Английская Википедия:Comparison of TLS implementations
Шаблон:Short description Шаблон:About Шаблон:Cleanup bare URLs The Transport Layer Security (TLS) protocol provides the ability to secure communications across or inside networks. This comparison of TLS implementations compares several of the most notable libraries. There are several TLS implementations which are free software and open source.
All comparison categories use the stable version of each implementation listed in the overview section. The comparison is limited to features that directly relate to the TLS protocol.
Overview
TLS/SSL protocol version support
Several versions of the TLS protocol exist. SSL 2.0 is a deprecated[4] protocol version with significant weaknesses. SSL 3.0 (1996) and TLS 1.0 (1999) are successors with two weaknesses in CBC-padding that were explained in 2001 by Serge Vaudenay.[5] TLS 1.1 (2006) fixed only one of the problems, by switching to random initialization vectors (IV) for CBC block ciphers, whereas the more problematic use of mac-pad-encrypt instead of the secure pad-mac-encrypt was addressed with RFC 7366.[6] A workaround for SSL 3.0 and TLS 1.0, roughly equivalent to random IVs from TLS 1.1, was widely adopted by many implementations in late 2011.[7] In 2014, the POODLE vulnerability of SSL 3.0 was discovered, which takes advantage of the known vulnerabilities in CBC, and an insecure fallback negotiation used in browsers.[8]
TLS 1.2 (2008) introduced a means to identify the hash used for digital signatures. While permitting the use of stronger hash functions for digital signatures in the future (rsa,sha256/sha384/sha512) over the SSL 3.0 conservative choice (rsa,sha1+md5), the TLS 1.2 protocol change inadvertently and substantially weakened the default digital signatures and provides (rsa,sha1) and even (rsa,md5).[9]
Datagram Transport Layer Security (DTLS or Datagram TLS) 1.0 is a modification of TLS 1.1 for a packet-oriented transport layer, where packet loss and packet reordering have to be tolerated. The revision DTLS 1.2 based on TLS 1.2 was published in January 2012.[10]
TLS 1.3 (2018) specified in RFC 8446 includes major optimizations and security improvements. QUIC (2021) specified in RFC 9000 and DTLS 1.3 (2022) specified in RFC 9147 builds on TLS 1.3. The publishing of TLS 1.3 and DTLS 1.3 obsoleted TLS 1.2 and DTLS 1.2.
Note that there are known vulnerabilities in SSL 2.0 and SSL 3.0. In 2021, IETF published RFC 8996 also forbidding negotiation of TLS 1.0, TLS 1.1, and DTLS 1.0 due to known vulnerabilities. NIST SP 800-52 requires support of TLS 1.3 by January 2024. Support of TLS 1.3 means that two compliant nodes will never negotiate TLS 1.2.
NSA Suite B Cryptography
Required components for NSA Suite B Cryptography (RFC 6460) are:
- Advanced Encryption Standard (AES) with key sizes of 128 and 256 bits. For traffic flow, AES should be used with either the Counter Mode (CTR) for low bandwidth traffic or the Galois/Counter Mode (GCM) mode of operation for high bandwidth traffic (see Block cipher modes of operation) — symmetric encryption
- Elliptic Curve Digital Signature Algorithm (ECDSA) — digital signatures
- Elliptic Curve Diffie–Hellman (ECDH) — key agreement
- Secure Hash Algorithm 2 (SHA-256 and SHA-384) — message digest
Per CNSSP-15, the 256-bit elliptic curve (specified in FIPS 186-2), SHA-256, and AES with 128-bit keys are sufficient for protecting classified information up to the Secret level, while the 384-bit elliptic curve (specified in FIPS 186-2), SHA-384, and AES with 256-bit keys are necessary for the protection of Top Secret information.
| Implementation | TLS 1.2 Suite B |
|---|---|
| Botan | Шаблон:Yes |
| Bouncy Castle | Шаблон:Yes |
| BSAFE | Шаблон:Yes[18] |
| cryptlib | Шаблон:Yes |
| GnuTLS | Шаблон:Yes |
| JSSE | Шаблон:Yes[48] |
| LibreSSL | Шаблон:Yes |
| MatrixSSL | Шаблон:Yes |
| Mbed TLS | Шаблон:Yes |
| NSS | Шаблон:No[49] |
| OpenSSL | Шаблон:Yes[36] |
| S2n | |
| Schannel | Шаблон:Yes[50] |
| Secure Transport | Шаблон:No |
| wolfSSL | Шаблон:Yes |
| Implementation | TLS 1.2 Suite B |
Certifications
Note that certain certifications have received serious negative criticism from people who are actually involved in them.[51]
| Implementation | FIPS 140-1, FIPS 140-2[52] | Embedded FIPS Solution | |
|---|---|---|---|
| Level 1 | Level 2Шаблон:Disputed inline | ||
| Botan[53] | |||
| Bouncy Castle | Шаблон:Yes | ||
| BSAFE SSL-J[54] | Шаблон:Yes | ||
| cryptlib[55] | |||
| GnuTLS[56] | Шаблон:Yes | ||
| JSSE | |||
| LibreSSL[23] | no support | ||
| MatrixSSL[57] | Шаблон:Yes | ||
| Mbed TLS[58] | |||
| NSS[59] | Шаблон:Yes | Шаблон:Yes | |
| OpenSSL[60] | Шаблон:Yes | ||
| Schannel[61] | Шаблон:Yes | ||
| Secure Transport | Шаблон:Yes | ||
| wolfSSL[62] | Шаблон:Yes | Шаблон:Yes | |
| Implementation | Level 1 | Level 2 | Embedded FIPS Solution |
| FIPS 140-1, FIPS 140-2 | |||
Key exchange algorithms (certificate-only)
This section lists the certificate verification functionality available in the various implementations.
Key exchange algorithms (alternative key-exchanges)
Certificate verification methods
Encryption algorithms
- Notes
Obsolete algorithms
- Notes
Supported elliptic curves
This section lists the supported elliptic curves by each implementation.
Defined curves in RFC 8446 (for TLS 1.3) and RFC 8422, 7027 (for TLS 1.2 and earlier)
Proposed curves
Deprecated curves in RFC 8422
- Notes
Data integrity
Compression
Note the CRIME security exploit takes advantage of TLS compression, so conservative implementations do not enable compression at the TLS level. HTTP compression is unrelated and unaffected by this exploit, but is exploited by the related BREACH attack.
| Implementation | DEFLATE[159] (insecure) |
|---|---|
| Botan | Шаблон:Yes |
| BSAFE[18] | Шаблон:Yes |
| cryptlib | Шаблон:Yes |
| GnuTLS | Шаблон:Yes |
| JSSE | Шаблон:Yes |
| LibreSSL | Шаблон:Yes[23] |
| MatrixSSL | Шаблон:Yes |
| Mbed TLS | Шаблон:Yes |
| NSS | Шаблон:Yes |
| OpenSSL | Шаблон:Yes |
| Schannel | Шаблон:Yes |
| Secure Transport | Шаблон:Yes |
| wolfSSL | Шаблон:Yes |
| Erlang/OTP SSL application | Шаблон:Yes |
| Implementation | DEFLATE |
Extensions
In this section the extensions each implementation supports are listed. Note that the Secure Renegotiation extension is critical for HTTPS client security Шаблон:Citation needed. TLS clients not implementing it are vulnerable to attacks, irrespective of whether the client implements TLS renegotiation.
Assisted cryptography
This section lists the known ability of an implementation to take advantage of CPU instruction sets that optimize encryption, or utilize system specific devices that allow access to underlying cryptographic hardware for acceleration or for data separation.
System-specific backends
This section lists the ability of an implementation to take advantage of the available operating system specific backends, or even the backends provided by another implementation.
Cryptographic module/token support
| Implementation | TPM support | Hardware token support | Objects identified via |
|---|---|---|---|
| Botan | Шаблон:Partial[174] | Шаблон:Yes | |
| BSAFE SSL-J | Шаблон:No | Шаблон:No | |
| cryptlib | Шаблон:No | Шаблон:Yes | User-defined label |
| GnuTLS | Шаблон:Yes | Шаблон:Yes | RFC 7512 PKCS #11 URLs[212] |
| JSSE | Шаблон:No | Шаблон:Yes | |
| LibreSSL | Шаблон:Yes | Шаблон:Partial | Custom method |
| MatrixSSL | Шаблон:No | Шаблон:Yes | |
| Mbed TLS | Шаблон:No | Шаблон:Yes | Custom method |
| NSS | Шаблон:No | Шаблон:Yes | |
| OpenSSL | Шаблон:Yes | Шаблон:Partial[213] | RFC 7512 PKCS #11 URLs[212] |
| Schannel | Шаблон:No | Шаблон:Yes | UUID, User-defined label |
| Secure Transport | |||
| wolfSSL | Шаблон:Yes | Шаблон:Yes | |
| Implementation | TPM support | Hardware token support | Objects identified via |
Code dependencies
| Implementation | Dependencies | Optional dependencies |
|---|---|---|
| Botan | C++20 | SQLite zlib (compression) bzip2 (compression) liblzma (compression) boost trousers (TPM) |
| GnuTLS | libc nettle gmp |
zlib (compression) p11-kit (PKCS #11) trousers (TPM) libunbound (DANE) |
| JSSE | Java | |
| MatrixSSL | none | zlib (compression) |
| MatrixSSL-open | libc or newlib | |
| Mbed TLS | libc | libpkcs11-helper (PKCS #11) zlib (compression) |
| NSS | libc libnspr4 libsoftokn3 libplc4 libplds4 |
zlib (compression) |
| OpenSSL | libc | zlib (compression) |
| wolfSSL | None | libc zlib (compression) |
| Erlang/OTP SSL application | libcrypto (from OpenSSL), Erlang/OTP and its public_key, crypto and asn1 applications | Erlang/OTP -inets (http fetching of CRLs) |
| Implementation | Dependencies | Optional dependencies |
Development environment
| Implementation | Namespace | Build tools | API manual | Crypto back-end | Шаблон:Clarify span |
|---|---|---|---|---|---|
| Botan | Botan::TLS | Makefile | Sphinx | Included (pluggable) | Шаблон:No |
| Bouncy Castle | org.bouncycastle | Java Development Environment | Programmers reference manual (PDF) | Included (pluggable) | Шаблон:No |
| BSAFE SSL-J | com.rsa.asn1Шаблон:Cref2 com.rsa.certjШаблон:Cref2 |
Java classloader | Javadoc, Developer's guide (HTML) | Included | Шаблон:No |
| cryptlib | crypt* | makefile, MSVC project workspaces | Programmers reference manual (PDF), architecture design manual (PDF) | Included (monolithic) | Шаблон:No |
| GnuTLS | gnutls_* | Autoconf, automake, libtool | Manual and API reference (HTML, PDF) | External, libnettle | Шаблон:Yes (limited) |
| JSSE | javax.net.ssl sun.security.ssl |
Makefile | API Reference (HTML) + | Java Cryptography Architecture, Java Cryptography Extension |
Шаблон:No |
| MatrixSSL | matrixSsl_* ps* |
Makefile, MSVC project workspaces, Xcode projects for OS X and iOS | API Reference (PDF), Integration Guide | Included (pluggable) | Шаблон:Yes (Subset: SSL_read, SSL_write, etc.) |
| Mbed TLS | mbedtls_ssl_* mbedtls_sha1_* |
Makefile, CMake, MSVC project workspaces, yotta | API Reference + High Level and Module Level Documentation (HTML) | Included (monolithic) | Шаблон:No |
| NSS | CERT_* SEC_* |
Makefile | Manual (HTML) | Included, PKCS#11 based[214] | Шаблон:Yes (separate package called nss_compat_ossl[215]) |
| OpenSSL | SSL_* SHA1_* |
Makefile | Man pages | Included (monolithic) | Шаблон:N/a |
| wolfSSL | wolfSSL_* CyaSSL_* |
Autoconf, automake, libtool, MSVC project workspaces, XCode projects, CodeWarrior projects, MPLAB X projects, Keil, IAR, Clang, GCC, e2Studio | Manual and API Reference (HTML, PDF) | Included (monolithic) | Шаблон:Yes (about 60% of API) |
| Implementation | Namespace | Build tools | API manual | Crypto back-end | OpenSSL compatibility layer |
Шаблон:Cnote2 begin Шаблон:Cnote2 Шаблон:Cnote2 Шаблон:Cnote2 Шаблон:Cnote2 API Шаблон:Cnote2 Шаблон:Cnote2 Шаблон:Cnote2 end
Portability concerns
| Implementation | Platform requirements | Network requirements | Thread safety | Random seed | Able to cross-compile | No OS (bare metal) | Supported operating systems |
|---|---|---|---|---|---|---|---|
| Botan | C++11 | None | Шаблон:Yes | Platform-dependent | Шаблон:Yes | Windows, Linux, macOS, Android, iOS, FreeBSD, OpenBSD, Solaris, AIX, HP-UX, QNX, BeOS, IncludeOS | |
| BSAFE SSL-J | Java | Java SE network components | Шаблон:Yes | Depends on java.security.SecureRandom | Шаблон:Yes | Шаблон:No | FreeBSD, Linux, macOS, Microsoft Windows, Android, AIX, Solaris |
| cryptlib | C89 | POSIX send() and recv(). API to supply your own replacement | Шаблон:Yes | Platform-dependent, including hardware sources | Шаблон:Yes | Шаблон:Yes | AMX, BeOS, ChorusOS, DOS, eCos, FreeRTOS/OpenRTOS, uItron, MVS, OS/2, Palm OS, QNX Neutrino, RTEMS, Tandem NonStop, ThreadX, uC/OS II, Unix (AIX, FreeBSD, HPUX, Linux, macOS, Solaris, etc.), VDK, VM/CMS, VxWorks, Win16, Win32, Win64, WinCE/PocketPC/etc, XMK |
| GnuTLS | C89 | POSIX send() and recv(). API to supply your own replacement. | Шаблон:Partial | Platform dependent | Шаблон:Yes | Шаблон:No | Generally any POSIX platforms or Windows, commonly tested platforms include Linux, Win32/64, macOS, Solaris, OpenWRT, FreeBSD, NetBSD, OpenBSD. |
| JSSE | Java | Java SE network components | Шаблон:Yes | Depends on java.security.SecureRandom | Шаблон:Yes | Java based, platform-independent | |
| MatrixSSL | C89 | None | Шаблон:Yes | Platform dependent | Шаблон:Yes | Шаблон:Yes | All |
| Mbed TLS | C89 | POSIX read() and write(). API to supply your own replacement. | Шаблон:Partial | Random seed set through entropy pool | Шаблон:Yes | Шаблон:Yes | Known to work on: Win32/64, Linux, macOS, Solaris, FreeBSD, NetBSD, OpenBSD, OpenWRT, iPhone (iOS), Xbox, Android, eCos, SeggerOS, RISC OS |
| NSS | C89, NSPR[216] | NSPR[216] PR_Send() and PR_Recv(). API to supply your own replacement. | Шаблон:Yes | Platform dependent[217] | Шаблон:Yes (but cumbersome) | Шаблон:No | AIX, Android, FreeBSD, NetBSD, OpenBSD, BeOS, HP-UX, IRIX, Linux, macOS, OS/2, Solaris, OpenVMS, Amiga DE, Windows, WinCE, Sony PlayStation |
| OpenSSL | C89 | None | Шаблон:Yes | Platform dependent | Шаблон:Yes | Шаблон:No | Unix-like, DOS (with djgpp), Windows, OpenVMS, NetWare, eCos |
| wolfSSL | C89 | POSIX send() and recv(). API to supply your own replacement. | Шаблон:Yes | Random seed set through wolfCrypt | Шаблон:Yes | Шаблон:Yes | Win32/64, Linux, macOS, Solaris, ThreadX, VxWorks, FreeBSD, NetBSD, OpenBSD, embedded Linux, Yocto Project, OpenEmbedded, WinCE, Haiku, OpenWRT, iPhone (iOS), Android, Nintendo Wii and Gamecube through DevKitPro, QNX, MontaVista, NonStop, TRON/ITRON/µITRON, eCos, Micrium µC/OS-III, FreeRTOS, SafeRTOS, NXP/Freescale MQX, Nucleus, TinyOS, HP/UX, AIX, ARC MQX, Keil RTX, TI-RTOS, uTasker, embOS, INtime, Mbed, uT-Kernel, RIOT, CMSIS-RTOS, FROSTED, Green Hills INTEGRITY, TOPPERS, PetaLinux, Apache mynewt |
| Implementation | Platform requirements | Network requirements | Thread safety | Random seed | Able to cross-compile | No OS (bare metal) | Supported operating systems |
See also
- SCTP — with DTLS support
- DCCP — with DTLS support
- SRTP — with DTLS support (DTLS-SRTP) and Secure Real-Time Transport Control Protocol (SRTCP)
References
- ↑ The features listed are for the closed source version
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite IETF
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite IETF
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite IETF
- ↑ 10,0 10,1 10,2 RFC 6347
- ↑ 11,0 11,1 Шаблон:Cite IETF
- ↑ 12,0 12,1 RFC 6101
- ↑ 13,0 13,1 RFC 2246
- ↑ 14,0 14,1 RFC 4346
- ↑ 15,00 15,01 15,02 15,03 15,04 15,05 15,06 15,07 15,08 15,09 15,10 15,11 RFC 5246
- ↑ 16,0 16,1 RFC 4347
- ↑ Шаблон:Cite web
- ↑ 18,0 18,1 18,2 Шаблон:Cite web
- ↑ 19,0 19,1 19,2 19,3 19,4 19,5 Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ 22,0 22,1 Шаблон:Cite web
- ↑ 23,00 23,01 23,02 23,03 23,04 23,05 23,06 23,07 23,08 23,09 23,10 23,11 23,12 Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ 27,0 27,1 27,2 27,3 Шаблон:Cite web
- ↑ 28,0 28,1 28,2 28,3 Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ 30,0 30,1 Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ 34,00 34,01 34,02 34,03 34,04 34,05 34,06 34,07 34,08 34,09 34,10 34,11 34,12 Шаблон:Cite web
- ↑ 35,0 35,1 Шаблон:Cite web
- ↑ 36,0 36,1 36,2 36,3 36,4 36,5 Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ 39,0 39,1 Шаблон:Cite web
- ↑ 40,0 40,1 40,2 Шаблон:Cite web
- ↑ 41,0 41,1 Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ 48,0 48,1 48,2 Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ 63,00 63,01 63,02 63,03 63,04 63,05 63,06 63,07 63,08 63,09 63,10 63,11 63,12 63,13 63,14 63,15 63,16 63,17 63,18 63,19 63,20 63,21 63,22 63,23 63,24 63,25 63,26 63,27 63,28 63,29 63,30 63,31 63,32 63,33 RFC 4492
- ↑ 64,0 64,1 64,2 64,3 64,4 64,5 Шаблон:Cite IETF
- ↑ 65,0 65,1 65,2 65,3 65,4 Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ 67,0 67,1 67,2 67,3 Шаблон:Cite web
- ↑ 68,0 68,1 68,2 68,3 Шаблон:Cite web
- ↑ 69,0 69,1 69,2 69,3 Шаблон:Cite web
- ↑ 70,00 70,01 70,02 70,03 70,04 70,05 70,06 70,07 70,08 70,09 70,10 70,11 70,12 70,13 70,14 Extensions to support GOST in Schannel might be available.Шаблон:Citation needed
- ↑ 71,0 71,1 71,2 71,3 Шаблон:Cite web
- ↑ 72,0 72,1 72,2 Шаблон:Cite web
- ↑ 73,0 73,1 73,2 Шаблон:Cite web
- ↑ 74,0 74,1 Шаблон:Cite web
- ↑ 75,0 75,1 75,2 75,3 75,4 75,5 RFC 5054
- ↑ 76,0 76,1 76,2 76,3 76,4 76,5 RFC 4279
- ↑ 77,0 77,1 RFC 5489
- ↑ 78,0 78,1 RFC 2712
- ↑ Шаблон:Cite web
- ↑ 80,0 80,1 80,2 Шаблон:Cite web
- ↑ 81,0 81,1 81,2 Шаблон:Cite web
- ↑ 82,0 82,1 82,2 82,3 Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ 86,0 86,1 Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ RFC 5280
- ↑ RFC 3280
- ↑ RFC 2560
- ↑ RFC 6698, RFC 7218
- ↑ Шаблон:Cite IETF
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ 99,0 99,1 Шаблон:Cite web
- ↑ 100,0 100,1 RFC 5288, RFC 5289
- ↑ 101,0 101,1 RFC 6655, RFC 7251
- ↑ 102,0 102,1 RFC 6367
- ↑ 103,0 103,1 RFC 5932, RFC 6367
- ↑ 104,0 104,1 104,2 104,3 RFC 6209
- ↑ 105,0 105,1 RFC 4162
- ↑ 106,0 106,1 Шаблон:Cite web
- ↑ 107,0 107,1 RFC 7905
- ↑ 108,0 108,1 Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ 113,0 113,1 113,2 113,3 Шаблон:Cite webШаблон:Dead link
- ↑ Шаблон:Cite web
- ↑ 115,0 115,1 Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ 125,0 125,1 125,2 Шаблон:Cite web
- ↑ 126,0 126,1 Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ 131,0 131,1 131,2 Шаблон:Cite web
- ↑ 132,0 132,1 Шаблон:Cite web
- ↑ 133,0 133,1 133,2 133,3 133,4 RFC 8446
- ↑ 134,0 134,1 134,2 134,3 134,4 RFC 8422
- ↑ 135,0 135,1 135,2 RFC 7027
- ↑ 136,0 136,1 136,2 Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ 139,0 139,1 Шаблон:Cite web
- ↑ 140,0 140,1 Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ 145,0 145,1 145,2 Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ 149,0 149,1 149,2 Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ 156,0 156,1 156,2 156,3 156,4 156,5 156,6 156,7 156,8 Шаблон:Cite IETF
- ↑ 157,0 157,1 Negotiation of arbitrary curves has been shown to be insecure for certain curve sizes Шаблон:Cite conference
- ↑ Шаблон:Cite web
- ↑ RFC 3749
- ↑ RFC 5746
- ↑ 161,0 161,1 161,2 161,3 RFC 6066
- ↑ RFC 7301
- ↑ RFC 6091
- ↑ RFC 4680
- ↑ RFC 5077
- ↑ RFC 5705
- ↑ RFC 7366
- ↑ RFC 7507
- ↑ RFC 7627
- ↑ RFC 7685
- ↑ RFC 7250
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ 174,0 174,1 Шаблон:Cite web
- ↑ Present, but disabled by default due to lack of use by any implementation.
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ 185,0 185,1 185,2 Шаблон:Cite web
- ↑ 186,0 186,1 Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ 194,0 194,1 194,2 194,3 Шаблон:Cite web
- ↑ 195,0 195,1 Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Normally NSS's libssl performs all operations via the PKCS#11 interface, either to hardware or software tokens
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ https://habrahabr.ru/post/134725/, http://forum.rutoken.ru/topic/1639/, https://dev.rutoken.ru/pages/viewpage.action?pageId=18055184 Шаблон:In lang
- ↑ Шаблон:Cite web
- ↑ https://opensource.apple.com/source/Security/Security-55179.13/sec/Security/SecECKey.c
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ Шаблон:Cite web
- ↑ 212,0 212,1 Шаблон:Cite IETF
- ↑ Шаблон:Cite web
- ↑ On the fly replaceable/augmentable.
- ↑ Шаблон:Cite web
- ↑ 216,0 216,1 Шаблон:Cite web
- ↑ For Unix/Linux it uses /dev/urandom if available, for Windows it uses CAPI. For other platforms it gets data from clock, and tries to open system files. NSS has a set of platform dependent functions it uses to determine randomness.
Ошибка цитирования Для существующих тегов <ref> группы «lower-alpha» не найдено соответствующего тега <references group="lower-alpha"/>
Ошибка цитирования Для существующих тегов <ref> группы «n» не найдено соответствующего тега <references group="n"/>
