Skip to content

bcrypto/btls

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

86 Commits
.github/workflows
.github/workflows
 
 
client
client
 
 
figs
figs
 
 
server
server
 
 
spec
spec
 
 
spec13
spec13
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 

Repository files navigation

Btls: The Transport Layer Security Protocol

build

What is Btls?

Btls is an informal name of STB 34.101.65, the official standard of Belarus. Btls compiles several RFC that defines the Transport Layer Security (TLS) protocol and its extensions thus officially adopting TLS 1.2 in Belarus.

Btls also covers STB 34.101.90, the forthcoming standard that defines TLS 1.3. STB 34.101.90 incorporates the current errata of the TLS 1.3 specification and takes into account its BIS (II) edition.

STB 34.101.65 introduces eight TLS 1.2 ciphersuites based on algorithms of STB 34.101.31 and STB 34.101.45.

STB 34.101.90 introduces two TLS 1.3 ciphersuites based on algorithms of STB 34.101.31 and STB 34.101.77. STB 34.101.90 also specifies how to use the algorithms and elliptic curves of STB 34.101.45 in TLS 1.3.

What is this repo?

In this repo, we process comments on the current versions of the Btls specifications, discuss future versions, provide additional supporting material.

The latest releases of Btls can be found at Releases. Versions of STB 34.101.65 and STB 34.101.90 are of the form v1.XX and v2.XX, respectively.

Comments and proposals are processed at Issues.

Reference implementation

Ciphersuites of Btls are implemented here via a patch for OpenSSL.

The ciphersuites can be used at the OpenSSL level with the s_client and s_server commands. They can also be used in model client and server environements that include:

The client environment

Client

Build:

$ cd client
$ bash build_client.sh
$ cd ..

After build:

$ export PREFIX=${PWD}/bee2evp/build/local
$ echo "export LD_LIBRARY_PATH=${PREFIX}/lib:$LD_LIBRARY_PATH" >> ${HOME}/.bashrc
$ echo "export PATH=${PREFIX}/bin:$PATH" >> ${HOME}/.bashrc
$ echo "export PKG_CONFIG_PATH=${PREFIX}/lib/pkgconfig" >> ${HOME}/.bashrc
$ echo "export CPATH=${PREFIX}/include:$CPATH" >> ${HOME}/.bashrc
$ echo "export OPENSSL_CONF=${PREFIX}/openssl.cnf" >> ${HOME}/.bashrc
$ echo "export GIO_MODULE_DIR=${PREFIX}/lib/x86_64-linux-gnu/gio/modules" >> ${HOME}/.bashrc

or run sh script:

$ bash ./add_to_bashrc.sh

Connect to a server:

$ epiphany https://<server>:<port>
\\ if server is local <server>=127.0.0.1
\\ port from {8443, 8444, 8445, 8446, 8447, 8448}

Alternative way (no need to change .bashrc):

$ bash run_client.sh https://<server>:<port>

The server environment

Server

Requirements:

  1. docker;
  2. docker-compose.

Deploy:

$ docker pull btls/btls256
$ docker pull btls/flask
$ docker-compose up -d btls256

Open 2 terminals.

In the first:

$ docker exec -it btls256 bash
// in the docker shell
$ nginx -g "daemon off;"

In the second:

$ docker exec -it flask bash
// in the docker shell
$ flask run --host=0.0.0.0 --port=5000

About

TLS 1.2/1.3 with additional ciphersuites

Resources

Readme
Activity
Custom properties

Stars

4 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases 12

v1.96 Latest
Mar 12, 2026
+ 11 releases

Packages

 
 
 

Contributors

Languages