public static async Task <byte[]> ToByteArray(IHandshakeMessage m) { using (var stream = new MemoryStream()) { // Request Code await stream.WriteAsync(new[] { (byte)m.RequestCode }); await stream.WriteSemVersion(m.Version); await stream.WriteUTF8Async(m.ClientID, SizeLength.INT); const string separator = ";"; await stream.WriteUTF8Async(separator, SizeLength.INT); string subscribeList = string.Join(separator, m.Subscribe); string produceList = string.Join(separator, m.Produce); await stream.WriteUTF8Async(subscribeList, SizeLength.INT); await stream.WriteUTF8Async(produceList, SizeLength.INT); await stream.WriteAsync(m.RequestData); return(stream.ToArray()); } }
private DTLSRecord CreateRecord(Session session, IHandshakeMessage handshakeMessage, ushort messageSequence) { int size = handshakeMessage.CalculateSize(session.Version); DTLSRecord record = new DTLSRecord(); record.RecordType = TRecordType.Handshake; record.Epoch = session.Epoch; record.SequenceNumber = session.NextSequenceNumber(); record.Fragment = new byte[HandshakeRecord.RECORD_OVERHEAD + size]; if (session.Version != null) { record.Version = session.Version; } HandshakeRecord handshakeRecord = new HandshakeRecord(); handshakeRecord.MessageType = handshakeMessage.MessageType; handshakeRecord.MessageSeq = messageSequence; handshakeRecord.Length = (uint)size; handshakeRecord.FragmentLength = (uint)size; using (MemoryStream stream = new MemoryStream(record.Fragment)) { handshakeRecord.Serialise(stream); handshakeMessage.Serialise(stream, session.Version); } if (handshakeMessage.MessageType != THandshakeType.HelloVerifyRequest) { session.Handshake.UpdateHandshakeHash(record.Fragment); } if (session.Cipher != null) { long sequenceNumber = ((long)record.Epoch << 48) + record.SequenceNumber; record.Fragment = session.Cipher.EncodePlaintext(sequenceNumber, (byte)TRecordType.Handshake, record.Fragment, 0, record.Fragment.Length); } return(record); }
private void SendResponseEnd(Session session, IHandshakeMessage handshakeMessage, ushort messageSequence) { int size = handshakeMessage.CalculateSize(session.Version); int maxPayloadSize = _MaxPacketSize - DTLSRecord.RECORD_OVERHEAD + HandshakeRecord.RECORD_OVERHEAD; if (size > maxPayloadSize) { } else { DTLSRecord record = CreateRecord(session, handshakeMessage, messageSequence); session.Handshake.MessageSequence++; DTLSRecord recordEnd = CreateRecord(session, new ServerHelloDone(), session.Handshake.MessageSequence); session.Handshake.MessageSequence++; int responseSize = DTLSRecord.RECORD_OVERHEAD + record.Fragment.Length + DTLSRecord.RECORD_OVERHEAD + recordEnd.Fragment.Length; byte[] response = new byte[responseSize]; using (MemoryStream stream = new MemoryStream(response)) { record.Serialise(stream); recordEnd.Serialise(stream); } SocketAsyncEventArgs parameters = new SocketAsyncEventArgs() { RemoteEndPoint = session.RemoteEndPoint }; parameters.SetBuffer(response, 0, responseSize); _Socket.SendToAsync(parameters); } }
private void SendHandshakeMessage(IHandshakeMessage handshakeMessage, bool encrypt) { int size = handshakeMessage.CalculateSize(_Version); int maxPayloadSize = _MaxPacketSize - DTLSRecord.RECORD_OVERHEAD + HandshakeRecord.RECORD_OVERHEAD; if (size > maxPayloadSize) { } else { DTLSRecord record = new DTLSRecord { RecordType = TRecordType.Handshake, Epoch = _Epoch, SequenceNumber = NextSequenceNumber(), Fragment = new byte[HandshakeRecord.RECORD_OVERHEAD + size] }; if (_Version != null) { record.Version = _Version; } HandshakeRecord handshakeRecord = new HandshakeRecord { MessageType = handshakeMessage.MessageType, MessageSeq = _MessageSequence }; _MessageSequence++; handshakeRecord.Length = (uint)size; handshakeRecord.FragmentLength = (uint)size; using (MemoryStream stream = new MemoryStream(record.Fragment)) { handshakeRecord.Serialise(stream); handshakeMessage.Serialise(stream, _Version); } if (handshakeMessage.MessageType != THandshakeType.HelloVerifyRequest) { _HandshakeInfo.UpdateHandshakeHash(record.Fragment); } int responseSize = DTLSRecord.RECORD_OVERHEAD + HandshakeRecord.RECORD_OVERHEAD + size; if ((_Cipher != null) && encrypt) { long sequenceNumber = ((long)record.Epoch << 48) + record.SequenceNumber; record.Fragment = _Cipher.EncodePlaintext(sequenceNumber, (byte)TRecordType.Handshake, record.Fragment, 0, record.Fragment.Length); responseSize = DTLSRecord.RECORD_OVERHEAD + record.Fragment.Length; } byte[] response = new byte[responseSize]; using (MemoryStream stream = new MemoryStream(response)) { record.Serialise(stream); } SocketAsyncEventArgs parameters = new SocketAsyncEventArgs() { RemoteEndPoint = _ServerEndPoint }; parameters.SetBuffer(response, 0, responseSize); _Socket.SendToAsync(parameters); } }
public static bool Equals(IHandshakeMessage x, IHandshakeMessage y) { return(x.ClientID == y.ClientID && string.Join(";", x.Produce) == string.Join(";", y.Produce) && string.Join(";", x.Subscribe) == string.Join(";", y.Subscribe) && x.Version == y.Version && x.RequestCode == y.RequestCode && x.RequestData.EqualsContent(y.RequestData)); }
private DTLSRecord CreateRecord(Session session, IHandshakeMessage handshakeMessage, ushort messageSequence) { if (session == null) { throw new ArgumentNullException(nameof(session)); } if (handshakeMessage == null) { throw new ArgumentNullException(nameof(handshakeMessage)); } var size = handshakeMessage.CalculateSize(session.Version); var record = new DTLSRecord { RecordType = TRecordType.Handshake, Epoch = session.Epoch, SequenceNumber = session.NextSequenceNumber(), Fragment = new byte[HandshakeRecord.RECORD_OVERHEAD + size] }; if (session.Version != null) { record.Version = session.Version; } var handshakeRecord = new HandshakeRecord { MessageType = handshakeMessage.MessageType, MessageSeq = messageSequence, Length = (uint)size, FragmentLength = (uint)size }; using (var stream = new MemoryStream(record.Fragment)) { handshakeRecord.Serialise(stream); handshakeMessage.Serialise(stream, session.Version); } if (handshakeMessage.MessageType != THandshakeType.HelloVerifyRequest) { session.Handshake.UpdateHandshakeHash(record.Fragment); } if (session.Cipher != null) { var sequenceNumber = ((long)record.Epoch << 48) + record.SequenceNumber; record.Fragment = session.Cipher.EncodePlaintext(sequenceNumber, (byte)TRecordType.Handshake, record.Fragment, 0, record.Fragment.Length); } return(record); }
private void SendResponse(Session session, IHandshakeMessage handshakeMessage, ushort messageSequence) { int size = handshakeMessage.CalculateSize(session.Version); int maxPayloadSize = _MaxPacketSize - DTLSRecord.RECORD_OVERHEAD + HandshakeRecord.RECORD_OVERHEAD; if (size > maxPayloadSize) { } else { DTLSRecord record = new DTLSRecord(); record.RecordType = TRecordType.Handshake; record.Epoch = session.Epoch; record.SequenceNumber = session.NextSequenceNumber(); record.Fragment = new byte[HandshakeRecord.RECORD_OVERHEAD + size]; if (session.Version != null) { record.Version = session.Version; } HandshakeRecord handshakeRecord = new HandshakeRecord(); handshakeRecord.MessageType = handshakeMessage.MessageType; handshakeRecord.MessageSeq = messageSequence; handshakeRecord.Length = (uint)size; handshakeRecord.FragmentLength = (uint)size; using (MemoryStream stream = new MemoryStream(record.Fragment)) { handshakeRecord.Serialise(stream); handshakeMessage.Serialise(stream, session.Version); } if (handshakeMessage.MessageType != THandshakeType.HelloVerifyRequest) { session.Handshake.UpdateHandshakeHash(record.Fragment); } int responseSize = DTLSRecord.RECORD_OVERHEAD + HandshakeRecord.RECORD_OVERHEAD + size; if (session.Cipher != null) { long sequenceNumber = ((long)record.Epoch << 48) + record.SequenceNumber; record.Fragment = session.Cipher.EncodePlaintext(sequenceNumber, (byte)TRecordType.Handshake, record.Fragment, 0, record.Fragment.Length); responseSize = DTLSRecord.RECORD_OVERHEAD + record.Fragment.Length; } byte[] response = new byte[responseSize]; using (MemoryStream stream = new MemoryStream(response)) { record.Serialise(stream); } SocketAsyncEventArgs parameters = new SocketAsyncEventArgs() { RemoteEndPoint = session.RemoteEndPoint }; parameters.SetBuffer(response, 0, responseSize); _Socket.SendToAsync(parameters); } }
private void SendResponseEnd(Session session, IHandshakeMessage handshakeMessage, ushort messageSequence) { if (session == null) { throw new ArgumentNullException(nameof(session)); } if (handshakeMessage == null) { throw new ArgumentNullException(nameof(handshakeMessage)); } var size = handshakeMessage.CalculateSize(session.Version); var maxPayloadSize = this._MaxPacketSize - DTLSRecord.RECORD_OVERHEAD + HandshakeRecord.RECORD_OVERHEAD; if (size > maxPayloadSize) { //fragments return; } var record = this.CreateRecord(session, handshakeMessage, messageSequence); session.Handshake.MessageSequence++; var recordEnd = this.CreateRecord(session, new ServerHelloDone(), session.Handshake.MessageSequence); session.Handshake.MessageSequence++; var responseSize = DTLSRecord.RECORD_OVERHEAD + record.Fragment.Length + DTLSRecord.RECORD_OVERHEAD + recordEnd.Fragment.Length; var response = new byte[responseSize]; using (var stream = new MemoryStream(response)) { record.Serialise(stream); recordEnd.Serialise(stream); } var parameters = new SocketAsyncEventArgs() { RemoteEndPoint = session.RemoteEndPoint }; parameters.SetBuffer(response, 0, responseSize); this._Socket.SendToAsync(parameters); }
private async Task _SendHandshakeMessageAsync(IHandshakeMessage handshakeMessage, bool encrypt, TimeSpan timeout) { if (handshakeMessage == null) { throw new ArgumentNullException(nameof(handshakeMessage)); } if (this._Socket == null) { throw new Exception("Socket Cannot be Null"); } var byteArrayList = this._GetBytes(handshakeMessage, encrypt); foreach (var byteArray in byteArrayList) { Console.WriteLine($"Sending {handshakeMessage.MessageType} {byteArray.Count()}"); await this._Socket.SendAsync(byteArray, timeout).ConfigureAwait(false); } }
private async Task _SendHandshakeMessageAsync(IHandshakeMessage handshakeMessage, bool encrypt) => await this._SendHandshakeMessageAsync(handshakeMessage, encrypt, TimeSpan.FromSeconds(1)).ConfigureAwait(false);
private IEnumerable <byte[]> _GetBytes(IHandshakeMessage handshakeMessage, bool encrypt) { if (handshakeMessage == null) { throw new ArgumentNullException(nameof(handshakeMessage)); } var size = handshakeMessage.CalculateSize(this._Version); var maxPayloadSize = _MaxPacketSize - DTLSRecord.RECORD_OVERHEAD + HandshakeRecord.RECORD_OVERHEAD; if (size > maxPayloadSize) { var wholeMessage = new List <byte[]>(); var record = new DTLSRecord { RecordType = TRecordType.Handshake, Epoch = _Epoch, Version = this._Version }; var handshakeRecord = new HandshakeRecord { MessageType = handshakeMessage.MessageType, MessageSeq = _MessageSequence }; if (!(handshakeMessage.MessageType == THandshakeType.HelloVerifyRequest || (handshakeMessage.MessageType == THandshakeType.ClientHello && (handshakeMessage as ClientHello).Cookie == null))) { record.Fragment = new byte[HandshakeRecord.RECORD_OVERHEAD + size]; handshakeRecord.Length = (uint)size; handshakeRecord.FragmentLength = (uint)size; handshakeRecord.FragmentOffset = 0u; using (var stream = new MemoryStream(record.Fragment)) { handshakeRecord.Serialise(stream); handshakeMessage.Serialise(stream, this._Version); } this._HandshakeInfo.UpdateHandshakeHash(record.Fragment); } var dataMessage = new byte[size]; using (var stream = new MemoryStream(dataMessage)) { handshakeMessage.Serialise(stream, this._Version); } var dataMessageFragments = dataMessage.ChunkBySize(maxPayloadSize); handshakeRecord.FragmentOffset = 0U; dataMessageFragments.ForEach(x => { handshakeRecord.Length = (uint)size; handshakeRecord.FragmentLength = (uint)x.Count(); record.SequenceNumber = this._NextSequenceNumber(); var baseMessage = new byte[HandshakeRecord.RECORD_OVERHEAD]; using (var stream = new MemoryStream(baseMessage)) { handshakeRecord.Serialise(stream); } record.Fragment = baseMessage.Concat(x).ToArray(); var responseSize = DTLSRecord.RECORD_OVERHEAD + HandshakeRecord.RECORD_OVERHEAD + x.Count(); if ((this._Cipher != null) && encrypt) { var sequenceNumber = ((long)record.Epoch << 48) + record.SequenceNumber; record.Fragment = this._Cipher.EncodePlaintext(sequenceNumber, (byte)TRecordType.Handshake, record.Fragment, 0, record.Fragment.Length); responseSize = DTLSRecord.RECORD_OVERHEAD + record.Fragment.Length; } var response = new byte[responseSize]; using (var stream = new MemoryStream(response)) { record.Serialise(stream); } wholeMessage.Add(response); handshakeRecord.FragmentOffset += (uint)x.Count(); }); this._MessageSequence++; return(wholeMessage); } else { var record = new DTLSRecord { RecordType = TRecordType.Handshake, Epoch = _Epoch, SequenceNumber = this._NextSequenceNumber(), Fragment = new byte[HandshakeRecord.RECORD_OVERHEAD + size], Version = this._Version }; var handshakeRecord = new HandshakeRecord { MessageType = handshakeMessage.MessageType, MessageSeq = _MessageSequence }; this._MessageSequence++; handshakeRecord.Length = (uint)size; handshakeRecord.FragmentLength = (uint)size; using (var stream = new MemoryStream(record.Fragment)) { handshakeRecord.Serialise(stream); handshakeMessage.Serialise(stream, this._Version); } if (!(handshakeMessage.MessageType == THandshakeType.HelloVerifyRequest || (handshakeMessage.MessageType == THandshakeType.ClientHello && (handshakeMessage as ClientHello).Cookie == null))) { this._HandshakeInfo.UpdateHandshakeHash(record.Fragment); } var responseSize = DTLSRecord.RECORD_OVERHEAD + HandshakeRecord.RECORD_OVERHEAD + size; if ((this._Cipher != null) && encrypt) { var sequenceNumber = ((long)record.Epoch << 48) + record.SequenceNumber; record.Fragment = this._Cipher.EncodePlaintext(sequenceNumber, (byte)TRecordType.Handshake, record.Fragment, 0, record.Fragment.Length); responseSize = DTLSRecord.RECORD_OVERHEAD + record.Fragment.Length; } var response = new byte[responseSize]; using (var stream = new MemoryStream(response)) { record.Serialise(stream); } return(new List <byte[]>() { response }); } }
private async Task _ProcessHandshakeAsync(DTLSRecord record) { if (record == null) { throw new ArgumentNullException(nameof(record)); } var data = record.Fragment; if (this._EncyptedServerEpoch == record.Epoch) { var count = 0; while ((this._Cipher == null) && (count < 500)) { await Task.Delay(10).ConfigureAwait(false); count++; } if (this._Cipher == null) { throw new Exception("Need Cipher for Encrypted Session"); } var sequenceNumber = ((long)record.Epoch << 48) + record.SequenceNumber; data = this._Cipher.DecodeCiphertext(sequenceNumber, (byte)TRecordType.Handshake, record.Fragment, 0, record.Fragment.Length); } using (var tempStream = new MemoryStream(data)) { var handshakeRec = HandshakeRecord.Deserialise(tempStream); if (handshakeRec.Length > (handshakeRec.FragmentLength + handshakeRec.FragmentOffset)) { this._IsFragment = true; this._FragmentedRecordList.Add(data); return; } else if (this._IsFragment) { this._FragmentedRecordList.Add(data); data = new byte[0]; foreach (var rec in this._FragmentedRecordList) { data = data.Concat(rec.Skip(HandshakeRecord.RECORD_OVERHEAD)).ToArray(); } var tempHandshakeRec = new HandshakeRecord() { Length = handshakeRec.Length, MessageSeq = handshakeRec.MessageSeq, MessageType = handshakeRec.MessageType, FragmentLength = handshakeRec.Length, FragmentOffset = 0 }; var tempHandshakeBytes = new byte[HandshakeRecord.RECORD_OVERHEAD]; using (var updateStream = new MemoryStream(tempHandshakeBytes)) { tempHandshakeRec.Serialise(updateStream); } data = tempHandshakeBytes.Concat(data).ToArray(); } } using (var stream = new MemoryStream(data)) { var handshakeRecord = HandshakeRecord.Deserialise(stream); switch (handshakeRecord.MessageType) { case THandshakeType.HelloRequest: { break; } case THandshakeType.ClientHello: { break; } case THandshakeType.ServerHello: { var serverHello = ServerHello.Deserialise(stream); this._HandshakeInfo.UpdateHandshakeHash(data); this._ServerEpoch = record.Epoch; this._HandshakeInfo.CipherSuite = (TCipherSuite)serverHello.CipherSuite; this._HandshakeInfo.ServerRandom = serverHello.Random; this._Version = serverHello.ServerVersion <= this._Version ? serverHello.ServerVersion : _SupportedVersion; break; } case THandshakeType.HelloVerifyRequest: { var helloVerifyRequest = HelloVerifyRequest.Deserialise(stream); this._Version = helloVerifyRequest.ServerVersion; await this._SendHelloAsync(helloVerifyRequest.Cookie).ConfigureAwait(false); break; } case THandshakeType.Certificate: { var cert = Certificate.Deserialise(stream, TCertificateType.X509); this._HandshakeInfo.UpdateHandshakeHash(data); this.ServerCertificate = cert.Cert; break; } case THandshakeType.ServerKeyExchange: { this._HandshakeInfo.UpdateHandshakeHash(data); var keyExchangeAlgorithm = CipherSuites.GetKeyExchangeAlgorithm(this._HandshakeInfo.CipherSuite); byte[] preMasterSecret = null; IKeyExchange keyExchange = null; if (keyExchangeAlgorithm == TKeyExchangeAlgorithm.ECDHE_ECDSA) { var serverKeyExchange = ECDHEServerKeyExchange.Deserialise(stream, this._Version); var keyExchangeECDHE = new ECDHEKeyExchange { CipherSuite = this._HandshakeInfo.CipherSuite, Curve = serverKeyExchange.EllipticCurve, KeyExchangeAlgorithm = keyExchangeAlgorithm, ClientRandom = this._HandshakeInfo.ClientRandom, ServerRandom = this._HandshakeInfo.ServerRandom }; keyExchangeECDHE.GenerateEphemeralKey(); var clientKeyExchange = new ECDHEClientKeyExchange(keyExchangeECDHE.PublicKey); this._ClientKeyExchange = clientKeyExchange; preMasterSecret = keyExchangeECDHE.GetPreMasterSecret(serverKeyExchange.PublicKeyBytes); keyExchange = keyExchangeECDHE; } else if (keyExchangeAlgorithm == TKeyExchangeAlgorithm.ECDHE_PSK) { var serverKeyExchange = ECDHEPSKServerKeyExchange.Deserialise(stream); var keyExchangeECDHE = new ECDHEKeyExchange { CipherSuite = this._HandshakeInfo.CipherSuite, Curve = serverKeyExchange.EllipticCurve, KeyExchangeAlgorithm = keyExchangeAlgorithm, ClientRandom = this._HandshakeInfo.ClientRandom, ServerRandom = this._HandshakeInfo.ServerRandom }; keyExchangeECDHE.GenerateEphemeralKey(); var clientKeyExchange = new ECDHEPSKClientKeyExchange(keyExchangeECDHE.PublicKey); if (serverKeyExchange.PSKIdentityHint != null) { var key = this.PSKIdentities.GetKey(serverKeyExchange.PSKIdentityHint); if (key != null) { this._PSKIdentity = new PSKIdentity() { Identity = serverKeyExchange.PSKIdentityHint, Key = key }; } } if (this._PSKIdentity == null) { this._PSKIdentity = this.PSKIdentities.GetRandom(); } clientKeyExchange.PSKIdentity = this._PSKIdentity.Identity; this._ClientKeyExchange = clientKeyExchange; var otherSecret = keyExchangeECDHE.GetPreMasterSecret(serverKeyExchange.PublicKeyBytes); preMasterSecret = TLSUtils.GetPSKPreMasterSecret(otherSecret, this._PSKIdentity.Key); keyExchange = keyExchangeECDHE; } else if (keyExchangeAlgorithm == TKeyExchangeAlgorithm.PSK) { var serverKeyExchange = PSKServerKeyExchange.Deserialise(stream); var clientKeyExchange = new PSKClientKeyExchange(); if (serverKeyExchange.PSKIdentityHint != null) { var key = this.PSKIdentities.GetKey(serverKeyExchange.PSKIdentityHint); if (key != null) { this._PSKIdentity = new PSKIdentity() { Identity = serverKeyExchange.PSKIdentityHint, Key = key }; } } if (this._PSKIdentity == null) { this._PSKIdentity = this.PSKIdentities.GetRandom(); } var otherSecret = new byte[this._PSKIdentity.Key.Length]; clientKeyExchange.PSKIdentity = this._PSKIdentity.Identity; this._ClientKeyExchange = clientKeyExchange; preMasterSecret = TLSUtils.GetPSKPreMasterSecret(otherSecret, this._PSKIdentity.Key); } this._Cipher = TLSUtils.AssignCipher(preMasterSecret, true, this._Version, this._HandshakeInfo); break; } case THandshakeType.CertificateRequest: { this._HandshakeInfo.UpdateHandshakeHash(data); this._SendCertificate = true; break; } case THandshakeType.ServerHelloDone: { this._HandshakeInfo.UpdateHandshakeHash(data); var keyExchangeAlgorithm = CipherSuites.GetKeyExchangeAlgorithm(this._HandshakeInfo.CipherSuite); if (this._Cipher == null) { if (keyExchangeAlgorithm == TKeyExchangeAlgorithm.PSK) { var clientKeyExchange = new PSKClientKeyExchange(); this._PSKIdentity = this.PSKIdentities.GetRandom(); var otherSecret = new byte[this._PSKIdentity.Key.Length]; clientKeyExchange.PSKIdentity = this._PSKIdentity.Identity; this._ClientKeyExchange = clientKeyExchange; var preMasterSecret = TLSUtils.GetPSKPreMasterSecret(otherSecret, this._PSKIdentity.Key); this._Cipher = TLSUtils.AssignCipher(preMasterSecret, true, this._Version, this._HandshakeInfo); } else if (keyExchangeAlgorithm == TKeyExchangeAlgorithm.RSA) { var clientKeyExchange = new RSAClientKeyExchange(); this._ClientKeyExchange = clientKeyExchange; var PreMasterSecret = TLSUtils.GetRsaPreMasterSecret(this._Version); clientKeyExchange.PremasterSecret = TLSUtils.GetEncryptedRsaPreMasterSecret(this.ServerCertificate, PreMasterSecret); this._Cipher = TLSUtils.AssignCipher(PreMasterSecret, true, this._Version, this._HandshakeInfo); } else { throw new NotImplementedException($"Key Exchange Algorithm {keyExchangeAlgorithm} Not Implemented"); } } if (this._SendCertificate) { await this._SendHandshakeMessageAsync(this._Certificate, false).ConfigureAwait(false); } await this._SendHandshakeMessageAsync(this._ClientKeyExchange, false).ConfigureAwait(false); if (this._SendCertificate) { var signatureHashAlgorithm = new SignatureHashAlgorithm() { Signature = TSignatureAlgorithm.ECDSA, Hash = THashAlgorithm.SHA256 }; if (keyExchangeAlgorithm == TKeyExchangeAlgorithm.RSA) { signatureHashAlgorithm = new SignatureHashAlgorithm() { Signature = TSignatureAlgorithm.RSA, Hash = THashAlgorithm.SHA1 }; } var certVerify = new CertificateVerify { SignatureHashAlgorithm = signatureHashAlgorithm, Signature = TLSUtils.Sign(this._PrivateKey, this._PrivateKeyRsa, true, this._Version, this._HandshakeInfo, signatureHashAlgorithm, this._HandshakeInfo.GetHash(this._Version)) }; await this._SendHandshakeMessageAsync(certVerify, false).ConfigureAwait(false); } await this._SendChangeCipherSpecAsync().ConfigureAwait(false); var handshakeHash = this._HandshakeInfo.GetHash(this._Version); var finished = new Finished { VerifyData = TLSUtils.GetVerifyData(this._Version, this._HandshakeInfo, true, true, handshakeHash) }; await this._SendHandshakeMessageAsync(finished, true).ConfigureAwait(false); break; } case THandshakeType.NewSessionTicket: { this._HandshakeInfo.UpdateHandshakeHash(data); break; } case THandshakeType.CertificateVerify: { break; } case THandshakeType.ClientKeyExchange: { break; } case THandshakeType.Finished: { var serverFinished = Finished.Deserialise(stream); var handshakeHash = this._HandshakeInfo.GetHash(this._Version); var calculatedVerifyData = TLSUtils.GetVerifyData(this._Version, this._HandshakeInfo, true, false, handshakeHash); if (serverFinished.VerifyData.SequenceEqual(calculatedVerifyData)) { this._ConnectionComplete = true; } break; } default: { break; } } } this._IsFragment = false; this._FragmentedRecordList.RemoveAll(x => true); }
protected override bool ShouldHandleHandshakeMessage(IHandshakeMessage packet, MessageOrigin origin) { return(packet is IHandshakeClientToServerMessage); }
private DTLSRecord CreateRecord(Session session, IHandshakeMessage handshakeMessage, ushort messageSequence) { int size = handshakeMessage.CalculateSize(session.Version); DTLSRecord record = new DTLSRecord(); record.RecordType = TRecordType.Handshake; record.Epoch = session.Epoch; record.SequenceNumber = session.NextSequenceNumber(); record.Fragment = new byte[HandshakeRecord.RECORD_OVERHEAD + size]; if (session.Version != null) record.Version = session.Version; HandshakeRecord handshakeRecord = new HandshakeRecord(); handshakeRecord.MessageType = handshakeMessage.MessageType; handshakeRecord.MessageSeq = messageSequence; handshakeRecord.Length = (uint)size; handshakeRecord.FragmentLength = (uint)size; using (MemoryStream stream = new MemoryStream(record.Fragment)) { handshakeRecord.Serialise(stream); handshakeMessage.Serialise(stream, session.Version); } if (handshakeMessage.MessageType != THandshakeType.HelloVerifyRequest) { session.Handshake.UpdateHandshakeHash(record.Fragment); } if (session.Cipher != null) { long sequenceNumber = ((long)record.Epoch << 48) + record.SequenceNumber; record.Fragment = session.Cipher.EncodePlaintext(sequenceNumber, (byte)TRecordType.Handshake, record.Fragment, 0, record.Fragment.Length); } return record; }
private void ProcessHandshake(DTLSRecord record) { byte[] data; if (_EncyptedServerEpoch.HasValue && (_EncyptedServerEpoch.Value == record.Epoch)) { int count = 0; while ((_Cipher == null) && (count < 500)) { System.Threading.Thread.Sleep(10); count++; } if (_Cipher == null) { throw new Exception(); } if (_Cipher != null) { long sequenceNumber = ((long)record.Epoch << 48) + record.SequenceNumber; data = _Cipher.DecodeCiphertext(sequenceNumber, (byte)TRecordType.Handshake, record.Fragment, 0, record.Fragment.Length); } else { data = record.Fragment; } } else { data = record.Fragment; } using (MemoryStream stream = new MemoryStream(data)) { HandshakeRecord handshakeRecord = HandshakeRecord.Deserialise(stream); if (handshakeRecord != null) { #if DEBUG Console.WriteLine(handshakeRecord.MessageType.ToString()); #endif switch (handshakeRecord.MessageType) { case THandshakeType.HelloRequest: break; case THandshakeType.ClientHello: break; case THandshakeType.ServerHello: ServerHello serverHello = ServerHello.Deserialise(stream); if (serverHello != null) { _ServerEpoch = record.Epoch; _HandshakeInfo.UpdateHandshakeHash(data); _HandshakeInfo.CipherSuite = (TCipherSuite)serverHello.CipherSuite; _HandshakeInfo.ServerRandom = serverHello.Random; Version version = SupportedVersion; if (serverHello.ServerVersion < version) { version = serverHello.ServerVersion; } _Version = version; } break; case THandshakeType.HelloVerifyRequest: HelloVerifyRequest helloVerifyRequest = HelloVerifyRequest.Deserialise(stream); if (helloVerifyRequest != null) { _Version = helloVerifyRequest.ServerVersion; SendHello(helloVerifyRequest.Cookie); } break; case THandshakeType.Certificate: _HandshakeInfo.UpdateHandshakeHash(data); break; case THandshakeType.ServerKeyExchange: _HandshakeInfo.UpdateHandshakeHash(data); TKeyExchangeAlgorithm keyExchangeAlgorithm = CipherSuites.GetKeyExchangeAlgorithm(_HandshakeInfo.CipherSuite); byte[] preMasterSecret = null; IKeyExchange keyExchange = null; if (keyExchangeAlgorithm == TKeyExchangeAlgorithm.ECDHE_ECDSA) { ECDHEServerKeyExchange serverKeyExchange = ECDHEServerKeyExchange.Deserialise(stream, _Version); ECDHEKeyExchange keyExchangeECDHE = new ECDHEKeyExchange { CipherSuite = _HandshakeInfo.CipherSuite, Curve = serverKeyExchange.EllipticCurve, KeyExchangeAlgorithm = keyExchangeAlgorithm, ClientRandom = _HandshakeInfo.ClientRandom, ServerRandom = _HandshakeInfo.ServerRandom }; keyExchangeECDHE.GenerateEphemeralKey(); ECDHEClientKeyExchange clientKeyExchange = new ECDHEClientKeyExchange(keyExchangeECDHE.PublicKey); _ClientKeyExchange = clientKeyExchange; preMasterSecret = keyExchangeECDHE.GetPreMasterSecret(serverKeyExchange.PublicKeyBytes); keyExchange = keyExchangeECDHE; } else if (keyExchangeAlgorithm == TKeyExchangeAlgorithm.ECDHE_PSK) { ECDHEPSKServerKeyExchange serverKeyExchange = ECDHEPSKServerKeyExchange.Deserialise(stream, _Version); ECDHEKeyExchange keyExchangeECDHE = new ECDHEKeyExchange { CipherSuite = _HandshakeInfo.CipherSuite, Curve = serverKeyExchange.EllipticCurve, KeyExchangeAlgorithm = keyExchangeAlgorithm, ClientRandom = _HandshakeInfo.ClientRandom, ServerRandom = _HandshakeInfo.ServerRandom }; keyExchangeECDHE.GenerateEphemeralKey(); ECDHEPSKClientKeyExchange clientKeyExchange = new ECDHEPSKClientKeyExchange(keyExchangeECDHE.PublicKey); if (serverKeyExchange.PSKIdentityHint != null) { byte[] key = _PSKIdentities.GetKey(serverKeyExchange.PSKIdentityHint); if (key != null) { _PSKIdentity = new PSKIdentity() { Identity = serverKeyExchange.PSKIdentityHint, Key = key } } ; } if (_PSKIdentity == null) { _PSKIdentity = _PSKIdentities.GetRandom(); } clientKeyExchange.PSKIdentity = _PSKIdentity.Identity; _ClientKeyExchange = clientKeyExchange; byte[] otherSecret = keyExchangeECDHE.GetPreMasterSecret(serverKeyExchange.PublicKeyBytes); preMasterSecret = TLSUtils.GetPSKPreMasterSecret(otherSecret, _PSKIdentity.Key); keyExchange = keyExchangeECDHE; } else if (keyExchangeAlgorithm == TKeyExchangeAlgorithm.PSK) { PSKServerKeyExchange serverKeyExchange = PSKServerKeyExchange.Deserialise(stream, _Version); PSKClientKeyExchange clientKeyExchange = new PSKClientKeyExchange(); if (serverKeyExchange.PSKIdentityHint != null) { byte[] key = _PSKIdentities.GetKey(serverKeyExchange.PSKIdentityHint); if (key != null) { _PSKIdentity = new PSKIdentity() { Identity = serverKeyExchange.PSKIdentityHint, Key = key } } ; } if (_PSKIdentity == null) { _PSKIdentity = _PSKIdentities.GetRandom(); } byte[] otherSecret = new byte[_PSKIdentity.Key.Length]; clientKeyExchange.PSKIdentity = _PSKIdentity.Identity; _ClientKeyExchange = clientKeyExchange; preMasterSecret = TLSUtils.GetPSKPreMasterSecret(otherSecret, _PSKIdentity.Key); } _Cipher = TLSUtils.AssignCipher(preMasterSecret, true, _Version, _HandshakeInfo); break; case THandshakeType.CertificateRequest: _HandshakeInfo.UpdateHandshakeHash(data); _SendCertificate = true; break; case THandshakeType.ServerHelloDone: _HandshakeInfo.UpdateHandshakeHash(data); if (_Cipher == null) { keyExchangeAlgorithm = CipherSuites.GetKeyExchangeAlgorithm(_HandshakeInfo.CipherSuite); if (keyExchangeAlgorithm == TKeyExchangeAlgorithm.PSK) { PSKClientKeyExchange clientKeyExchange = new PSKClientKeyExchange(); _PSKIdentity = _PSKIdentities.GetRandom(); byte[] otherSecret = new byte[_PSKIdentity.Key.Length]; clientKeyExchange.PSKIdentity = _PSKIdentity.Identity; _ClientKeyExchange = clientKeyExchange; preMasterSecret = TLSUtils.GetPSKPreMasterSecret(otherSecret, _PSKIdentity.Key); _Cipher = TLSUtils.AssignCipher(preMasterSecret, true, _Version, _HandshakeInfo); } } if (_SendCertificate) { SendHandshakeMessage(_Certificate, false); } SendHandshakeMessage(_ClientKeyExchange, false); if (_SendCertificate) { CertificateVerify certificateVerify = new CertificateVerify(); byte[] signatureHash = _HandshakeInfo.GetHash(); certificateVerify.SignatureHashAlgorithm = new SignatureHashAlgorithm() { Signature = TSignatureAlgorithm.ECDSA, Hash = THashAlgorithm.SHA256 }; certificateVerify.Signature = TLSUtils.Sign(_PrivateKey, true, _Version, _HandshakeInfo, certificateVerify.SignatureHashAlgorithm, signatureHash); SendHandshakeMessage(certificateVerify, false); } SendChangeCipherSpec(); byte[] handshakeHash = _HandshakeInfo.GetHash(); Finished finished = new Finished { VerifyData = TLSUtils.GetVerifyData(_Version, _HandshakeInfo, true, true, handshakeHash) }; SendHandshakeMessage(finished, true); #if DEBUG Console.Write($"Handshake Hash: {TLSUtils.WriteToString(handshakeHash)}"); Console.Write($"Sent Verify: {TLSUtils.WriteToString(finished.VerifyData)}"); #endif break; case THandshakeType.CertificateVerify: break; case THandshakeType.ClientKeyExchange: break; case THandshakeType.Finished: Finished serverFinished = Finished.Deserialise(stream); handshakeHash = _HandshakeInfo.GetHash(); byte[] calculatedVerifyData = TLSUtils.GetVerifyData(_Version, _HandshakeInfo, true, false, handshakeHash); #if DEBUG Console.Write("$Recieved Verify: {TLSUtils.WriteToString(serverFinished.VerifyData)}"); Console.Write($"Calc Verify: {TLSUtils.WriteToString(calculatedVerifyData)}"); #endif if (TLSUtils.ByteArrayCompare(serverFinished.VerifyData, calculatedVerifyData)) { #if DEBUG Console.WriteLine("Handshake Complete"); #endif _Connected.Set(); } break; default: break; } } } }
private void ProcessHandshake(DTLSRecord record) { byte[] data; if (_EncyptedServerEpoch.HasValue && (_EncyptedServerEpoch.Value == record.Epoch)) { int count = 0; while ((_Cipher == null) && (count < 500)) { System.Threading.Thread.Sleep(10); count++; } if (_Cipher == null) throw new Exception(); if (_Cipher != null) { long sequenceNumber = ((long)record.Epoch << 48) + record.SequenceNumber; data = _Cipher.DecodeCiphertext(sequenceNumber, (byte)TRecordType.Handshake, record.Fragment, 0, record.Fragment.Length); } else data = record.Fragment; } else data = record.Fragment; using (MemoryStream stream = new MemoryStream(data)) { HandshakeRecord handshakeRecord = HandshakeRecord.Deserialise(stream); if (handshakeRecord != null) { #if DEBUG Console.WriteLine(handshakeRecord.MessageType.ToString()); #endif switch (handshakeRecord.MessageType) { case THandshakeType.HelloRequest: break; case THandshakeType.ClientHello: break; case THandshakeType.ServerHello: ServerHello serverHello = ServerHello.Deserialise(stream); if (serverHello != null) { _ServerEpoch = record.Epoch; _HandshakeInfo.UpdateHandshakeHash(data); _HandshakeInfo.CipherSuite = (TCipherSuite)serverHello.CipherSuite; _HandshakeInfo.ServerRandom = serverHello.Random; Version version = SupportedVersion; if (serverHello.ServerVersion < version) version = serverHello.ServerVersion; _Version = version; } break; case THandshakeType.HelloVerifyRequest: HelloVerifyRequest helloVerifyRequest = HelloVerifyRequest.Deserialise(stream); if (helloVerifyRequest != null) { _Version = helloVerifyRequest.ServerVersion; SendHello(helloVerifyRequest.Cookie); } break; case THandshakeType.Certificate: _HandshakeInfo.UpdateHandshakeHash(data); break; case THandshakeType.ServerKeyExchange: _HandshakeInfo.UpdateHandshakeHash(data); TKeyExchangeAlgorithm keyExchangeAlgorithm = CipherSuites.GetKeyExchangeAlgorithm(_HandshakeInfo.CipherSuite); byte[] preMasterSecret = null; IKeyExchange keyExchange = null; if (keyExchangeAlgorithm == TKeyExchangeAlgorithm.ECDHE_ECDSA) { ECDHEServerKeyExchange serverKeyExchange = ECDHEServerKeyExchange.Deserialise(stream, _Version); ECDHEKeyExchange keyExchangeECDHE = new ECDHEKeyExchange(); keyExchangeECDHE.CipherSuite = _HandshakeInfo.CipherSuite; keyExchangeECDHE.Curve = serverKeyExchange.EllipticCurve; keyExchangeECDHE.KeyExchangeAlgorithm = keyExchangeAlgorithm; keyExchangeECDHE.ClientRandom = _HandshakeInfo.ClientRandom; keyExchangeECDHE.ServerRandom = _HandshakeInfo.ServerRandom; keyExchangeECDHE.GenerateEphemeralKey(); ECDHEClientKeyExchange clientKeyExchange = new ECDHEClientKeyExchange(keyExchangeECDHE.PublicKey); _ClientKeyExchange = clientKeyExchange; preMasterSecret = keyExchangeECDHE.GetPreMasterSecret(serverKeyExchange.PublicKeyBytes); keyExchange = keyExchangeECDHE; } else if (keyExchangeAlgorithm == TKeyExchangeAlgorithm.ECDHE_PSK) { ECDHEPSKServerKeyExchange serverKeyExchange = ECDHEPSKServerKeyExchange.Deserialise(stream, _Version); ECDHEKeyExchange keyExchangeECDHE = new ECDHEKeyExchange(); keyExchangeECDHE.CipherSuite = _HandshakeInfo.CipherSuite; keyExchangeECDHE.Curve = serverKeyExchange.EllipticCurve; keyExchangeECDHE.KeyExchangeAlgorithm = keyExchangeAlgorithm; keyExchangeECDHE.ClientRandom = _HandshakeInfo.ClientRandom; keyExchangeECDHE.ServerRandom = _HandshakeInfo.ServerRandom; keyExchangeECDHE.GenerateEphemeralKey(); ECDHEPSKClientKeyExchange clientKeyExchange = new ECDHEPSKClientKeyExchange(keyExchangeECDHE.PublicKey); if (serverKeyExchange.PSKIdentityHint != null) { byte[] key = _PSKIdentities.GetKey(serverKeyExchange.PSKIdentityHint); if (key != null) _PSKIdentity = new PSKIdentity() { Identity = serverKeyExchange.PSKIdentityHint, Key = key }; } if (_PSKIdentity == null) _PSKIdentity = _PSKIdentities.GetRandom(); clientKeyExchange.PSKIdentity = _PSKIdentity.Identity; _ClientKeyExchange = clientKeyExchange; byte[] otherSecret = keyExchangeECDHE.GetPreMasterSecret(serverKeyExchange.PublicKeyBytes); preMasterSecret = TLSUtils.GetPSKPreMasterSecret(otherSecret, _PSKIdentity.Key); keyExchange = keyExchangeECDHE; } else if (keyExchangeAlgorithm == TKeyExchangeAlgorithm.PSK) { PSKServerKeyExchange serverKeyExchange = PSKServerKeyExchange.Deserialise(stream, _Version); PSKClientKeyExchange clientKeyExchange = new PSKClientKeyExchange(); if (serverKeyExchange.PSKIdentityHint != null) { byte[] key = _PSKIdentities.GetKey(serverKeyExchange.PSKIdentityHint); if (key != null) _PSKIdentity = new PSKIdentity() { Identity = serverKeyExchange.PSKIdentityHint, Key = key }; } if (_PSKIdentity == null) _PSKIdentity = _PSKIdentities.GetRandom(); byte[] otherSecret = new byte[_PSKIdentity.Key.Length]; clientKeyExchange.PSKIdentity = _PSKIdentity.Identity; _ClientKeyExchange = clientKeyExchange; preMasterSecret = TLSUtils.GetPSKPreMasterSecret(otherSecret, _PSKIdentity.Key); } _Cipher = TLSUtils.AssignCipher(preMasterSecret, true, _Version, _HandshakeInfo); break; case THandshakeType.CertificateRequest: _HandshakeInfo.UpdateHandshakeHash(data); _SendCertificate = true; break; case THandshakeType.ServerHelloDone: _HandshakeInfo.UpdateHandshakeHash(data); if (_Cipher == null) { keyExchangeAlgorithm = CipherSuites.GetKeyExchangeAlgorithm(_HandshakeInfo.CipherSuite); if (keyExchangeAlgorithm == TKeyExchangeAlgorithm.PSK) { PSKClientKeyExchange clientKeyExchange = new PSKClientKeyExchange(); _PSKIdentity = _PSKIdentities.GetRandom(); byte[] otherSecret = new byte[_PSKIdentity.Key.Length]; clientKeyExchange.PSKIdentity = _PSKIdentity.Identity; _ClientKeyExchange = clientKeyExchange; preMasterSecret = TLSUtils.GetPSKPreMasterSecret(otherSecret, _PSKIdentity.Key); _Cipher = TLSUtils.AssignCipher(preMasterSecret, true, _Version, _HandshakeInfo); } } if (_SendCertificate) { SendHandshakeMessage(_Certificate, false); } SendHandshakeMessage(_ClientKeyExchange, false); if (_SendCertificate) { CertificateVerify certificateVerify = new CertificateVerify(); byte[] signatureHash = _HandshakeInfo.GetHash(); certificateVerify.SignatureHashAlgorithm = new SignatureHashAlgorithm() { Signature = TSignatureAlgorithm.ECDSA, Hash = THashAlgorithm.SHA256 }; certificateVerify.Signature = TLSUtils.Sign(_PrivateKey, true, _Version, _HandshakeInfo, certificateVerify.SignatureHashAlgorithm, signatureHash); SendHandshakeMessage(certificateVerify, false); } SendChangeCipherSpec(); byte[] handshakeHash = _HandshakeInfo.GetHash(); Finished finished = new Finished(); finished.VerifyData = TLSUtils.GetVerifyData(_Version,_HandshakeInfo,true, true, handshakeHash); SendHandshakeMessage(finished, true); #if DEBUG Console.Write("Handshake Hash:"); TLSUtils.WriteToConsole(handshakeHash); Console.Write("Sent Verify:"); TLSUtils.WriteToConsole(finished.VerifyData); #endif break; case THandshakeType.CertificateVerify: break; case THandshakeType.ClientKeyExchange: break; case THandshakeType.Finished: Finished serverFinished = Finished.Deserialise(stream); handshakeHash = _HandshakeInfo.GetHash(); byte[] calculatedVerifyData = TLSUtils.GetVerifyData(_Version,_HandshakeInfo, true, false, handshakeHash); #if DEBUG Console.Write("Recieved Verify:"); TLSUtils.WriteToConsole(serverFinished.VerifyData); Console.Write("Calc Verify:"); TLSUtils.WriteToConsole(calculatedVerifyData); #endif if (TLSUtils.ByteArrayCompare(serverFinished.VerifyData, calculatedVerifyData)) { #if DEBUG Console.WriteLine("Handshake Complete"); #endif _Connected.Set(); } break; default: break; } } } }
private void SendResponse(Session session, IHandshakeMessage handshakeMessage, ushort messageSequence) { int size = handshakeMessage.CalculateSize(session.Version); int maxPayloadSize = _MaxPacketSize - DTLSRecord.RECORD_OVERHEAD + HandshakeRecord.RECORD_OVERHEAD; if (size > maxPayloadSize) { } else { DTLSRecord record = new DTLSRecord(); record.RecordType = TRecordType.Handshake; record.Epoch = session.Epoch; record.SequenceNumber = session.NextSequenceNumber(); record.Fragment = new byte[HandshakeRecord.RECORD_OVERHEAD + size]; if (session.Version != null) record.Version = session.Version; HandshakeRecord handshakeRecord = new HandshakeRecord(); handshakeRecord.MessageType = handshakeMessage.MessageType; handshakeRecord.MessageSeq = messageSequence; handshakeRecord.Length = (uint)size; handshakeRecord.FragmentLength = (uint)size; using (MemoryStream stream = new MemoryStream(record.Fragment)) { handshakeRecord.Serialise(stream); handshakeMessage.Serialise(stream, session.Version); } if (handshakeMessage.MessageType != THandshakeType.HelloVerifyRequest) { session.Handshake.UpdateHandshakeHash(record.Fragment); } int responseSize = DTLSRecord.RECORD_OVERHEAD + HandshakeRecord.RECORD_OVERHEAD + size; if (session.Cipher != null) { long sequenceNumber = ((long)record.Epoch << 48) + record.SequenceNumber; record.Fragment = session.Cipher.EncodePlaintext(sequenceNumber, (byte)TRecordType.Handshake, record.Fragment, 0, record.Fragment.Length); responseSize = DTLSRecord.RECORD_OVERHEAD + record.Fragment.Length; } byte[] response = new byte[responseSize]; using (MemoryStream stream = new MemoryStream(response)) { record.Serialise(stream); } SocketAsyncEventArgs parameters = new SocketAsyncEventArgs() { RemoteEndPoint = session.RemoteEndPoint }; parameters.SetBuffer(response, 0, responseSize); _Socket.SendToAsync(parameters); } }
private void SendResponse(Session session, IHandshakeMessage handshakeMessage, ushort messageSequence) { if (session == null) { throw new ArgumentNullException(nameof(session)); } if (handshakeMessage == null) { throw new ArgumentNullException(nameof(handshakeMessage)); } var size = handshakeMessage.CalculateSize(session.Version); var maxPayloadSize = this._MaxPacketSize - DTLSRecord.RECORD_OVERHEAD + HandshakeRecord.RECORD_OVERHEAD; if (size > maxPayloadSize) { //fragments return; } var record = new DTLSRecord { RecordType = TRecordType.Handshake, Epoch = session.Epoch, SequenceNumber = session.NextSequenceNumber(), Fragment = new byte[HandshakeRecord.RECORD_OVERHEAD + size] }; if (session.Version != null) { record.Version = session.Version; } var handshakeRecord = new HandshakeRecord { MessageType = handshakeMessage.MessageType, MessageSeq = messageSequence, Length = (uint)size, FragmentLength = (uint)size }; using (var stream = new MemoryStream(record.Fragment)) { handshakeRecord.Serialise(stream); handshakeMessage.Serialise(stream, session.Version); } if (handshakeMessage.MessageType != THandshakeType.HelloVerifyRequest) { session.Handshake.UpdateHandshakeHash(record.Fragment); } var responseSize = DTLSRecord.RECORD_OVERHEAD + HandshakeRecord.RECORD_OVERHEAD + size; if (session.Cipher != null) { var sequenceNumber = ((long)record.Epoch << 48) + record.SequenceNumber; record.Fragment = session.Cipher.EncodePlaintext(sequenceNumber, (byte)TRecordType.Handshake, record.Fragment, 0, record.Fragment.Length); responseSize = DTLSRecord.RECORD_OVERHEAD + record.Fragment.Length; } var response = new byte[responseSize]; using (var stream = new MemoryStream(response)) { record.Serialise(stream); } var parameters = new SocketAsyncEventArgs() { RemoteEndPoint = session.RemoteEndPoint }; parameters.SetBuffer(response, 0, responseSize); this._Socket.SendToAsync(parameters); }