ddn.net.dtls.keyschedule

DTLS key schedule and transcript hash utilities.

Provides DTLS-specific transcript hashing that includes the full handshake header with message_seq and fragment fields per RFC 6347 §4.2.6. Also provides label conversion utilities for DTLS 1.3 (RFC 9147).

var Dtls13LabelPrefix

class DtlsTranscriptHash

fn dtls13Label

Types 1

classDtlsTranscriptHash

Transcript hash for DTLS handshakes.

Unlike TLS, DTLS includes the full handshake header with message_seq and fragment fields in the hash input (RFC 6347 §4.2.6). For hashing purposes, fragment_offset is always 0 and fragment_length equals the total message length, representing a complete unfragmented message.

This ensures that the transcript hash is consistent regardless of how messages were fragmented during transmission.

Fields

private ubyte[] hashState_

private bool frozen_

Methods

void update(ubyte msgType, ushort messageSeq, const(ubyte)[] messageBody) @safe pure nothrowUpdates the transcript with a DTLS handshake message.

ubyte[] current()Gets the current transcript hash value (SHA-256).

void reset() @safe pure nothrowResets the transcript to empty state.

void freeze() @safe pure nothrowFreezes the transcript.

bool isFrozen() const @safe pure nothrow @nogcChecks if the transcript is frozen.

const(ubyte)[] rawData() const @safe pure nothrow @nogcGets the raw accumulated transcript data.

Constructors

this()Constructs a new DtlsTranscriptHash.

Functions 1

fnstring dtls13Label(string tls13Label) pure nothrow @safeConverts a TLS 1.3 label to DTLS 1.3 format.

Variables 1

enumvarDtls13LabelPrefix = "dtls13 "

DTLS 1.3 label prefix.

DTLS 1.3 uses "dtls13 " as the label prefix instead of "tls13 " for HKDF-Expand-Label operations (RFC 9147 §5).