feat(binding_coap): allow for overriding the OpenSSL security level

lib/src/binding_coap/coap_client.dart

@@ -25,7 +25,8 @@ class _InternalCoapConfig extends CoapConfigDefault {
         dtlsCiphers = coapConfig.dtlsCiphers,
         dtlsVerify = coapConfig.dtlsVerify,
         dtlsWithTrustedRoots = coapConfig.dtlsWithTrustedRoots,
-        rootCertificates = coapConfig.rootCertificates;
+        rootCertificates = coapConfig.rootCertificates,
+        openSslSecurityLevel = coapConfig.openSslSecurityLevel;
 
   @override
   final int preferredBlockSize;
@@ -41,6 +42,9 @@ class _InternalCoapConfig extends CoapConfigDefault {
 
   @override
   final List<coap.Certificate> rootCertificates;
+
+  @override
+  final int? openSslSecurityLevel;
 }
 
 coap.PskCredentialsCallback? _createPskCallback(

lib/src/binding_coap/coap_config.dart

@@ -21,6 +21,7 @@ class CoapConfig {
     this.rootCertificates = const [],
     this.dtlsWithTrustedRoots = true,
     this.dtlsVerify = true,
+    this.openSslSecurityLevel,
   });
 
   /// Whether certificates should be verified by OpenSSL.
@@ -56,4 +57,19 @@ class CoapConfig {
   ///
   /// Defaults to 60 seconds.
   final Duration multicastDiscoveryTimeout;
+
+  /// Security level override for using DTLS with OpenSSL.
+  ///
+  /// The possible values for the security level range from 0 to 5.
+  ///
+  /// Lowering the security level can be necessary with newer versions of
+  /// OpenSSL to still be able to use the mandatory CoAP cipher suites
+  /// (e.g., `TLS_PSK_WITH_AES_128_CCM_8`, see [section 9.1.3.1 of RFC 7252]).
+  ///
+  /// See the [OpenSSL documentation] for more information on the meaning of the
+  /// individual security levels.
+  ///
+  /// [section 9.1.3.1 of RFC 7252]: https://datatracker.ietf.org/doc/html/rfc7252#section-9.1.3.1
+  /// [OpenSSL documentation]: https://docs.openssl.org/master/man3/SSL_CTX_set_security_level/#default-callback-behaviour
+  final int? openSslSecurityLevel;
 }