As you may have noticed, we released version 3.15.0 of wolfSSL. One of the features in this release was TLS 1.3 Draft 28 support! Draft 28 is the latest version of the TLS 1.3 specification, and can be enabled in wolfSSL at configure time by using the “–enable-tls13” build option:
--enable-tls13 Enable wolfSSL TLS v1.3 (default: disabled)
If you would still like (or need) to support older drafts of TLS 1.3, we still include support for Drafts 18, 22, 23, and 26. Each of these have their own respective configure option:
--enable-tls13-draft18 Enable wolfSSL TLS v1.3 Draft 18 (default: disabled) --enable-tls13-draft22 Enable wolfSSL TLS v1.3 Draft 22 (default: disabled) --enable-tls13-draft23 Enable wolfSSL TLS v1.3 Draft 23 (default: disabled) --enable-tls13-draft26 Enable wolfSSL TLS v1.3 Draft 26 (default: disabled)
For those interested in what has been changing with new drafts of TLS 1.3, you can view the Change Log in the TLS 1.3 RFC here. The big difference between Draft 27 and Draft 28 was the addition of a section on exposure of PSK identities. If you would like to learn more about wolfSSL’s support for TLS 1.3 and how to use it in your application, please visit our page about it today! We also recently put out a blog post series talking about the performance of TLS 1.3 in wolfSSL:
Part 1 (TLS 1.3 Performance – Resumption)
Part 2 (TLS 1.3 Performance – Full Handshake)
Part 3 (TLS 1.3 Performance – Pre-Shared Key (PSK))
Part 4 (TLS 1.3 Performance – Server Pre-Generation)
Part 5 (TLS 1.3 Performance – Client-Server Authentication)
Part 6 (TLS 1.3 Performance – Throughput)
Performance Comparison: TLS 1.3 in wolfSSL and OpenSSL
If you would like more information about wolfSSL’s support for TLS 1.3 or help on using it in your application, contact us at facts@wolfssl.com.