#!/bin/bash # Run this script from the wolfSSL root if [ ! -f wolfssl/ssl.h ]; then echo "Run from the wolfssl root" exit 1 fi run_sequence() { if [ "$1" == "dh" ] || [ "$1" == "ecc" ]; then # TLS v1.3 ./examples/server/server -v 4 -l TLS13-AES128-GCM-SHA256 & sleep 0.1 ./examples/client/client -v 4 -l TLS13-AES128-GCM-SHA256 ./examples/server/server -v 4 -l TLS13-AES256-GCM-SHA384 & sleep 0.1 ./examples/client/client -v 4 -l TLS13-AES256-GCM-SHA384 ./examples/server/server -v 4 -l TLS13-CHACHA20-POLY1305-SHA256 & sleep 0.1 ./examples/client/client -v 4 -l TLS13-CHACHA20-POLY1305-SHA256 fi if [ "$1" == "dh-resume" ] || [ "$1" == "ecc-resume" ]; then # TLS v1.3 Resumption ./examples/server/server -v 4 -l TLS13-AES128-GCM-SHA256 -r & sleep 0.1 ./examples/client/client -v 4 -l TLS13-AES128-GCM-SHA256 -r ./examples/server/server -v 4 -l TLS13-AES256-GCM-SHA384 -r & sleep 0.1 ./examples/client/client -v 4 -l TLS13-AES256-GCM-SHA384 -r ./examples/server/server -v 4 -l TLS13-CHACHA20-POLY1305-SHA256 -r & sleep 0.1 ./examples/client/client -v 4 -l TLS13-CHACHA20-POLY1305-SHA256 -r fi if [ "$1" == "x25519" ]; then # TLS v1.3 ./examples/server/server -v 4 -l TLS13-AES128-GCM-SHA256 -c ./certs/ed25519/server-ed25519.pem -k ./certs/ed25519/server-ed25519-priv.pem -A ./certs/ed25519/client-ed25519.pem & sleep 0.1 ./examples/client/client -v 4 -l TLS13-AES128-GCM-SHA256 -c ./certs/ed25519/client-ed25519.pem -k ./certs/ed25519/client-ed25519-priv.pem -A ./certs/ed25519/root-ed25519.pem ./examples/server/server -v 4 -l TLS13-AES256-GCM-SHA384 -c ./certs/ed25519/server-ed25519.pem -k ./certs/ed25519/server-ed25519-priv.pem -A ./certs/ed25519/client-ed25519.pem & sleep 0.1 ./examples/client/client -v 4 -l TLS13-AES256-GCM-SHA384 -c ./certs/ed25519/client-ed25519.pem -k ./certs/ed25519/client-ed25519-priv.pem -A ./certs/ed25519/root-ed25519.pem ./examples/server/server -v 4 -l TLS13-CHACHA20-POLY1305-SHA256 -c ./certs/ed25519/server-ed25519.pem -k ./certs/ed25519/server-ed25519-priv.pem -A ./certs/ed25519/client-ed25519.pem & sleep 0.1 ./examples/client/client -v 4 -l TLS13-CHACHA20-POLY1305-SHA256 -c ./certs/ed25519/client-ed25519.pem -k ./certs/ed25519/client-ed25519-priv.pem -A ./certs/ed25519/root-ed25519.pem fi # Run: with x25519_resume if [ "$1" == "x25519-resume" ]; then # TLS v1.3 Resumption ./examples/server/server -v 4 -l TLS13-AES128-GCM-SHA256 -r -c ./certs/ed25519/server-ed25519.pem -k ./certs/ed25519/server-ed25519-priv.pem -A ./certs/ed25519/client-ed25519.pem & sleep 0.1 ./examples/client/client -v 4 -l TLS13-AES128-GCM-SHA256 -r -c ./certs/ed25519/client-ed25519.pem -k ./certs/ed25519/client-ed25519-priv.pem -A ./certs/ed25519/root-ed25519.pem ./examples/server/server -v 4 -l TLS13-AES256-GCM-SHA384 -r -c ./certs/ed25519/server-ed25519.pem -k ./certs/ed25519/server-ed25519-priv.pem -A ./certs/ed25519/client-ed25519.pem & sleep 0.1 ./examples/client/client -v 4 -l TLS13-AES256-GCM-SHA384 -r -c ./certs/ed25519/client-ed25519.pem -k ./certs/ed25519/client-ed25519-priv.pem -A ./certs/ed25519/root-ed25519.pem ./examples/server/server -v 4 -l TLS13-CHACHA20-POLY1305-SHA256 -r -c ./certs/ed25519/server-ed25519.pem -k ./certs/ed25519/server-ed25519-priv.pem -A ./certs/ed25519/client-ed25519.pem & sleep 0.1 ./examples/client/client -v 4 -l TLS13-CHACHA20-POLY1305-SHA256 -r -c ./certs/ed25519/client-ed25519.pem -k ./certs/ed25519/client-ed25519-priv.pem -A ./certs/ed25519/root-ed25519.pem fi # TLS v1.3 Hello Retry Request if [ "$1" == "hrr" ]; then # TLS v1.3 Hello Retry Request ./examples/server/server -v 4 -i -x -g & server_pid=$! sleep 0.1 ./examples/client/client -v 4 -J kill $server_pid fi sleep 1 } run_capture(){ echo -e "\nconfiguring and building wolfssl..." ./configure --enable-sniffer $2 1>/dev/null || exit $? make 1>/dev/null || exit $? echo "starting capture" tcpdump -i lo0 -nn port 11111 -w ./scripts/sniffer-tls13-$1.pcap & tcpdump_pid=$! run_sequence $1 kill $tcpdump_pid } run_capture "ecc" "" run_capture "ecc-resume" "--enable-session-ticket" run_capture "dh" "--disable-ecc" run_capture "dh-resume" "--disable-ecc --enable-session-ticket" run_capture "x25519" "--enable-curve25519 --disable-dh --disable-ecc" run_capture "x25519-resume" "--enable-curve25519 --disable-dh --disable-ecc --enable-session-ticket" run_capture "hrr" "--disable-dh CFLAGS=-DWOLFSSL_SNIFFER_WATCH"