@agentdance/node-webrtc-dtls 1.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/certificate.d.ts +31 -0
- package/dist/certificate.d.ts.map +1 -0
- package/dist/certificate.js +199 -0
- package/dist/certificate.js.map +1 -0
- package/dist/crypto.d.ts +89 -0
- package/dist/crypto.d.ts.map +1 -0
- package/dist/crypto.js +193 -0
- package/dist/crypto.js.map +1 -0
- package/dist/handshake.d.ts +113 -0
- package/dist/handshake.d.ts.map +1 -0
- package/dist/handshake.js +420 -0
- package/dist/handshake.js.map +1 -0
- package/dist/index.d.ts +8 -0
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +10 -0
- package/dist/index.js.map +1 -0
- package/dist/record.d.ts +19 -0
- package/dist/record.d.ts.map +1 -0
- package/dist/record.js +108 -0
- package/dist/record.js.map +1 -0
- package/dist/state.d.ts +44 -0
- package/dist/state.d.ts.map +1 -0
- package/dist/state.js +10 -0
- package/dist/state.js.map +1 -0
- package/dist/transport.d.ts +87 -0
- package/dist/transport.d.ts.map +1 -0
- package/dist/transport.js +559 -0
- package/dist/transport.js.map +1 -0
- package/dist/types.d.ts +51 -0
- package/dist/types.d.ts.map +1 -0
- package/dist/types.js +44 -0
- package/dist/types.js.map +1 -0
- package/package.json +56 -0
- package/src/certificate.ts +253 -0
- package/src/crypto.ts +279 -0
- package/src/handshake.ts +544 -0
- package/src/index.ts +72 -0
- package/src/record.ts +127 -0
- package/src/state.ts +59 -0
- package/src/transport.ts +692 -0
- package/src/types.ts +57 -0
|
@@ -0,0 +1,31 @@
|
|
|
1
|
+
import * as crypto from 'node:crypto';
|
|
2
|
+
export interface DtlsCertificate {
|
|
3
|
+
cert: Buffer;
|
|
4
|
+
privateKey: crypto.KeyObject;
|
|
5
|
+
fingerprint: {
|
|
6
|
+
algorithm: 'sha-256';
|
|
7
|
+
value: string;
|
|
8
|
+
};
|
|
9
|
+
}
|
|
10
|
+
/**
|
|
11
|
+
* Compute SHA-256 fingerprint of a DER certificate.
|
|
12
|
+
* Returns colon-separated uppercase hex, e.g. "AA:BB:CC:..."
|
|
13
|
+
*/
|
|
14
|
+
export declare function computeFingerprint(certDer: Buffer): string;
|
|
15
|
+
/**
|
|
16
|
+
* Verify that a DER certificate matches the expected fingerprint.
|
|
17
|
+
*/
|
|
18
|
+
export declare function verifyFingerprint(certDer: Buffer, expected: {
|
|
19
|
+
algorithm: string;
|
|
20
|
+
value: string;
|
|
21
|
+
}): boolean;
|
|
22
|
+
/**
|
|
23
|
+
* Generate a self-signed ECDSA (P-256) certificate for use in DTLS.
|
|
24
|
+
*/
|
|
25
|
+
export declare function generateSelfSignedCertificate(): DtlsCertificate;
|
|
26
|
+
/**
|
|
27
|
+
* Extract public key from DER-encoded certificate.
|
|
28
|
+
* Parses the SubjectPublicKeyInfo to get the EC public key.
|
|
29
|
+
*/
|
|
30
|
+
export declare function extractPublicKeyFromCert(certDer: Buffer): crypto.KeyObject;
|
|
31
|
+
//# sourceMappingURL=certificate.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"certificate.d.ts","sourceRoot":"","sources":["../src/certificate.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,MAAM,MAAM,aAAa,CAAC;AAEtC,MAAM,WAAW,eAAe;IAC9B,IAAI,EAAE,MAAM,CAAC;IACb,UAAU,EAAE,MAAM,CAAC,SAAS,CAAC;IAC7B,WAAW,EAAE;QAAE,SAAS,EAAE,SAAS,CAAC;QAAC,KAAK,EAAE,MAAM,CAAA;KAAE,CAAC;CACtD;AAgMD;;;GAGG;AACH,wBAAgB,kBAAkB,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,CAK1D;AAED;;GAEG;AACH,wBAAgB,iBAAiB,CAC/B,OAAO,EAAE,MAAM,EACf,QAAQ,EAAE;IAAE,SAAS,EAAE,MAAM,CAAC;IAAC,KAAK,EAAE,MAAM,CAAA;CAAE,GAC7C,OAAO,CAQT;AAED;;GAEG;AACH,wBAAgB,6BAA6B,IAAI,eAAe,CAW/D;AAED;;;GAGG;AACH,wBAAgB,wBAAwB,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,CAAC,SAAS,CAI1E"}
|
|
@@ -0,0 +1,199 @@
|
|
|
1
|
+
// Self-signed ECDSA certificate generation for DTLS
|
|
2
|
+
// Uses a minimal ASN.1/DER builder – no external dependencies.
|
|
3
|
+
import * as crypto from 'node:crypto';
|
|
4
|
+
// ─── ASN.1 / DER helpers ──────────────────────────────────────────────────────
|
|
5
|
+
function derLength(len) {
|
|
6
|
+
if (len < 0x80) {
|
|
7
|
+
return Buffer.from([len]);
|
|
8
|
+
}
|
|
9
|
+
else if (len < 0x100) {
|
|
10
|
+
return Buffer.from([0x81, len]);
|
|
11
|
+
}
|
|
12
|
+
else if (len < 0x10000) {
|
|
13
|
+
return Buffer.from([0x82, (len >> 8) & 0xff, len & 0xff]);
|
|
14
|
+
}
|
|
15
|
+
else {
|
|
16
|
+
return Buffer.from([
|
|
17
|
+
0x83,
|
|
18
|
+
(len >> 16) & 0xff,
|
|
19
|
+
(len >> 8) & 0xff,
|
|
20
|
+
len & 0xff,
|
|
21
|
+
]);
|
|
22
|
+
}
|
|
23
|
+
}
|
|
24
|
+
function tlv(tag, ...contents) {
|
|
25
|
+
const body = Buffer.concat(contents);
|
|
26
|
+
return Buffer.concat([Buffer.from([tag]), derLength(body.length), body]);
|
|
27
|
+
}
|
|
28
|
+
function sequence(...contents) {
|
|
29
|
+
return tlv(0x30, ...contents);
|
|
30
|
+
}
|
|
31
|
+
function set_(...contents) {
|
|
32
|
+
return tlv(0x31, ...contents);
|
|
33
|
+
}
|
|
34
|
+
function integer(bytes) {
|
|
35
|
+
// Ensure positive integer (prepend 0x00 if high bit set)
|
|
36
|
+
let val = bytes;
|
|
37
|
+
if (val[0] & 0x80) {
|
|
38
|
+
val = Buffer.concat([Buffer.from([0x00]), val]);
|
|
39
|
+
}
|
|
40
|
+
return tlv(0x02, val);
|
|
41
|
+
}
|
|
42
|
+
function integerN(n) {
|
|
43
|
+
const buf = Buffer.allocUnsafe(4);
|
|
44
|
+
buf.writeInt32BE(n, 0);
|
|
45
|
+
// Trim leading zeros but keep at least 1 byte
|
|
46
|
+
let start = 0;
|
|
47
|
+
while (start < buf.length - 1 && buf[start] === 0 && !(buf[start + 1] & 0x80)) {
|
|
48
|
+
start++;
|
|
49
|
+
}
|
|
50
|
+
return integer(buf.subarray(start));
|
|
51
|
+
}
|
|
52
|
+
function oid(dotNotation) {
|
|
53
|
+
const parts = dotNotation.split('.').map(Number);
|
|
54
|
+
// First two components encoded as 40*a + b
|
|
55
|
+
const encoded = [40 * parts[0] + parts[1]];
|
|
56
|
+
for (let i = 2; i < parts.length; i++) {
|
|
57
|
+
let n = parts[i];
|
|
58
|
+
const bytes = [];
|
|
59
|
+
bytes.push(n & 0x7f);
|
|
60
|
+
n >>= 7;
|
|
61
|
+
while (n > 0) {
|
|
62
|
+
bytes.unshift((n & 0x7f) | 0x80);
|
|
63
|
+
n >>= 7;
|
|
64
|
+
}
|
|
65
|
+
encoded.push(...bytes);
|
|
66
|
+
}
|
|
67
|
+
return tlv(0x06, Buffer.from(encoded));
|
|
68
|
+
}
|
|
69
|
+
function utf8String(s) {
|
|
70
|
+
return tlv(0x0c, Buffer.from(s, 'utf8'));
|
|
71
|
+
}
|
|
72
|
+
function utcTime(d) {
|
|
73
|
+
const pad = (n) => String(n).padStart(2, '0');
|
|
74
|
+
const y = String(d.getUTCFullYear()).slice(2);
|
|
75
|
+
const str = y +
|
|
76
|
+
pad(d.getUTCMonth() + 1) +
|
|
77
|
+
pad(d.getUTCDate()) +
|
|
78
|
+
pad(d.getUTCHours()) +
|
|
79
|
+
pad(d.getUTCMinutes()) +
|
|
80
|
+
pad(d.getUTCSeconds()) +
|
|
81
|
+
'Z';
|
|
82
|
+
return tlv(0x17, Buffer.from(str, 'ascii'));
|
|
83
|
+
}
|
|
84
|
+
function bitString(bytes, unusedBits = 0) {
|
|
85
|
+
return tlv(0x03, Buffer.from([unusedBits]), bytes);
|
|
86
|
+
}
|
|
87
|
+
function octetString(bytes) {
|
|
88
|
+
return tlv(0x04, bytes);
|
|
89
|
+
}
|
|
90
|
+
function contextTag(n, ...contents) {
|
|
91
|
+
return tlv(0xa0 | n, ...contents);
|
|
92
|
+
}
|
|
93
|
+
// ─── Known OIDs ───────────────────────────────────────────────────────────────
|
|
94
|
+
// ecPublicKey: 1.2.840.10045.2.1
|
|
95
|
+
const OID_EC_PUBLIC_KEY = oid('1.2.840.10045.2.1');
|
|
96
|
+
// secp256r1 / P-256: 1.2.840.10045.3.1.7
|
|
97
|
+
const OID_P256 = oid('1.2.840.10045.3.1.7');
|
|
98
|
+
// ecdsa-with-SHA256: 1.2.840.10045.4.3.2
|
|
99
|
+
const OID_ECDSA_SHA256 = oid('1.2.840.10045.4.3.2');
|
|
100
|
+
// commonName: 2.5.4.3
|
|
101
|
+
const OID_COMMON_NAME = oid('2.5.4.3');
|
|
102
|
+
// subjectKeyIdentifier: 2.5.29.14
|
|
103
|
+
const OID_SKI = oid('2.5.29.14');
|
|
104
|
+
// ─── Certificate builder ──────────────────────────────────────────────────────
|
|
105
|
+
/**
|
|
106
|
+
* Build a self-signed X.509 certificate in DER format.
|
|
107
|
+
* Uses ECDSA P-256 with SHA-256.
|
|
108
|
+
*/
|
|
109
|
+
function buildSelfSignedCert(keyPair, commonNameValue, validityDays) {
|
|
110
|
+
// Export public key as uncompressed EC point
|
|
111
|
+
const jwk = keyPair.publicKey.export({ format: 'jwk' });
|
|
112
|
+
if (!jwk.x || !jwk.y)
|
|
113
|
+
throw new Error('Not an EC key pair');
|
|
114
|
+
const x = Buffer.from(jwk.x, 'base64url');
|
|
115
|
+
const y = Buffer.from(jwk.y, 'base64url');
|
|
116
|
+
const coordSize = 32;
|
|
117
|
+
const xPad = Buffer.alloc(coordSize);
|
|
118
|
+
const yPad = Buffer.alloc(coordSize);
|
|
119
|
+
x.copy(xPad, coordSize - x.length);
|
|
120
|
+
y.copy(yPad, coordSize - y.length);
|
|
121
|
+
const ecPoint = Buffer.concat([Buffer.from([0x04]), xPad, yPad]);
|
|
122
|
+
// Dates
|
|
123
|
+
const now = new Date();
|
|
124
|
+
const notBefore = new Date(now.getTime() - 60000); // 1 min ago
|
|
125
|
+
const notAfter = new Date(now.getTime() + validityDays * 86400000);
|
|
126
|
+
// Serial number (random 8 bytes)
|
|
127
|
+
const serialBytes = crypto.randomBytes(8);
|
|
128
|
+
// Ensure positive (clear high bit)
|
|
129
|
+
serialBytes[0] = serialBytes[0] & 0x7f;
|
|
130
|
+
// Subject / Issuer RDN: CN=<commonName>
|
|
131
|
+
const rdn = sequence(set_(sequence(OID_COMMON_NAME, utf8String(commonNameValue))));
|
|
132
|
+
// SubjectPublicKeyInfo
|
|
133
|
+
const spki = sequence(sequence(OID_EC_PUBLIC_KEY, OID_P256), bitString(ecPoint));
|
|
134
|
+
// Subject key identifier extension
|
|
135
|
+
const skiValue = crypto.createHash('sha1').update(ecPoint).digest();
|
|
136
|
+
const skiExtension = sequence(OID_SKI, octetString(octetString(skiValue)));
|
|
137
|
+
const extensions = contextTag(3, sequence(skiExtension));
|
|
138
|
+
// TBSCertificate
|
|
139
|
+
const tbs = sequence(contextTag(0, integerN(2)), // version: v3
|
|
140
|
+
integer(serialBytes), // serialNumber
|
|
141
|
+
sequence(OID_ECDSA_SHA256), // signature algorithm
|
|
142
|
+
rdn, // issuer
|
|
143
|
+
sequence(utcTime(notBefore), utcTime(notAfter)), // validity
|
|
144
|
+
rdn, // subject
|
|
145
|
+
spki, // subjectPublicKeyInfo
|
|
146
|
+
extensions);
|
|
147
|
+
// Sign TBSCertificate
|
|
148
|
+
const signature = crypto.sign('sha256', tbs, keyPair.privateKey);
|
|
149
|
+
// Certificate = SEQUENCE { tbs, algorithm, signature }
|
|
150
|
+
const cert = sequence(tbs, sequence(OID_ECDSA_SHA256), bitString(signature));
|
|
151
|
+
return cert;
|
|
152
|
+
}
|
|
153
|
+
// ─── Public API ───────────────────────────────────────────────────────────────
|
|
154
|
+
/**
|
|
155
|
+
* Compute SHA-256 fingerprint of a DER certificate.
|
|
156
|
+
* Returns colon-separated uppercase hex, e.g. "AA:BB:CC:..."
|
|
157
|
+
*/
|
|
158
|
+
export function computeFingerprint(certDer) {
|
|
159
|
+
const hash = crypto.createHash('sha256').update(certDer).digest();
|
|
160
|
+
return Array.from(hash)
|
|
161
|
+
.map((b) => b.toString(16).padStart(2, '0').toUpperCase())
|
|
162
|
+
.join(':');
|
|
163
|
+
}
|
|
164
|
+
/**
|
|
165
|
+
* Verify that a DER certificate matches the expected fingerprint.
|
|
166
|
+
*/
|
|
167
|
+
export function verifyFingerprint(certDer, expected) {
|
|
168
|
+
const algo = expected.algorithm.toLowerCase().replace('-', '');
|
|
169
|
+
if (algo !== 'sha256') {
|
|
170
|
+
throw new Error(`Unsupported fingerprint algorithm: ${expected.algorithm}`);
|
|
171
|
+
}
|
|
172
|
+
const actual = computeFingerprint(certDer);
|
|
173
|
+
// Case-insensitive comparison
|
|
174
|
+
return actual.toLowerCase() === expected.value.toLowerCase();
|
|
175
|
+
}
|
|
176
|
+
/**
|
|
177
|
+
* Generate a self-signed ECDSA (P-256) certificate for use in DTLS.
|
|
178
|
+
*/
|
|
179
|
+
export function generateSelfSignedCertificate() {
|
|
180
|
+
const keyPair = crypto.generateKeyPairSync('ec', { namedCurve: 'P-256' });
|
|
181
|
+
const cn = `dtls-${crypto.randomBytes(8).toString('hex')}`;
|
|
182
|
+
const certDer = buildSelfSignedCert(keyPair, cn, 365);
|
|
183
|
+
const fingerprint = computeFingerprint(certDer);
|
|
184
|
+
return {
|
|
185
|
+
cert: certDer,
|
|
186
|
+
privateKey: keyPair.privateKey,
|
|
187
|
+
fingerprint: { algorithm: 'sha-256', value: fingerprint },
|
|
188
|
+
};
|
|
189
|
+
}
|
|
190
|
+
/**
|
|
191
|
+
* Extract public key from DER-encoded certificate.
|
|
192
|
+
* Parses the SubjectPublicKeyInfo to get the EC public key.
|
|
193
|
+
*/
|
|
194
|
+
export function extractPublicKeyFromCert(certDer) {
|
|
195
|
+
// Use Node.js X509Certificate (available since Node 15.6)
|
|
196
|
+
const x509 = new crypto.X509Certificate(certDer);
|
|
197
|
+
return x509.publicKey;
|
|
198
|
+
}
|
|
199
|
+
//# sourceMappingURL=certificate.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"certificate.js","sourceRoot":"","sources":["../src/certificate.ts"],"names":[],"mappings":"AAAA,oDAAoD;AACpD,+DAA+D;AAE/D,OAAO,KAAK,MAAM,MAAM,aAAa,CAAC;AAQtC,iFAAiF;AAEjF,SAAS,SAAS,CAAC,GAAW;IAC5B,IAAI,GAAG,GAAG,IAAI,EAAE,CAAC;QACf,OAAO,MAAM,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IAC5B,CAAC;SAAM,IAAI,GAAG,GAAG,KAAK,EAAE,CAAC;QACvB,OAAO,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,CAAC;IAClC,CAAC;SAAM,IAAI,GAAG,GAAG,OAAO,EAAE,CAAC;QACzB,OAAO,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,CAAC,GAAG,IAAI,CAAC,CAAC,GAAG,IAAI,EAAE,GAAG,GAAG,IAAI,CAAC,CAAC,CAAC;IAC5D,CAAC;SAAM,CAAC;QACN,OAAO,MAAM,CAAC,IAAI,CAAC;YACjB,IAAI;YACJ,CAAC,GAAG,IAAI,EAAE,CAAC,GAAG,IAAI;YAClB,CAAC,GAAG,IAAI,CAAC,CAAC,GAAG,IAAI;YACjB,GAAG,GAAG,IAAI;SACX,CAAC,CAAC;IACL,CAAC;AACH,CAAC;AAED,SAAS,GAAG,CAAC,GAAW,EAAE,GAAG,QAAkB;IAC7C,MAAM,IAAI,GAAG,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;IACrC,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,SAAS,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC;AAC3E,CAAC;AAED,SAAS,QAAQ,CAAC,GAAG,QAAkB;IACrC,OAAO,GAAG,CAAC,IAAI,EAAE,GAAG,QAAQ,CAAC,CAAC;AAChC,CAAC;AAED,SAAS,IAAI,CAAC,GAAG,QAAkB;IACjC,OAAO,GAAG,CAAC,IAAI,EAAE,GAAG,QAAQ,CAAC,CAAC;AAChC,CAAC;AAED,SAAS,OAAO,CAAC,KAAa;IAC5B,yDAAyD;IACzD,IAAI,GAAG,GAAG,KAAK,CAAC;IAChB,IAAI,GAAG,CAAC,CAAC,CAAE,GAAG,IAAI,EAAE,CAAC;QACnB,GAAG,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC;IAClD,CAAC;IACD,OAAO,GAAG,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;AACxB,CAAC;AAED,SAAS,QAAQ,CAAC,CAAS;IACzB,MAAM,GAAG,GAAG,MAAM,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC;IAClC,GAAG,CAAC,YAAY,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IACvB,8CAA8C;IAC9C,IAAI,KAAK,GAAG,CAAC,CAAC;IACd,OAAO,KAAK,GAAG,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,KAAK,GAAG,CAAC,CAAE,GAAG,IAAI,CAAC,EAAE,CAAC;QAC/E,KAAK,EAAE,CAAC;IACV,CAAC;IACD,OAAO,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC;AACtC,CAAC;AAED,SAAS,GAAG,CAAC,WAAmB;IAC9B,MAAM,KAAK,GAAG,WAAW,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IACjD,2CAA2C;IAC3C,MAAM,OAAO,GAAa,CAAC,EAAE,GAAG,KAAK,CAAC,CAAC,CAAE,GAAG,KAAK,CAAC,CAAC,CAAE,CAAC,CAAC;IACvD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,IAAI,CAAC,GAAG,KAAK,CAAC,CAAC,CAAE,CAAC;QAClB,MAAM,KAAK,GAAa,EAAE,CAAC;QAC3B,KAAK,CAAC,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;QACrB,CAAC,KAAK,CAAC,CAAC;QACR,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;YACb,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,GAAG,IAAI,CAAC,CAAC;YACjC,CAAC,KAAK,CAAC,CAAC;QACV,CAAC;QACD,OAAO,CAAC,IAAI,CAAC,GAAG,KAAK,CAAC,CAAC;IACzB,CAAC;IACD,OAAO,GAAG,CAAC,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;AACzC,CAAC;AAED,SAAS,UAAU,CAAC,CAAS;IAC3B,OAAO,GAAG,CAAC,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;AAC3C,CAAC;AAED,SAAS,OAAO,CAAC,CAAO;IACtB,MAAM,GAAG,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;IACtD,MAAM,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,cAAc,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAC9C,MAAM,GAAG,GACP,CAAC;QACD,GAAG,CAAC,CAAC,CAAC,WAAW,EAAE,GAAG,CAAC,CAAC;QACxB,GAAG,CAAC,CAAC,CAAC,UAAU,EAAE,CAAC;QACnB,GAAG,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC;QACpB,GAAG,CAAC,CAAC,CAAC,aAAa,EAAE,CAAC;QACtB,GAAG,CAAC,CAAC,CAAC,aAAa,EAAE,CAAC;QACtB,GAAG,CAAC;IACN,OAAO,GAAG,CAAC,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAC;AAC9C,CAAC;AAED,SAAS,SAAS,CAAC,KAAa,EAAE,UAAU,GAAG,CAAC;IAC9C,OAAO,GAAG,CAAC,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC,UAAU,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;AACrD,CAAC;AAED,SAAS,WAAW,CAAC,KAAa;IAChC,OAAO,GAAG,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;AAC1B,CAAC;AAED,SAAS,UAAU,CAAC,CAAS,EAAE,GAAG,QAAkB;IAClD,OAAO,GAAG,CAAC,IAAI,GAAG,CAAC,EAAE,GAAG,QAAQ,CAAC,CAAC;AACpC,CAAC;AAED,iFAAiF;AAEjF,iCAAiC;AACjC,MAAM,iBAAiB,GAAG,GAAG,CAAC,mBAAmB,CAAC,CAAC;AACnD,yCAAyC;AACzC,MAAM,QAAQ,GAAG,GAAG,CAAC,qBAAqB,CAAC,CAAC;AAC5C,yCAAyC;AACzC,MAAM,gBAAgB,GAAG,GAAG,CAAC,qBAAqB,CAAC,CAAC;AACpD,sBAAsB;AACtB,MAAM,eAAe,GAAG,GAAG,CAAC,SAAS,CAAC,CAAC;AACvC,kCAAkC;AAClC,MAAM,OAAO,GAAG,GAAG,CAAC,WAAW,CAAC,CAAC;AAEjC,iFAAiF;AAEjF;;;GAGG;AACH,SAAS,mBAAmB,CAC1B,OAAsC,EACtC,eAAuB,EACvB,YAAoB;IAEpB,6CAA6C;IAC7C,MAAM,GAAG,GAAG,OAAO,CAAC,SAAS,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,KAAK,EAAE,CAAsB,CAAC;IAC7E,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAC;IAC5D,MAAM,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,WAAW,CAAC,CAAC;IAC1C,MAAM,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,WAAW,CAAC,CAAC;IAC1C,MAAM,SAAS,GAAG,EAAE,CAAC;IACrB,MAAM,IAAI,GAAG,MAAM,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;IACrC,MAAM,IAAI,GAAG,MAAM,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;IACrC,CAAC,CAAC,IAAI,CAAC,IAAI,EAAE,SAAS,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC;IACnC,CAAC,CAAC,IAAI,CAAC,IAAI,EAAE,SAAS,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC;IACnC,MAAM,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC;IAEjE,QAAQ;IACR,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;IACvB,MAAM,SAAS,GAAG,IAAI,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,GAAG,KAAK,CAAC,CAAC,CAAC,YAAY;IAC/D,MAAM,QAAQ,GAAG,IAAI,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,GAAG,YAAY,GAAG,QAAQ,CAAC,CAAC;IAEnE,iCAAiC;IACjC,MAAM,WAAW,GAAG,MAAM,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC;IAC1C,mCAAmC;IACnC,WAAW,CAAC,CAAC,CAAC,GAAG,WAAW,CAAC,CAAC,CAAE,GAAG,IAAI,CAAC;IAExC,wCAAwC;IACxC,MAAM,GAAG,GAAG,QAAQ,CAAC,IAAI,CAAC,QAAQ,CAAC,eAAe,EAAE,UAAU,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,CAAC;IAEnF,uBAAuB;IACvB,MAAM,IAAI,GAAG,QAAQ,CACnB,QAAQ,CAAC,iBAAiB,EAAE,QAAQ,CAAC,EACrC,SAAS,CAAC,OAAO,CAAC,CACnB,CAAC;IAEF,mCAAmC;IACnC,MAAM,QAAQ,GAAG,MAAM,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,CAAC;IACpE,MAAM,YAAY,GAAG,QAAQ,CAC3B,OAAO,EACP,WAAW,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC,CACnC,CAAC;IACF,MAAM,UAAU,GAAG,UAAU,CAAC,CAAC,EAAE,QAAQ,CAAC,YAAY,CAAC,CAAC,CAAC;IAEzD,iBAAiB;IACjB,MAAM,GAAG,GAAG,QAAQ,CAClB,UAAU,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAE,cAAc;IAC1C,OAAO,CAAC,WAAW,CAAC,EAAE,eAAe;IACrC,QAAQ,CAAC,gBAAgB,CAAC,EAAE,sBAAsB;IAClD,GAAG,EAAE,SAAS;IACd,QAAQ,CAAC,OAAO,CAAC,SAAS,CAAC,EAAE,OAAO,CAAC,QAAQ,CAAC,CAAC,EAAE,WAAW;IAC5D,GAAG,EAAE,UAAU;IACf,IAAI,EAAE,uBAAuB;IAC7B,UAAU,CACX,CAAC;IAEF,sBAAsB;IACtB,MAAM,SAAS,GAAG,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,GAAG,EAAE,OAAO,CAAC,UAAU,CAAC,CAAC;IAEjE,uDAAuD;IACvD,MAAM,IAAI,GAAG,QAAQ,CACnB,GAAG,EACH,QAAQ,CAAC,gBAAgB,CAAC,EAC1B,SAAS,CAAC,SAAS,CAAC,CACrB,CAAC;IAEF,OAAO,IAAI,CAAC;AACd,CAAC;AAED,iFAAiF;AAEjF;;;GAGG;AACH,MAAM,UAAU,kBAAkB,CAAC,OAAe;IAChD,MAAM,IAAI,GAAG,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,CAAC;IAClE,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC;SACpB,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,WAAW,EAAE,CAAC;SACzD,IAAI,CAAC,GAAG,CAAC,CAAC;AACf,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,iBAAiB,CAC/B,OAAe,EACf,QAA8C;IAE9C,MAAM,IAAI,GAAG,QAAQ,CAAC,SAAS,CAAC,WAAW,EAAE,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;IAC/D,IAAI,IAAI,KAAK,QAAQ,EAAE,CAAC;QACtB,MAAM,IAAI,KAAK,CAAC,sCAAsC,QAAQ,CAAC,SAAS,EAAE,CAAC,CAAC;IAC9E,CAAC;IACD,MAAM,MAAM,GAAG,kBAAkB,CAAC,OAAO,CAAC,CAAC;IAC3C,8BAA8B;IAC9B,OAAO,MAAM,CAAC,WAAW,EAAE,KAAK,QAAQ,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC;AAC/D,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,6BAA6B;IAC3C,MAAM,OAAO,GAAG,MAAM,CAAC,mBAAmB,CAAC,IAAI,EAAE,EAAE,UAAU,EAAE,OAAO,EAAE,CAAC,CAAC;IAC1E,MAAM,EAAE,GAAG,QAAQ,MAAM,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;IAC3D,MAAM,OAAO,GAAG,mBAAmB,CAAC,OAAO,EAAE,EAAE,EAAE,GAAG,CAAC,CAAC;IACtD,MAAM,WAAW,GAAG,kBAAkB,CAAC,OAAO,CAAC,CAAC;IAEhD,OAAO;QACL,IAAI,EAAE,OAAO;QACb,UAAU,EAAE,OAAO,CAAC,UAAU;QAC9B,WAAW,EAAE,EAAE,SAAS,EAAE,SAAS,EAAE,KAAK,EAAE,WAAW,EAAE;KAC1D,CAAC;AACJ,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,wBAAwB,CAAC,OAAe;IACtD,0DAA0D;IAC1D,MAAM,IAAI,GAAG,IAAI,MAAM,CAAC,eAAe,CAAC,OAAO,CAAC,CAAC;IACjD,OAAO,IAAI,CAAC,SAAS,CAAC;AACxB,CAAC"}
|
package/dist/crypto.d.ts
ADDED
|
@@ -0,0 +1,89 @@
|
|
|
1
|
+
import * as crypto from 'node:crypto';
|
|
2
|
+
/**
|
|
3
|
+
* HMAC-SHA256
|
|
4
|
+
*/
|
|
5
|
+
export declare function hmacSha256(key: Buffer, data: Buffer): Buffer;
|
|
6
|
+
/**
|
|
7
|
+
* HMAC-SHA384
|
|
8
|
+
*/
|
|
9
|
+
export declare function hmacSha384(key: Buffer, data: Buffer): Buffer;
|
|
10
|
+
/**
|
|
11
|
+
* DTLS 1.2 PRF (SHA-256 based, RFC 5246)
|
|
12
|
+
* PRF(secret, label, seed) = P_SHA256(secret, label + seed)
|
|
13
|
+
*/
|
|
14
|
+
export declare function prf(secret: Buffer, label: string, seed: Buffer, length: number): Buffer;
|
|
15
|
+
/**
|
|
16
|
+
* PRF with SHA-384 (for AES-256 cipher suites)
|
|
17
|
+
*/
|
|
18
|
+
export declare function prfSha384(secret: Buffer, label: string, seed: Buffer, length: number): Buffer;
|
|
19
|
+
/**
|
|
20
|
+
* Compute master secret from pre-master secret.
|
|
21
|
+
* master_secret = PRF(pre_master_secret, "master secret", ClientRandom + ServerRandom, 48)
|
|
22
|
+
*/
|
|
23
|
+
export declare function computeMasterSecret(preMasterSecret: Buffer, clientRandom: Buffer, serverRandom: Buffer): Buffer;
|
|
24
|
+
export interface KeyBlock {
|
|
25
|
+
clientWriteKey: Buffer;
|
|
26
|
+
serverWriteKey: Buffer;
|
|
27
|
+
clientWriteIv: Buffer;
|
|
28
|
+
serverWriteIv: Buffer;
|
|
29
|
+
}
|
|
30
|
+
/**
|
|
31
|
+
* Expand key material from master secret (RFC 5246 Section 6.3).
|
|
32
|
+
* For AES-128-GCM: key_length=16, iv_length=4 (implicit part).
|
|
33
|
+
* key_block = PRF(master_secret, "key expansion", ServerRandom + ClientRandom, ...)
|
|
34
|
+
*/
|
|
35
|
+
export declare function expandKeyMaterial(masterSecret: Buffer, clientRandom: Buffer, serverRandom: Buffer, keyLength?: number, ivLength?: number): KeyBlock;
|
|
36
|
+
/**
|
|
37
|
+
* Export keying material (RFC 5705 / RFC 5764 Section 4.2).
|
|
38
|
+
* Used to derive SRTP master keys from DTLS.
|
|
39
|
+
* EKM = PRF(master_secret, label, ClientRandom + ServerRandom, length)
|
|
40
|
+
*/
|
|
41
|
+
export declare function exportKeyingMaterial(masterSecret: Buffer, clientRandom: Buffer, serverRandom: Buffer, label: string, length: number): Buffer;
|
|
42
|
+
export interface AesGcmResult {
|
|
43
|
+
ciphertext: Buffer;
|
|
44
|
+
tag: Buffer;
|
|
45
|
+
}
|
|
46
|
+
/**
|
|
47
|
+
* AES-128-GCM encrypt.
|
|
48
|
+
* Returns ciphertext + 16-byte authentication tag.
|
|
49
|
+
*/
|
|
50
|
+
export declare function aesgcmEncrypt(key: Buffer, iv: Buffer, plaintext: Buffer, aad: Buffer): AesGcmResult;
|
|
51
|
+
/**
|
|
52
|
+
* AES-128-GCM decrypt.
|
|
53
|
+
*/
|
|
54
|
+
export declare function aesgcmDecrypt(key: Buffer, iv: Buffer, ciphertext: Buffer, tag: Buffer, aad: Buffer): Buffer;
|
|
55
|
+
export interface EcdhKeyPair {
|
|
56
|
+
privateKey: crypto.KeyObject;
|
|
57
|
+
publicKey: crypto.KeyObject;
|
|
58
|
+
}
|
|
59
|
+
/**
|
|
60
|
+
* Generate an ephemeral ECDH key pair on P-256 (secp256r1).
|
|
61
|
+
*/
|
|
62
|
+
export declare function generateEcdhKeyPair(): EcdhKeyPair;
|
|
63
|
+
/**
|
|
64
|
+
* Compute ECDH pre-master secret from our private key and peer's public key bytes.
|
|
65
|
+
* peerPublicKeyBytes: uncompressed EC point (0x04 + x + y, 65 bytes for P-256)
|
|
66
|
+
*/
|
|
67
|
+
export declare function computeEcdhPreMasterSecret(privateKey: crypto.KeyObject, peerPublicKeyBytes: Buffer): Buffer;
|
|
68
|
+
/**
|
|
69
|
+
* Encode EC public key to uncompressed point format: 0x04 + x (32 bytes) + y (32 bytes)
|
|
70
|
+
*/
|
|
71
|
+
export declare function encodeEcPublicKey(publicKey: crypto.KeyObject): Buffer;
|
|
72
|
+
/**
|
|
73
|
+
* Decode uncompressed EC point to a KeyObject (P-256).
|
|
74
|
+
*/
|
|
75
|
+
export declare function decodeEcPublicKey(bytes: Buffer): crypto.KeyObject;
|
|
76
|
+
/**
|
|
77
|
+
* Compute SHA-256 hash of data.
|
|
78
|
+
*/
|
|
79
|
+
export declare function sha256(data: Buffer): Buffer;
|
|
80
|
+
/**
|
|
81
|
+
* Sign data with ECDSA-SHA256 private key.
|
|
82
|
+
* Returns DER-encoded signature.
|
|
83
|
+
*/
|
|
84
|
+
export declare function ecdsaSign(privateKey: crypto.KeyObject, data: Buffer): Buffer;
|
|
85
|
+
/**
|
|
86
|
+
* Verify ECDSA-SHA256 signature.
|
|
87
|
+
*/
|
|
88
|
+
export declare function ecdsaVerify(publicKey: crypto.KeyObject, data: Buffer, signature: Buffer): boolean;
|
|
89
|
+
//# sourceMappingURL=crypto.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"crypto.d.ts","sourceRoot":"","sources":["../src/crypto.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,MAAM,MAAM,aAAa,CAAC;AAItC;;GAEG;AACH,wBAAgB,UAAU,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,MAAM,CAE5D;AAED;;GAEG;AACH,wBAAgB,UAAU,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,MAAM,CAE5D;AA+BD;;;GAGG;AACH,wBAAgB,GAAG,CAAC,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,MAAM,CAIvF;AAED;;GAEG;AACH,wBAAgB,SAAS,CAAC,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,MAAM,CAI7F;AAID;;;GAGG;AACH,wBAAgB,mBAAmB,CACjC,eAAe,EAAE,MAAM,EACvB,YAAY,EAAE,MAAM,EACpB,YAAY,EAAE,MAAM,GACnB,MAAM,CAGR;AAED,MAAM,WAAW,QAAQ;IACvB,cAAc,EAAE,MAAM,CAAC;IACvB,cAAc,EAAE,MAAM,CAAC;IACvB,aAAa,EAAE,MAAM,CAAC;IACtB,aAAa,EAAE,MAAM,CAAC;CACvB;AAED;;;;GAIG;AACH,wBAAgB,iBAAiB,CAC/B,YAAY,EAAE,MAAM,EACpB,YAAY,EAAE,MAAM,EACpB,YAAY,EAAE,MAAM,EACpB,SAAS,GAAE,MAAW,EACtB,QAAQ,GAAE,MAAU,GACnB,QAAQ,CAgBV;AAED;;;;GAIG;AACH,wBAAgB,oBAAoB,CAClC,YAAY,EAAE,MAAM,EACpB,YAAY,EAAE,MAAM,EACpB,YAAY,EAAE,MAAM,EACpB,KAAK,EAAE,MAAM,EACb,MAAM,EAAE,MAAM,GACb,MAAM,CAGR;AAID,MAAM,WAAW,YAAY;IAC3B,UAAU,EAAE,MAAM,CAAC;IACnB,GAAG,EAAE,MAAM,CAAC;CACb;AAED;;;GAGG;AACH,wBAAgB,aAAa,CAC3B,GAAG,EAAE,MAAM,EACX,EAAE,EAAE,MAAM,EACV,SAAS,EAAE,MAAM,EACjB,GAAG,EAAE,MAAM,GACV,YAAY,CAMd;AAED;;GAEG;AACH,wBAAgB,aAAa,CAC3B,GAAG,EAAE,MAAM,EACX,EAAE,EAAE,MAAM,EACV,UAAU,EAAE,MAAM,EAClB,GAAG,EAAE,MAAM,EACX,GAAG,EAAE,MAAM,GACV,MAAM,CAKR;AAID,MAAM,WAAW,WAAW;IAC1B,UAAU,EAAE,MAAM,CAAC,SAAS,CAAC;IAC7B,SAAS,EAAE,MAAM,CAAC,SAAS,CAAC;CAC7B;AAED;;GAEG;AACH,wBAAgB,mBAAmB,IAAI,WAAW,CAKjD;AAED;;;GAGG;AACH,wBAAgB,0BAA0B,CACxC,UAAU,EAAE,MAAM,CAAC,SAAS,EAC5B,kBAAkB,EAAE,MAAM,GACzB,MAAM,CAGR;AAED;;GAEG;AACH,wBAAgB,iBAAiB,CAAC,SAAS,EAAE,MAAM,CAAC,SAAS,GAAG,MAAM,CAmBrE;AAED;;GAEG;AACH,wBAAgB,iBAAiB,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAAC,SAAS,CAgBjE;AAED;;GAEG;AACH,wBAAgB,MAAM,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,CAE3C;AAED;;;GAGG;AACH,wBAAgB,SAAS,CAAC,UAAU,EAAE,MAAM,CAAC,SAAS,EAAE,IAAI,EAAE,MAAM,GAAG,MAAM,CAE5E;AAED;;GAEG;AACH,wBAAgB,WAAW,CACzB,SAAS,EAAE,MAAM,CAAC,SAAS,EAC3B,IAAI,EAAE,MAAM,EACZ,SAAS,EAAE,MAAM,GAChB,OAAO,CAMT"}
|
package/dist/crypto.js
ADDED
|
@@ -0,0 +1,193 @@
|
|
|
1
|
+
// DTLS 1.2 Cryptographic primitives
|
|
2
|
+
// RFC 5246 (TLS 1.2) PRF with SHA-256, AES-GCM, ECDH
|
|
3
|
+
import * as crypto from 'node:crypto';
|
|
4
|
+
// ─── HMAC / PRF ───────────────────────────────────────────────────────────────
|
|
5
|
+
/**
|
|
6
|
+
* HMAC-SHA256
|
|
7
|
+
*/
|
|
8
|
+
export function hmacSha256(key, data) {
|
|
9
|
+
return crypto.createHmac('sha256', key).update(data).digest();
|
|
10
|
+
}
|
|
11
|
+
/**
|
|
12
|
+
* HMAC-SHA384
|
|
13
|
+
*/
|
|
14
|
+
export function hmacSha384(key, data) {
|
|
15
|
+
return crypto.createHmac('sha384', key).update(data).digest();
|
|
16
|
+
}
|
|
17
|
+
/**
|
|
18
|
+
* P_hash function (RFC 5246 Section 5)
|
|
19
|
+
* P_hash(secret, seed) = HMAC(secret, A(1) + seed) + HMAC(secret, A(2) + seed) + ...
|
|
20
|
+
* where A(0) = seed, A(i) = HMAC(secret, A(i-1))
|
|
21
|
+
*/
|
|
22
|
+
function pHash(hmacFn, secret, seed, length) {
|
|
23
|
+
const output = Buffer.allocUnsafe(length);
|
|
24
|
+
let written = 0;
|
|
25
|
+
// A(1)
|
|
26
|
+
let a = hmacFn(secret, seed);
|
|
27
|
+
while (written < length) {
|
|
28
|
+
const chunk = hmacFn(secret, Buffer.concat([a, seed]));
|
|
29
|
+
const toCopy = Math.min(chunk.length, length - written);
|
|
30
|
+
chunk.copy(output, written, 0, toCopy);
|
|
31
|
+
written += toCopy;
|
|
32
|
+
// A(i+1) = HMAC(secret, A(i))
|
|
33
|
+
a = hmacFn(secret, a);
|
|
34
|
+
}
|
|
35
|
+
return output;
|
|
36
|
+
}
|
|
37
|
+
/**
|
|
38
|
+
* DTLS 1.2 PRF (SHA-256 based, RFC 5246)
|
|
39
|
+
* PRF(secret, label, seed) = P_SHA256(secret, label + seed)
|
|
40
|
+
*/
|
|
41
|
+
export function prf(secret, label, seed, length) {
|
|
42
|
+
const labelBuf = Buffer.from(label, 'ascii');
|
|
43
|
+
const combined = Buffer.concat([labelBuf, seed]);
|
|
44
|
+
return pHash(hmacSha256, secret, combined, length);
|
|
45
|
+
}
|
|
46
|
+
/**
|
|
47
|
+
* PRF with SHA-384 (for AES-256 cipher suites)
|
|
48
|
+
*/
|
|
49
|
+
export function prfSha384(secret, label, seed, length) {
|
|
50
|
+
const labelBuf = Buffer.from(label, 'ascii');
|
|
51
|
+
const combined = Buffer.concat([labelBuf, seed]);
|
|
52
|
+
return pHash(hmacSha384, secret, combined, length);
|
|
53
|
+
}
|
|
54
|
+
// ─── Key derivation ───────────────────────────────────────────────────────────
|
|
55
|
+
/**
|
|
56
|
+
* Compute master secret from pre-master secret.
|
|
57
|
+
* master_secret = PRF(pre_master_secret, "master secret", ClientRandom + ServerRandom, 48)
|
|
58
|
+
*/
|
|
59
|
+
export function computeMasterSecret(preMasterSecret, clientRandom, serverRandom) {
|
|
60
|
+
const seed = Buffer.concat([clientRandom, serverRandom]);
|
|
61
|
+
return prf(preMasterSecret, 'master secret', seed, 48);
|
|
62
|
+
}
|
|
63
|
+
/**
|
|
64
|
+
* Expand key material from master secret (RFC 5246 Section 6.3).
|
|
65
|
+
* For AES-128-GCM: key_length=16, iv_length=4 (implicit part).
|
|
66
|
+
* key_block = PRF(master_secret, "key expansion", ServerRandom + ClientRandom, ...)
|
|
67
|
+
*/
|
|
68
|
+
export function expandKeyMaterial(masterSecret, clientRandom, serverRandom, keyLength = 16, ivLength = 4) {
|
|
69
|
+
// NOTE: seed is ServerRandom + ClientRandom (reversed from master secret)
|
|
70
|
+
const seed = Buffer.concat([serverRandom, clientRandom]);
|
|
71
|
+
const totalLength = 2 * keyLength + 2 * ivLength;
|
|
72
|
+
const keyBlock = prf(masterSecret, 'key expansion', seed, totalLength);
|
|
73
|
+
let off = 0;
|
|
74
|
+
const clientWriteKey = Buffer.from(keyBlock.subarray(off, off + keyLength));
|
|
75
|
+
off += keyLength;
|
|
76
|
+
const serverWriteKey = Buffer.from(keyBlock.subarray(off, off + keyLength));
|
|
77
|
+
off += keyLength;
|
|
78
|
+
const clientWriteIv = Buffer.from(keyBlock.subarray(off, off + ivLength));
|
|
79
|
+
off += ivLength;
|
|
80
|
+
const serverWriteIv = Buffer.from(keyBlock.subarray(off, off + ivLength));
|
|
81
|
+
return { clientWriteKey, serverWriteKey, clientWriteIv, serverWriteIv };
|
|
82
|
+
}
|
|
83
|
+
/**
|
|
84
|
+
* Export keying material (RFC 5705 / RFC 5764 Section 4.2).
|
|
85
|
+
* Used to derive SRTP master keys from DTLS.
|
|
86
|
+
* EKM = PRF(master_secret, label, ClientRandom + ServerRandom, length)
|
|
87
|
+
*/
|
|
88
|
+
export function exportKeyingMaterial(masterSecret, clientRandom, serverRandom, label, length) {
|
|
89
|
+
const seed = Buffer.concat([clientRandom, serverRandom]);
|
|
90
|
+
return prf(masterSecret, label, seed, length);
|
|
91
|
+
}
|
|
92
|
+
/**
|
|
93
|
+
* AES-128-GCM encrypt.
|
|
94
|
+
* Returns ciphertext + 16-byte authentication tag.
|
|
95
|
+
*/
|
|
96
|
+
export function aesgcmEncrypt(key, iv, plaintext, aad) {
|
|
97
|
+
const cipher = crypto.createCipheriv('aes-128-gcm', key, iv);
|
|
98
|
+
cipher.setAAD(aad);
|
|
99
|
+
const ciphertext = Buffer.concat([cipher.update(plaintext), cipher.final()]);
|
|
100
|
+
const tag = cipher.getAuthTag();
|
|
101
|
+
return { ciphertext, tag };
|
|
102
|
+
}
|
|
103
|
+
/**
|
|
104
|
+
* AES-128-GCM decrypt.
|
|
105
|
+
*/
|
|
106
|
+
export function aesgcmDecrypt(key, iv, ciphertext, tag, aad) {
|
|
107
|
+
const decipher = crypto.createDecipheriv('aes-128-gcm', key, iv);
|
|
108
|
+
decipher.setAAD(aad);
|
|
109
|
+
decipher.setAuthTag(tag);
|
|
110
|
+
return Buffer.concat([decipher.update(ciphertext), decipher.final()]);
|
|
111
|
+
}
|
|
112
|
+
/**
|
|
113
|
+
* Generate an ephemeral ECDH key pair on P-256 (secp256r1).
|
|
114
|
+
*/
|
|
115
|
+
export function generateEcdhKeyPair() {
|
|
116
|
+
const { privateKey, publicKey } = crypto.generateKeyPairSync('ec', {
|
|
117
|
+
namedCurve: 'P-256',
|
|
118
|
+
});
|
|
119
|
+
return { privateKey, publicKey };
|
|
120
|
+
}
|
|
121
|
+
/**
|
|
122
|
+
* Compute ECDH pre-master secret from our private key and peer's public key bytes.
|
|
123
|
+
* peerPublicKeyBytes: uncompressed EC point (0x04 + x + y, 65 bytes for P-256)
|
|
124
|
+
*/
|
|
125
|
+
export function computeEcdhPreMasterSecret(privateKey, peerPublicKeyBytes) {
|
|
126
|
+
const peerPublicKey = decodeEcPublicKey(peerPublicKeyBytes);
|
|
127
|
+
return crypto.diffieHellman({ privateKey, publicKey: peerPublicKey });
|
|
128
|
+
}
|
|
129
|
+
/**
|
|
130
|
+
* Encode EC public key to uncompressed point format: 0x04 + x (32 bytes) + y (32 bytes)
|
|
131
|
+
*/
|
|
132
|
+
export function encodeEcPublicKey(publicKey) {
|
|
133
|
+
// Export as raw uncompressed point via JWK
|
|
134
|
+
const jwk = publicKey.export({ format: 'jwk' });
|
|
135
|
+
if (!jwk.x || !jwk.y)
|
|
136
|
+
throw new Error('Not an EC public key');
|
|
137
|
+
const x = Buffer.from(jwk.x, 'base64url');
|
|
138
|
+
const y = Buffer.from(jwk.y, 'base64url');
|
|
139
|
+
// Pad to 32 bytes for P-256
|
|
140
|
+
const coordSize = 32;
|
|
141
|
+
const xPadded = Buffer.alloc(coordSize);
|
|
142
|
+
const yPadded = Buffer.alloc(coordSize);
|
|
143
|
+
x.copy(xPadded, coordSize - x.length);
|
|
144
|
+
y.copy(yPadded, coordSize - y.length);
|
|
145
|
+
const out = Buffer.allocUnsafe(1 + coordSize * 2);
|
|
146
|
+
out[0] = 0x04; // uncompressed
|
|
147
|
+
xPadded.copy(out, 1);
|
|
148
|
+
yPadded.copy(out, 1 + coordSize);
|
|
149
|
+
return out;
|
|
150
|
+
}
|
|
151
|
+
/**
|
|
152
|
+
* Decode uncompressed EC point to a KeyObject (P-256).
|
|
153
|
+
*/
|
|
154
|
+
export function decodeEcPublicKey(bytes) {
|
|
155
|
+
if (bytes[0] !== 0x04) {
|
|
156
|
+
throw new Error('Only uncompressed EC points supported (0x04 prefix)');
|
|
157
|
+
}
|
|
158
|
+
const coordSize = (bytes.length - 1) / 2;
|
|
159
|
+
const x = bytes.subarray(1, 1 + coordSize);
|
|
160
|
+
const y = bytes.subarray(1 + coordSize);
|
|
161
|
+
const jwk = {
|
|
162
|
+
kty: 'EC',
|
|
163
|
+
crv: 'P-256',
|
|
164
|
+
x: x.toString('base64url'),
|
|
165
|
+
y: y.toString('base64url'),
|
|
166
|
+
};
|
|
167
|
+
return crypto.createPublicKey({ key: jwk, format: 'jwk' });
|
|
168
|
+
}
|
|
169
|
+
/**
|
|
170
|
+
* Compute SHA-256 hash of data.
|
|
171
|
+
*/
|
|
172
|
+
export function sha256(data) {
|
|
173
|
+
return crypto.createHash('sha256').update(data).digest();
|
|
174
|
+
}
|
|
175
|
+
/**
|
|
176
|
+
* Sign data with ECDSA-SHA256 private key.
|
|
177
|
+
* Returns DER-encoded signature.
|
|
178
|
+
*/
|
|
179
|
+
export function ecdsaSign(privateKey, data) {
|
|
180
|
+
return crypto.sign('sha256', data, privateKey);
|
|
181
|
+
}
|
|
182
|
+
/**
|
|
183
|
+
* Verify ECDSA-SHA256 signature.
|
|
184
|
+
*/
|
|
185
|
+
export function ecdsaVerify(publicKey, data, signature) {
|
|
186
|
+
try {
|
|
187
|
+
return crypto.verify('sha256', data, publicKey, signature);
|
|
188
|
+
}
|
|
189
|
+
catch {
|
|
190
|
+
return false;
|
|
191
|
+
}
|
|
192
|
+
}
|
|
193
|
+
//# sourceMappingURL=crypto.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"crypto.js","sourceRoot":"","sources":["../src/crypto.ts"],"names":[],"mappings":"AAAA,oCAAoC;AACpC,qDAAqD;AAErD,OAAO,KAAK,MAAM,MAAM,aAAa,CAAC;AAEtC,iFAAiF;AAEjF;;GAEG;AACH,MAAM,UAAU,UAAU,CAAC,GAAW,EAAE,IAAY;IAClD,OAAO,MAAM,CAAC,UAAU,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,MAAM,EAAY,CAAC;AAC1E,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,UAAU,CAAC,GAAW,EAAE,IAAY;IAClD,OAAO,MAAM,CAAC,UAAU,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,MAAM,EAAY,CAAC;AAC1E,CAAC;AAED;;;;GAIG;AACH,SAAS,KAAK,CACZ,MAA6C,EAC7C,MAAc,EACd,IAAY,EACZ,MAAc;IAEd,MAAM,MAAM,GAAG,MAAM,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;IAC1C,IAAI,OAAO,GAAG,CAAC,CAAC;IAEhB,OAAO;IACP,IAAI,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;IAE7B,OAAO,OAAO,GAAG,MAAM,EAAE,CAAC;QACxB,MAAM,KAAK,GAAG,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC;QACvD,MAAM,MAAM,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,CAAC;QACxD,KAAK,CAAC,IAAI,CAAC,MAAM,EAAE,OAAO,EAAE,CAAC,EAAE,MAAM,CAAC,CAAC;QACvC,OAAO,IAAI,MAAM,CAAC;QAClB,8BAA8B;QAC9B,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;IACxB,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,GAAG,CAAC,MAAc,EAAE,KAAa,EAAE,IAAY,EAAE,MAAc;IAC7E,MAAM,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;IAC7C,MAAM,QAAQ,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC,CAAC;IACjD,OAAO,KAAK,CAAC,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,CAAC,CAAC;AACrD,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,SAAS,CAAC,MAAc,EAAE,KAAa,EAAE,IAAY,EAAE,MAAc;IACnF,MAAM,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;IAC7C,MAAM,QAAQ,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC,CAAC;IACjD,OAAO,KAAK,CAAC,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,CAAC,CAAC;AACrD,CAAC;AAED,iFAAiF;AAEjF;;;GAGG;AACH,MAAM,UAAU,mBAAmB,CACjC,eAAuB,EACvB,YAAoB,EACpB,YAAoB;IAEpB,MAAM,IAAI,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,YAAY,EAAE,YAAY,CAAC,CAAC,CAAC;IACzD,OAAO,GAAG,CAAC,eAAe,EAAE,eAAe,EAAE,IAAI,EAAE,EAAE,CAAC,CAAC;AACzD,CAAC;AASD;;;;GAIG;AACH,MAAM,UAAU,iBAAiB,CAC/B,YAAoB,EACpB,YAAoB,EACpB,YAAoB,EACpB,YAAoB,EAAE,EACtB,WAAmB,CAAC;IAEpB,0EAA0E;IAC1E,MAAM,IAAI,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,YAAY,EAAE,YAAY,CAAC,CAAC,CAAC;IACzD,MAAM,WAAW,GAAG,CAAC,GAAG,SAAS,GAAG,CAAC,GAAG,QAAQ,CAAC;IACjD,MAAM,QAAQ,GAAG,GAAG,CAAC,YAAY,EAAE,eAAe,EAAE,IAAI,EAAE,WAAW,CAAC,CAAC;IAEvE,IAAI,GAAG,GAAG,CAAC,CAAC;IACZ,MAAM,cAAc,GAAG,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,GAAG,SAAS,CAAC,CAAC,CAAC;IAC5E,GAAG,IAAI,SAAS,CAAC;IACjB,MAAM,cAAc,GAAG,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,GAAG,SAAS,CAAC,CAAC,CAAC;IAC5E,GAAG,IAAI,SAAS,CAAC;IACjB,MAAM,aAAa,GAAG,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,GAAG,QAAQ,CAAC,CAAC,CAAC;IAC1E,GAAG,IAAI,QAAQ,CAAC;IAChB,MAAM,aAAa,GAAG,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,GAAG,QAAQ,CAAC,CAAC,CAAC;IAE1E,OAAO,EAAE,cAAc,EAAE,cAAc,EAAE,aAAa,EAAE,aAAa,EAAE,CAAC;AAC1E,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,oBAAoB,CAClC,YAAoB,EACpB,YAAoB,EACpB,YAAoB,EACpB,KAAa,EACb,MAAc;IAEd,MAAM,IAAI,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,YAAY,EAAE,YAAY,CAAC,CAAC,CAAC;IACzD,OAAO,GAAG,CAAC,YAAY,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,CAAC,CAAC;AAChD,CAAC;AASD;;;GAGG;AACH,MAAM,UAAU,aAAa,CAC3B,GAAW,EACX,EAAU,EACV,SAAiB,EACjB,GAAW;IAEX,MAAM,MAAM,GAAG,MAAM,CAAC,cAAc,CAAC,aAAa,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;IAC7D,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IACnB,MAAM,UAAU,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,EAAE,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;IAC7E,MAAM,GAAG,GAAG,MAAM,CAAC,UAAU,EAAE,CAAC;IAChC,OAAO,EAAE,UAAU,EAAE,GAAG,EAAE,CAAC;AAC7B,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,aAAa,CAC3B,GAAW,EACX,EAAU,EACV,UAAkB,EAClB,GAAW,EACX,GAAW;IAEX,MAAM,QAAQ,GAAG,MAAM,CAAC,gBAAgB,CAAC,aAAa,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;IACjE,QAAQ,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IACrB,QAAQ,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;IACzB,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,UAAU,CAAC,EAAE,QAAQ,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;AACxE,CAAC;AASD;;GAEG;AACH,MAAM,UAAU,mBAAmB;IACjC,MAAM,EAAE,UAAU,EAAE,SAAS,EAAE,GAAG,MAAM,CAAC,mBAAmB,CAAC,IAAI,EAAE;QACjE,UAAU,EAAE,OAAO;KACpB,CAAC,CAAC;IACH,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,CAAC;AACnC,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,0BAA0B,CACxC,UAA4B,EAC5B,kBAA0B;IAE1B,MAAM,aAAa,GAAG,iBAAiB,CAAC,kBAAkB,CAAC,CAAC;IAC5D,OAAO,MAAM,CAAC,aAAa,CAAC,EAAE,UAAU,EAAE,SAAS,EAAE,aAAa,EAAE,CAAW,CAAC;AAClF,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,iBAAiB,CAAC,SAA2B;IAC3D,2CAA2C;IAC3C,MAAM,GAAG,GAAG,SAAS,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,KAAK,EAAE,CAAsB,CAAC;IACrE,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;IAC9D,MAAM,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,WAAW,CAAC,CAAC;IAC1C,MAAM,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,WAAW,CAAC,CAAC;IAE1C,4BAA4B;IAC5B,MAAM,SAAS,GAAG,EAAE,CAAC;IACrB,MAAM,OAAO,GAAG,MAAM,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;IACxC,MAAM,OAAO,GAAG,MAAM,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;IACxC,CAAC,CAAC,IAAI,CAAC,OAAO,EAAE,SAAS,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC;IACtC,CAAC,CAAC,IAAI,CAAC,OAAO,EAAE,SAAS,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC;IAEtC,MAAM,GAAG,GAAG,MAAM,CAAC,WAAW,CAAC,CAAC,GAAG,SAAS,GAAG,CAAC,CAAC,CAAC;IAClD,GAAG,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,eAAe;IAC9B,OAAO,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC;IACrB,OAAO,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,SAAS,CAAC,CAAC;IACjC,OAAO,GAAG,CAAC;AACb,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,iBAAiB,CAAC,KAAa;IAC7C,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;QACtB,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAC;IACzE,CAAC;IACD,MAAM,SAAS,GAAG,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;IACzC,MAAM,CAAC,GAAG,KAAK,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,CAAC;IAC3C,MAAM,CAAC,GAAG,KAAK,CAAC,QAAQ,CAAC,CAAC,GAAG,SAAS,CAAC,CAAC;IAExC,MAAM,GAAG,GAAsB;QAC7B,GAAG,EAAE,IAAI;QACT,GAAG,EAAE,OAAO;QACZ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC;QAC1B,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC;KAC3B,CAAC;IAEF,OAAO,MAAM,CAAC,eAAe,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;AAC7D,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,MAAM,CAAC,IAAY;IACjC,OAAO,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,MAAM,EAAY,CAAC;AACrE,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,SAAS,CAAC,UAA4B,EAAE,IAAY;IAClE,OAAO,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,EAAE,UAAU,CAAW,CAAC;AAC3D,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,WAAW,CACzB,SAA2B,EAC3B,IAAY,EACZ,SAAiB;IAEjB,IAAI,CAAC;QACH,OAAO,MAAM,CAAC,MAAM,CAAC,QAAQ,EAAE,IAAI,EAAE,SAAS,EAAE,SAAS,CAAC,CAAC;IAC7D,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC"}
|
|
@@ -0,0 +1,113 @@
|
|
|
1
|
+
import { DTLS_VERSION_1_2, type DtlsVersion } from './types.js';
|
|
2
|
+
export declare enum HandshakeType {
|
|
3
|
+
HelloRequest = 0,
|
|
4
|
+
ClientHello = 1,
|
|
5
|
+
ServerHello = 2,
|
|
6
|
+
HelloVerifyRequest = 3,
|
|
7
|
+
Certificate = 11,
|
|
8
|
+
ServerKeyExchange = 12,
|
|
9
|
+
CertificateRequest = 13,
|
|
10
|
+
ServerHelloDone = 14,
|
|
11
|
+
CertificateVerify = 15,
|
|
12
|
+
ClientKeyExchange = 16,
|
|
13
|
+
Finished = 20
|
|
14
|
+
}
|
|
15
|
+
export interface HandshakeMessage {
|
|
16
|
+
msgType: HandshakeType;
|
|
17
|
+
length: number;
|
|
18
|
+
messageSeq: number;
|
|
19
|
+
fragmentOffset: number;
|
|
20
|
+
fragmentLength: number;
|
|
21
|
+
body: Buffer;
|
|
22
|
+
}
|
|
23
|
+
export interface TlsExtension {
|
|
24
|
+
type: number;
|
|
25
|
+
data: Buffer;
|
|
26
|
+
}
|
|
27
|
+
export interface ClientHello {
|
|
28
|
+
clientVersion: DtlsVersion;
|
|
29
|
+
random: Buffer;
|
|
30
|
+
sessionId: Buffer;
|
|
31
|
+
cookie: Buffer;
|
|
32
|
+
cipherSuites: number[];
|
|
33
|
+
compressionMethods: number[];
|
|
34
|
+
extensions: TlsExtension[];
|
|
35
|
+
}
|
|
36
|
+
export interface ServerHello {
|
|
37
|
+
serverVersion: DtlsVersion;
|
|
38
|
+
random: Buffer;
|
|
39
|
+
sessionId: Buffer;
|
|
40
|
+
cipherSuite: number;
|
|
41
|
+
compressionMethod: number;
|
|
42
|
+
extensions: TlsExtension[];
|
|
43
|
+
}
|
|
44
|
+
export interface HelloVerifyRequest {
|
|
45
|
+
serverVersion: DtlsVersion;
|
|
46
|
+
cookie: Buffer;
|
|
47
|
+
}
|
|
48
|
+
export interface ServerKeyExchange {
|
|
49
|
+
curveType: number;
|
|
50
|
+
namedCurve: number;
|
|
51
|
+
publicKey: Buffer;
|
|
52
|
+
signatureAlgorithm: {
|
|
53
|
+
hash: number;
|
|
54
|
+
signature: number;
|
|
55
|
+
};
|
|
56
|
+
signature: Buffer;
|
|
57
|
+
}
|
|
58
|
+
export interface ClientKeyExchange {
|
|
59
|
+
publicKey: Buffer;
|
|
60
|
+
}
|
|
61
|
+
export declare const CipherSuites: {
|
|
62
|
+
readonly TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256: 49195;
|
|
63
|
+
readonly TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256: 49199;
|
|
64
|
+
readonly TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384: 49196;
|
|
65
|
+
};
|
|
66
|
+
export declare const ExtensionType: {
|
|
67
|
+
readonly UseSrtp: 14;
|
|
68
|
+
readonly SupportedGroups: 10;
|
|
69
|
+
readonly EcPointFormats: 11;
|
|
70
|
+
readonly SignatureAlgorithms: 13;
|
|
71
|
+
readonly RenegotiationInfo: 65281;
|
|
72
|
+
};
|
|
73
|
+
export declare const NamedCurve: {
|
|
74
|
+
readonly secp256r1: 23;
|
|
75
|
+
readonly secp384r1: 24;
|
|
76
|
+
};
|
|
77
|
+
export declare const SrtpProtectionProfile: {
|
|
78
|
+
readonly SRTP_AES128_CM_SHA1_80: 1;
|
|
79
|
+
readonly SRTP_AES128_CM_SHA1_32: 2;
|
|
80
|
+
};
|
|
81
|
+
export declare function encodeHandshakeMessage(msg: HandshakeMessage): Buffer;
|
|
82
|
+
export declare function decodeHandshakeMessage(buf: Buffer): HandshakeMessage;
|
|
83
|
+
export declare function encodeClientHello(hello: ClientHello): Buffer;
|
|
84
|
+
export declare function decodeClientHello(buf: Buffer): ClientHello;
|
|
85
|
+
export declare function encodeServerHello(hello: ServerHello): Buffer;
|
|
86
|
+
export declare function decodeServerHello(buf: Buffer): ServerHello;
|
|
87
|
+
export declare function encodeHelloVerifyRequest(hvr: HelloVerifyRequest): Buffer;
|
|
88
|
+
export declare function decodeHelloVerifyRequest(buf: Buffer): HelloVerifyRequest;
|
|
89
|
+
export declare function encodeServerKeyExchange(ske: ServerKeyExchange): Buffer;
|
|
90
|
+
export declare function decodeServerKeyExchange(buf: Buffer): ServerKeyExchange;
|
|
91
|
+
export declare function encodeCertificate(certDer: Buffer): Buffer;
|
|
92
|
+
export declare function decodeCertificate(buf: Buffer): Buffer[];
|
|
93
|
+
export declare function encodeClientKeyExchange(cke: ClientKeyExchange): Buffer;
|
|
94
|
+
export declare function decodeClientKeyExchange(buf: Buffer): ClientKeyExchange;
|
|
95
|
+
/**
|
|
96
|
+
* Build use_srtp extension data (RFC 5764)
|
|
97
|
+
* protection_profiles: list of 2-byte profile IDs
|
|
98
|
+
*/
|
|
99
|
+
export declare function buildUseSrtpExtension(profiles: number[]): Buffer;
|
|
100
|
+
export declare function parseSrtpProfiles(data: Buffer): number[];
|
|
101
|
+
/**
|
|
102
|
+
* Build supported_groups extension (named curves)
|
|
103
|
+
*/
|
|
104
|
+
export declare function buildSupportedGroupsExtension(curves: number[]): Buffer;
|
|
105
|
+
/**
|
|
106
|
+
* Build signature_algorithms extension
|
|
107
|
+
*/
|
|
108
|
+
export declare function buildSignatureAlgorithmsExtension(pairs: Array<{
|
|
109
|
+
hash: number;
|
|
110
|
+
sig: number;
|
|
111
|
+
}>): Buffer;
|
|
112
|
+
export { DTLS_VERSION_1_2 };
|
|
113
|
+
//# sourceMappingURL=handshake.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"handshake.d.ts","sourceRoot":"","sources":["../src/handshake.ts"],"names":[],"mappings":"AAUA,OAAO,EAAE,gBAAgB,EAAE,KAAK,WAAW,EAAE,MAAM,YAAY,CAAC;AAEhE,oBAAY,aAAa;IACvB,YAAY,IAAI;IAChB,WAAW,IAAI;IACf,WAAW,IAAI;IACf,kBAAkB,IAAI;IACtB,WAAW,KAAK;IAChB,iBAAiB,KAAK;IACtB,kBAAkB,KAAK;IACvB,eAAe,KAAK;IACpB,iBAAiB,KAAK;IACtB,iBAAiB,KAAK;IACtB,QAAQ,KAAK;CACd;AAED,MAAM,WAAW,gBAAgB;IAC/B,OAAO,EAAE,aAAa,CAAC;IACvB,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,EAAE,MAAM,CAAC;IACnB,cAAc,EAAE,MAAM,CAAC;IACvB,cAAc,EAAE,MAAM,CAAC;IACvB,IAAI,EAAE,MAAM,CAAC;CACd;AAED,MAAM,WAAW,YAAY;IAC3B,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;CACd;AAED,MAAM,WAAW,WAAW;IAC1B,aAAa,EAAE,WAAW,CAAC;IAC3B,MAAM,EAAE,MAAM,CAAC;IACf,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,MAAM,CAAC;IACf,YAAY,EAAE,MAAM,EAAE,CAAC;IACvB,kBAAkB,EAAE,MAAM,EAAE,CAAC;IAC7B,UAAU,EAAE,YAAY,EAAE,CAAC;CAC5B;AAED,MAAM,WAAW,WAAW;IAC1B,aAAa,EAAE,WAAW,CAAC;IAC3B,MAAM,EAAE,MAAM,CAAC;IACf,SAAS,EAAE,MAAM,CAAC;IAClB,WAAW,EAAE,MAAM,CAAC;IACpB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,UAAU,EAAE,YAAY,EAAE,CAAC;CAC5B;AAED,MAAM,WAAW,kBAAkB;IACjC,aAAa,EAAE,WAAW,CAAC;IAC3B,MAAM,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,iBAAiB;IAIhC,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC;IAClB,kBAAkB,EAAE;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,SAAS,EAAE,MAAM,CAAA;KAAE,CAAC;IACxD,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,iBAAiB;IAChC,SAAS,EAAE,MAAM,CAAC;CACnB;AAGD,eAAO,MAAM,YAAY;;;;CAIf,CAAC;AAGX,eAAO,MAAM,aAAa;;;;;;CAMhB,CAAC;AAGX,eAAO,MAAM,UAAU;;;CAGb,CAAC;AAGX,eAAO,MAAM,qBAAqB;;;CAGxB,CAAC;AAMX,wBAAgB,sBAAsB,CAAC,GAAG,EAAE,gBAAgB,GAAG,MAAM,CAqBpE;AAED,wBAAgB,sBAAsB,CAAC,GAAG,EAAE,MAAM,GAAG,gBAAgB,CAsBpE;AAID,wBAAgB,iBAAiB,CAAC,KAAK,EAAE,WAAW,GAAG,MAAM,CAgD5D;AAED,wBAAgB,iBAAiB,CAAC,GAAG,EAAE,MAAM,GAAG,WAAW,CAmD1D;AAID,wBAAgB,iBAAiB,CAAC,KAAK,EAAE,WAAW,GAAG,MAAM,CA4B5D;AAED,wBAAgB,iBAAiB,CAAC,GAAG,EAAE,MAAM,GAAG,WAAW,CAkC1D;AAID,wBAAgB,wBAAwB,CAAC,GAAG,EAAE,kBAAkB,GAAG,MAAM,CAOxE;AAED,wBAAgB,wBAAwB,CAAC,GAAG,EAAE,MAAM,GAAG,kBAAkB,CAMxE;AAID,wBAAgB,uBAAuB,CAAC,GAAG,EAAE,iBAAiB,GAAG,MAAM,CAkBtE;AAED,wBAAgB,uBAAuB,CAAC,GAAG,EAAE,MAAM,GAAG,iBAAiB,CAoBtE;AAID,wBAAgB,iBAAiB,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,CASzD;AAED,wBAAgB,iBAAiB,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,EAAE,CAavD;AAID,wBAAgB,uBAAuB,CAAC,GAAG,EAAE,iBAAiB,GAAG,MAAM,CAKtE;AAED,wBAAgB,uBAAuB,CAAC,GAAG,EAAE,MAAM,GAAG,iBAAiB,CAItE;AAuCD;;;GAGG;AACH,wBAAgB,qBAAqB,CAAC,QAAQ,EAAE,MAAM,EAAE,GAAG,MAAM,CAUhE;AAED,wBAAgB,iBAAiB,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,EAAE,CAUxD;AAED;;GAEG;AACH,wBAAgB,6BAA6B,CAAC,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,CAQtE;AAED;;GAEG;AACH,wBAAgB,iCAAiC,CAC/C,KAAK,EAAE,KAAK,CAAC;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,GAAG,EAAE,MAAM,CAAA;CAAE,CAAC,GAC1C,MAAM,CASR;AAcD,OAAO,EAAE,gBAAgB,EAAE,CAAC"}
|