search

bcrypto / btls

TLS with additional ciphersuites
2 stars 1 forks source link

readme

Btls: The Transport Layer Security Protocol

build

What is Btls?

Btls is the informal name of STB 34.101.65, the official standard of Belarus. Btls compiles several RFC that defines the Transport Layer Security (TLS) protocol and its extensions legalizing TLS 1.2 in Belarus.

Btls also defines 8 ciphersuites based on algorithms of STB 34.101.31 and STB 34.101.45.

What is this repo?

In this repo, we process comments on the current version of Btls, discuss future versions, provide additional supporting material.

The latest releases of Btls can be found at Releases.

Comments and proposals are processed at Issues.

Reference implementation

Ciphersuites of Btls are implemented here via a patch for OpenSSL.

The ciphersuites can be used at the OpenSSL level with the s_client and s_server commands. They can also be used in model client and server environements that include:

The client environment

Client

Build:

$ cd client
$ bash build_client.sh
$ cd ..

After build:

$ export PREFIX=${PWD}/bee2evp/build/local
$ echo "export LD_LIBRARY_PATH=${PREFIX}/lib:$LD_LIBRARY_PATH" >> ${HOME}/.bashrc
$ echo "export PATH=${PREFIX}/bin:$PATH" >> ${HOME}/.bashrc
$ echo "export PKG_CONFIG_PATH=${PREFIX}/lib/pkgconfig" >> ${HOME}/.bashrc
$ echo "export CPATH=${PREFIX}/include:$CPATH" >> ${HOME}/.bashrc
$ echo "export OPENSSL_CONF=${PREFIX}/openssl.cnf" >> ${HOME}/.bashrc
$ echo "export GIO_MODULE_DIR=${PREFIX}/lib/x86_64-linux-gnu/gio/modules" >> ${HOME}/.bashrc

or run sh script:

$ bash ./add_to_bashrc.sh

Connect to a server:

$ epiphany https://<server>:<port>
\\ if server is local <server>=127.0.0.1
\\ port from {8443, 8444, 8445, 8446}

Alternative way (no need to change .bashrc):

$ bash run_client.sh https://<server>:<port>

The server environment

Server

Requirements:

  1. docker;
  2. docker-compose.

Deploy:

$ docker pull btls/btls256
$ docker pull btls/flask
$ docker-compose up -d btls256

Open 2 terminals.

In the first:

$ docker exec -it btls256 bash
// in the docker shell
$ nginx -g "daemon off;"

In the second:

$ docker exec -it flask bash
// in the docker shell
$ flask run --host=0.0.0.0 --port=5000