diff options
author | Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> | 2020-01-08 21:31:32 +0300 |
---|---|---|
committer | Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> | 2020-01-08 22:08:27 +0300 |
commit | cdaae8ba87cee361128396db3f6b2b3077a0ec89 (patch) | |
tree | 590ff6bb4196cbcfcd238d6a6b24d3f2567d5440 /doc | |
parent | 51f7edbcc7e8cf84383f5446f451d2286dfae81f (diff) | |
download | gnutls-cdaae8ba87cee361128396db3f6b2b3077a0ec89.tar.gz |
doc: document GOST priority options
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Diffstat (limited to 'doc')
-rw-r--r-- | doc/cha-gtls-app.texi | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/doc/cha-gtls-app.texi b/doc/cha-gtls-app.texi index 74fed786b7..952bd26056 100644 --- a/doc/cha-gtls-app.texi +++ b/doc/cha-gtls-app.texi @@ -1420,19 +1420,19 @@ appended with an algorithm will add this algorithm. @multitable @columnfractions .20 .70 @headitem Type @tab Keywords @item Ciphers @tab -Examples are AES-128-GCM, AES-256-GCM, AES-256-CBC; see also +Examples are AES-128-GCM, AES-256-GCM, AES-256-CBC, GOST28147-TC26Z-CNT; see also @ref{tab:ciphers} for more options. Catch all name is CIPHER-ALL which will add all the algorithms from NORMAL priority. @item Key exchange @tab RSA, DHE-RSA, DHE-DSS, SRP, SRP-RSA, SRP-DSS, -PSK, DHE-PSK, ECDHE-PSK, ECDHE-RSA, ECDHE-ECDSA, ANON-ECDH, ANON-DH. The +PSK, DHE-PSK, ECDHE-PSK, ECDHE-RSA, ECDHE-ECDSA, VKO-GOST-12, ANON-ECDH, ANON-DH. Catch all name is KX-ALL which will add all the algorithms from NORMAL priority. Under TLS1.3, the DHE-PSK and ECDHE-PSK strings are equivalent and instruct for a Diffie-Hellman key exchange using the enabled groups. @item MAC @tab -MD5, SHA1, SHA256, SHA384, AEAD (used with +MD5, SHA1, SHA256, SHA384, GOST28147-TC26Z-IMIT, AEAD (used with GCM ciphers only). All algorithms from NORMAL priority can be accessed with MAC-ALL. @item Compression algorithms @tab @@ -1450,7 +1450,8 @@ SIGN-RSA-SHA1, SIGN-RSA-SHA224, SIGN-RSA-SHA256, SIGN-RSA-SHA384, SIGN-RSA-SHA512, SIGN-DSA-SHA1, SIGN-DSA-SHA224, SIGN-DSA-SHA256, SIGN-RSA-MD5, SIGN-ECDSA-SHA1, SIGN-ECDSA-SHA224, SIGN-ECDSA-SHA256, SIGN-ECDSA-SHA384, SIGN-ECDSA-SHA512, -SIGN-RSA-PSS-SHA256, SIGN-RSA-PSS-SHA384, SIGN-RSA-PSS-SHA512. +SIGN-RSA-PSS-SHA256, SIGN-RSA-PSS-SHA384, SIGN-RSA-PSS-SHA512, +SIGN-GOSTR341001, SIGN-GOSTR341012-256, SIGN-GOSTR341012-512. Catch all which enables all algorithms from NORMAL priority is SIGN-ALL. This option is only considered for TLS 1.2 and later. |