obgm/libcoap
1
0
Fork 0
mirror of https://github.com/obgm/libcoap.git synced 2025-10-14 02:19:34 +08:00
Code Issues Projects Releases Wiki Activity

wolfSSL: Set up initial port

Browse Source 
Includes some porting ideas from qursa-uc3m libcoap-wolfssl work.

Some common ASN1 code moved from coap_gnutls.c to coap_asn1.c to support RPK.

WolfSSL build
$ ./configure --enable-all --enable-dtls13 CFLAGS="-DBUILD_TLS_PSK_WITH_AES_128_CCM -DHAVE_RPK"

Interoperability requirements

DTLS1.3 downgrade requires
https://github.com/eclipse/tinydtls/pull/230
https://github.com/wolfSSL/wolfssl/pull/7367

TLS1.3 downgrade requires
https://github.com/wolfSSL/wolfssl/pull/7367

(D)TLS1.2 use of RPK requires
https://github.com/wolfSSL/wolfssl/pull/7375

MbedTLS using TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 requires
https://github.com/wolfSSL/wolfssl/pull/7132

GnuTLS using PSK and TLS1.3 requires
https://github.com/wolfSSL/wolfssl/pull/7407
This commit is contained in:
Jon Shallow
2024-04-10 14:16:36 +00:00
committed by Jon Shallow
parent 04b239f55a
commit e3a662a934
53 changed files with 3612 additions and 125 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
.github/workflows/main.yml vendored
View File

@@ -30,12 +30,12 @@ jobs:
strategy:
matrix:
CC: ["gcc", "clang"]
TLS: ["no", "openssl", "gnutls", "mbedtls"]
TLS: ["no", "openssl", "gnutls", "mbedtls", "wolfssl"]
steps:
- uses: actions/checkout@v4
- name: setup
run: |
sudo apt-get update && sudo apt-get install -y libcunit1-dev libmbedtls-dev libgnutls28-dev libtool libtool-bin exuberant-ctags valgrind
sudo apt-get update && sudo apt-get install -y libcunit1-dev libmbedtls-dev libgnutls28-dev libwolfssl-dev libtool libtool-bin exuberant-ctags valgrind
./autogen.sh
- name: configure no-TLS
if: matrix.TLS == 'no'
@@ -80,14 +80,14 @@ jobs:
runs-on: ubuntu-latest
strategy:
matrix:
TLS: ["no", "openssl", "gnutls", "mbedtls", "tinydtls"]
TLS: ["no", "openssl", "gnutls", "mbedtls", "wolfssl", "tinydtls"]
steps:
- uses: actions/checkout@v4
with:
submodules: recursive
- name: setup
run: |
sudo apt-get update && sudo apt-get install -y libcunit1-dev libmbedtls-dev libgnutls28-dev
sudo apt-get update && sudo apt-get install -y libcunit1-dev libmbedtls-dev libgnutls28-dev libwolfssl-dev
cmake -E make_directory $GITHUB_WORKSPACE/build-${{matrix.TLS}}-cmake
- name: configure no-TLS
if: matrix.TLS == 'no'

3
BUILDING
View File

@@ -99,6 +99,9 @@ Note: FreeBSD requires gmake instead of make when building TinyDTLS - i.e.
# With OpenSSL
./configure --with-openssl --enable-tests --enable-shared
# With wolfSSL
./configure --with-wolfssl --enable-tests --enable-shared
# With GnuTLS
./configure --with-gnutls --enable-tests --enable-shared

84
CMakeLists.txt
View File

@@ -103,17 +103,18 @@ set(DTLS_BACKEND
STRING
"\
Name of the dtls backend, only relevant if `ENABLE_DTLS` is ON which is default. \
Possible values: default, gnutls, openssl, tinydtls and mbedtls. \
Possible values: default, gnutls, openssl, wolfssl, tinydtls and mbedtls. \
If specified then this library will be searched and if found also used. \
If not found then the cmake configuration will stop with an error. \
If not specified, then cmake will try to use the first one found in the following order: \
gnutls, openssl, tinydtls, mbedtls \
gnutls, openssl, wolfssl, tinydtls, mbedtls \
")
set_property(
CACHE DTLS_BACKEND
PROPERTY STRINGS
default
openssl
wolfssl
gnutls
tinydtls
mbedtls)
@@ -425,6 +426,7 @@ set(WITH_GNUTLS OFF)
set(WITH_OPENSSL OFF)
set(WITH_TINYDTLS OFF)
set(WITH_MBEDTLS OFF)
set(WITH_WOLFSSL OFF)
function(compile_tinydtls)
set(TINYDTLS_SOURCES_DIR ${CMAKE_CURRENT_LIST_DIR}/ext/tinydtls)
@@ -509,33 +511,43 @@ if(ENABLE_DTLS)
set(COAP_WITH_LIBOPENSSL 1)
else()
# openssl not found
# libmbedtls (e.g. debian libmbedtls-dev)
find_package(MbedTLS)
if(MbedTLS_FOUND)
set(WITH_MBEDTLS ON)
message(STATUS "compiling with mbedtls support")
set(COAP_WITH_LIBMBEDTLS 1)
# wolfSSL
find_package(wolfSSL)
if(wolfSSL_FOUND)
set(WITH_WOLFSSL ON)
message(STATUS "compiling with wolfssl support")
set(COAP_WITH_LIBWOLFSSL 1)
else()
# mbedtls not found
if(USE_VENDORED_TINYDTLS)
compile_tinydtls()
# wolfssl not found
# libmbedtls (e.g. debian libmbedtls-dev)
find_package(MbedTLS)
if(MbedTLS_FOUND)
set(WITH_MBEDTLS ON)
message(STATUS "compiling with mbedtls support")
set(COAP_WITH_LIBMBEDTLS 1)
else()
find_package(TinyDTLS)
if(TINYDTLS_FOUND)
# mbedtls not found
if(USE_VENDORED_TINYDTLS)
compile_tinydtls()
else()
# no cryto lib found
message(
FATAL_ERROR
"cannot find any cryto lib, either install one or compile without DTLS support"
)
find_package(TinyDTLS)
if(TINYDTLS_FOUND)
else()
# no cryto lib found
message(
FATAL_ERROR
"cannot find any cryto lib, either install one or compile without DTLS support"
)
endif()
endif()
endif()
set(WITH_TINYDTLS ON)
message(STATUS "compiling with tinydtls support")
set(COAP_WITH_LIBTINYDTLS 1)
set(WITH_TINYDTLS ON)
message(STATUS "compiling with tinydtls support")
set(COAP_WITH_LIBTINYDTLS 1)
endif()
endif()
@@ -570,6 +582,15 @@ if(ENABLE_DTLS)
set(COAP_WITH_LIBOPENSSL 1)
endif()
if(DTLS_BACKEND
STREQUAL
"wolfssl")
find_package(wolfSSL REQUIRED)
set(WITH_WOLFSSL ON)
message(STATUS "compiling with wolfssl support")
set(COAP_WITH_LIBWOLFSSL 1)
endif()
if(DTLS_BACKEND
STREQUAL
"mbedtls")
@@ -600,6 +621,16 @@ if(ENABLE_DTLS)
endif()
if(WITH_WOLFSSL)
find_library(WOLFSSL_LIBRARY wolfssl HINTS /usr/local/lib)
find_path(WOLFSSL_INCLUDE_DIR wolfssl/wolfcrypt/settings.h HINTS /usr/local/include)
if(WOLFSSL_LIBRARY AND WOLFSSL_INCLUDE_DIR)
message(STATUS "compiling with wolfssl support")
else()
message(FATAL_ERROR "WolfSSL not found")
endif()
endif()
execute_process(COMMAND git describe --tags --dirty --always
RESULT_VARIABLE USING_GIT
OUTPUT_VARIABLE LIBCOAP_PACKAGE_BUILD
@@ -649,10 +680,12 @@ message(STATUS "DTLS_BACKEND:....................${DTLS_BACKEND}")
message(STATUS "WITH_GNUTLS:.....................${WITH_GNUTLS}")
message(STATUS "WITH_TINYDTLS:...................${WITH_TINYDTLS}")
message(STATUS "WITH_OPENSSL:....................${WITH_OPENSSL}")
message(STATUS "WITH_WOLFSSL:....................${WITH_WOLFSSL}")
message(STATUS "WITH_MBEDTLS:....................${WITH_MBEDTLS}")
message(STATUS "HAVE_LIBTINYDTLS:................${COAP_WITH_LIBTINYDTLS}")
message(STATUS "HAVE_LIBGNUTLS:..................${COAP_WITH_LIBGNUTLS}")
message(STATUS "HAVE_LIBOPENSSL:.................${COAP_WITH_LIBOPENSSL}")
message(STATUS "HAVE_LIBWOLFSSL:.................${COAP_WITH_LIBWOLFSSL}")
message(STATUS "HAVE_LIBMBEDTLS:.................${COAP_WITH_LIBMBEDTLS}")
message(STATUS "WITH_EPOLL:......................${WITH_EPOLL}")
message(STATUS "WITH_OBSERVE_PERSIST:............${WITH_OBSERVE_PERSIST}")
@@ -723,6 +756,7 @@ target_sources(
${CMAKE_CURRENT_LIST_DIR}/src/coap_ws.c
# no need to parse those files if we do not need them
$<$<BOOL:${COAP_WITH_LIBOPENSSL}>:${CMAKE_CURRENT_LIST_DIR}/src/coap_openssl.c>
$<$<BOOL:${COAP_WITH_LIBWOLFSSL}>:${CMAKE_CURRENT_LIST_DIR}/src/coap_wolfssl.c>
$<$<BOOL:${COAP_WITH_LIBTINYDTLS}>:${CMAKE_CURRENT_LIST_DIR}/src/coap_tinydtls.c>
$<$<BOOL:${COAP_WITH_LIBGNUTLS}>:${CMAKE_CURRENT_LIST_DIR}/src/coap_gnutls.c>
$<$<BOOL:${COAP_WITH_LIBMBEDTLS}>:${CMAKE_CURRENT_LIST_DIR}/src/coap_mbedtls.c>
@@ -765,7 +799,8 @@ target_include_directories(
$<INSTALL_INTERFACE:include/>
$<$<AND:$<BOOL:${COAP_WITH_LIBTINYDTLS}>,$<BOOL:${USE_VENDORED_TINYDTLS}>>:${CMAKE_BINARY_DIR}/include/tinydtls>
$<$<BOOL:${COAP_WITH_LIBGNUTLS}>:${GNUTLS_INCLUDE_DIR}>
$<$<BOOL:${COAP_WITH_LIBMBEDTLS}>:${MBEDTLS_INCLUDE_DIRS}>)
$<$<BOOL:${COAP_WITH_LIBMBEDTLS}>:${MBEDTLS_INCLUDE_DIRS}>
$<$<BOOL:${COAP_WITH_LIBWOLFSSL}>:${WOLFSSL_INCLUDE_DIR}>)
target_link_libraries(
${COAP_LIBRARY_NAME}
PUBLIC $<$<BOOL:${COAP_WITH_LIBOPENSSL}>:OpenSSL::SSL>
@@ -775,6 +810,7 @@ target_link_libraries(
$<$<BOOL:${COAP_WITH_LIBMBEDTLS}>:${MBEDTLS_LIBRARY}>
$<$<BOOL:${COAP_WITH_LIBMBEDTLS}>:${MBEDX509_LIBRARY}>
$<$<BOOL:${COAP_WITH_LIBMBEDTLS}>:${MBEDCRYPTO_LIBRARY}>
$<$<BOOL:${COAP_WITH_LIBWOLFSSL}>:${WOLFSSL_LIBRARY}>
$<$<BOOL:${MINGW}>:ws2_32>)
target_compile_options(

84
CMakeLists.txt.in
View File

@@ -103,17 +103,18 @@ set(DTLS_BACKEND
STRING
"\
Name of the dtls backend, only relevant if `ENABLE_DTLS` is ON which is default. \
Possible values: default, gnutls, openssl, tinydtls and mbedtls. \
Possible values: default, gnutls, openssl, wolfssl, tinydtls and mbedtls. \
If specified then this library will be searched and if found also used. \
If not found then the cmake configuration will stop with an error. \
If not specified, then cmake will try to use the first one found in the following order: \
gnutls, openssl, tinydtls, mbedtls \
gnutls, openssl, wolfssl, tinydtls, mbedtls \
")
set_property(
CACHE DTLS_BACKEND
PROPERTY STRINGS
default
openssl
wolfssl
gnutls
tinydtls
mbedtls)
@@ -425,6 +426,7 @@ set(WITH_GNUTLS OFF)
set(WITH_OPENSSL OFF)
set(WITH_TINYDTLS OFF)
set(WITH_MBEDTLS OFF)
set(WITH_WOLFSSL OFF)
function(compile_tinydtls)
set(TINYDTLS_SOURCES_DIR ${CMAKE_CURRENT_LIST_DIR}/ext/tinydtls)
@@ -509,33 +511,43 @@ if(ENABLE_DTLS)
set(COAP_WITH_LIBOPENSSL 1)
else()
# openssl not found
# libmbedtls (e.g. debian libmbedtls-dev)
find_package(MbedTLS)
if(MbedTLS_FOUND)
set(WITH_MBEDTLS ON)
message(STATUS "compiling with mbedtls support")
set(COAP_WITH_LIBMBEDTLS 1)
# wolfSSL
find_package(wolfSSL)
if(wolfSSL_FOUND)
set(WITH_WOLFSSL ON)
message(STATUS "compiling with wolfssl support")
set(COAP_WITH_LIBWOLFSSL 1)
else()
# mbedtls not found
if(USE_VENDORED_TINYDTLS)
compile_tinydtls()
# wolfssl not found
# libmbedtls (e.g. debian libmbedtls-dev)
find_package(MbedTLS)
if(MbedTLS_FOUND)
set(WITH_MBEDTLS ON)
message(STATUS "compiling with mbedtls support")
set(COAP_WITH_LIBMBEDTLS 1)
else()
find_package(TinyDTLS)
if(TINYDTLS_FOUND)
# mbedtls not found
if(USE_VENDORED_TINYDTLS)
compile_tinydtls()
else()
# no cryto lib found
message(
FATAL_ERROR
"cannot find any cryto lib, either install one or compile without DTLS support"
)
find_package(TinyDTLS)
if(TINYDTLS_FOUND)
else()
# no cryto lib found
message(
FATAL_ERROR
"cannot find any cryto lib, either install one or compile without DTLS support"
)
endif()
endif()
endif()
set(WITH_TINYDTLS ON)
message(STATUS "compiling with tinydtls support")
set(COAP_WITH_LIBTINYDTLS 1)
set(WITH_TINYDTLS ON)
message(STATUS "compiling with tinydtls support")
set(COAP_WITH_LIBTINYDTLS 1)
endif()
endif()
@@ -570,6 +582,15 @@ if(ENABLE_DTLS)
set(COAP_WITH_LIBOPENSSL 1)
endif()
if(DTLS_BACKEND
STREQUAL
"wolfssl")
find_package(wolfSSL REQUIRED)
set(WITH_WOLFSSL ON)
message(STATUS "compiling with wolfssl support")
set(COAP_WITH_LIBWOLFSSL 1)
endif()
if(DTLS_BACKEND
STREQUAL
"mbedtls")
@@ -600,6 +621,16 @@ if(ENABLE_DTLS)
endif()
if(WITH_WOLFSSL)
find_library(WOLFSSL_LIBRARY wolfssl HINTS /usr/local/lib)
find_path(WOLFSSL_INCLUDE_DIR wolfssl/wolfcrypt/settings.h HINTS /usr/local/include)
if(WOLFSSL_LIBRARY AND WOLFSSL_INCLUDE_DIR)
message(STATUS "compiling with wolfssl support")
else()
message(FATAL_ERROR "WolfSSL not found")
endif()
endif()
execute_process(COMMAND git describe --tags --dirty --always
RESULT_VARIABLE USING_GIT
OUTPUT_VARIABLE LIBCOAP_PACKAGE_BUILD
@@ -649,10 +680,12 @@ message(STATUS "DTLS_BACKEND:....................${DTLS_BACKEND}")
message(STATUS "WITH_GNUTLS:.....................${WITH_GNUTLS}")
message(STATUS "WITH_TINYDTLS:...................${WITH_TINYDTLS}")
message(STATUS "WITH_OPENSSL:....................${WITH_OPENSSL}")
message(STATUS "WITH_WOLFSSL:....................${WITH_WOLFSSL}")
message(STATUS "WITH_MBEDTLS:....................${WITH_MBEDTLS}")
message(STATUS "HAVE_LIBTINYDTLS:................${COAP_WITH_LIBTINYDTLS}")
message(STATUS "HAVE_LIBGNUTLS:..................${COAP_WITH_LIBGNUTLS}")
message(STATUS "HAVE_LIBOPENSSL:.................${COAP_WITH_LIBOPENSSL}")
message(STATUS "HAVE_LIBWOLFSSL:.................${COAP_WITH_LIBWOLFSSL}")
message(STATUS "HAVE_LIBMBEDTLS:.................${COAP_WITH_LIBMBEDTLS}")
message(STATUS "WITH_EPOLL:......................${WITH_EPOLL}")
message(STATUS "WITH_OBSERVE_PERSIST:............${WITH_OBSERVE_PERSIST}")
@@ -723,6 +756,7 @@ target_sources(
${CMAKE_CURRENT_LIST_DIR}/src/coap_ws.c
# no need to parse those files if we do not need them
$<$<BOOL:${COAP_WITH_LIBOPENSSL}>:${CMAKE_CURRENT_LIST_DIR}/src/coap_openssl.c>
$<$<BOOL:${COAP_WITH_LIBWOLFSSL}>:${CMAKE_CURRENT_LIST_DIR}/src/coap_wolfssl.c>
$<$<BOOL:${COAP_WITH_LIBTINYDTLS}>:${CMAKE_CURRENT_LIST_DIR}/src/coap_tinydtls.c>
$<$<BOOL:${COAP_WITH_LIBGNUTLS}>:${CMAKE_CURRENT_LIST_DIR}/src/coap_gnutls.c>
$<$<BOOL:${COAP_WITH_LIBMBEDTLS}>:${CMAKE_CURRENT_LIST_DIR}/src/coap_mbedtls.c>
@@ -765,7 +799,8 @@ target_include_directories(
$<INSTALL_INTERFACE:include/>
$<$<AND:$<BOOL:${COAP_WITH_LIBTINYDTLS}>,$<BOOL:${USE_VENDORED_TINYDTLS}>>:${CMAKE_BINARY_DIR}/include/tinydtls>
$<$<BOOL:${COAP_WITH_LIBGNUTLS}>:${GNUTLS_INCLUDE_DIR}>
$<$<BOOL:${COAP_WITH_LIBMBEDTLS}>:${MBEDTLS_INCLUDE_DIRS}>)
$<$<BOOL:${COAP_WITH_LIBMBEDTLS}>:${MBEDTLS_INCLUDE_DIRS}>
$<$<BOOL:${COAP_WITH_LIBWOLFSSL}>:${WOLFSSL_INCLUDE_DIR}>)
target_link_libraries(
${COAP_LIBRARY_NAME}
PUBLIC $<$<BOOL:${COAP_WITH_LIBOPENSSL}>:OpenSSL::SSL>
@@ -775,6 +810,7 @@ target_link_libraries(
$<$<BOOL:${COAP_WITH_LIBMBEDTLS}>:${MBEDTLS_LIBRARY}>
$<$<BOOL:${COAP_WITH_LIBMBEDTLS}>:${MBEDX509_LIBRARY}>
$<$<BOOL:${COAP_WITH_LIBMBEDTLS}>:${MBEDCRYPTO_LIBRARY}>
$<$<BOOL:${COAP_WITH_LIBWOLFSSL}>:${WOLFSSL_LIBRARY}>
$<$<BOOL:${MINGW}>:ws2_32>)
target_compile_options(

7
LICENSE
View File

@@ -115,6 +115,13 @@ When compiled with Mbed TLS support, this software includes components
that are licensed under the terms of the Apache 2.0 license
(http://www.apache.org/licenses/LICENSE-2.0).
========================================================================
wolfSSL
When compiled with wolfSSL support, this software includes components
that are licensed under the terms of the GPLv2 license
(https://www.gnu.org/licenses/old-licenses/gpl-2.0.html).
========================================================================
SHA1

2
Makefile.am
View File

@@ -36,6 +36,7 @@ EXTRA_DIST = \
cmake/Config.cmake.in \
cmake/FindMbedTLS.cmake \
cmake/FindTinyDTLS.cmake \
cmake/FindwolfSSL.cmake \
coap_config.h.contiki \
coap_config.h.riot \
coap_config.h.windows \
@@ -219,6 +220,7 @@ libcoap_@LIBCOAP_NAME_SUFFIX@_la_SOURCES = \
src/coap_time.c \
src/coap_tinydtls.c \
src/coap_uri.c \
src/coap_wolfssl.c \
src/coap_ws.c
if COAP_OSCORE_SUPPORT

2
README.md
View File

@@ -73,6 +73,8 @@ There is (D)TLS support for the following libraries
* [Mbed TLS](https://www.trustedfirmware.org/projects/mbed-tls/) (Minimum version 2.7.10) [PKI and PSK]
* [wolfSSL](https://wolfssl.com) (Minimum version 5.2.0) [PKI, PSK and RPK(5.6.4+)]
* [TinyDTLS](https://github.com/eclipse/tinydtls) [PSK and RPK] [DTLS Only]
The examples directory contain a CoAP client, CoAP Resource Directory server

86
cmake/FindwolfSSL.cmake Normal file
View File

@@ -0,0 +1,86 @@
# FindWolfSSL.cmake
# -----------------
#
# Find the wolfSSL library.
#
# Imported Targets
# ^^^^^^^^^^^^^^^^
#
# This module defines the following :prop_tgt:`IMPORTED` targets:
#
# ``wolfssl``
# The wolfSSL library, if found.
#
# Result Variables
# ^^^^^^^^^^^^^^^^
#
# This module will set the following variables in your project:
#
# ``wolfSSL_FOUND``
# System has the wolfSSL library.
# ``WOLFSSL_INCLUDE_DIR``
# The wolfSSL include directory.
# ``WOLFSSL_LIBRARIES``
# All wolfSSL libraries.
#
# Hints
# ^^^^^
#
# Set ``WOLFSSL_ROOT_DIR`` to the root directory of a wolfSSL installation.
if(WOLFSSL_ROOT_DIR)
set(_WOLFSSL_EXTRA_FIND_ARGS "NO_CMAKE_FIND_ROOT_PATH")
endif()
find_path(
WOLFSSL_INCLUDE_DIR
NAMES wolfssl/ssl.h
PATH_SUFFIXES include
HINTS ${PROJECT_SOURCE_DIR}
${CMAKE_CURRENT_BINARY_DIR}
${WOLFSSL_ROOT_DIR}
${_WOLFSSL_EXTRA_FIND_ARGS})
find_library(
WOLFSSL_LIBRARIES
NAMES wolfssl
PATH_SUFFIXES lib
HINTS ${PROJECT_SOURCE_DIR}
${CMAKE_CURRENT_BINARY_DIR}
${WOLFSSL_ROOT_DIR}
${_WOLFSSL_EXTRA_FIND_ARGS})
if(WOLFSSL_LIBRARIES)
set(wolfSSL_FOUND TRUE)
else()
set(wolfSSL_FOUND FALSE)
if(wolfSSL_FIND_REQUIRED)
message(FATAL_ERROR "wolfSSL could not be found")
endif()
endif()
include(FindPackageHandleStandardArgs)
find_package_handle_standard_args(
wolfSSL
FOUND_VAR
wolfSSL_FOUND
REQUIRED_VARS
WOLFSSL_INCLUDE_DIR
WOLFSSL_LIBRARIES
VERSION_VAR)
if(NOT TARGET wolfssl)
add_library(
wolfssl
UNKNOWN
IMPORTED)
set_target_properties(
wolfssl
PROPERTIES INTERFACE_INCLUDE_DIRECTORIES "${WOLFSSL_INCLUDE_DIR}"
IMPORTED_LINK_INTERFACE_LANGUAGES "C"
IMPORTED_LOCATION "${WOLFSSL_LIBRARIES}")
endif()
message(STATUS "WOLFSSL_INCLUDE_DIR: ${WOLFSSL_INCLUDE_DIR}")
message(STATUS "WOLFSSL_LIBRARIES: ${WOLFSSL_LIBRARIES}")
message(STATUS "WOLFSSL_ROOT_DIR: ${WOLFSSL_ROOT_DIR}")

3
cmake_coap_config.h.in
View File

@@ -68,6 +68,9 @@
/* Define to 1 if the system has openssl */
#cmakedefine COAP_WITH_LIBOPENSSL @COAP_WITH_LIBOPENSSL@
/* Define to 1 if the system has wolfSSL */
#cmakedefine COAP_WITH_WOLFSSL @COAP_WITH_WOLFSSL@
/* Define to 1 if the system has libgnutls28 */
#cmakedefine COAP_WITH_LIBGNUTLS @COAP_WITH_LIBGNUTLS@

78
configure.ac
View File

@@ -366,6 +366,7 @@ AM_CONDITIONAL(BUILD_MANPAGES, [test "x$build_manpages" = "xyes"])
gnutls_version_required=3.3.0
openssl_version_required=1.1.0
mbedtls_version_required=2.7.10
wolfssl_version_required=5.2.0
tinydtls_version_required=0.8.6
AC_ARG_ENABLE([dtls],
@@ -386,6 +387,12 @@ AC_ARG_WITH([openssl],
[with_openssl="$withval"],
[with_openssl="no"])
AC_ARG_WITH([wolfssl],
[AS_HELP_STRING([--with-wolfssl],
[Use wolfSSL for DTLS functions])],
[with_wolfssl="$withval"],
[with_wolfssl="no"])
AC_ARG_WITH([mbedtls],
[AS_HELP_STRING([--with-mbedtls],
[Use Mbed TLS for DTLS functions])],
@@ -404,11 +411,11 @@ AC_ARG_WITH([submodule-tinydtls],
[with_submodule_tinydtls="$withval"],
[with_submodule_tinydtls="explicit_fallback"])
if test "x$with_gnutls" = "xyes" -o "x$with_openssl" = "xyes" -o "x$with_mbedtls" = "xyes" -o "x$with_tinydtls" = "xyes"; then
if test "x$with_gnutls" = "xyes" -o "x$with_openssl" = "xyes" -o "x$with_wolfssl" = "xyes" -o "x$with_mbedtls" = "xyes" -o "x$with_tinydtls" = "xyes"; then
if test "x$build_dtls" = "xno"; then
# Give an advice that '--with_gnutls', '--with_openssl', '--with-mbedtls' or '--with-tinydtls' was used but
# Give an advice that '--with_gnutls', '--with_openssl', '--with_wolfssl', '--with-mbedtls' or '--with-tinydtls' was used but
# DTLS support isn't configured.
AC_MSG_WARN([==> Using the configure options '--with-gnutls', '--with-openssl', '--with-mbedtls' or '--with-tinydtls' without '--enable-dtls' is useless and will be ignored.])
AC_MSG_WARN([==> Using the configure options '--with-gnutls', '--with-openssl', '--with_wolfssl', '--with-mbedtls' or '--with-tinydtls' without '--enable-dtls' is useless and will be ignored.])
fi
fi
if test "x$with_submodule_tinydtls" = "xyes"; then
@@ -428,6 +435,9 @@ if test "x$build_dtls" = "xyes"; then
if test "x$with_openssl" = "xyes"; then
TLSCOUNT=`expr $TLSCOUNT + 1`
fi
if test "x$with_wolfssl" = "xyes"; then
TLSCOUNT=`expr $TLSCOUNT + 1`
fi
if test "x$with_mbedtls" = "xyes"; then
TLSCOUNT=`expr $TLSCOUNT + 1`
fi
@@ -452,6 +462,12 @@ if test "x$build_dtls" = "xyes"; then
[have_openssl="yes"],
[have_openssl="no"])
# wolfSSL
PKG_CHECK_MODULES([wolfSSL],
[wolfssl],
[have_wolfssl="yes"],
[have_wolfssl="no"])
# Mbed TLS [does not have mbedtls.pc pkg-config file]
AC_CHECK_LIB(mbedtls, mbedtls_version_get_string,
[have_mbedtls="yes"; MbedTLS_CFLAGS="" ; MbedTLS_LIBS="-lmbedtls -lmbedcrypto -lmbedx509"],
@@ -511,6 +527,7 @@ if test "x$build_dtls" = "xyes"; then
gnutls_version=`$PKG_CONFIG --modversion gnutls`
AX_CHECK_GNUTLS_VERSION
have_openssl="no" # don't confuse AC_MSG_RESULT at the end of the script
have_wolfssl="no" # don't confuse AC_MSG_RESULT at the end of the script
have_mbedtls="no" # don't confuse AC_MSG_RESULT at the end of the script
have_tinydtls="no" # don't confuse AC_MSG_RESULT at the end of the script
fi
@@ -529,6 +546,26 @@ if test "x$build_dtls" = "xyes"; then
openssl_version=`$PKG_CONFIG --modversion openssl`
AX_CHECK_OPENSSL_VERSION
have_gnutls="no" # don't confuse AC_MSG_RESULT at the end of the script
have_wolfssl="no" # don't confuse AC_MSG_RESULT at the end of the script
have_mbedtls="no" # don't confuse AC_MSG_RESULT at the end of the script
have_tinydtls="no" # don't confuse AC_MSG_RESULT at the end of the script
fi
# The user wants to use explicit wolfSSL if '--with-wolfssl' was set.
if test "x$with_wolfssl" = "xyes"; then
# Some more sanity checking.
if test "x$have_wolfssl" != "xyes"; then
AC_MSG_ERROR([==> You want to build libcoap with DTLS support by the wolfSSL library but pkg-config file 'wolfssl.pc' could not be found!
Install the package(s) that contains the development files for wolfSSL,
or select a different TLS library or disable the DTLS support using '--disable-dtls'.])
fi
AC_MSG_NOTICE([The use of wolfSSL was explicitly requested with configure option '--with-wolfssl'!])
# check for valid wolfSSL version
wolfssl_version=`$PKG_CONFIG --modversion wolfssl`
AX_CHECK_WOLFSSL_VERSION
have_gnutls="no" # don't confuse AC_MSG_RESULT at the end of the script
have_openssl="no" # don't confuse AC_MSG_RESULT at the end of the script
have_mbedtls="no" # don't confuse AC_MSG_RESULT at the end of the script
have_tinydtls="no" # don't confuse AC_MSG_RESULT at the end of the script
fi
@@ -548,6 +585,7 @@ if test "x$build_dtls" = "xyes"; then
AX_CHECK_MBEDTLS_VERSION
have_gnutls="no" # don't confuse AC_MSG_RESULT at the end of the script
have_openssl="no" # don't confuse AC_MSG_RESULT at the end of the script
have_wolfssl="no" # don't confuse AC_MSG_RESULT at the end of the script
have_tinydtls="no" # don't confuse AC_MSG_RESULT at the end of the script
fi
@@ -599,6 +637,7 @@ if test "x$build_dtls" = "xyes"; then
have_gnutls="no" # don't confuse AC_MSG_RESULT at the end of the script
have_openssl="no" # don't confuse AC_MSG_RESULT at the end of the script
have_wolfssl="no" # don't confuse AC_MSG_RESULT at the end of the script
have_mbedtls="no" # don't confuse AC_MSG_RESULT at the end of the script
fi
@@ -611,6 +650,7 @@ if test "x$build_dtls" = "xyes"; then
AC_MSG_NOTICE([Using auto selected library GnuTLS for DTLS support!])
with_gnutls_auto="yes"
have_openssl="no" # don't confuse AC_MSG_RESULT at the end of the script
have_wolfssl="no" # don't confuse AC_MSG_RESULT at the end of the script
have_mbedtls="no" # don't confuse AC_MSG_RESULT at the end of the script
have_tinydtls="no" # don't confuse AC_MSG_RESULT at the end of the script
@@ -620,10 +660,22 @@ if test "x$build_dtls" = "xyes"; then
AX_CHECK_OPENSSL_VERSION
AC_MSG_NOTICE([Using auto selected library OpenSSL for DTLS support!])
with_openssl_auto="yes"
have_wolfssl="no" # don't confuse AC_MSG_RESULT at the end of the script
have_gnutls="no" # don't confuse AC_MSG_RESULT at the end of the script
have_mbedtls="no" # don't confuse AC_MSG_RESULT at the end of the script
have_tinydtls="no" # don't confuse AC_MSG_RESULT at the end of the script
# ... and if not found, check if wolfSSL is suitable.
elif test "x$have_wolfssl" = "xyes"; then
wolfssl_version=`$PKG_CONFIG --modversion wolfssl`
AX_CHECK_WOLFSSL_VERSION
AC_MSG_NOTICE([Using auto selected library wolfSSL for DTLS support!])
with_wolfssl_auto="yes"
have_gnutls="no" # don't confuse AC_MSG_RESULT at the end of the script
have_openssl="no" # don't confuse AC_MSG_RESULT at the end of the script
have_mbedtls="no" # don't confuse AC_MSG_RESULT at the end of the script
have_tinydtls="no" # don't confuse AC_MSG_RESULT at the end of the script
# ... and if not found check Mbed TLS is suitable.
elif test "x$have_mbedtls" = "xyes"; then
# Mbed TLS [does not have mbedtls.pc pkg-config file]
@@ -632,6 +684,7 @@ if test "x$build_dtls" = "xyes"; then
AC_MSG_NOTICE([Using auto selected library Mbed TLS for DTLS support!])
with_mbedtls_auto="yes"
have_gnutls="no" # don't confuse AC_MSG_RESULT at the end of the script
have_wolfssl="no" # don't confuse AC_MSG_RESULT at the end of the script
have_openssl="no" # don't confuse AC_MSG_RESULT at the end of the script
have_tinydtls="no" # don't confuse AC_MSG_RESULT at the end of the script
@@ -643,13 +696,13 @@ if test "x$build_dtls" = "xyes"; then
have_gnutls="no" # don't confuse AC_MSG_RESULT at the end of the script
have_mbedtls="no" # don't confuse AC_MSG_RESULT at the end of the script
have_openssl="no" # don't confuse AC_MSG_RESULT at the end of the script
have_wolfssl="no" # don't confuse AC_MSG_RESULT at the end of the script
# Note that the TinyDTLS submodule is used only when explicitly requested.
# Giving out an error message if we haven't found at least one crypto library.
else
AC_MSG_ERROR([==> Option '--enable-dtls' is set but none of the needed cryptography libraries GnuTLS, OpenSSL, Mbed TLS or TinyDTLS could be found!
Install at least one of the package(s) that contains the development files for GnuTLS (>= $gnutls_version_required), OpenSSL(>= $openssl_version_required), Mbed TLS(>= $mbedtls_version_required), or TinyDTLS(>= $tinydtls_version_required)
AC_MSG_ERROR([==> Option '--enable-dtls' is set but none of the needed cryptography libraries GnuTLS, OpenSSL, wolfSSL, Mbed TLS or TinyDTLS could be found!
Install at least one of the package(s) that contains the development files for GnuTLS (>= $gnutls_version_required), OpenSSL(>= $openssl_version_required), wolfSSL(>= $wolfssl_version_required), Mbed TLS(>= $mbedtls_version_required), or TinyDTLS(>= $tinydtls_version_required)
or disable the DTLS support using '--disable-dtls'.])
fi
fi
@@ -665,6 +718,11 @@ if test "x$build_dtls" = "xyes"; then
DTLS_LIBS="$OpenSSL_LIBS"
AC_DEFINE(COAP_WITH_LIBOPENSSL, [1], [Define to 1 if the system has libssl1.1.])
fi
if test "x$with_wolfssl" = "xyes" -o "x$with_wolfssl_auto" = "xyes"; then
DTLS_CFLAGS="$wolfSSL_CFLAGS"
DTLS_LIBS="$wolfSSL_LIBS"
AC_DEFINE(COAP_WITH_LIBWOLFSSL, [1], [Define to 1 if the system has libwolfssl.])
fi
if test "x$with_mbedtls" = "xyes" -o "x$with_mbedtls_auto" = "xyes"; then
DTLS_CFLAGS="$MbedTLS_CFLAGS"
DTLS_LIBS="$MbedTLS_LIBS"
@@ -682,6 +740,8 @@ fi
# Define the Library name extension for the TLS the library was linked against
if test "x$with_openssl" = "xyes" -o "x$with_openssl_auto" = "xyes"; then
LIBCOAP_DTLS_LIB_EXTENSION_NAME=-openssl
elif test "x$with_wolfssl" = "xyes" -o "x$with_wolfssl_auto" = "xyes"; then
LIBCOAP_DTLS_LIB_EXTENSION_NAME=-wolfssl
elif test "x$with_gnutls" = "xyes" -o "x$with_gnutls_auto" = "xyes"; then
LIBCOAP_DTLS_LIB_EXTENSION_NAME=-gnutls
elif test "x$with_mbedtls" = "xyes" -o "x$with_mbedtls_auto" = "xyes"; then
@@ -1262,6 +1322,12 @@ if test "x$with_openssl" = "xyes" -o "x$with_openssl_auto" = "xyes"; then
AC_MSG_RESULT([ OPENSSL_CFLAGS : "$OpenSSL_CFLAGS"])
AC_MSG_RESULT([ OPENSSL_LIBS : "$OpenSSL_LIBS"])
fi
if test "x$with_wolfssl" = "xyes" -o "x$with_wolfssl_auto" = "xyes"; then
AC_MSG_RESULT([ build DTLS support : "yes"])
AC_MSG_RESULT([ --> wolfSSL around : "yes" (found wolfSSL $wolfssl_version)])
AC_MSG_RESULT([ wolfSSL_CFLAGS : "$wolfSSL_CFLAGS"])
AC_MSG_RESULT([ wolfSSL_LIBS : "$wolfSSL_LIBS"])
fi
if test "x$with_mbedtls" = "xyes" -o "x$with_mbedtls_auto" = "xyes"; then
AC_MSG_RESULT([ build DTLS support : "yes"])
AC_MSG_RESULT([ --> Mbed TLS around : "yes" (found Mbed TLS $mbedtls_version)])

2
doc/main.md
View File

@@ -56,6 +56,8 @@ There is (D)TLS support for the following libraries
* [Mbed TLS](https://www.trustedfirmware.org/projects/mbed-tls/) (Minimum version 2.7.10) [PKI and PSK]
* [wolfSSL](https://wolfssl.com) (Minimum version 5.2.0) [PKI, PSK and RPK(5.6.4+)]
* [TinyDTLS](https://github.com/eclipse/tinydtls) [PSK and RPK] [DTLS Only]
Documentation

3
examples/share.libcoap.examples.Makefile
View File

@@ -6,7 +6,8 @@
# COPYING for terms of use.
# Set external variable LIBCOAP if you need a specific libcoap library.
# E.g. libcoap-3-openssl, libcoap-3-gnutls, libcoap-3-mbedtls or libcoap-3-notls
# E.g. libcoap-3-openssl, libcoap-3-gnutls, libcoap-3-mbedtls, libcoap-3-wolfssl
# or libcoap-3-notls
#
LIBCOAP?=libcoap-3

13
include/coap3/coap_asn1_internal.h
View File

@@ -86,6 +86,19 @@ coap_asn1_tag_t asn1_tag_c(const uint8_t **ptr, int *constructed, int *cls);
coap_binary_t *get_asn1_tag(coap_asn1_tag_t ltag, const uint8_t *ptr,
size_t tlen, asn1_validate validate);
/**
* Abstract SPKI public key from the ASN1.
*
* Internal function.
*
* @param data Pointer to ASN1 object containing EC Private Key
* @param size Length of ASN1 object
*
* @return The publick key (to be freed off by caller)
* or @c NULL if not found
*/
coap_binary_t *get_asn1_spki(const uint8_t *data, size_t size);
/** @} */
#endif /* COAP_ASN1_INTERNAL_H_ */

1
include/coap3/coap_dtls.h
View File

@@ -96,6 +96,7 @@ typedef enum coap_tls_library_t {
COAP_TLS_LIBRARY_OPENSSL, /**< Using OpenSSL library */
COAP_TLS_LIBRARY_GNUTLS, /**< Using GnuTLS library */
COAP_TLS_LIBRARY_MBEDTLS, /**< Using Mbed TLS library */
COAP_TLS_LIBRARY_WOLFSSL, /**< Using wolfSSL library */
} coap_tls_library_t;
/**

14
m4/ac_check_cryptolibs.m4
View File

@@ -69,6 +69,20 @@ AC_DEFUN([AX_CHECK_MBEDTLS_VERSION],
fi
]) dnl AX_CHECK_MBEDTLS_VERSION
AC_DEFUN([AX_CHECK_WOLFSSL_VERSION],
[AC_MSG_CHECKING([for compatible wolfSSL version (>= $wolfssl_version_required)])
AS_VERSION_COMPARE([$wolfssl_version], [$wolfssl_version_required],
[AC_MSG_RESULT([no])
WOLFSSLV=""],
[AC_MSG_RESULT([yes $wolfssl_version])
WOLFSSLV="$wolfssl_version"],
[AC_MSG_RESULT([yes $wolfssl_version])
WOLFSSLV="$wolfssl_version"])
if test "x$WOLFSSLV" = "x"; then
AC_MSG_ERROR([==> wolfSSL $wolfssl_version too old. wolfSSL >= $wolfssl_version_required required for suitable DTLS support build.])
fi
]) dnl AX_CHECK_WOLFSSL_VERSION
AC_DEFUN([AX_CHECK_TINYDTLS_VERSION],
[AC_MSG_CHECKING([for compatible TinyDTLS version (>= $tinydtls_version_required)])
AS_VERSION_COMPARE([$tinydtls_version], [$tinydtls_version_required],

1
man/coap_address.txt.in
View File

@@ -73,6 +73,7 @@ const uint8_t *_host_, size_t _host_len_);*
For specific (D)TLS library support, link with
*-lcoap-@LIBCOAP_API_VERSION@-notls*, *-lcoap-@LIBCOAP_API_VERSION@-gnutls*,
*-lcoap-@LIBCOAP_API_VERSION@-openssl*, *-lcoap-@LIBCOAP_API_VERSION@-mbedtls*
*-lcoap-@LIBCOAP_API_VERSION@-wolfssl*,
or *-lcoap-@LIBCOAP_API_VERSION@-tinydtls*. Otherwise, link with
*-lcoap-@LIBCOAP_API_VERSION@* to get the default (D)TLS library support.

1
man/coap_async.txt.in
View File

@@ -46,6 +46,7 @@ coap_bin_const_t _token_);*
For specific (D)TLS library support, link with
*-lcoap-@LIBCOAP_API_VERSION@-notls*, *-lcoap-@LIBCOAP_API_VERSION@-gnutls*,
*-lcoap-@LIBCOAP_API_VERSION@-openssl*, *-lcoap-@LIBCOAP_API_VERSION@-mbedtls*
*-lcoap-@LIBCOAP_API_VERSION@-wolfssl*,
or *-lcoap-@LIBCOAP_API_VERSION@-tinydtls*. Otherwise, link with
*-lcoap-@LIBCOAP_API_VERSION@* to get the default (D)TLS library support.

1
man/coap_attribute.txt.in
View File

@@ -31,6 +31,7 @@ coap_str_const_t *_name_);*
For specific (D)TLS library support, link with
*-lcoap-@LIBCOAP_API_VERSION@-notls*, *-lcoap-@LIBCOAP_API_VERSION@-gnutls*,
*-lcoap-@LIBCOAP_API_VERSION@-openssl*, *-lcoap-@LIBCOAP_API_VERSION@-mbedtls*
*-lcoap-@LIBCOAP_API_VERSION@-wolfssl*,
or *-lcoap-@LIBCOAP_API_VERSION@-tinydtls*. Otherwise, link with
*-lcoap-@LIBCOAP_API_VERSION@* to get the default (D)TLS library support.

1
man/coap_block.txt.in
View File

@@ -51,6 +51,7 @@ size_t _length_, const uint8_t *_data_, size_t _offset_, size_t _total_);*
For specific (D)TLS library support, link with
*-lcoap-@LIBCOAP_API_VERSION@-notls*, *-lcoap-@LIBCOAP_API_VERSION@-gnutls*,
*-lcoap-@LIBCOAP_API_VERSION@-openssl*, *-lcoap-@LIBCOAP_API_VERSION@-mbedtls*
*-lcoap-@LIBCOAP_API_VERSION@-wolfssl*,
or *-lcoap-@LIBCOAP_API_VERSION@-tinydtls*. Otherwise, link with
*-lcoap-@LIBCOAP_API_VERSION@* to get the default (D)TLS library support.

1
man/coap_cache.txt.in
View File

@@ -64,6 +64,7 @@ coap_cache_app_data_free_callback_t _callback_);*
For specific (D)TLS library support, link with
*-lcoap-@LIBCOAP_API_VERSION@-notls*, *-lcoap-@LIBCOAP_API_VERSION@-gnutls*,
*-lcoap-@LIBCOAP_API_VERSION@-openssl*, *-lcoap-@LIBCOAP_API_VERSION@-mbedtls*
*-lcoap-@LIBCOAP_API_VERSION@-wolfssl*,
or *-lcoap-@LIBCOAP_API_VERSION@-tinydtls*. Otherwise, link with
*-lcoap-@LIBCOAP_API_VERSION@* to get the default (D)TLS library support.

1
man/coap_context.txt.in
View File

@@ -61,6 +61,7 @@ size_t _max_token_size_);*
For specific (D)TLS library support, link with
*-lcoap-@LIBCOAP_API_VERSION@-notls*, *-lcoap-@LIBCOAP_API_VERSION@-gnutls*,
*-lcoap-@LIBCOAP_API_VERSION@-openssl*, *-lcoap-@LIBCOAP_API_VERSION@-mbedtls*
*-lcoap-@LIBCOAP_API_VERSION@-wolfssl*,
or *-lcoap-@LIBCOAP_API_VERSION@-tinydtls*. Otherwise, link with
*-lcoap-@LIBCOAP_API_VERSION@* to get the default (D)TLS library support.

1
man/coap_deprecated.txt.in
View File

@@ -74,6 +74,7 @@ unsigned int _max_sockets_, unsigned int *_num_sockets_, coap_tick_t _now_);*
For specific (D)TLS library support, link with
*-lcoap-@LIBCOAP_API_VERSION@-notls*, *-lcoap-@LIBCOAP_API_VERSION@-gnutls*,
*-lcoap-@LIBCOAP_API_VERSION@-openssl*, *-lcoap-@LIBCOAP_API_VERSION@-mbedtls*
*-lcoap-@LIBCOAP_API_VERSION@-wolfssl*,
or *-lcoap-@LIBCOAP_API_VERSION@-tinydtls*. Otherwise, link with
*-lcoap-@LIBCOAP_API_VERSION@* to get the default (D)TLS library support.

11
man/coap_encryption.txt.in
View File

@@ -29,6 +29,7 @@ SYNOPSIS
For specific (D)TLS library support, link with
*-lcoap-@LIBCOAP_API_VERSION@-notls*, *-lcoap-@LIBCOAP_API_VERSION@-gnutls*,
*-lcoap-@LIBCOAP_API_VERSION@-openssl*, *-lcoap-@LIBCOAP_API_VERSION@-mbedtls*
*-lcoap-@LIBCOAP_API_VERSION@-wolfssl*,
or *-lcoap-@LIBCOAP_API_VERSION@-tinydtls*. Otherwise, link with
*-lcoap-@LIBCOAP_API_VERSION@* to get the default (D)TLS library support.
@@ -40,6 +41,7 @@ When the libcoap library was built, it will have been compiled using a
specific underlying TLS implementation type (e.g. https://www.openssl.org[OpenSSL],
https://www.gnutls.org[GnuTLS],
https://www.trustedfirmware.org/projects/mbed-tls/[Mbed TLS],
https://wolfssl.com[wolfSSL],
https://github.com/eclipse/tinydtls[TinyDTLS] or noTLS).
When the libcoap library is linked into an application, it is possible
that the application needs to dynamically determine whether DTLS or TLS is
@@ -55,11 +57,20 @@ version is 1.1.0.
*NOTE:* If Mbed TLS is being used, then the minimum Mbed TLS library version is
2.7.10.
*NOTE:* If wolfSSL is being used, then the minimum wolfSSL library version is
5.2.0.
*NOTE:* If GnuTLS is going to interoperate with TinyDTLS, then a minimum
revision of GnuTLS 3.5.5 which supports CCM algorithms is required
by TinyDTLS as TinyDTLS currently only supports CCM.
*NOTE:* If wolfSSL is going to interoperate with TinyDTLS, then the library
needs to be build with
'./configure CFLAGS="-DBUILD_TLS_PSK_WITH_AES_128_CCM"'
as TinyDTLS currently only supports CCM.
*NOTE:* For Raw Public Key support, GnuTLS library version must be 3.6.6 or
later. For Raw Public Key support, wolfSSL library version must be 5.6.4 or
later. TinyDTLS only supports TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, curve
secp256r1 and hash SHA-256. There currently is no OpenSSL or Mbed TLS RPK support
(respective library limitations).

1
man/coap_endpoint_client.txt.in
View File

@@ -41,6 +41,7 @@ _proto_, coap_dtls_pki_t *_setup_data_);*
For specific (D)TLS library support, link with
*-lcoap-@LIBCOAP_API_VERSION@-notls*, *-lcoap-@LIBCOAP_API_VERSION@-gnutls*,
*-lcoap-@LIBCOAP_API_VERSION@-openssl*, *-lcoap-@LIBCOAP_API_VERSION@-mbedtls*
*-lcoap-@LIBCOAP_API_VERSION@-wolfssl*,
or *-lcoap-@LIBCOAP_API_VERSION@-tinydtls*. Otherwise, link with
*-lcoap-@LIBCOAP_API_VERSION@* to get the default (D)TLS library support.

1
man/coap_endpoint_server.txt.in
View File

@@ -50,6 +50,7 @@ const char *_groupname_, const char *_ifname_);*
For specific (D)TLS library support, link with
*-lcoap-@LIBCOAP_API_VERSION@-notls*, *-lcoap-@LIBCOAP_API_VERSION@-gnutls*,
*-lcoap-@LIBCOAP_API_VERSION@-openssl*, *-lcoap-@LIBCOAP_API_VERSION@-mbedtls*
*-lcoap-@LIBCOAP_API_VERSION@-wolfssl*,
or *-lcoap-@LIBCOAP_API_VERSION@-tinydtls*. Otherwise, link with
*-lcoap-@LIBCOAP_API_VERSION@* to get the default (D)TLS library support.

1
man/coap_handler.txt.in
View File

@@ -44,6 +44,7 @@ coap_event_handler_t _handler_)*;
For specific (D)TLS library support, link with
*-lcoap-@LIBCOAP_API_VERSION@-notls*, *-lcoap-@LIBCOAP_API_VERSION@-gnutls*,
*-lcoap-@LIBCOAP_API_VERSION@-openssl*, *-lcoap-@LIBCOAP_API_VERSION@-mbedtls*
*-lcoap-@LIBCOAP_API_VERSION@-wolfssl*,
or *-lcoap-@LIBCOAP_API_VERSION@-tinydtls*. Otherwise, link with
*-lcoap-@LIBCOAP_API_VERSION@* to get the default (D)TLS library support.

1
man/coap_init.txt.in
View File

@@ -26,6 +26,7 @@ SYNOPSIS
For specific (D)TLS library support, link with
*-lcoap-@LIBCOAP_API_VERSION@-notls*, *-lcoap-@LIBCOAP_API_VERSION@-gnutls*,
*-lcoap-@LIBCOAP_API_VERSION@-openssl*, *-lcoap-@LIBCOAP_API_VERSION@-mbedtls*
*-lcoap-@LIBCOAP_API_VERSION@-wolfssl*,
or *-lcoap-@LIBCOAP_API_VERSION@-tinydtls*. Otherwise, link with
*-lcoap-@LIBCOAP_API_VERSION@* to get the default (D)TLS library support.

1
man/coap_io.txt.in
View File

@@ -53,6 +53,7 @@ size_t _nevents_)*;
For specific (D)TLS library support, link with
*-lcoap-@LIBCOAP_API_VERSION@-notls*, *-lcoap-@LIBCOAP_API_VERSION@-gnutls*,
*-lcoap-@LIBCOAP_API_VERSION@-openssl*, *-lcoap-@LIBCOAP_API_VERSION@-mbedtls*
*-lcoap-@LIBCOAP_API_VERSION@-wolfssl*,
or *-lcoap-@LIBCOAP_API_VERSION@-tinydtls*. Otherwise, link with
*-lcoap-@LIBCOAP_API_VERSION@* to get the default (D)TLS library support.

1
man/coap_keepalive.txt.in
View File

@@ -24,6 +24,7 @@ unsigned int _seconds_);*
For specific (D)TLS library support, link with
*-lcoap-@LIBCOAP_API_VERSION@-notls*, *-lcoap-@LIBCOAP_API_VERSION@-gnutls*,
*-lcoap-@LIBCOAP_API_VERSION@-openssl*, *-lcoap-@LIBCOAP_API_VERSION@-mbedtls*
*-lcoap-@LIBCOAP_API_VERSION@-wolfssl*,
or *-lcoap-@LIBCOAP_API_VERSION@-tinydtls*. Otherwise, link with
*-lcoap-@LIBCOAP_API_VERSION@* to get the default (D)TLS library support.

1
man/coap_locking.txt.in
View File

@@ -48,6 +48,7 @@ coap_code_t _failed_statement_);*
For specific (D)TLS library support, link with
*-lcoap-@LIBCOAP_API_VERSION@-notls*, *-lcoap-@LIBCOAP_API_VERSION@-gnutls*,
*-lcoap-@LIBCOAP_API_VERSION@-openssl*, *-lcoap-@LIBCOAP_API_VERSION@-mbedtls*
*-lcoap-@LIBCOAP_API_VERSION@-wolfssl*,
or *-lcoap-@LIBCOAP_API_VERSION@-tinydtls*. Otherwise, link with
*-lcoap-@LIBCOAP_API_VERSION@* to get the default (D)TLS library support.

1
man/coap_logging.txt.in
View File

@@ -100,6 +100,7 @@ char *_buffer_, size_t _length_);*
For specific (D)TLS library support, link with
*-lcoap-@LIBCOAP_API_VERSION@-notls*, *-lcoap-@LIBCOAP_API_VERSION@-gnutls*,
*-lcoap-@LIBCOAP_API_VERSION@-openssl*, *-lcoap-@LIBCOAP_API_VERSION@-mbedtls*
*-lcoap-@LIBCOAP_API_VERSION@-wolfssl*,
or *-lcoap-@LIBCOAP_API_VERSION@-tinydtls*. Otherwise, link with
*-lcoap-@LIBCOAP_API_VERSION@* to get the default (D)TLS library support.

1
man/coap_observe.txt.in
View File

@@ -35,6 +35,7 @@ coap_pdu_type_t _message_type_);*
For specific (D)TLS library support, link with
*-lcoap-@LIBCOAP_API_VERSION@-notls*, *-lcoap-@LIBCOAP_API_VERSION@-gnutls*,
*-lcoap-@LIBCOAP_API_VERSION@-openssl*, *-lcoap-@LIBCOAP_API_VERSION@-mbedtls*
*-lcoap-@LIBCOAP_API_VERSION@-wolfssl*,
or *-lcoap-@LIBCOAP_API_VERSION@-tinydtls*. Otherwise, link with
*-lcoap-@LIBCOAP_API_VERSION@* to get the default (D)TLS library support.

1
man/coap_oscore.txt.in
View File

@@ -60,6 +60,7 @@ coap_oscore_conf_t *_oscore_conf_);*
For specific (D)TLS library support, link with
*-lcoap-@LIBCOAP_API_VERSION@-notls*, *-lcoap-@LIBCOAP_API_VERSION@-gnutls*,
*-lcoap-@LIBCOAP_API_VERSION@-openssl*, *-lcoap-@LIBCOAP_API_VERSION@-mbedtls*
*-lcoap-@LIBCOAP_API_VERSION@-wolfssl*,
or *-lcoap-@LIBCOAP_API_VERSION@-tinydtls*. Otherwise, link with
*-lcoap-@LIBCOAP_API_VERSION@* to get the default (D)TLS library support.

1
man/coap_pdu_access.txt.in
View File

@@ -77,6 +77,7 @@ coap_opt_iterator_t *_oi_, const coap_opt_filter_t *_filter_);*
For specific (D)TLS library support, link with
*-lcoap-@LIBCOAP_API_VERSION@-notls*, *-lcoap-@LIBCOAP_API_VERSION@-gnutls*,
*-lcoap-@LIBCOAP_API_VERSION@-openssl*, *-lcoap-@LIBCOAP_API_VERSION@-mbedtls*
*-lcoap-@LIBCOAP_API_VERSION@-wolfssl*,
or *-lcoap-@LIBCOAP_API_VERSION@-tinydtls*. Otherwise, link with
*-lcoap-@LIBCOAP_API_VERSION@* to get the default (D)TLS library support.

1
man/coap_pdu_setup.txt.in
View File

@@ -97,6 +97,7 @@ uint8_t *_buffer_, size_t *_buflen_);*
For specific (D)TLS library support, link with
*-lcoap-@LIBCOAP_API_VERSION@-notls*, *-lcoap-@LIBCOAP_API_VERSION@-gnutls*,
*-lcoap-@LIBCOAP_API_VERSION@-openssl*, *-lcoap-@LIBCOAP_API_VERSION@-mbedtls*
*-lcoap-@LIBCOAP_API_VERSION@-wolfssl*,
or *-lcoap-@LIBCOAP_API_VERSION@-tinydtls*. Otherwise, link with
*-lcoap-@LIBCOAP_API_VERSION@* to get the default (D)TLS library support.

1
man/coap_persist.txt.in
View File

@@ -46,6 +46,7 @@ uint32_t _start_observe_no_);*
For specific (D)TLS library support, link with
*-lcoap-@LIBCOAP_API_VERSION@-notls*, *-lcoap-@LIBCOAP_API_VERSION@-gnutls*,
*-lcoap-@LIBCOAP_API_VERSION@-openssl*, *-lcoap-@LIBCOAP_API_VERSION@-mbedtls*
*-lcoap-@LIBCOAP_API_VERSION@-wolfssl*,
or *-lcoap-@LIBCOAP_API_VERSION@-tinydtls*. Otherwise, link with
*-lcoap-@LIBCOAP_API_VERSION@* to get the default (D)TLS library support.

1
man/coap_recovery.txt.in
View File

@@ -97,6 +97,7 @@ uint32_t _value_)*;
For specific (D)TLS library support, link with
*-lcoap-@LIBCOAP_API_VERSION@-notls*, *-lcoap-@LIBCOAP_API_VERSION@-gnutls*,
*-lcoap-@LIBCOAP_API_VERSION@-openssl*, *-lcoap-@LIBCOAP_API_VERSION@-mbedtls*
*-lcoap-@LIBCOAP_API_VERSION@-wolfssl*,
or *-lcoap-@LIBCOAP_API_VERSION@-tinydtls*. Otherwise, link with
*-lcoap-@LIBCOAP_API_VERSION@* to get the default (D)TLS library support.

1
man/coap_resource.txt.in
View File

@@ -65,6 +65,7 @@ coap_resource_release_userdata_handler_t _callback_);*
For specific (D)TLS library support, link with
*-lcoap-@LIBCOAP_API_VERSION@-notls*, *-lcoap-@LIBCOAP_API_VERSION@-gnutls*,
*-lcoap-@LIBCOAP_API_VERSION@-openssl*, *-lcoap-@LIBCOAP_API_VERSION@-mbedtls*
*-lcoap-@LIBCOAP_API_VERSION@-wolfssl*,
or *-lcoap-@LIBCOAP_API_VERSION@-tinydtls*. Otherwise, link with
*-lcoap-@LIBCOAP_API_VERSION@* to get the default (D)TLS library support.

2
man/coap_session.txt.in
View File

@@ -77,6 +77,7 @@ const coap_session_t *_session_);*
For specific (D)TLS library support, link with
*-lcoap-@LIBCOAP_API_VERSION@-notls*, *-lcoap-@LIBCOAP_API_VERSION@-gnutls*,
*-lcoap-@LIBCOAP_API_VERSION@-openssl*, *-lcoap-@LIBCOAP_API_VERSION@-mbedtls*
*-lcoap-@LIBCOAP_API_VERSION@-wolfssl*,
or *-lcoap-@LIBCOAP_API_VERSION@-tinydtls*. Otherwise, link with
*-lcoap-@LIBCOAP_API_VERSION@* to get the default (D)TLS library support.
@@ -199,6 +200,7 @@ of the _session_.
OpenSSL: SSL*
GnuTLS: gnutls_session_t (implicit *)
Mbed TLS: mbedtls_ssl_context*
wolfSSL: WOLFSSL*
TinyDTLS: struct dtls_context*
----

1
man/coap_string.txt.in
View File

@@ -56,6 +56,7 @@ SYNOPSIS
For specific (D)TLS library support, link with
*-lcoap-@LIBCOAP_API_VERSION@-notls*, *-lcoap-@LIBCOAP_API_VERSION@-gnutls*,
*-lcoap-@LIBCOAP_API_VERSION@-openssl*, *-lcoap-@LIBCOAP_API_VERSION@-mbedtls*
*-lcoap-@LIBCOAP_API_VERSION@-wolfssl*,
or *-lcoap-@LIBCOAP_API_VERSION@-tinydtls*. Otherwise, link with
*-lcoap-@LIBCOAP_API_VERSION@* to get the default (D)TLS library support.

3
man/coap_tls_library.txt.in
View File

@@ -53,6 +53,7 @@ SYNOPSIS
For specific (D)TLS library support, link with
*-lcoap-@LIBCOAP_API_VERSION@-notls*, *-lcoap-@LIBCOAP_API_VERSION@-gnutls*,
*-lcoap-@LIBCOAP_API_VERSION@-openssl*, *-lcoap-@LIBCOAP_API_VERSION@-mbedtls*
*-lcoap-@LIBCOAP_API_VERSION@-wolfssl*,
or *-lcoap-@LIBCOAP_API_VERSION@-tinydtls*. Otherwise, link with
*-lcoap-@LIBCOAP_API_VERSION@* to get the default (D)TLS library support.
@@ -62,6 +63,7 @@ When the libcoap library was built, it will have been compiled using a
specific TLS implementation type (e.g. https://www.openssl.org[OpenSSL],
https://www.gnutls.org[GnuTLS],
https://www.trustedfirmware.org/projects/mbed-tls/[Mbed TLS],
https://wolfssl.com[wolfSSL],
https://github.com/eclipse/tinydtls[TinyDTLS] or noTLS).
When the libcoap library is linked into an application, it is possible that
the application needs to dynamically determine whether DTLS or TLS is
@@ -139,6 +141,7 @@ typedef enum coap_tls_library_t {
COAP_TLS_LIBRARY_OPENSSL, /* Using OpenSSL library */
COAP_TLS_LIBRARY_GNUTLS, /* Using GnuTLS library */
COAP_TLS_LIBRARY_MBEDTLS, /* Using Mbed TLS library */
COAP_TLS_LIBRARY_WOLFSSL, /* Using wolfSSL library */
} coap_tls_library_t;
typedef struct coap_tls_version_t {

1
man/coap_uri.txt.in
View File

@@ -42,6 +42,7 @@ int _create_port_host_opt_, uint8_t *_buf_, size_t _buflen_);*
For specific (D)TLS library support, link with
*-lcoap-@LIBCOAP_API_VERSION@-notls*, *-lcoap-@LIBCOAP_API_VERSION@-gnutls*,
*-lcoap-@LIBCOAP_API_VERSION@-openssl*, *-lcoap-@LIBCOAP_API_VERSION@-mbedtls*
*-lcoap-@LIBCOAP_API_VERSION@-wolfssl*,
or *-lcoap-@LIBCOAP_API_VERSION@-tinydtls*. Otherwise, link with
*-lcoap-@LIBCOAP_API_VERSION@* to get the default (D)TLS library support.

2
scripts/build.sh
View File

@@ -17,6 +17,8 @@ case "x${TLS}" in
;;
xmbedtls) WITH_TLS="--with-mbedtls"
;;
xwolfssl) WITH_TLS="--with-wolfssl"
;;
xtinydtls) WITH_TLS="--with-tinydtls"
# Need this as libtinydtls.so has not been installed
# as a part of the travis build

2
scripts/dist.sh
View File

@@ -35,6 +35,8 @@ case "x${TLS}" in
;;
xmbedtls) WITH_TLS="--with-mbedtls"
;;
xwolfssl) WITH_TLS="--with-wolfssl"
;;
xtinydtls) WITH_TLS="--with-tinydtls --disable-shared"
;;
*) WITH_TLS="--with-gnutls"

48
src/coap_asn1.c
View File

@@ -100,3 +100,51 @@ get_asn1_tag(coap_asn1_tag_t ltag, const uint8_t *ptr, size_t tlen,
}
return NULL;
}
/* first part of Raw public key, this is the start of the Subject Public Key */
static const unsigned char cert_asn1_header1[] = {
0x30, 0x59, /* SEQUENCE, length 89 bytes */
0x30, 0x13, /* SEQUENCE, length 19 bytes */
0x06, 0x07, /* OBJECT IDENTIFIER ecPublicKey (1 2 840 10045 2 1) */
0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01,
};
/* PrimeX will get inserted */
#if 0
0x06, 0x08, /* OBJECT IDENTIFIER prime256v1 (1 2 840 10045 3 1 7) */
0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x07,
#endif
static const unsigned char cert_asn1_header2[] = {
0x03, 0x42, /* BIT STRING, length 66 bytes */
/* Note: 0 bits (0x00) and no compression (0x04) are already in the certificate */
};
coap_binary_t *
get_asn1_spki(const uint8_t *data, size_t size) {
coap_binary_t *pub_key = get_asn1_tag(COAP_ASN1_BITSTRING, data, size, NULL);
coap_binary_t *prime = get_asn1_tag(COAP_ASN1_IDENTIFIER, data, size, NULL);
coap_binary_t *spki = NULL;
if (pub_key && prime) {
size_t header_size = sizeof(cert_asn1_header1) +
2 +
prime->length +
sizeof(cert_asn1_header2);
spki = coap_new_binary(header_size + pub_key->length);
if (spki) {
memcpy(&spki->s[header_size], pub_key->s, pub_key->length);
memcpy(spki->s, cert_asn1_header1, sizeof(cert_asn1_header1));
spki->s[sizeof(cert_asn1_header1)] = COAP_ASN1_IDENTIFIER;
spki->s[sizeof(cert_asn1_header1)+1] = (uint8_t)prime->length;
memcpy(&spki->s[sizeof(cert_asn1_header1)+2],
prime->s, prime->length);
memcpy(&spki->s[sizeof(cert_asn1_header1)+2+prime->length],
cert_asn1_header2, sizeof(cert_asn1_header2));
spki->length = header_size + pub_key->length;
}
}
if (pub_key)
coap_delete_binary(pub_key);
if (prime)
coap_delete_binary(prime);
return spki;
}

10
src/coap_debug.c
View File

@@ -1216,6 +1216,16 @@ coap_string_tls_version(char *buffer, size_t bufsize) {
(unsigned long)((tls_version->built_version >> 16) & 0xff),
(unsigned long)((tls_version->built_version >> 8) & 0xff));
break;
case COAP_TLS_LIBRARY_WOLFSSL:
snprintf(buffer, bufsize, "TLS Library: wolfSSL - runtime %lu.%lu.%lu, "
"libcoap built for %lu.%lu.%lu",
(unsigned long)(tls_version->version >> 24),
(unsigned long)((tls_version->version >> 12) & 0xfff),
(unsigned long)((tls_version->version >> 0) & 0xfff),
(unsigned long)(tls_version->built_version >> 24),
(unsigned long)((tls_version->built_version >> 12) & 0xfff),
(unsigned long)((tls_version->built_version >> 0) & 0xfff));
break;
default:
snprintf(buffer, bufsize, "Library type %d unknown", tls_version->type);
break;

78
src/coap_gnutls.c
View File

@@ -983,60 +983,6 @@ pin_callback(void *user_data, int attempt,
}
return -1;
}
#if (GNUTLS_VERSION_NUMBER >= 0x030606)
/* first part of Raw public key, this is the start of the Subject Public Key */
static const unsigned char cert_asn1_header1[] = {
0x30, 0x59, /* SEQUENCE, length 89 bytes */
0x30, 0x13, /* SEQUENCE, length 19 bytes */
0x06, 0x07, /* OBJECT IDENTIFIER ecPublicKey (1 2 840 10045 2 1) */
0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01,
};
/* PrimeX will get inserted */
#if 0
0x06, 0x08, /* OBJECT IDENTIFIER prime256v1 (1 2 840 10045 3 1 7) */
0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x07,
#endif
static const unsigned char cert_asn1_header2[] = {
0x03, 0x42, /* BIT STRING, length 66 bytes */
/* Note: 0 bits (0x00) and no compression (0x04) are already in the certificate */
};
static gnutls_datum_t *
get_asn1_spki(const uint8_t *data, size_t size) {
coap_binary_t *pub_key = get_asn1_tag(COAP_ASN1_BITSTRING, data, size, NULL);
coap_binary_t *prime = get_asn1_tag(COAP_ASN1_IDENTIFIER, data, size, NULL);
gnutls_datum_t *spki = NULL;
if (pub_key && prime) {
size_t header_size = sizeof(cert_asn1_header1) +
2 +
prime->length +
sizeof(cert_asn1_header2);
uint8_t *tmp = gnutls_malloc(sizeof(gnutls_datum_t) +
header_size +
pub_key->length);
if (tmp) {
spki = (gnutls_datum_t *)tmp;
spki->data = &tmp[sizeof(gnutls_datum_t)];
memcpy(&spki->data[header_size], pub_key->s, pub_key->length);
memcpy(spki->data, cert_asn1_header1, sizeof(cert_asn1_header1));
spki->data[sizeof(cert_asn1_header1)] = COAP_ASN1_IDENTIFIER;
spki->data[sizeof(cert_asn1_header1)+1] = prime->length;
memcpy(&spki->data[sizeof(cert_asn1_header1)+2],
prime->s, prime->length);
memcpy(&spki->data[sizeof(cert_asn1_header1)+2+prime->length],
cert_asn1_header2, sizeof(cert_asn1_header2));
spki->size = header_size + pub_key->length;
}
}
if (pub_key)
coap_delete_binary(pub_key);
if (prime)
coap_delete_binary(prime);
return spki;
}
#endif /* GNUTLS_VERSION_NUMBER >= 0x030606 */
/*
* return 0 Success (GNUTLS_E_SUCCESS)
@@ -1145,12 +1091,16 @@ setup_pki_credentials(gnutls_certificate_credentials_t *pki_credentials,
if (gnutls_pem_base64_decode2("EC PRIVATE KEY", &key,
&der_private) == 0) {
gnutls_datum_t *spki = get_asn1_spki(der_private.data,
der_private.size);
coap_binary_t *spki = get_asn1_spki(der_private.data,
der_private.size);
if (spki) {
gnutls_datum_t tspki;
tspki.data = spki->s;
tspki.size = spki->length;
ret = gnutls_certificate_set_rawpk_key_mem(*pki_credentials,
spki,
&tspki,
&der_private,
GNUTLS_X509_FMT_DER, NULL,
COAP_GNUTLS_KEY_RPK,
@@ -1158,7 +1108,7 @@ setup_pki_credentials(gnutls_certificate_credentials_t *pki_credentials,
if (ret >= 0) {
have_done_key = 1;
}
gnutls_free(spki);
coap_delete_binary(spki);
}
gnutls_free(der_private.data);
}
@@ -1256,12 +1206,16 @@ setup_pki_credentials(gnutls_certificate_credentials_t *pki_credentials,
int have_done_key = 0;
if (setup_data->pki_key.key.asn1.private_key_type ==
COAP_ASN1_PKEY_EC) {
gnutls_datum_t *spki = get_asn1_spki(key.data,
key.size);
coap_binary_t *spki = get_asn1_spki(key.data,
key.size);
if (spki) {
gnutls_datum_t tspki;
tspki.data = spki->s;
tspki.size = spki->length;
ret = gnutls_certificate_set_rawpk_key_mem(*pki_credentials,
spki,
&tspki,
&key,
GNUTLS_X509_FMT_DER, NULL,
COAP_GNUTLS_KEY_RPK,
@@ -1269,7 +1223,7 @@ setup_pki_credentials(gnutls_certificate_credentials_t *pki_credentials,
if (ret >= 0) {
have_done_key = 1;
}
gnutls_free(spki);
coap_delete_binary(spki);
}
}
if (!have_done_key) {

6
src/coap_notls.c
View File

@@ -17,7 +17,7 @@
#include "coap3/coap_internal.h"
#if !defined(COAP_WITH_LIBTINYDTLS) && !defined(COAP_WITH_LIBOPENSSL) && !defined(COAP_WITH_LIBGNUTLS) && !defined(COAP_WITH_LIBMBEDTLS)
#if !defined(COAP_WITH_LIBTINYDTLS) && !defined(COAP_WITH_LIBOPENSSL) && !defined(COAP_WITH_LIBWOLFSSL) && !defined(COAP_WITH_LIBGNUTLS) && !defined(COAP_WITH_LIBMBEDTLS)
int
coap_dtls_is_supported(void) {
@@ -400,7 +400,7 @@ coap_crypto_hmac(cose_hmac_alg_t hmac_alg,
#endif /* COAP_OSCORE_SUPPORT */
#else /* !COAP_WITH_LIBTINYDTLS && !COAP_WITH_LIBOPENSSL && !COAP_WITH_LIBGNUTLS */
#else /* !COAP_WITH_LIBTINYDTLS && !COAP_WITH_LIBOPENSSL && !COAP_WITH_LIBWOLFSSL && !COAP_WITH_LIBGNUTLS */
#ifdef __clang__
/* Make compilers happy that do not like empty modules. As this function is
@@ -412,4 +412,4 @@ static inline void
dummy(void) {
}
#endif /* !COAP_WITH_LIBTINYDTLS && !COAP_WITH_LIBOPENSSL && !COAP_WITH_LIBGNUTLS && !COAP_WITH_LIBMBEDTLS */
#endif /* !COAP_WITH_LIBTINYDTLS && !COAP_WITH_LIBOPENSSL && !COAP_WITH_LIBWOLFSSL && !COAP_WITH_LIBGNUTLS && !COAP_WITH_LIBMBEDTLS */

2
src/coap_sha1.c
View File

@@ -65,7 +65,7 @@
#include "coap3/coap_internal.h"
#if COAP_WS_SUPPORT && !defined(COAP_WITH_LIBOPENSSL) && !defined(COAP_WITH_LIBGNUTLS) && !defined(COAP_WITH_LIBMBEDTLS)
#if COAP_WS_SUPPORT && !defined(COAP_WITH_LIBOPENSSL) && !defined(COAP_WITH_LIBGNUTLS) && !defined(COAP_WITH_LIBMBEDTLS) && !defined(COAP_WITH_LIBWOLFSSL)
/*
* Define the SHA1 circular left shift macro
*/

3146
src/coap_wolfssl.c Normal file
View File

File diff suppressed because it is too large Load Diff

9
tests/test_tls.c
View File

@@ -34,6 +34,12 @@
#include <openssl/ssl.h>
#endif /* COAP_WITH_LIBOPENSSL */
#ifdef COAP_WITH_LIBWOLFSSL
#define HAVE_DTLS 1
#include <wolfssl/options.h>
#include <wolfssl/ssl.h>
#endif /* COAP_WITH_LIBWOLFSSL */
#ifdef COAP_WITH_LIBGNUTLS
#define HAVE_DTLS 1
#include <gnutls/gnutls.h>
@@ -64,6 +70,9 @@ t_tls2(void) {
#if defined(COAP_WITH_LIBOPENSSL)
version.version = SSLeay();
version.type = COAP_TLS_LIBRARY_OPENSSL;
#elif defined(COAP_WITH_LIBWOLFSSL)
version.version = wolfSSL_lib_version_hex();
version.type = COAP_TLS_LIBRARY_WOLFSSL;
#elif defined(COAP_WITH_LIBTINYDTLS)
const char *vers = dtls_package_version();
version.version = 0;

1
win32/libcoap.vcxproj
View File

@@ -71,6 +71,7 @@
<ClCompile Include="..\src\coap_threadsafe.c" />
<ClCompile Include="..\src\coap_tinydtls.c" />
<ClCompile Include="..\src\coap_uri.c" />
<ClCompile Include="..\src\coap_wolfssl.c" />
<ClCompile Include="..\src\coap_ws.c" />
<ClCompile Include="..\src\oscore\oscore.c" />
<ClCompile Include="..\src\oscore\oscore_cbor.c" />

3
win32/libcoap.vcxproj.filters
View File

@@ -107,6 +107,9 @@
<ClCompile Include="..\src\coap_uri.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="..\src\coap_wolfssl.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="..\src\coap_ws.c">
<Filter>Source Files</Filter>
</ClCompile>