Skip to content
/ DTLS Public

High-performance DTLS for .NET

License

MIT license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

HMBSbige/DTLS

BranchesTags

Repository files navigation

DTLS

NuGet

High-performance DTLS (Datagram Transport Layer Security) library for .NET, powered by a native Rust backend.

  • Sans-I/O design for maximum flexibility
  • AOT compatible
  • DTLS 1.2 / 1.3 support

Usage

Client

DtlsClientOptions options = new()
{
    ServerName = "example.com",
    RemoteCertificateValidation = (cert, chain, errors) => true,
};

await using DtlsTransport transport = await DtlsTransport.CreateClientAsync(udpTransport, options);
await transport.HandshakeAsync();

await transport.SendAsync(data);
int bytesRead = await transport.ReceiveAsync(buffer);

Server

DtlsServerOptions options = new()
{
    Certificate = serverCert,
};

await using DtlsTransport transport = await DtlsTransport.CreateServerAsync(udpTransport, options);
await transport.HandshakeAsync();

int bytesRead = await transport.ReceiveAsync(buffer);
await transport.SendAsync(response);

API

IDatagramTransport

Low-level datagram transport abstraction that preserves message boundaries.

public interface IDatagramTransport
{
    ValueTask<int> ReceiveAsync(Memory<byte> buffer, CancellationToken cancellationToken = default);
    ValueTask SendAsync(ReadOnlyMemory<byte> datagram, CancellationToken cancellationToken = default);
}

DtlsTransport

Async I/O wrapper that bridges the sans-I/O protocol engine with an IDatagramTransport.

Method Description
CreateClientAsync Create a DTLS client
CreateServerAsync Create a DTLS server
HandshakeAsync Perform DTLS handshake
SendAsync Send encrypted datagram
ReceiveAsync Receive decrypted datagram

DtlsSession

Sans-I/O DTLS protocol engine for advanced scenarios.

Method Description
CreateClient Create a client session
CreateServer Create a server session
Feed Feed received data into the engine
HandleTimeout Handle retransmission timeout
Send Encrypt plaintext into output
TryReceive Try to read decrypted application data
VerifyPeer Verify peer certificate

Options

DtlsClientOptions — Client configuration:

Property Description
ServerName Required. Server hostname for SNI
ClientCertificate Optional client certificate
RemoteCertificateValidation Custom certificate validation callback
HandshakeTimeout Handshake timeout (default 15s)
Version SSL/TLS protocol version

DtlsServerOptions — Server configuration:

Property Description
Certificate Required. Server certificate with private key
RemoteCertificateValidation Custom certificate validation callback
HandshakeTimeout Handshake timeout (default 15s)
Version SSL/TLS protocol version
RequireClientCertificate Whether to require client certificate

License

MIT

About

High-performance DTLS for .NET

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases 1

0.1.0 Latest
Feb 27, 2026

Packages

 
 
 

Contributors

Languages