9b6cf56a6e
* Fixes for building with Ed/Curve25519 only. Fix for IoT safe demo to exit after running once. Added `WOLFSSL_DH_EXTRA` to `--enable-all` and `--enable-sniffer`. Cleanup uses of `==` in configure.ac. Various spelling fixes. * Fix for sniffer with TLS v1.3 session tickets. * Fix for ASN Template Ed25519 key export (missing version / not setting OID correctly). * Add key import/export support for Curve25519/Curve448. Refactor of the 25519/448 ASN code to combine duplicate code. * Refactor of Curve25519 code. Improved public key export to handle generation when only private is set. Improved private scalar buffer sizing. * Fix for static ephemeral loading of file buffer. * Added sniffer Curve25519 support and test case. * Fix for sniffer to not use ECC for X25519 if both are set. * Fix Curve448 public export when only private is set. * Fix for `dh_generate_test` for small stack size. * Reduce stack size use on new asymmetric DER import/export functions. Cleanup pub length calc. * Fix invalid comment.
71 lines
4.1 KiB
Bash
Executable File
71 lines
4.1 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
# Run these configures and the example server/client below
|
|
# Script to generate wireshark trace for sniffer-tls13-ecc.pcap
|
|
#./configure --enable-sniffer --enable-session-ticket && make
|
|
|
|
# Script to generate wireshark trace for sniffer-tls13-dh.pcap
|
|
#./configure --enable-sniffer --enable-session-ticket --disable-ecc && make
|
|
|
|
# Run: with dh or ecc
|
|
if [ "$1" == "dh" ] || [ "$1" == "ecc" ]; then
|
|
# TLS v1.3
|
|
./examples/server/server -v 4 -l TLS13-AES128-GCM-SHA256 &
|
|
./examples/client/client -v 4 -l TLS13-AES128-GCM-SHA256
|
|
./examples/server/server -v 4 -l TLS13-AES256-GCM-SHA384 &
|
|
./examples/client/client -v 4 -l TLS13-AES256-GCM-SHA384
|
|
./examples/server/server -v 4 -l TLS13-CHACHA20-POLY1305-SHA256 &
|
|
./examples/client/client -v 4 -l TLS13-CHACHA20-POLY1305-SHA256
|
|
|
|
# TLS v1.3 Resumption
|
|
./examples/server/server -v 4 -l TLS13-AES128-GCM-SHA256 -r &
|
|
./examples/client/client -v 4 -l TLS13-AES128-GCM-SHA256 -r
|
|
./examples/server/server -v 4 -l TLS13-AES256-GCM-SHA384 -r &
|
|
./examples/client/client -v 4 -l TLS13-AES256-GCM-SHA384 -r
|
|
./examples/server/server -v 4 -l TLS13-CHACHA20-POLY1305-SHA256 -r &
|
|
./examples/client/client -v 4 -l TLS13-CHACHA20-POLY1305-SHA256 -r
|
|
fi
|
|
|
|
# Script to generate wireshark trace for sniffer-tls13-x25519.pcap
|
|
#./configure --enable-sniffer --enable-session-ticket --enable-curve25519 --disable-dh --disable-ecc && make
|
|
# Run: with x25519
|
|
if [ "$1" == "x25519" ]; then
|
|
# TLS v1.3
|
|
./examples/server/server -v 4 -l TLS13-AES128-GCM-SHA256 -c ./certs/ed25519/server-ed25519.pem -k ./certs/ed25519/server-ed25519-priv.pem -A ./certs/ed25519/client-ed25519.pem &
|
|
sleep 0.1
|
|
./examples/client/client -v 4 -l TLS13-AES128-GCM-SHA256 -c ./certs/ed25519/client-ed25519.pem -k ./certs/ed25519/client-ed25519-priv.pem -A ./certs/ed25519/root-ed25519.pem
|
|
|
|
./examples/server/server -v 4 -l TLS13-AES256-GCM-SHA384 -c ./certs/ed25519/server-ed25519.pem -k ./certs/ed25519/server-ed25519-priv.pem -A ./certs/ed25519/client-ed25519.pem &
|
|
sleep 0.1
|
|
./examples/client/client -v 4 -l TLS13-AES256-GCM-SHA384 -c ./certs/ed25519/client-ed25519.pem -k ./certs/ed25519/client-ed25519-priv.pem -A ./certs/ed25519/root-ed25519.pem
|
|
|
|
./examples/server/server -v 4 -l TLS13-CHACHA20-POLY1305-SHA256 -c ./certs/ed25519/server-ed25519.pem -k ./certs/ed25519/server-ed25519-priv.pem -A ./certs/ed25519/client-ed25519.pem &
|
|
sleep 0.1
|
|
./examples/client/client -v 4 -l TLS13-CHACHA20-POLY1305-SHA256 -c ./certs/ed25519/client-ed25519.pem -k ./certs/ed25519/client-ed25519-priv.pem -A ./certs/ed25519/root-ed25519.pem
|
|
|
|
# TLS v1.3 Resumption
|
|
./examples/server/server -v 4 -l TLS13-AES128-GCM-SHA256 -r -c ./certs/ed25519/server-ed25519.pem -k ./certs/ed25519/server-ed25519-priv.pem -A ./certs/ed25519/client-ed25519.pem &
|
|
sleep 0.1
|
|
./examples/client/client -v 4 -l TLS13-AES128-GCM-SHA256 -r -c ./certs/ed25519/client-ed25519.pem -k ./certs/ed25519/client-ed25519-priv.pem -A ./certs/ed25519/root-ed25519.pem
|
|
|
|
./examples/server/server -v 4 -l TLS13-AES256-GCM-SHA384 -r -c ./certs/ed25519/server-ed25519.pem -k ./certs/ed25519/server-ed25519-priv.pem -A ./certs/ed25519/client-ed25519.pem &
|
|
sleep 0.1
|
|
./examples/client/client -v 4 -l TLS13-AES256-GCM-SHA384 -r -c ./certs/ed25519/client-ed25519.pem -k ./certs/ed25519/client-ed25519-priv.pem -A ./certs/ed25519/root-ed25519.pem
|
|
|
|
./examples/server/server -v 4 -l TLS13-CHACHA20-POLY1305-SHA256 -r -c ./certs/ed25519/server-ed25519.pem -k ./certs/ed25519/server-ed25519-priv.pem -A ./certs/ed25519/client-ed25519.pem &
|
|
sleep 0.1
|
|
./examples/client/client -v 4 -l TLS13-CHACHA20-POLY1305-SHA256 -r -c ./certs/ed25519/client-ed25519.pem -k ./certs/ed25519/client-ed25519-priv.pem -A ./certs/ed25519/root-ed25519.pem
|
|
fi
|
|
|
|
# TLS v1.3 Hello Retry Request (save this as sniffer-tls13-hrr.pcap)
|
|
# ./configure --enable-sniffer CFLAGS="-DWOLFSSL_SNIFFER_WATCH" --disable-dh && make
|
|
|
|
# Run ./scripts/sniffer-tls13-gen.sh hrr
|
|
if [ "$1" == "hrr" ]; then
|
|
# TLS v1.3 Hello Retry Request
|
|
./examples/server/server -v 4 -i -x -g &
|
|
sleep 0.1
|
|
|
|
./examples/client/client -v 4 -J
|
|
fi
|