/// <summary></summary>
public DtlsOverlord(RSACryptoServiceProvider private_key,
CertificateHandler ch, PType ptype) : base(private_key, ch)
{
_osch = ch as OpenSslCertificateHandler;
if (_osch == null)
{
throw new Exception("CertificateHandler is invalid type: " + ch.GetType());
}
_it = new IdentifierTable();
_sas_helper = new IdentifierTableAsDtlsAssociation(_it);
_rwl = new ReaderWriterLock();
_sender_to_sa = new Dictionary <ISender, DtlsAssociation>();
PType = ptype;
_ptype_mb = ptype.ToMemBlock();
_ctx = new SslContext(SslMethod.DTLSv1_method);
_ctx.SetCertificateStore(_osch.Store);
_ctx.SetVerify(VerifyMode.SSL_VERIFY_PEER |
VerifyMode.SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
RemoteCertificateValidation);
_ctx.UsePrivateKey(AsymmetricKeyToOpenSslFormat(_private_key));
_ctx.UseCertificate(_osch.LocalCertificate);
_ctx.CheckPrivateKey();
_ctx.Options = SslOptions.SSL_OP_SINGLE_DH_USE;
var rng = new RNGCryptoServiceProvider();
byte[] sid = new byte[4];
rng.GetBytes(sid);
_ctx.SetSessionIdContext(sid);
_ctx.SetCookieGenerateCallback(GenerateCookie);
_ctx.SetCookieVerifyCallback(VerifyCookie);
_ctx.Options = SslOptions.SSL_OP_COOKIE_EXCHANGE;
UpdateCookie();
}
