As cryptographic standards and regulatory requirements continue to evolve, the ability to adopt modern security protocols without sacrificing compliance is increasingly important. TLS 1.3 plays a critical role in this evolution — not only as today’s baseline for secure communications but also as the foundation for the ongoing transition toward Post-Quantum Cryptography (PQC).
With recent updates, wolfSSL now supports ECC Brainpool curves in TLS 1.3, enabling deployments in regulated environments to adopt TLS 1.3 while maintaining compliance with existing cryptographic mandates.
Why ECC Brainpool Curves Matter
Brainpool curves are a family of elliptic curves standardized in Europe and recommended or mandated by several national authorities, including the German Federal Office for Information Security (BSI). In sectors such as energy, industrial control systems, and government infrastructure, the use of Brainpool curves is often a regulatory requirement.
At the same time, the European Union has already begun the transition toward Post-Quantum Cryptography, particularly for highly regulated and long-lived systems. These environments face a dual challenge: they must modernize their protocol stacks while continuing to meet existing cryptographic requirements.
TLS 1.3 is a key enabler for this transition. It provides a cleaner and more extensible protocol design, which is essential for cryptographic agility, hybrid key exchanges, and future PQC integration. Supporting Brainpool curves in TLS 1.3 allows organizations to move forward with TLS modernization now, without breaking compliance and without delaying preparation for Post-Quantum deployments.
TLS 1.3 Brainpool Support in wolfSSL
wolfSSL now implements full, standards-compliant support for Brainpool curves in TLS 1.3 as specified in RFC 8734.
Brainpool Named Groups for TLS 1.3
The following Brainpool NamedGroups are supported for ECDHE key exchange in TLS 1.3:
- brainpoolP256r1tls13
- brainpoolP384r1tls13
- brainpoolP512r1tls13
These groups are advertised and negotiated during the TLS 1.3 handshake in accordance with RFC 8734, enabling Brainpool-based key exchange when supported by both peers.
Brainpool ECDSA Signature Schemes
wolfSSL also supports the corresponding Brainpool ECDSA signature schemes for TLS 1.3, including:
- ECDSA with BrainpoolP256r1 and SHA-256
- ECDSA with BrainpoolP384r1 and SHA-384
- ECDSA with BrainpoolP512r1 and SHA-512
When a Brainpool certificate is in use and these signature schemes are offered by the peer, wolfSSL automatically selects the appropriate algorithm during the TLS 1.3 authentication process.
Improved Standards Enforcement for TLS 1.2
In addition to the new TLS 1.3 functionality, Brainpool handling in TLS 1.2 has been tightened to ensure consistent, standards-compliant behavior.
wolfSSL now enforces the requirement that a Brainpool curve must be explicitly advertised in the client’s supported curves list. If the curve is not properly negotiated, the handshake fails rather than proceeding with ambiguous or non-conformant behavior.
This ensures correct and predictable Brainpool usage across both TLS 1.2 and TLS 1.3.
Configuration and Usage
When Brainpool support is enabled at build time (for example via –enable-brainpool or HAVE_ECC_BRAINPOOL), wolfSSL will automatically:
- Advertise Brainpool NamedGroups in TLS 1.3 supported groups and key share extensions
- Advertise Brainpool signature schemes when appropriate
Existing APIs such as wolfSSL_CTX_set_groups(), wolfSSL_set_groups(), and wolfSSL_UseKeyShare() can be used to control curve selection and preferences, consistent with other elliptic curves supported by wolfSSL.
Interoperability and Testing
The TLS 1.3 Brainpool implementation has been validated for interoperability with all other TLS stacks that support the feature, namely OpenSSL and Bouncy Castle. The internal test coverage has also been expanded to ensure correct negotiation, signature selection, and strict adherence to the relevant RFCs.
Looking Ahead: TLS 1.3 and Post-Quantum Readiness
Supporting Brainpool curves in TLS 1.3 allows wolfSSL users to adopt modern TLS today while maintaining compatibility with existing regulatory requirements. At the same time, it lays the groundwork for future cryptographic transitions, including hybrid and Post-Quantum TLS deployments.
For regulated environments that mandate Brainpool curves today and are planning for PQC tomorrow, this capability ensures that systems deployed now remain secure, compliant, and adaptable as cryptographic standards continue to evolve.
If you have questions about any of the above, please contact us at facts@wolfssl.com or call us at +1 425 245 8247.
Download wolfSSL Now