Files
wolfssl/examples
Aidan Garske 41fad5f307 Fix and expand tinytls13 footprint profile across CI configs
Make every --enable-tinytls13 spelling build and pass locally, and grow the
CI matrix to cover them. These are fixes found while testing the configs the
CI workflow had not actually exercised.

- internal.h, internal.c, ssl_load.c: include ML-DSA and Falcon in the
  pkCurveOID member and producer guards so the PSK plus ML-DSA build compiles.
- tls13.c: gate the DoTls13CertificateVerify definition on NO_CERTS to match
  its call site.
- settings.h: let the AES-256 adder survive the floor, default the
  user_settings path to the SHA-256 floor, make WOLFSSL_NO_MALLOC opt-in so
  the test suite still runs, and keep ML-DSA ASN.1 for the cert profile.
- configure.ac: drive ENABLED_ASM and emit WOLFSSL_NO_ASM for the small C
  floor, restrict SP math to P-256, strip ML-DSA ASN.1 only on the PSK floor,
  and print a notice for the reduced security cert verify.
- examples: guard the cert loading paths for NO_CERTS and treat NO_CERTS as
  PSK mode in echoserver and echoclient.
- Add examples/configs/tinytls13_smoke.c, an in memory TLS 1.3 handshake test
  that drives PSK, ECDSA, ML-DSA-65 and RSA-PSS chain verify, plus forced
  cipher suites, for builds with no example or unit test harness.
- certs: add ECDSA leaves signed by the ML-DSA-65 and RSA-PSS CAs so the cert
  profiles drive a real PQC and PSS chain verify in CI.
- .github/workflows/tinytls13.yml: cover every profile and adder, run the
  smoke handshake on the build verified configs, and least privilege the
  workflow token.
2026-06-22 12:08:58 -07:00
..
2026-02-18 09:52:21 -07:00
2026-06-11 08:38:00 +09:00
2026-02-18 09:52:21 -07:00
2026-03-11 10:21:16 +01:00

wolfSSL examples directory

client and server

These directories contain a client (client.c) and server (server.c) that utilize a variety of the wolfSSL library's capabilities. The manner in which both programs operate can depend on the configure or can be specified at run-time depending on the end goal. Both applications contain testing as well as benchmarking code.

Compile

./configure
make

Usage

./examples/server/server

./examples/client/client

Run ./examples/server/server -h and ./examples/client/client -h for usage details.

For simpler wolfSSL TLS server/client examples, visit https://github.com/wolfSSL/wolfssl-examples/tree/master/tls

echoclient and echoserver

These directories contain a client (echoclient.c) and server (echoserver.c) that establish a connection encrypted by wolfSSL. Like the names indicate, once the connection has been established any messages entered into echoclient are sent to and displayed on the echoserver and are then echoed back to echoclient. The nature of the encryption, as well as additional behavior of the two programs, depends on how wolfSSL was configured ( DTLS enabled/disabled, Filesystem enabled/disabled, etc ... ).

Compile

./configure
make

Usage

./examples/echoserver/echoserver

./examples/echoclient/echoclient

benchmark

The benchmark directory offers an application that can help you grasp just how well wolfSSL's TLS functionality is performing on your local machine.

Compile

./configure
make

Usage

./examples/benchmark/tls_bench

The tls_bench executable can also be compiled separately with gcc -lwolfssl -lpthread -o tls_bench tls_bench.c.

Run ./examples/benchmark/tls_bench -? for usage details.

sctp

This directory contains servers and clients that demonstrate wolfSSL's DTLS-SCTP support.

Compile

./configure --enable-sctp
make

Usage

./examples/sctp/sctp-server

./examples/sctp/sctp-client

and

./examples/sctp/sctp-server-dtls

./examples/sctp/sctp-client-dtls

configs

This directory contains example wolfSSL configuration file templates for use when autoconf is not available, such as building with a custom IDE.

See configs/README.md for more details.

asn1

This directory contains an example that prints the ASN.1 data of a BER/DER or PEM encoded file. Configure wolfSSL with --enable-asn-print.

pem

This directory contains an example of converting to/from PEM and DER. Configure wolfSSL with --enable-coding