/// <summary> /// Called by servers to authenticate the server and optionally the client in /// a client-server connection using the specified certificate. /// </summary> /// <param name="cert">The certificate used to authenticate the server.</param> private void AuthenticateAsServer(object cert) { if (cert is X509Certificate) { dtlsServerContext = new DtlsServerSecurityContext( SecurityPackageType.Schannel, new CertificateCredential((X509Certificate)cert), null, ServerSecurityContextAttribute.ReplayDetect | ServerSecurityContextAttribute.SequenceDetect | ServerSecurityContextAttribute.Confidentiality | ServerSecurityContextAttribute.ExtendedError | ServerSecurityContextAttribute.AllocMemory | ServerSecurityContextAttribute.Datagram, SecurityTargetDataRepresentation.SecurityNativeDrep); try { // First accept. byte[] clientToken = this.GetReceivedData(this.timeout); dtlsServerContext.Accept(clientToken); this.SendData(dtlsServerContext.Token); while (dtlsServerContext.NeedContinueProcessing) { if (dtlsServerContext.HasMoreFragments) { dtlsServerContext.Accept(null); } else { clientToken = this.GetReceivedData(this.timeout); dtlsServerContext.Accept(clientToken); } if (dtlsServerContext.Token != null) { this.SendData(dtlsServerContext.Token); } } isAuthenticated = true; dtlsStreamSizes = dtlsServerContext.StreamSizes; } catch { // Don't throw exception in ThreadPool thread } } }
/// <summary> /// Called by clients to authenticate the server and optionally the client in /// a client-server connection. /// </summary> /// <param name="targetHost">The name of the server that share this connection.</param> public void AuthenticateAsClient(object targetHost) { if (targetHost is string) { dtlsClientContext = new DtlsClientSecurityContext( SecurityPackageType.Schannel, null, (string)targetHost, ClientSecurityContextAttribute.ReplayDetect | ClientSecurityContextAttribute.SequenceDetect | ClientSecurityContextAttribute.Confidentiality | ClientSecurityContextAttribute.ExtendedError | ClientSecurityContextAttribute.AllocMemory | ClientSecurityContextAttribute.Datagram | ClientSecurityContextAttribute.UseSuppliedCreds, SecurityTargetDataRepresentation.SecurityNativeDrep); try { // First Initialize. byte[] serverToken = null; dtlsClientContext.Initialize(serverToken); this.SendData(dtlsClientContext.Token); while (dtlsClientContext.NeedContinueProcessing) { if (dtlsClientContext.HasMoreFragments) { dtlsClientContext.Initialize(null); } else { serverToken = this.GetReceivedData(this.timeout); dtlsClientContext.Initialize(serverToken); } if (dtlsClientContext.Token != null) { this.SendData(dtlsClientContext.Token); } } isAuthenticated = true; dtlsStreamSizes = dtlsClientContext.StreamSizes; } catch { // Don't throw exception in ThreadPool thread } } }