3.3 The TLS record protocol

The Record protocol is the secure communications provider. Its purpose is to encrypt, authenticate and —optionally— compress packets. The following functions are available:

gnutls_record_send:

To send a record packet (with application data).

gnutls_record_recv:

To receive a record packet (with application data).

gnutls_record_get_direction:

To get the direction of the last interrupted function call.

As you may have already noticed, the functions which access the Record protocol, are quite limited, given the importance of this protocol in TLS. This is because the Record protocol's parameters are all set by the Handshake protocol.

The Record protocol initially starts with NULL parameters, which means no encryption, and no MAC is used. Encryption and authentication begin just after the handshake protocol has finished.

• Encryption algorithms used in the record layer
• Compression algorithms used in the record layer
• Weaknesses and countermeasures