Using DTLS within Dart

Question

I am working on a Flutter application which needs to communicate using DTLS. As far as I can see there is no current support for DTLS in the Dart APIs, only TLS.

Can anyone recommend what I can do? Perhaps just the high-level steps on how to get a Flutter application to communicate in DTLS? Any tips on what I should watch out for?

Thanks!

Answer 1

Pure dart dtls implementation: https://github.com/KellyKinyama/dartls/tree/master/lib/src/dtls/examples/server You can it currently support 3 ciphers and dtls servers. You can use use it implement dtls servers, dtls clients.Kindly check the example folder to see the use cases

Answer 2

I wrote a DTLS server ten years ago in Java (before there was support in Bouncy Castle), and I've ported a lot of my Java code to Dart over the last few years (but not DTLS!).

I had a quick look through the server code for what the biggest gotchas might be in a pure Dart implementation (of a client - hope that's a correct assumption). Two immediate difficulties seem to be parsing the server's certificate chain (DER decode to get to a usable RSA public key) and then using that RSA key to encrypt the pre-master-secret. (There's an old implementation of RSA in pub, but I couldn't find any ASN/DER libraries to help with the certificates.) Validating the root CA certificate would be tricky without access to a trust store.

Most of the other stuff like random number generation (how secure?), SHA/MD5 hashing, serialization to/from network byte order, handling timers are doable.

All in all, given the support in BC, Rémi is correct to suggest a platform channel to Java.