The Illustrated DTLS 1.3 Connection: Every byte explained

  • By Michael Driscoll
  • Last update: Dec 13, 2022
  • Comments: 1

The Illustrated DTLS Connection

Published at

  • site/: page source for the finished product
  • server/server.c: server code
  • client/client.c: client code
  • wolfssl/: patch and build of wolfSSL that removes any random aspects of the documented connection
  • captures/: PCAP and keylog files

See also for a TLS 1.3 version of this project.

Build instructions

If you'd like a working example that reproduces the exact handshake documented on the site:

git clone
cd illustrated-dtls/
cd wolfssl/
cd ../server/
cd ../client/

Then open two terminals and run ./server in the server/ subdir and ./client in the client/ subdir.

This has been shown to work on MacOS 12 and various Linuxes and only has a few easy-to-find dependencies: gcc or clang, make, patch, etc.



  • 1

    pasto in shello.html.template ?

    First of all this whole demonstration is really cool.

    Anyhow on line 105 of generate/index-02-shello.html.template

    <li><xtt>%1 %2 %3</xtt> - %nnn1 bytes of client hello data is in this handshake record.

    Shouldn't that be "server hello" instead of "client hello" ?