Download as PDF, PPTX
Uploaded bywolfSSL
wolfSSL TLS 1.3 Support in 2018
The document discusses the status and testing of TLS 1.3, including issues related to middlebox compatibility and the differentiation between draft versions. It outlines extensive interop testing with various configurations and API changes related to TLS 1.3 functionalities. Key updates and finalizing processes are highlighted with an emphasis on testing results and configuration options for developers.
More Related Content
Similar to wolfSSL TLS 1.3 Support in 2018
![Getting Started with Apache Spark: Big Data Made Simple [Free Meetup]](https://cdn.slidesharecdn.com/ss_thumbnails/apachesparkgettingstarted-260203175547-8361bcc3-thumbnail.jpg?width=640&height=640&fit=bounds)
wolfSSL TLS 1.3 Support in 2018
- 1.
- 2. TLS v1.3 -Status • Draft 22 out and being tested • Middlebox compatibility • Draft 23 • Renumber key_share extension • RSA-PSS negotiation for certificates and messages
- 3. TLS v1.3 -Middleboxes • Boxes sitting between user and website • Network scanners • TLS Proxies • Adware and Malware • ClientHello and ServerHello look more like TLS v1.2 • Encrypted messages after a ChangeCipherSpec
- 4. TLS v1.3 -Middleboxes • Mozilla customer tested there browser connecting to controlled website: tls13.facebook.com Failure Rate US only TLS v1.2 4.8491% 3.2477% TLS v1.3 Draft 22 5.0174% 3.4521% TLS v1.3 Draft 22 Compat 4.8090% 3.2394% Source: https://mailarchive.ietf.org/arch/msg/tls/6pGGT-wm5vSkacMFPEPvFMEnj-M
- 5. TLS v1.3 inTLSWG • Gone to third last call • IANA Registry Updates published • Still minor edits to be made that don’t affect wire format • Last call ends 26 January • Then … ???
- 6. TLS 1.3 -Interop Testing • Extensive testing of Draft 18 against Mozilla products and OpenSSL • Extensive testing of Draft 22 against OpenSSL • 27 different test cases • All ciphers suites, RSA and ECC certificates, DH and ECDH (+X25519) • Fragmentation, HHR, Resumption, KeyUpdate, EarlyData, Padding in record layer
- 7. TLS 1.3 -Configure • --enable-tls13 —enable-tls13-draft18 • --enable-session-ticket --enable-psk • --enable-postauth • --enable-earlydata • --enable-hrrcookie • -DWOLFSSL_TLS13_MIDDLEBOX_COMPAT • -DWOLFSSL_TLS13_TICKET_BEFORE_FINISHED
- 8. TLS 1.3 -Examples • C_EXTRA_FLAGS=“-DWOLFSSL_DEBUG_TLS” • HelloRetryRequest: -J (client) • No Forward secrecy with PSK: -K (client/server) • Update keys and IVs: -I (client) -U (server) • Early Data: -0 (client/server) • Post-Handshake Auth: -Q (client/server) • Cookie Extension containing state: -J (server)
- 9. TLS 1.3 -API Changes • PSK DHE: wolfSSL_CTX_no_dhe_psk() • Post handshake authentication • wolfSSL_CTX_allow_post_handhshake_auth() • wolfSSL_request_certifcate() • Key Shares • wolfSSL_NoKeyShares() • wolfSSL_UseKeyShare() • wolfSSL_send_hrr_cookie() • Update Keys: wolfSSL_update_keys()
- 10. TLS 1.3 -API Changes • Tickets • wolfSSL_no_ticket_TLSv13() • Early Data • wolfSSL_read_early_data() • wolfSSL_write_early_data() • wolfSSL_set_max_early_data() • Accept/Connect - don’t need to use • wolfSSL_accept_TLSv13() • wolfSSL_connect_TLSv13()
- 11. TLS 1.3 -Questions