/// <summary></summary> public DtlsOverlord(RSACryptoServiceProvider private_key, CertificateHandler ch, PType ptype) : base(private_key, ch) { _osch = ch as OpenSslCertificateHandler; if (_osch == null) { throw new Exception("CertificateHandler is invalid type: " + ch.GetType()); } _it = new IdentifierTable(); _sas_helper = new IdentifierTableAsDtlsAssociation(_it); _rwl = new ReaderWriterLock(); _sender_to_sa = new Dictionary <ISender, DtlsAssociation>(); PType = ptype; _ptype_mb = ptype.ToMemBlock(); _ctx = new SslContext(SslMethod.DTLSv1_method); _ctx.SetCertificateStore(_osch.Store); _ctx.SetVerify(VerifyMode.SSL_VERIFY_PEER | VerifyMode.SSL_VERIFY_FAIL_IF_NO_PEER_CERT, RemoteCertificateValidation); _ctx.UsePrivateKey(AsymmetricKeyToOpenSslFormat(_private_key)); _ctx.UseCertificate(_osch.LocalCertificate); _ctx.CheckPrivateKey(); _ctx.Options = SslOptions.SSL_OP_SINGLE_DH_USE; var rng = new RNGCryptoServiceProvider(); byte[] sid = new byte[4]; rng.GetBytes(sid); _ctx.SetSessionIdContext(sid); _ctx.SetCookieGenerateCallback(GenerateCookie); _ctx.SetCookieVerifyCallback(VerifyCookie); _ctx.Options = SslOptions.SSL_OP_COOKIE_EXCHANGE; UpdateCookie(); }