRP_DSS | CRD_SRP | CRD_CERTIFICATE, CRD_SRP |
| Password | KX_SRP | CRD_SRP | CRD_SRP |
| Anonymous | KX_ANON_DH,
KX_ANON_ECDH | CRD_ANON | CRD_ANON |
| Pre-shared key | KX_PSK,
KX_DHE_PSK, KX_ECDHE_PSK | CRD_PSK | CRD_PSK |
Table 7.1: Key exchange algorithms and the corresponding credential types.
This document was generated on January 21, 2012 using texi2html 5.0.