Here at wolfSSL, we have merged an important pull request addressing backward compatibility for post-quantum cryptography in TLS 1.3. This enhancement focuses on ML-KEM (Module-Lattice-Based Key Encapsulation Mechanism) codepoints, ensuring seamless interoperability between wolfSSL versions across the 5.8.0 release boundary.
Prior to version 5.8.0, wolfSSL used specific codepoint identifiers for hybrid key exchange algorithms combining traditional elliptic curve cryptography with post-quantum ML-KEM. The three primary combinations included P-256 with ML-KEM-512, P-384 with ML-KEM-768, and P-521 with ML-KEM-1024, each matched to provide equivalent security levels across classical and post-quantum components.
The enhancement introduces a pre-processor macro called WOLFSSL_ML_KEM_USE_OLD_IDS that solves this challenge. When defined during the build process, wolfSSL recognizes and accepts both legacy pre-5.8.0 codepoints and current standardized codepoints, enabling old clients to connect to new servers, new clients to connect to old servers, and both to communicate using either codepoint variant.
Technically, the implementation adds three constant definitions for old codepoint values: WOLFSSL_P256_ML_KEM_512_OLD (12103), WOLFSSL_P384_ML_KEM_768_OLD (12104), and WOLFSSL_P521_ML_KEM_1024_OLD (12105), distinct from current codepoints (12107, 12108, 12109). The code guards all references with preprocessor conditionals, ensuring builds without the compatibility flag remain focused on current standards.
Afraid the cryptographic library you use will deprecate features before you are ready? You’ll never have that fear if you’re using any library from wolfSSL.
If you have questions about any of the above, please contact us at facts@wolfssl.comM or +1 425 245 8247.
Download wolfSSL Now