ddn.net.dtls.client12

DTLS 1.2 client handshake state machine (RFC 6347).

Drives the DTLS 1.2 client handshake as a resumable state machine. Adapts the TLS 1.2 handshake for datagram transports with:

DTLS record framing (13-byte header)
DTLS handshake framing (12-byte header with message_seq)
Flight-based retransmission with exponential backoff
Cookie exchange (HelloVerifyRequest)
Handshake message fragmentation
Anti-replay protection

Reuses cryptographic primitives from the TLS 1.2 implementation: PRF (Tls12Prf), AEAD (TlsAead), key exchange (X25519, ECDH P-256), certificate parsing, and signature verification.

var DTLS_1_2_RECORD_VERSION

class Dtls12Client

Types 1

classDtls12Client

DTLS 1.2 client handshake engine.

Drives the client side of a DTLS 1.2 handshake over a datagram transport. Uses flight-based retransmission with exponential backoff and supports the HelloVerifyRequest cookie exchange for DoS mitigation.

Call handshake() repeatedly until it returns TlsProgress.DONE. Between calls, wait for socket readiness as indicated by the return value.

Fields

DtlsTransport transport_

DtlsTimerSink timer_

DatagramEndpoint serverAddr_

Dtls12ClientPhase phase_

ushort messageSeq_

ushort epoch_

ulong recordSeq_

SecureRandom rng_

DtlsFlight pendingFlight_

int retryCount_

ubyte[32] clientRandom_

ubyte[32] serverRandom_

ubyte[] preMasterSecret_

ubyte[] masterSecret_

ubyte[] receivedCookie_

X25519PrivateKey ecdhePrivate_

NamedGroup selectedGroup_

string serverName_

DtlsVersion minVersion_

DtlsVersion maxVersion_

string[] alpnProtocols_

SrtpProfile[] srtpProfiles_

string negotiatedAlpn_

CipherSuiteId negotiatedCipher_

DtlsVersion negotiatedVersion_

SrtpProfile negotiatedSrtpProfile_

Tls12Prf prf_

TranscriptHash transcript_

TlsAead writeAead_

TlsAead readAead_

X509Certificate[] peerX509Certs_

TlsCertificateChain peerCerts_

TlsVerifyMode verifyMode_

DtlsVerifyCallback verifyCallback_

NativeTlsTrustStore trustStore_

DtlsFragmentBuffer reassembly_

ubyte[] pendingDatagram_

Methods

void setMinVersion(DtlsVersion ver) @safe pure nothrow @nogcSets the minimum DTLS version.

void setMaxVersion(DtlsVersion ver) @safe pure nothrow @nogcSets the maximum DTLS version.

void setAlpnProtocols(string[] protocols) @safe pure nothrowSets the ALPN protocols.

void setSrtpProfiles(SrtpProfile[] profiles) @safe pure nothrow

void setVerifyMode(TlsVerifyMode mode) @safe pure nothrow @nogcSets the certificate verification mode.

void setVerifyCallback(DtlsVerifyCallback callback) @safe pure nothrowSets a custom certificate verification callback.

void setTrustStore(NativeTlsTrustStore trustStore) @safe pure nothrowSets the trust store for certificate chain validation.

TlsProgress handshake() @trustedPerforms or continues the DTLS 1.2 client handshake.

ubyte[] buildDtlsClientHello(const(ubyte)[] cookie)Builds a DTLS ClientHello handshake message.

bool processServerResponse(const(ubyte)[] datagram)Process a received datagram during the handshake.

bool processHandshakePayload(const(ubyte)[] payload)Process a handshake payload from a DTLS record.

bool dispatchHandshakeType(HandshakeType msgType, const(ubyte)[] body)Dispatch a complete handshake message to the appropriate handler.

void processServerHello(const(ubyte)[] body)Process a ServerHello message body.

void processServerHelloExtensions(const(ubyte)[] extData)Process extensions from a ServerHello.

void processCertificate(const(ubyte)[] body)Process a Certificate message body.

private void verifyPeerCertificates()Verify the peer's certificate chain against the trust store.

void processServerKeyExchange(const(ubyte)[] body)Process a ServerKeyExchange message body.

void performKeyExchange(NamedGroup group, const(ubyte)[] peerPubKey)Perform ECDHE key exchange.

void verifyServerKeyExchange(SignatureScheme sigScheme,
          const(ubyte)[]  params,  const(ubyte)[]  signature)

Verify the server's signature on ServerKeyExchange parameters.

ubyte[] buildClientKeyExchange()Builds a ClientKeyExchange handshake message.

ubyte[] buildChangeCipherSpec()Builds a ChangeCipherSpec record.

void deriveKeys()Derives master secret and key material from the premaster secret.

ubyte[] buildFinished()Builds a Finished handshake message.

bool processHelloVerify(const(ubyte)[] datagram)Process a datagram that may contain a HelloVerifyRequest.

const(ubyte)[] extractHelloVerifyCookie(const(ubyte)[] body)Extract the cookie from a HelloVerifyRequest body.

void updateTranscript(HandshakeType msgType, const(ubyte)[] body)Update the handshake transcript hash with a DTLS handshake message.

ubyte[] wrapHandshakeMessage(HandshakeType msgType, const(ubyte)[] body)Wraps a handshake message body in a DTLS handshake header.

ubyte[] wrapInRecord(ContentType contentType, const(ubyte)[] payload)Wraps a handshake message in a DTLS record.

ubyte[] buildDtlsRecord(ContentType contentType, const(ubyte)[] payload)Builds a complete DTLS record with 13-byte header.

ubyte[] encryptRecord(ContentType contentType, const(ubyte)[] plaintext)Encrypts a record payload using the current write AEAD.

const(ubyte)[] receiveDatagram()Receive a single datagram from the transport.

void feedDatagram(const(ubyte)[] data) @trustedFeed a received datagram for processing.

void sendDatagram(const(ubyte)[] data)Send a datagram via the transport.

void sendFlight(ubyte[][] records)Send a flight of records as one or more datagrams.

void scheduleRetransmit()Schedule retransmission timer for the current flight.

void retransmitFlight()Retransmit the pending flight.

Dtls12ClientPhase phase() @property const @safe pure nothrow @nogcReturns: The current handshake phase.

CipherSuiteId negotiatedCipher() @property const @safe pure nothrow @nogcReturns: The negotiated cipher suite.

DtlsVersion negotiatedVersion() @property const @safe pure nothrow @nogcReturns: The negotiated DTLS version.

string alpnProtocol() @property const @safe pure nothrowReturns: The negotiated ALPN protocol.

TlsCertificateChain peerCertificates() @property @trustedReturns: The peer's certificate chain.

ushort epoch() @property const @safe pure nothrow @nogcReturns: The current epoch.

SrtpProfile negotiatedSrtpProfile() @property const @safe pure nothrow @nogc

ubyte[] srtpMasterSecret() @property @safe pure nothrow @nogc

ubyte[] srtpClientRandom() @property @safe pure nothrow @nogc

ubyte[] srtpServerRandom() @property @safe pure nothrow @nogc

TlsAead writeAead() @propertyReturns: The write AEAD cipher (after key derivation).

TlsAead readAead() @propertyReturns: The read AEAD cipher (after key derivation).

Constructors

this(DtlsTransport transport,  DtlsTimerSink timer,
          DatagramEndpoint serverAddr,  string serverName)

Constructs a DTLS 1.2 client handshake engine.

Variables 1

enumvarDTLS_1_2_RECORD_VERSION = [0xFE, 0xFD]

DTLS 1.2 record version used on the wire.