指定密码套件libcoap
[英]Specify cipher suite libcoap
问题描述
I am writing a small CoAP client/server program, over DTLS, in C, using the libcoap library. 
我正在使用libcoap库通过DTLS在C上编写一个小型CoAP客户端/服务器程序。 Analyzing the traffic with Wireshark reveals that the server chooses the TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256. 使用Wireshark分析流量,可以发现服务器选择了TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256。
I want to change cipher suite, for evaluation purposes. 我想更改密码套件,以进行评估。 How do I do this? 我该怎么做呢? There doesn't seem to be an option anywhere for specifying the suite. 似乎没有任何地方可以指定套件。 Also, I compiled libcoap with OpenSSL as backend. 另外,我使用OpenSSL作为后端编译了libcoap。
If libcoap does not support this, is there a way of setting up DTLS myself and use libcoap to just handle the CoAP packets? 如果libcoap不支持此功能,是否可以自己设置DTLS并使用libcoap来处理CoAP数据包?
1 个解决方案
解决方案1
1 2019-05-21 20:11:46
Try to configure the cipher suites in the dtls context. 尝试在dtls上下文中配置密码套件。
file: "coap_openssl.c", (about line 395, depends on your version), function: "void *coap_dtls_new_context(struct coap_context_t *coap_context)", 文件:“ coap_openssl.c”(大约395行,取决于您的版本),功能:“无效* coap_dtls_new_context(struct coap_context_t * coap_context)”,
SSL_CTX_set_min_proto_version(context->dtls.ctx, DTLS1_2_VERSION);
SSL_CTX_set_app_data(context->dtls.ctx, &context->dtls);
SSL_CTX_set_read_ahead(context->dtls.ctx, 1);
SSL_CTX_set_cipher_list(context->dtls.ctx, "ECDHE-PSK-AES128-CBC-SHA256:PSK-AES128-CCM8:ECDHE-ECDSA-AES128-CCM8");
Add the "set_cipher_list" with the cipher suites you want. 添加“ set_cipher_list”以及所需的密码套件。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.