Btls is the informal name of STB 34.101.65, the official standard of Belarus. Btls compiles several RFC that defines the Transport Layer Security (TLS) protocol and its extensions legalizing TLS 1.2 in Belarus.
Btls also defines 8 ciphersuites based on algorithms of STB 34.101.31 and STB 34.101.45.
In this repo, we process comments on the current version of Btls, discuss future versions, provide additional supporting material.
The latest releases of Btls can be found at Releases.
Comments and proposals are processed at Issues.
Ciphersuites of Btls are implemented here via a patch for OpenSSL.
The ciphersuites can be used at the OpenSSL level with the s_client and
s_server commands. They can also be used in model client and server
environements that include:
- the Epiphany (GNOME Web) browser;
- the Glib-networking library;
- the Nginx web server;
- the Flask web framework.
Build:
$ cd client
$ bash build_client.sh
$ cd ..After build:
$ export PREFIX=${PWD}/bee2evp/build/local
$ echo "export LD_LIBRARY_PATH=${PREFIX}/lib:$LD_LIBRARY_PATH" >> ${HOME}/.bashrc
$ echo "export PATH=${PREFIX}/bin:$PATH" >> ${HOME}/.bashrc
$ echo "export PKG_CONFIG_PATH=${PREFIX}/lib/pkgconfig" >> ${HOME}/.bashrc
$ echo "export CPATH=${PREFIX}/include:$CPATH" >> ${HOME}/.bashrc
$ echo "export OPENSSL_CONF=${PREFIX}/openssl.cnf" >> ${HOME}/.bashrc
$ echo "export GIO_MODULE_DIR=${PREFIX}/lib/x86_64-linux-gnu/gio/modules" >> ${HOME}/.bashrcor run sh script:
$ bash ./add_to_bashrc.shConnect to a server:
$ epiphany https://<server>:<port>
\\ if server is local <server>=127.0.0.1
\\ port from {8443, 8444, 8445, 8446}Alternative way (no need to change .bashrc):
$ bash run_client.sh https://<server>:<port>
Requirements:
Deploy:
$ docker pull btls/btls256
$ docker pull btls/flask
$ docker-compose up -d btls256Open 2 terminals.
In the first:
$ docker exec -it btls256 bash
// in the docker shell
$ nginx -g "daemon off;" In the second:
$ docker exec -it flask bash
// in the docker shell
$ flask run --host=0.0.0.0 --port=5000