@libp2p/tls 0.0.0-0321812e7

package/LICENSE

@@ -0,0 +1,4 @@
+This project is dual licensed under MIT and Apache-2.0.
+
+MIT: https://www.opensource.org/licenses/mit
+Apache-2.0: https://www.apache.org/licenses/license-2.0

package/README.md

@@ -0,0 +1,45 @@
+[![libp2p.io](https://img.shields.io/badge/project-libp2p-yellow.svg?style=flat-square)](http://libp2p.io/)
+[![Discuss](https://img.shields.io/discourse/https/discuss.libp2p.io/posts.svg?style=flat-square)](https://discuss.libp2p.io)
+[![codecov](https://img.shields.io/codecov/c/github/libp2p/js-libp2p.svg?style=flat-square)](https://codecov.io/gh/libp2p/js-libp2p)
+[![CI](https://img.shields.io/github/actions/workflow/status/libp2p/js-libp2p/main.yml?branch=main\&style=flat-square)](https://github.com/libp2p/js-libp2p/actions/workflows/main.yml?query=branch%3Amain)
+
+> A connection encrypter that uses TLS 1.3
+
+# About
+
+Implements the spec at <https://github.com/libp2p/specs/blob/master/tls/tls.md>
+
+## Example
+
+```typescript
+import { createLibp2p } from 'libp2p'
+import { tls } from '@libp2p/tls'
+
+const node = await createLibp2p({
+  // ...other options
+  connectionEncryption: [
+    tls()
+  ]
+})
+```
+
+# Install
+
+```console
+$ npm i @libp2p/tls
+```
+
+# API Docs
+
+- <https://libp2p.github.io/js-libp2p/modules/_libp2p_tls.html>
+
+# License
+
+Licensed under either of
+
+- Apache 2.0, ([LICENSE-APACHE](LICENSE-APACHE) / <http://www.apache.org/licenses/LICENSE-2.0>)
+- MIT ([LICENSE-MIT](LICENSE-MIT) / <http://opensource.org/licenses/MIT>)
+
+# Contribution
+
+Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.

package/dist/src/index.d.ts

@@ -0,0 +1,33 @@
+/**
+ * @packageDocumentation
+ *
+ * Implements the spec at https://github.com/libp2p/specs/blob/master/tls/tls.md
+ *
+ * @example
+ *
+ * ```typescript
+ * import { createLibp2p } from 'libp2p'
+ * import { tls } from '@libp2p/tls'
+ *
+ * const node = await createLibp2p({
+ *   // ...other options
+ *   connectionEncryption: [
+ *     tls()
+ *   ]
+ * })
+ * ```
+ */
+import type { ComponentLogger, ConnectionEncrypter } from '@libp2p/interface';
+export declare const PROTOCOL = "/tls/1.0.0";
+export interface TLSComponents {
+    logger: ComponentLogger;
+}
+export interface TLSInit {
+    /**
+     * The peer id exchange must complete within this many milliseconds
+     * (default: 1000)
+     */
+    timeout?: number;
+}
+export declare function tls(init?: TLSInit): (components: TLSComponents) => ConnectionEncrypter;
+//# sourceMappingURL=index.d.ts.map

package/dist/src/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;GAkBG;AAGH,OAAO,KAAK,EAAE,eAAe,EAAE,mBAAmB,EAAE,MAAM,mBAAmB,CAAA;AAE7E,eAAO,MAAM,QAAQ,eAAe,CAAA;AAEpC,MAAM,WAAW,aAAa;IAC5B,MAAM,EAAE,eAAe,CAAA;CACxB;AAED,MAAM,WAAW,OAAO;IACtB;;;OAGG;IACH,OAAO,CAAC,EAAE,MAAM,CAAA;CACjB;AAED,wBAAgB,GAAG,CAAE,IAAI,CAAC,EAAE,OAAO,GAAG,CAAC,UAAU,EAAE,aAAa,KAAK,mBAAmB,CAEvF"}

package/dist/src/index.js

@@ -0,0 +1,25 @@
+/**
+ * @packageDocumentation
+ *
+ * Implements the spec at https://github.com/libp2p/specs/blob/master/tls/tls.md
+ *
+ * @example
+ *
+ * ```typescript
+ * import { createLibp2p } from 'libp2p'
+ * import { tls } from '@libp2p/tls'
+ *
+ * const node = await createLibp2p({
+ *   // ...other options
+ *   connectionEncryption: [
+ *     tls()
+ *   ]
+ * })
+ * ```
+ */
+import { TLS } from './tls.js';
+export const PROTOCOL = '/tls/1.0.0';
+export function tls(init) {
+    return (components) => new TLS(components, init);
+}
+//# sourceMappingURL=index.js.map

package/dist/src/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;GAkBG;AAEH,OAAO,EAAE,GAAG,EAAE,MAAM,UAAU,CAAA;AAG9B,MAAM,CAAC,MAAM,QAAQ,GAAG,YAAY,CAAA;AAcpC,MAAM,UAAU,GAAG,CAAE,IAAc;IACjC,OAAO,CAAC,UAAU,EAAE,EAAE,CAAC,IAAI,GAAG,CAAC,UAAU,EAAE,IAAI,CAAC,CAAA;AAClD,CAAC"}

package/dist/src/pb/index.d.ts

@@ -0,0 +1,21 @@
+import { type Codec } from 'protons-runtime';
+import type { Uint8ArrayList } from 'uint8arraylist';
+export declare enum KeyType {
+    RSA = "RSA",
+    Ed25519 = "Ed25519",
+    Secp256k1 = "Secp256k1",
+    ECDSA = "ECDSA"
+}
+export declare namespace KeyType {
+    const codec: () => Codec<KeyType>;
+}
+export interface PublicKey {
+    type?: KeyType;
+    data?: Uint8Array;
+}
+export declare namespace PublicKey {
+    const codec: () => Codec<PublicKey>;
+    const encode: (obj: Partial<PublicKey>) => Uint8Array;
+    const decode: (buf: Uint8Array | Uint8ArrayList) => PublicKey;
+}
+//# sourceMappingURL=index.d.ts.map

package/dist/src/pb/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/pb/index.ts"],"names":[],"mappings":"AAMA,OAAO,EAAE,KAAK,KAAK,EAAsD,MAAM,iBAAiB,CAAA;AAChG,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAA;AAEpD,oBAAY,OAAO;IACjB,GAAG,QAAQ;IACX,OAAO,YAAY;IACnB,SAAS,cAAc;IACvB,KAAK,UAAU;CAChB;AASD,yBAAiB,OAAO,CAAC;IAChB,MAAM,KAAK,QAAO,MAAM,OAAO,CAErC,CAAA;CACF;AACD,MAAM,WAAW,SAAS;IACxB,IAAI,CAAC,EAAE,OAAO,CAAA;IACd,IAAI,CAAC,EAAE,UAAU,CAAA;CAClB;AAED,yBAAiB,SAAS,CAAC;IAGlB,MAAM,KAAK,QAAO,MAAM,SAAS,CAiDvC,CAAA;IAEM,MAAM,MAAM,QAAS,QAAQ,SAAS,CAAC,KAAG,UAEhD,CAAA;IAEM,MAAM,MAAM,QAAS,UAAU,GAAG,cAAc,KAAG,SAEzD,CAAA;CACF"}

package/dist/src/pb/index.js

@@ -0,0 +1,78 @@
+/* eslint-disable import/export */
+/* eslint-disable complexity */
+/* eslint-disable @typescript-eslint/no-namespace */
+/* eslint-disable @typescript-eslint/no-unnecessary-boolean-literal-compare */
+/* eslint-disable @typescript-eslint/no-empty-interface */
+import { decodeMessage, encodeMessage, enumeration, message } from 'protons-runtime';
+export var KeyType;
+(function (KeyType) {
+    KeyType["RSA"] = "RSA";
+    KeyType["Ed25519"] = "Ed25519";
+    KeyType["Secp256k1"] = "Secp256k1";
+    KeyType["ECDSA"] = "ECDSA";
+})(KeyType || (KeyType = {}));
+var __KeyTypeValues;
+(function (__KeyTypeValues) {
+    __KeyTypeValues[__KeyTypeValues["RSA"] = 0] = "RSA";
+    __KeyTypeValues[__KeyTypeValues["Ed25519"] = 1] = "Ed25519";
+    __KeyTypeValues[__KeyTypeValues["Secp256k1"] = 2] = "Secp256k1";
+    __KeyTypeValues[__KeyTypeValues["ECDSA"] = 3] = "ECDSA";
+})(__KeyTypeValues || (__KeyTypeValues = {}));
+(function (KeyType) {
+    KeyType.codec = () => {
+        return enumeration(__KeyTypeValues);
+    };
+})(KeyType || (KeyType = {}));
+export var PublicKey;
+(function (PublicKey) {
+    let _codec;
+    PublicKey.codec = () => {
+        if (_codec == null) {
+            _codec = message((obj, w, opts = {}) => {
+                if (opts.lengthDelimited !== false) {
+                    w.fork();
+                }
+                if (obj.type != null) {
+                    w.uint32(8);
+                    KeyType.codec().encode(obj.type, w);
+                }
+                if (obj.data != null) {
+                    w.uint32(18);
+                    w.bytes(obj.data);
+                }
+                if (opts.lengthDelimited !== false) {
+                    w.ldelim();
+                }
+            }, (reader, length) => {
+                const obj = {};
+                const end = length == null ? reader.len : reader.pos + length;
+                while (reader.pos < end) {
+                    const tag = reader.uint32();
+                    switch (tag >>> 3) {
+                        case 1: {
+                            obj.type = KeyType.codec().decode(reader);
+                            break;
+                        }
+                        case 2: {
+                            obj.data = reader.bytes();
+                            break;
+                        }
+                        default: {
+                            reader.skipType(tag & 7);
+                            break;
+                        }
+                    }
+                }
+                return obj;
+            });
+        }
+        return _codec;
+    };
+    PublicKey.encode = (obj) => {
+        return encodeMessage(obj, PublicKey.codec());
+    };
+    PublicKey.decode = (buf) => {
+        return decodeMessage(buf, PublicKey.codec());
+    };
+})(PublicKey || (PublicKey = {}));
+//# sourceMappingURL=index.js.map

package/dist/src/pb/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/pb/index.ts"],"names":[],"mappings":"AAAA,kCAAkC;AAClC,+BAA+B;AAC/B,oDAAoD;AACpD,8EAA8E;AAC9E,0DAA0D;AAE1D,OAAO,EAAc,aAAa,EAAE,aAAa,EAAE,WAAW,EAAE,OAAO,EAAE,MAAM,iBAAiB,CAAA;AAGhG,MAAM,CAAN,IAAY,OAKX;AALD,WAAY,OAAO;IACjB,sBAAW,CAAA;IACX,8BAAmB,CAAA;IACnB,kCAAuB,CAAA;IACvB,0BAAe,CAAA;AACjB,CAAC,EALW,OAAO,KAAP,OAAO,QAKlB;AAED,IAAK,eAKJ;AALD,WAAK,eAAe;IAClB,mDAAO,CAAA;IACP,2DAAW,CAAA;IACX,+DAAa,CAAA;IACb,uDAAS,CAAA;AACX,CAAC,EALI,eAAe,KAAf,eAAe,QAKnB;AAED,WAAiB,OAAO;IACT,aAAK,GAAG,GAAmB,EAAE;QACxC,OAAO,WAAW,CAAU,eAAe,CAAC,CAAA;IAC9C,CAAC,CAAA;AACH,CAAC,EAJgB,OAAO,KAAP,OAAO,QAIvB;AAMD,MAAM,KAAW,SAAS,CA6DzB;AA7DD,WAAiB,SAAS;IACxB,IAAI,MAAwB,CAAA;IAEf,eAAK,GAAG,GAAqB,EAAE;QAC1C,IAAI,MAAM,IAAI,IAAI,EAAE,CAAC;YACnB,MAAM,GAAG,OAAO,CAAY,CAAC,GAAG,EAAE,CAAC,EAAE,IAAI,GAAG,EAAE,EAAE,EAAE;gBAChD,IAAI,IAAI,CAAC,eAAe,KAAK,KAAK,EAAE,CAAC;oBACnC,CAAC,CAAC,IAAI,EAAE,CAAA;gBACV,CAAC;gBAED,IAAI,GAAG,CAAC,IAAI,IAAI,IAAI,EAAE,CAAC;oBACrB,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAA;oBACX,OAAO,CAAC,KAAK,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC,CAAA;gBACrC,CAAC;gBAED,IAAI,GAAG,CAAC,IAAI,IAAI,IAAI,EAAE,CAAC;oBACrB,CAAC,CAAC,MAAM,CAAC,EAAE,CAAC,CAAA;oBACZ,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,CAAA;gBACnB,CAAC;gBAED,IAAI,IAAI,CAAC,eAAe,KAAK,KAAK,EAAE,CAAC;oBACnC,CAAC,CAAC,MAAM,EAAE,CAAA;gBACZ,CAAC;YACH,CAAC,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,EAAE;gBACpB,MAAM,GAAG,GAAQ,EAAE,CAAA;gBAEnB,MAAM,GAAG,GAAG,MAAM,IAAI,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,GAAG,MAAM,CAAA;gBAE7D,OAAO,MAAM,CAAC,GAAG,GAAG,GAAG,EAAE,CAAC;oBACxB,MAAM,GAAG,GAAG,MAAM,CAAC,MAAM,EAAE,CAAA;oBAE3B,QAAQ,GAAG,KAAK,CAAC,EAAE,CAAC;wBAClB,KAAK,CAAC,CAAC,CAAC,CAAC;4BACP,GAAG,CAAC,IAAI,GAAG,OAAO,CAAC,KAAK,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,CAAA;4BACzC,MAAK;wBACP,CAAC;wBACD,KAAK,CAAC,CAAC,CAAC,CAAC;4BACP,GAAG,CAAC,IAAI,GAAG,MAAM,CAAC,KAAK,EAAE,CAAA;4BACzB,MAAK;wBACP,CAAC;wBACD,OAAO,CAAC,CAAC,CAAC;4BACR,MAAM,CAAC,QAAQ,CAAC,GAAG,GAAG,CAAC,CAAC,CAAA;4BACxB,MAAK;wBACP,CAAC;oBACH,CAAC;gBACH,CAAC;gBAED,OAAO,GAAG,CAAA;YACZ,CAAC,CAAC,CAAA;QACJ,CAAC;QAED,OAAO,MAAM,CAAA;IACf,CAAC,CAAA;IAEY,gBAAM,GAAG,CAAC,GAAuB,EAAc,EAAE;QAC5D,OAAO,aAAa,CAAC,GAAG,EAAE,SAAS,CAAC,KAAK,EAAE,CAAC,CAAA;IAC9C,CAAC,CAAA;IAEY,gBAAM,GAAG,CAAC,GAAgC,EAAa,EAAE;QACpE,OAAO,aAAa,CAAC,GAAG,EAAE,SAAS,CAAC,KAAK,EAAE,CAAC,CAAA;IAC9C,CAAC,CAAA;AACH,CAAC,EA7DgB,SAAS,KAAT,SAAS,QA6DzB"}

package/dist/src/tls.d.ts

@@ -0,0 +1,36 @@
+/**
+ * @packageDocumentation
+ *
+ * Implements the spec at https://github.com/libp2p/specs/blob/master/tls/tls.md
+ *
+ * @example
+ *
+ * ```typescript
+ * import { createLibp2p } from 'libp2p'
+ * import { tls } from '@libp2p/tls'
+ *
+ * const node = await createLibp2p({
+ *   // ...other options
+ *   connectionEncryption: [
+ *     tls()
+ *   ]
+ * })
+ * ```
+ */
+import type { TLSComponents, TLSInit } from './index.js';
+import type { MultiaddrConnection, ConnectionEncrypter, SecuredConnection, PeerId } from '@libp2p/interface';
+import type { Duplex } from 'it-stream-types';
+import type { Uint8ArrayList } from 'uint8arraylist';
+export declare class TLS implements ConnectionEncrypter {
+    protocol: string;
+    private readonly log;
+    private readonly timeout;
+    constructor(components: TLSComponents, init?: TLSInit);
+    secureInbound<Stream extends Duplex<AsyncGenerator<Uint8Array | Uint8ArrayList>> = MultiaddrConnection>(localId: PeerId, conn: Stream, remoteId?: PeerId): Promise<SecuredConnection<Stream>>;
+    secureOutbound<Stream extends Duplex<AsyncGenerator<Uint8Array | Uint8ArrayList>> = MultiaddrConnection>(localId: PeerId, conn: Stream, remoteId?: PeerId): Promise<SecuredConnection<Stream>>;
+    /**
+     * Encrypt connection
+     */
+    _encrypt<Stream extends Duplex<AsyncGenerator<Uint8Array | Uint8ArrayList>> = MultiaddrConnection>(localId: PeerId, conn: Stream, isServer: boolean, remoteId?: PeerId): Promise<SecuredConnection<Stream>>;
+}
+//# sourceMappingURL=tls.d.ts.map

package/dist/src/tls.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"tls.d.ts","sourceRoot":"","sources":["../../src/tls.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;GAkBG;AAMH,OAAO,KAAK,EAAE,aAAa,EAAE,OAAO,EAAE,MAAM,YAAY,CAAA;AACxD,OAAO,KAAK,EAAE,mBAAmB,EAAE,mBAAmB,EAAE,iBAAiB,EAAE,MAAM,EAAU,MAAM,mBAAmB,CAAA;AACpH,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,iBAAiB,CAAA;AAC7C,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAA;AAEpD,qBAAa,GAAI,YAAW,mBAAmB;IACtC,QAAQ,EAAE,MAAM,CAAW;IAClC,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAQ;IAC5B,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAQ;gBAEnB,UAAU,EAAE,aAAa,EAAE,IAAI,GAAE,OAAY;IAKpD,aAAa,CAAE,MAAM,SAAS,MAAM,CAAC,cAAc,CAAC,UAAU,GAAG,cAAc,CAAC,CAAC,GAAG,mBAAmB,EAAG,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC;IAI/L,cAAc,CAAE,MAAM,SAAS,MAAM,CAAC,cAAc,CAAC,UAAU,GAAG,cAAc,CAAC,CAAC,GAAG,mBAAmB,EAAG,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC;IAItM;;OAEG;IACG,QAAQ,CAAE,MAAM,SAAS,MAAM,CAAC,cAAc,CAAC,UAAU,GAAG,cAAc,CAAC,CAAC,GAAG,mBAAmB,EAAG,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,OAAO,EAAE,QAAQ,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC;CAgEpN"}

package/dist/src/tls.js

@@ -0,0 +1,100 @@
+/**
+ * @packageDocumentation
+ *
+ * Implements the spec at https://github.com/libp2p/specs/blob/master/tls/tls.md
+ *
+ * @example
+ *
+ * ```typescript
+ * import { createLibp2p } from 'libp2p'
+ * import { tls } from '@libp2p/tls'
+ *
+ * const node = await createLibp2p({
+ *   // ...other options
+ *   connectionEncryption: [
+ *     tls()
+ *   ]
+ * })
+ * ```
+ */
+import { TLSSocket, connect } from 'node:tls';
+import { CodeError } from '@libp2p/interface';
+import { generateCertificate, verifyPeerCertificate, itToStream, streamToIt } from './utils.js';
+import { PROTOCOL } from './index.js';
+export class TLS {
+    protocol = PROTOCOL;
+    log;
+    timeout;
+    constructor(components, init = {}) {
+        this.log = components.logger.forComponent('libp2p:tls');
+        this.timeout = init.timeout ?? 1000;
+    }
+    async secureInbound(localId, conn, remoteId) {
+        return this._encrypt(localId, conn, false, remoteId);
+    }
+    async secureOutbound(localId, conn, remoteId) {
+        return this._encrypt(localId, conn, true, remoteId);
+    }
+    /**
+     * Encrypt connection
+     */
+    async _encrypt(localId, conn, isServer, remoteId) {
+        const opts = {
+            ...await generateCertificate(localId),
+            isServer,
+            // require TLS 1.3 or later
+            minVersion: 'TLSv1.3',
+            maxVersion: 'TLSv1.3',
+            // accept self-signed certificates
+            rejectUnauthorized: false
+        };
+        let socket;
+        if (isServer) {
+            socket = new TLSSocket(itToStream(conn), {
+                ...opts,
+                // require clients to send certificates
+                requestCert: true
+            });
+        }
+        else {
+            socket = connect({
+                socket: itToStream(conn),
+                ...opts
+            });
+        }
+        return new Promise((resolve, reject) => {
+            const abortTimeout = setTimeout(() => {
+                socket.destroy(new CodeError('Handshake timeout', 'ERR_HANDSHAKE_TIMEOUT'));
+            }, this.timeout);
+            const verifyRemote = () => {
+                const remote = socket.getPeerCertificate();
+                verifyPeerCertificate(remote.raw, remoteId, this.log)
+                    .then(remotePeer => {
+                    this.log('remote certificate ok, remote peer %p', remotePeer);
+                    resolve({
+                        remotePeer,
+                        conn: {
+                            ...conn,
+                            ...streamToIt(socket)
+                        }
+                    });
+                })
+                    .catch(err => {
+                    reject(err);
+                })
+                    .finally(() => {
+                    clearTimeout(abortTimeout);
+                });
+            };
+            socket.on('error', err => {
+                reject(err);
+                clearTimeout(abortTimeout);
+            });
+            socket.on('secure', (evt) => {
+                this.log('verifying remote certificate');
+                verifyRemote();
+            });
+        });
+    }
+}
+//# sourceMappingURL=tls.js.map

package/dist/src/tls.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"tls.js","sourceRoot":"","sources":["../../src/tls.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;GAkBG;AAEH,OAAO,EAAE,SAAS,EAAyB,OAAO,EAAE,MAAM,UAAU,CAAA;AACpE,OAAO,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAA;AAC7C,OAAO,EAAE,mBAAmB,EAAE,qBAAqB,EAAE,UAAU,EAAE,UAAU,EAAE,MAAM,YAAY,CAAA;AAC/F,OAAO,EAAE,QAAQ,EAAE,MAAM,YAAY,CAAA;AAMrC,MAAM,OAAO,GAAG;IACP,QAAQ,GAAW,QAAQ,CAAA;IACjB,GAAG,CAAQ;IACX,OAAO,CAAQ;IAEhC,YAAa,UAAyB,EAAE,OAAgB,EAAE;QACxD,IAAI,CAAC,GAAG,GAAG,UAAU,CAAC,MAAM,CAAC,YAAY,CAAC,YAAY,CAAC,CAAA;QACvD,IAAI,CAAC,OAAO,GAAG,IAAI,CAAC,OAAO,IAAI,IAAI,CAAA;IACrC,CAAC;IAED,KAAK,CAAC,aAAa,CAA6F,OAAe,EAAE,IAAY,EAAE,QAAiB;QAC9J,OAAO,IAAI,CAAC,QAAQ,CAAC,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,QAAQ,CAAC,CAAA;IACtD,CAAC;IAED,KAAK,CAAC,cAAc,CAA6F,OAAe,EAAE,IAAY,EAAE,QAAiB;QAC/J,OAAO,IAAI,CAAC,QAAQ,CAAC,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,CAAC,CAAA;IACrD,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,QAAQ,CAA6F,OAAe,EAAE,IAAY,EAAE,QAAiB,EAAE,QAAiB;QAC5K,MAAM,IAAI,GAAqB;YAC7B,GAAG,MAAM,mBAAmB,CAAC,OAAO,CAAC;YACrC,QAAQ;YACR,2BAA2B;YAC3B,UAAU,EAAE,SAAS;YACrB,UAAU,EAAE,SAAS;YACrB,kCAAkC;YAClC,kBAAkB,EAAE,KAAK;SAC1B,CAAA;QAED,IAAI,MAAiB,CAAA;QAErB,IAAI,QAAQ,EAAE,CAAC;YACb,MAAM,GAAG,IAAI,SAAS,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE;gBACvC,GAAG,IAAI;gBACP,uCAAuC;gBACvC,WAAW,EAAE,IAAI;aAClB,CAAC,CAAA;QACJ,CAAC;aAAM,CAAC;YACN,MAAM,GAAG,OAAO,CAAC;gBACf,MAAM,EAAE,UAAU,CAAC,IAAI,CAAC;gBACxB,GAAG,IAAI;aACR,CAAC,CAAA;QACJ,CAAC;QAED,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACrC,MAAM,YAAY,GAAG,UAAU,CAAC,GAAG,EAAE;gBACnC,MAAM,CAAC,OAAO,CAAC,IAAI,SAAS,CAAC,mBAAmB,EAAE,uBAAuB,CAAC,CAAC,CAAA;YAC7E,CAAC,EAAE,IAAI,CAAC,OAAO,CAAC,CAAA;YAEhB,MAAM,YAAY,GAAG,GAAS,EAAE;gBAC9B,MAAM,MAAM,GAAG,MAAM,CAAC,kBAAkB,EAAE,CAAA;gBAE1C,qBAAqB,CAAC,MAAM,CAAC,GAAG,EAAE,QAAQ,EAAE,IAAI,CAAC,GAAG,CAAC;qBAClD,IAAI,CAAC,UAAU,CAAC,EAAE;oBACjB,IAAI,CAAC,GAAG,CAAC,uCAAuC,EAAE,UAAU,CAAC,CAAA;oBAE7D,OAAO,CAAC;wBACN,UAAU;wBACV,IAAI,EAAE;4BACJ,GAAG,IAAI;4BACP,GAAG,UAAU,CAAC,MAAM,CAAC;yBACtB;qBACF,CAAC,CAAA;gBACJ,CAAC,CAAC;qBACD,KAAK,CAAC,GAAG,CAAC,EAAE;oBACX,MAAM,CAAC,GAAG,CAAC,CAAA;gBACb,CAAC,CAAC;qBACD,OAAO,CAAC,GAAG,EAAE;oBACZ,YAAY,CAAC,YAAY,CAAC,CAAA;gBAC5B,CAAC,CAAC,CAAA;YACN,CAAC,CAAA;YAED,MAAM,CAAC,EAAE,CAAC,OAAO,EAAE,GAAG,CAAC,EAAE;gBACvB,MAAM,CAAC,GAAG,CAAC,CAAA;gBACX,YAAY,CAAC,YAAY,CAAC,CAAA;YAC5B,CAAC,CAAC,CAAA;YACF,MAAM,CAAC,EAAE,CAAC,QAAQ,EAAE,CAAC,GAAG,EAAE,EAAE;gBAC1B,IAAI,CAAC,GAAG,CAAC,8BAA8B,CAAC,CAAA;gBACxC,YAAY,EAAE,CAAA;YAChB,CAAC,CAAC,CAAA;QACJ,CAAC,CAAC,CAAA;IACJ,CAAC;CACF"}

package/dist/src/utils.d.ts

@@ -0,0 +1,17 @@
+/// <reference types="node" />
+import { Duplex as DuplexStream } from 'node:stream';
+import type { PeerId, Logger } from '@libp2p/interface';
+import type { Duplex } from 'it-stream-types';
+import type { Uint8ArrayList } from 'uint8arraylist';
+export declare function verifyPeerCertificate(rawCertificate: Uint8Array, expectedPeerId?: PeerId, log?: Logger): Promise<PeerId>;
+export declare function generateCertificate(peerId: PeerId): Promise<{
+    cert: string;
+    key: string;
+}>;
+/**
+ * @see https://github.com/libp2p/specs/blob/master/tls/tls.md#libp2p-public-key-extension
+ */
+export declare function encodeSignatureData(certPublicKey: ArrayBuffer): Uint8Array;
+export declare function itToStream(conn: Duplex<AsyncGenerator<Uint8Array | Uint8ArrayList>>): DuplexStream;
+export declare function streamToIt(stream: DuplexStream): Duplex<AsyncGenerator<Uint8Array | Uint8ArrayList>>;
+//# sourceMappingURL=utils.d.ts.map

package/dist/src/utils.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../../src/utils.ts"],"names":[],"mappings":";AAAA,OAAO,EAAE,MAAM,IAAI,YAAY,EAAE,MAAM,aAAa,CAAA;AAcpD,OAAO,KAAK,EAAE,MAAM,EAAgC,MAAM,EAAE,MAAM,mBAAmB,CAAA;AACrF,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,iBAAiB,CAAA;AAC7C,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAA;AAYpD,wBAAsB,qBAAqB,CAAE,cAAc,EAAE,UAAU,EAAE,cAAc,CAAC,EAAE,MAAM,EAAE,GAAG,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CA0E/H;AAED,wBAAsB,mBAAmB,CAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,GAAG,EAAE,MAAM,CAAA;CAAE,CAAC,CA8EjG;AAED;;GAEG;AACH,wBAAgB,mBAAmB,CAAE,aAAa,EAAE,WAAW,GAAG,UAAU,CAQ3E;AAmBD,wBAAgB,UAAU,CAAE,IAAI,EAAE,MAAM,CAAC,cAAc,CAAC,UAAU,GAAG,cAAc,CAAC,CAAC,GAAG,YAAY,CAgCnG;AAED,wBAAgB,UAAU,CAAE,MAAM,EAAE,YAAY,GAAG,MAAM,CAAC,cAAc,CAAC,UAAU,GAAG,cAAc,CAAC,CAAC,CA+CrG"}