README.md

@@ -1,24 +1,14 @@
-# Servers
+# TLS testing
 
-## Quantum-resistant key exchange
+## Servers
 
-### golang based
+### Quantum-resistant key exchange
 
-* ``pq.amongbytes.com``: SIDH/P503-x25519, SIDH/751-x448
-* ``pq-t1.amongbytes.com``: SIDH tests: Test phase 1. Allowed to be broken
+* ``pq-t1.amongbytes.com``: SIDH tests
+* ``pq-t2.amongbytes.com``: SIDH tests - TLS 1.3 only is supported
 
-### BoringSSL based (SIDH/P503-X25519 only - mainly for toure/interoperability testing)
-| domain | SNI | desc |
-|--------|-----|------|
-| pq.amongbytes.com | pq-clang.amongbytes.com | Clang on X64_64 with all optims |
-| pq.amongbytes.com | pq-clang-san.amongbytes.com | Clang with sanitizers on x86_64 with optims |
-| pq.amongbytes.com | pq-gcc.amongbytes.com | GCC with all optims on x86_64 |
-| pq.amongbytes.com | pq-gcc-nop.amongbytes.com | GCC without optims on x86_64 |
-| pq.amongbytes.com | pq-arm8.amongbytes.com | ARMv8 with optims and out of order execution |
-| pq.amongbytes.com | pq-arm8-nop.amongbytes.com | aarch64 without optims out of order execution  |
-| pq.amongbytes.com | pq-arm8-noo.amongbytes.com | aarch64 without optims without OoO|
-| pq.amongbytes.com | pq-arm7.amongbytes.com | armv7 without optims without OoO|
-
-
-## TLS-TRIS 
-* ``gotls13.amongbytes.com``: Currently alias to gotls13-p1 (referenced at https://github.com/tlswg/tls13-spec/wiki/Implementations)
+### TLS-TRIS 
+* ``gotls13-t1.amongbytes.com``: Testing branch of tls-tris. It supports only TLS 1.3 (0x0304)
+* ``gotls13-t2.amongbytes.com``: Testing branch of tls-tris. It supports only TLS 1.3 Draft 28
+* ``gotls13-p1.amongbytes.com``: Testing branch of tls-tris - master branch
+* ``gotls13-r1.amongbytes.com``: Testing branch of tls-tris - latest release

images/gotls13-t2/Makefile

@@ -1,4 +1,4 @@
-NAME=gotls13-t2
+NAME=gotls13-p2
 PORT=50603
 build:
 	mkdir -p certs
@@ -13,3 +13,4 @@ restart:
 	docker rm ${NAME}
 	docker run --detach --restart always --name ${NAME} -p ${PORT}:443 ${NAME}
 
+

images/pq-connect-amd64-gcc/Dockerfile

@@ -1,8 +0,0 @@
-FROM buildpack-deps
-
-EXPOSE 443
-
-ADD bin/bssl /bin
-ADD bin/bssl_client /
-ADD req.txt /
-CMD [ "/bssl_client" ]

images/pq-connect-amd64-gcc/Makefile

@@ -1,8 +0,0 @@
-NAME=pq-gcc-amd64-client
-build:
-	docker build -t ${NAME} .
-run:
-	docker run --detach --restart always --name ${NAME} ${NAME}
-
-restart:
-	docker restart ${NAME}

images/pq-connect-amd64-gcc/bin/bssl_client

@@ -1,15 +0,0 @@
-#!/bin/bash
-
-COUNT=0
-while [ 1 ]; do
-	bssl client -curves CECPQ2 -connect www.cloudflare.com -server-name www.cloudflare.com < /req.txt
-	bssl client -curves X25519-SIDHp503 -connect www.cloudflare.com -server-name www.cloudflare.com < /req.txt
-	bssl client -curves P-521 -connect www.cloudflare.com -server-name www.cloudflare.com < /req.txt
-	COUNT=$((COUNT + 1))
-	if [ $COUNT -eq 1000 ]; then
-		COUNT=0
-		echo "SLEEPING"
-		sleep 1
-	fi
-done
-

images/pq-connect-amd64-gcc/req.txt

@@ -1,4 +0,0 @@
-GET / HTTP/1.0
-Host: www.cloudflare.com
-
-

images/pq-gcc/Dockerfile

@@ -1,9 +0,0 @@
-FROM buildpack-deps
-
-EXPOSE 443
-
-ADD bin/bssl /
-CMD mkdir certs
-ADD certs/privkey.pem certs/
-ADD certs/fullchain.pem certs/
-CMD [ "./bssl", "server", "-curves", "CECPQ2:X25519-SIDHp503:X25519:P-256:P-384:P-224:P-521", "-accept", "443", "-loop", "-www", "-cert", "certs/fullchain.pem", "-key", "certs/privkey.pem" ]

images/pq-gcc/Makefile

@@ -1,12 +0,0 @@
-NAME=pq-gcc-amd64
-PORT=50601
-build:
-	mkdir -p certs
-	cp ../../cert/fullchain.pem certs/
-	cp ../../cert/privkey.pem certs/
-	docker build -t ${NAME} .
-run:
-	docker run --detach --restart always --name ${NAME} -p ${PORT}:443 ${NAME}
-
-restart:
-	docker restart ${NAME}

images/pq-t1/Makefile

@@ -1,12 +1,9 @@
 NAME=pq-t1
 PORT=50510
 build:
-	mkdir -p certs
-	cp ../../cert/fullchain.pem certs/
-	cp ../../cert/privkey.pem certs/
 	docker build -t ${NAME} .
 run:
-	docker run --detach --restart always --name ${NAME} -p ${PORT}:443 ${NAME}
+	docker run --detach --restart always --name ${NAME} -p 50510:443 ${NAME}
 
 restart:
 	docker restart ${NAME}

images/pq-t2/Makefile

@@ -1,9 +1,6 @@
 NAME=pq-t2
 PORT=50511
 build:
-	mkdir -p certs
-	cp ../../cert/fullchain.pem certs/
-	cp ../../cert/privkey.pem certs/
 	docker build -t ${NAME} .
 run:
 	docker run --detach --restart always --name ${NAME} -p ${PORT}:443 ${NAME}

images/pq/Caddyfile

@@ -1,12 +0,0 @@
-:443 {
-	tls fullchain.pem privkey.pem
-	tls {
-	        protocols tls1.0 tls1.3
-        	curves X25519 P256 "SIDH/503-X25519"
-	}
-	log stdout
-	markdown / {
-		ext .html
-		template index.html
-	}
-}

images/pq/Dockerfile

@@ -1,10 +0,0 @@
-FROM buildpack-deps
-
-EXPOSE 443
-
-ADD certs/privkey.pem /
-ADD certs/fullchain.pem /
-ADD bin/caddy /
-ADD Caddyfile /
-ADD index.html /
-CMD [ "/caddy", "-conf", "/Caddyfile" ]

images/pq/Makefile

@@ -1,12 +0,0 @@
-NAME=pq
-PORT=50511
-build:
-	mkdir -p certs
-	cp ../../cert/fullchain.pem certs/
-	cp ../../cert/privkey.pem certs/ 
-	docker build -t ${NAME} .
-run:
-	docker run --detach --restart always --name ${NAME} -p ${PORT}:443 ${NAME}
-
-restart:
-	docker restart ${NAME}

images/pq/index.html

@@ -1,14 +0,0 @@
-<html>
-	<head>
-		<title>TLSv1.3/Post-Quantum test server</title>
-	</head>
-	<body>
-		Connection sucessful <br />
-		You are using TLS Version: {{.TLSVersion}}
-		
-		<p>
-		This page uses <a href="https://github.com/cloudflare/tls-tris">this tls</a> package and <a href="https://caddyserver.com/">Caddy</a> HTTP server.</p>
-		<p>It was built <a href="http://hdc.amongbytes.com/post/201810-baby-steps-to-pq-https-server/">this</a> way and is used for experimenting with post-quantum cryptography.</p>
-
-	</body>
-</html>