Encrypted Client Hello - Githubissues

wolfSSL / wolfssl

The wolfSSL library is a small, fast, portable implementation of TLS/SSL for embedded devices to the cloud. wolfSSL supports up to TLS 1.3 and DTLS 1.3!

https://www.wolfssl.com

GNU General Public License v2.0

2.33k stars 824 forks source link

Encrypted Client Hello #6461

Closed git001 closed 1 year ago

git001 commented 1 year ago

Version

Future version

Description

Hi. Is there any plan to add TLS Encrypted Client Hello into wolfssl.

This could be related to the haproxy Feature request ECH (Encrypted client hello) support

dgarske commented 1 year ago

Hi @git001 ,

We already support ECH (Encrypted Client Hello) since v5.6.0. It is also known as Encrypted SNI, which uses HPKE. See --enable-hpke.

Blog we did on it with details:

https://www.wolfssl.com/encrypted-client-hello-ech-now-supported-wolfssl/#:~:text=ECH%20(Encrypted%20Client%20Hello)%20is,during%20the%20normal%20TLS%20handshake.

Let us know if you have any issues or questions.

Thanks, David Garske, wolfSSL

git001 commented 1 year ago

Thank you for your answer