Another new addition in our 5.6.2 release of wolfSSL is our TLS hardening option. This TLS hardening feature secures your TLS connections according to the recommendations in RFC 9325. When enabled, wolfSSL will:
- disable TLS versions older than 1.2
- disable cipher suites based on ephemeral finite-field Diffie-Hellman key agreement finite-field Diffie-Hellman key agreement (i.e., “TLS_DHE_*” suites)
- disable NULL ciphers
- disable anonymous ciphers
- disable legacy ciphers
- RC4
- static RSA
- static DH
- disable the truncated HMAC extension
- for TLS 1.2, send the secure renegotiation extension and reject connections that don’t negotiate secure renegotiation
It is also possible to select either 112 or 128 bits of security. When 112 bits of security are enabled, wolfSSL will:
- require at least 2048 bit Diffie-Hellman keys
- require at least 2048 bit RSA keys
- require at least 224 bit Elliptic Curve keys
When 128 bits of security are enabled, wolfSSL will:
- disable 3DES ciphersuites
- require at least 3072 bit Diffie-Hellman keys
- require at least 3072 bit RSA keys
- require at least 256 bit Elliptic Curve keys
This feature may be enabled in wolfSSL by using the –enable-harden-tls flag.
RFC 9325 also has many recommendations for application and protocol developers. Some of these include:
- use ALPN to make sure that the traffic sent is interpreted by the correct application
- use a TLS-only channel instead of enabling dynamic upgrade from an unencrypted to an encrypted channel
- avoid the use of zero round-trip time (0-RTT) data in TLS 1.3 unless “an explicit specification exists for the application protocol in question to clarify when 0-RTT is appropriate and secure”
We highly recommend reading through the RFC and checking how you can make your project as secure as possible.
If you have any questions or run into any issues, contact us at facts@wolfssl.com, or call us at +1 425 245 8247.