https://github.com/qwerty-iot/dtls
Renamed from https://github.com/bocajim/dtls
This package implements a RFC-4347 compliant DTLS client and server.
- Pure go, no CGo
- Supports both client and server via UDP
- Supports TLS_PSK_WITH_AES_128_CCM_8 cipher RFC-6655
- Supports TLS_PSK_WITH_AES_128_CBC_SHA256 cipher RFC-5487
- Supports TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 cipher RFC-7251
- Supports pre-shared key authentication
- Supports certificate based authentication
- Supports DTLS session resumption
- Supports persisting session data for resumption later
- Designed for OMA LWM2M comliance LWM2M
- Support for Connection ID RFC-9146 (Nov/19 draft)
- Implement session renegotiation
- Implement packet retransmission for handshake
- Implement out of order handshake processing
- Implement replay detection
- Implement client hello stateless cookie handling
- Improve parallel processing of incoming packets
- Implement Connection ID for latest RFC-9146 draft
Keystore
mks := keystore.NewMemoryKeyStore()
keystore.SetKeyStores([]keystore.KeyStore{mks})
psk, _ := hex.DecodeString("00112233445566")
mks.AddKey("myIdentity", psk)Sample Client
listener, _ = NewUdpListener(":6000", time.Second*5)
peer, err := listener.AddPeer("127.0.0.1:5684", "myIdentity")
err = peer.Write("hello world")
data, rsp := listener.Read()The following commands can be used to generate certificates for testing:
# generate private key
openssl ecparam -out key.pem -name prime256v1 -genkey
# generate certificate
openssl req -new -key key.pem -x509 -nodes -days 3650 -out cert.pemhttp://godoc.org/github.com/qwerty-iot/dtls
Mozilla Public License Version 2.0
NOTE: License was changed from MIT on 11/20/2020.