Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/wolfssl/gnutls-wolfssl

Port of wolfSSL into gnutls
https://github.com/wolfssl/gnutls-wolfssl

Last synced: 2 months ago
JSON representation

Port of wolfSSL into gnutls

Awesome Lists containing this project

README 

          
# gnutls-wolfssl



Experimental port of wolfSSL into GnuTLS. One script builds everything and drops the bits under /opt.



## Quick start

```

git clone https://github.com/wolfssl/gnutls-wolfssl.git

cd gnutls-wolfssl

# regular build (uses default GnuTLS 3.8.9)

./setup.sh



# build with FIPS 140 support

./setup.sh fips



# build specific GnuTLS version

./setup.sh 3.8.11



# build specific version with FIPS 140 support

./setup.sh fips 3.8.11



# show help and all options

./setup.sh --help

```

On success you get:

```

/opt/wolfssl                  wolfSSL

/opt/gnutls                   GnuTLS built on wolfSSL

/opt/wolfssl-gnutls-wrapper   runtime shim

```

If the loader can’t find the libs, add the path to LD_LIBRARY_PATH (Linux) or DYLD_LIBRARY_PATH (macOS).



## Environment variables

| var | default | note |

|-----|---------|------|

| WOLFSSL_INSTALL | /opt/wolfssl | install prefix |

| GNUTLS_INSTALL  | /opt/gnutls  | install prefix |

| PROVIDER_PATH | /opt/wolfssl-gnutls-wrapper/ | install prefix|

| WOLFSSL_FIPS_BUNDLE | - | path to pre-downloaded wolfSSL FIPS bundle (optional, FIPS mode only) |

| GNUTLS_FORCE_FIPS_MODE | 0 | set to 1 at runtime to enforce FIPS |

| WGW_LOGGING | 1 |By default wolfssl-gnutls-wrapper will show logging information. Set to 0 to turn off logging |

| WGW_LOGFILE | - | By default wolfssl-gnutls-wrapper will log to stderr. This can be changed to stdout or a filename |



## Directory layout (after setup.sh has been run)

```

setup.sh                       do‑it‑all build script

rebuild-gnutls.sh              rebuild GnuTLS only

wolfssl/                       upstream clone

gnutls/                        upstream clone + branch gnutls-wolfssl-VERSION

wolfssl-gnutls-wrapper/        thin shim + tests

```



## Version support

The setup script supports building different GnuTLS versions by specifying the version number as an argument. The script will checkout the corresponding branch (e.g., `gnutls-wolfssl (3.8.9)`, `gnutls-wolfssl-3.8.11 (3.8.11)`).



**Note:** When building GnuTLS 3.8.11 on Linux, the script automatically downloads and builds nettle 3.10, as this version requires nettle >= 3.10.



## Tests

```

cd wolfssl-gnutls-wrapper



# build wrapper

make



# full suite

make test



# fast run of the test suite

make test_fast



# test fips (only if ./setup.sh was run in fips mode)

make test_fips

```

Each test prints ✔️/❌ and a summary.



## Using in your project

```

cc app.c \

  -I/opt/gnutls/include -I/opt/wolfssl/include \

  -L/opt/gnutls/lib -lgnutls \

  -L/opt/wolfssl/lib -lwolfssl \

  -L/opt/wolfssl-gnutls-wrapper/lib -lgnutls-wolfssl-wrapper

```

Make sure the wrapper comes after gnutls on the linker line.



## Clean up

```

sudo rm -rf /opt/wolfssl /opt/gnutls /opt/wolfssl-gnutls-wrapper

```