ddn.net.dtls

DDN DTLS - Datagram Transport Layer Security.

This package provides DTLS 1.2 (RFC 6347) and DTLS 1.3 (RFC 9147) implementation for secure datagram communication over UDP.

DTLS provides the same security guarantees as TLS but for unreliable datagram transports. Key differences from TLS:

Flight-based handshake with retransmission
Message fragmentation for MTU compliance
Anti-replay protection via sliding window
Cookie exchange for DoS mitigation
One-to-many peer model (one UDP socket, many peers)

Example (client):

import ddn.net.dtls;

auto ctx = createDtlsContext();
ctx.trustStore.loadSystemCerts();
auto dtls = ctx.clientEngine(transport, timer, "example.com");

while (dtls.handshake() != TlsProgress.DONE) {
   // poll and process I/O
}

auto peer = dtls.getPeer(serverAddr);
peer.write(cast(ubyte[])"Hello DTLS!");

Example (server):

import ddn.net.dtls;

auto ctx = createDtlsContext();
ctx.setCertificateChain(pemData);
ctx.setPrivateKey(pemKey);
auto dtls = ctx.serverEngine(transport, timer);

// Process incoming datagrams
dtls.processDatagram(data, senderAddr);

// Check for established peers
foreach (peer; dtls.peers()) {
   if (peer.isConnected) {
       ubyte[4096] buf;
       auto result = peer.read(buf[]);
       // handle data
   }
}

fn createDtlsContext

Functions 1

fnDtlsContext createDtlsContext(TlsBackend backend = TlsBackend.AUTO)Creates a native DTLS context using pure D cryptographic primitives.