@libp2p/webrtc 5.2.9 → 5.2.10-3833353bd

package/src/private-to-public/utils/connect.ts

@@ -41,161 +41,165 @@ export async function connect (peerConnection: DirectRTCPeerConnection, ufrag: s
 export async function connect (peerConnection: DirectRTCPeerConnection, ufrag: string, options: ServerOptions): Promise<void>
 export async function connect (peerConnection: DirectRTCPeerConnection, ufrag: string, options: ConnectOptions): Promise<any> {
   // create data channel for running the noise handshake. Once the data
-  // channel is opened, the remote will initiate the noise handshake. This
+  // channel is opened, the listener will initiate the noise handshake. This
   // is used to confirm the identity of the peer.
   const handshakeDataChannel = peerConnection.createDataChannel('', { negotiated: true, id: 0 })
 
-  if (options.role === 'client') {
-    // the client has to set the local offer before the remote answer
-
-    // Create offer and munge sdp with ufrag == pwd. This allows the remote to
-    // respond to STUN messages without performing an actual SDP exchange.
-    // This is because it can infer the passwd field by reading the USERNAME
-    // attribute of the STUN message.
-    options.log.trace('client creating local offer')
-    const offerSdp = await peerConnection.createOffer()
-    options.log.trace('client created local offer %s', offerSdp.sdp)
-    const mungedOfferSdp = sdp.munge(offerSdp, ufrag)
-    options.log.trace('client setting local offer %s', mungedOfferSdp.sdp)
-    await peerConnection.setLocalDescription(mungedOfferSdp)
-
-    const answerSdp = sdp.serverAnswerFromMultiaddr(options.remoteAddr, ufrag)
-    options.log.trace('client setting server description %s', answerSdp.sdp)
-    await peerConnection.setRemoteDescription(answerSdp)
-  } else {
-    // the server has to set the remote offer before the local answer
-    const offerSdp = sdp.clientOfferFromMultiAddr(options.remoteAddr, ufrag)
-    options.log.trace('server setting client %s %s', offerSdp.type, offerSdp.sdp)
-    await peerConnection.setRemoteDescription(offerSdp)
-
-    // Create offer and munge sdp with ufrag == pwd. This allows the remote to
-    // respond to STUN messages without performing an actual SDP exchange.
-    // This is because it can infer the passwd field by reading the USERNAME
-    // attribute of the STUN message.
-    options.log.trace('server creating local answer')
-    const answerSdp = await peerConnection.createAnswer()
-    options.log.trace('server created local answer')
-    const mungedAnswerSdp = sdp.munge(answerSdp, ufrag)
-    options.log.trace('server setting local description %s', answerSdp.sdp)
-    await peerConnection.setLocalDescription(mungedAnswerSdp)
-  }
+  try {
+    if (options.role === 'client') {
+      // the client has to set the local offer before the remote answer
+
+      // Create offer and munge sdp with ufrag == pwd. This allows the remote to
+      // respond to STUN messages without performing an actual SDP exchange.
+      // This is because it can infer the passwd field by reading the USERNAME
+      // attribute of the STUN message.
+      options.log.trace('client creating local offer')
+      const offerSdp = await peerConnection.createOffer()
+      options.log.trace('client created local offer %s', offerSdp.sdp)
+      const mungedOfferSdp = sdp.munge(offerSdp, ufrag)
+      options.log.trace('client setting local offer %s', mungedOfferSdp.sdp)
+      await peerConnection.setLocalDescription(mungedOfferSdp)
+
+      const answerSdp = sdp.serverAnswerFromMultiaddr(options.remoteAddr, ufrag)
+      options.log.trace('client setting server description %s', answerSdp.sdp)
+      await peerConnection.setRemoteDescription(answerSdp)
+    } else {
+      // the server has to set the remote offer before the local answer
+      const offerSdp = sdp.clientOfferFromMultiAddr(options.remoteAddr, ufrag)
+      options.log.trace('server setting client %s %s', offerSdp.type, offerSdp.sdp)
+      await peerConnection.setRemoteDescription(offerSdp)
+
+      // Create offer and munge sdp with ufrag == pwd. This allows the remote to
+      // respond to STUN messages without performing an actual SDP exchange.
+      // This is because it can infer the passwd field by reading the USERNAME
+      // attribute of the STUN message.
+      options.log.trace('server creating local answer')
+      const answerSdp = await peerConnection.createAnswer()
+      options.log.trace('server created local answer')
+      const mungedAnswerSdp = sdp.munge(answerSdp, ufrag)
+      options.log.trace('server setting local description %s', answerSdp.sdp)
+      await peerConnection.setLocalDescription(mungedAnswerSdp)
+    }
 
-  options.log.trace('%s wait for handshake channel to open', options.role)
-  await raceEvent(handshakeDataChannel, 'open', options.signal)
+    if (handshakeDataChannel.readyState !== 'open') {
+      options.log.trace('%s wait for handshake channel to open, starting status %s', options.role, handshakeDataChannel.readyState)
+      await raceEvent(handshakeDataChannel, 'open', options.signal)
+    }
 
-  options.log.trace('%s handshake channel opened', options.role)
+    options.log.trace('%s handshake channel opened', options.role)
 
-  if (options.role === 'server') {
-    // now that the connection has been opened, add the remote's certhash to
-    // it's multiaddr so we can complete the noise handshake
-    const remoteFingerprint = peerConnection.remoteFingerprint()?.value ?? ''
-    options.remoteAddr = options.remoteAddr.encapsulate(sdp.fingerprint2Ma(remoteFingerprint))
-  }
+    if (options.role === 'server') {
+      // now that the connection has been opened, add the remote's certhash to
+      // it's multiaddr so we can complete the noise handshake
+      const remoteFingerprint = peerConnection.remoteFingerprint()?.value ?? ''
+      options.remoteAddr = options.remoteAddr.encapsulate(sdp.fingerprint2Ma(remoteFingerprint))
+    }
 
-  // Do noise handshake.
-  // Set the Noise Prologue to libp2p-webrtc-noise:<FINGERPRINTS> before
-  // starting the actual Noise handshake.
-  // <FINGERPRINTS> is the concatenation of the of the two TLS fingerprints
-  // of A (responder) and B (initiator) in their byte representation.
-  const localFingerprint = sdp.getFingerprintFromSdp(peerConnection.localDescription?.sdp)
+    // Do noise handshake.
+    // Set the Noise Prologue to libp2p-webrtc-noise:<FINGERPRINTS> before
+    // starting the actual Noise handshake.
+    // <FINGERPRINTS> is the concatenation of the of the two TLS fingerprints
+    // of A (responder) and B (initiator) in their byte representation.
+    const localFingerprint = sdp.getFingerprintFromSdp(peerConnection.localDescription?.sdp)
 
-  if (localFingerprint == null) {
-    throw new WebRTCTransportError('Could not get fingerprint from local description sdp')
-  }
+    if (localFingerprint == null) {
+      throw new WebRTCTransportError('Could not get fingerprint from local description sdp')
+    }
+
+    options.log.trace('%s performing noise handshake', options.role)
+    const noisePrologue = generateNoisePrologue(localFingerprint, options.remoteAddr, options.role)
+
+    // Since we use the default crypto interface and do not use a static key
+    // or early data, we pass in undefined for these parameters.
+    const connectionEncrypter = noise({ prologueBytes: noisePrologue })(options)
 
-  options.log.trace('%s performing noise handshake', options.role)
-  const noisePrologue = generateNoisePrologue(localFingerprint, options.remoteAddr, options.role)
-
-  // Since we use the default crypto interface and do not use a static key
-  // or early data, we pass in undefined for these parameters.
-  const connectionEncrypter = noise({ prologueBytes: noisePrologue })(options)
-
-  const wrappedChannel = createStream({
-    channel: handshakeDataChannel,
-    direction: 'inbound',
-    logger: options.logger,
-    ...(options.dataChannel ?? {})
-  })
-  const wrappedDuplex = {
-    ...wrappedChannel,
-    sink: wrappedChannel.sink.bind(wrappedChannel),
-    source: (async function * () {
-      for await (const list of wrappedChannel.source) {
-        for (const buf of list) {
-          yield buf
-        }
+    const handshakeStream = createStream({
+      channel: handshakeDataChannel,
+      direction: 'outbound',
+      handshake: true,
+      logger: options.logger,
+      ...(options.dataChannel ?? {})
+    })
+
+    // Creating the connection before completion of the noise
+    // handshake ensures that the stream opening callback is set up
+    const maConn = new WebRTCMultiaddrConnection(options, {
+      peerConnection,
+      remoteAddr: options.remoteAddr,
+      timeline: {
+        open: Date.now()
+      },
+      metrics: options.events
+    })
+
+    peerConnection.addEventListener(CONNECTION_STATE_CHANGE_EVENT, () => {
+      switch (peerConnection.connectionState) {
+        case 'failed':
+        case 'disconnected':
+        case 'closed':
+          maConn.close().catch((err) => {
+            options.log.error('error closing connection', err)
+            maConn.abort(err)
+          })
+          break
+        default:
+          break
       }
-    }())
-  }
+    })
+
+    // Track opened peer connection
+    options.events?.increment({ peer_connection: true })
+
+    const muxerFactory = new DataChannelMuxerFactory(options, {
+      peerConnection,
+      metrics: options.events,
+      dataChannelOptions: options.dataChannel
+    })
 
-  // Creating the connection before completion of the noise
-  // handshake ensures that the stream opening callback is set up
-  const maConn = new WebRTCMultiaddrConnection(options, {
-    peerConnection,
-    remoteAddr: options.remoteAddr,
-    timeline: {
-      open: Date.now()
-    },
-    metrics: options.events
-  })
-
-  peerConnection.addEventListener(CONNECTION_STATE_CHANGE_EVENT, () => {
-    switch (peerConnection.connectionState) {
-      case 'failed':
-      case 'disconnected':
-      case 'closed':
-        maConn.close().catch((err) => {
-          options.log.error('error closing connection', err)
-          maConn.abort(err)
-        })
-        break
-      default:
-        break
+    if (options.role === 'client') {
+      // For outbound connections, the remote is expected to start the noise
+      // handshake. Therefore, we need to secure an inbound noise connection
+      // from the server.
+      options.log.trace('%s secure inbound', options.role)
+      await connectionEncrypter.secureInbound(handshakeStream, {
+        remotePeer: options.remotePeerId,
+        signal: options.signal
+      })
+
+      options.log.trace('%s closing handshake datachannel', options.role)
+      handshakeDataChannel.close()
+
+      options.log.trace('%s upgrade outbound', options.role)
+      return await options.upgrader.upgradeOutbound(maConn, {
+        skipProtection: true,
+        skipEncryption: true,
+        muxerFactory,
+        signal: options.signal
+      })
     }
-  })
-
-  // Track opened peer connection
-  options.events?.increment({ peer_connection: true })
-
-  const muxerFactory = new DataChannelMuxerFactory(options, {
-    peerConnection,
-    metrics: options.events,
-    dataChannelOptions: options.dataChannel
-  })
-
-  if (options.role === 'client') {
-    // For outbound connections, the remote is expected to start the noise handshake.
-    // Therefore, we need to secure an inbound noise connection from the remote.
-    options.log.trace('%s secure inbound', options.role)
-    await connectionEncrypter.secureInbound(wrappedDuplex, {
+
+    // For inbound connections, the server is are expected to start the noise
+    // handshake. Therefore, we need to secure an outbound noise connection from
+    // the client.
+    options.log.trace('%s secure outbound', options.role)
+    const result = await connectionEncrypter.secureOutbound(handshakeStream, {
       remotePeer: options.remotePeerId,
       signal: options.signal
     })
 
-    options.log.trace('%s upgrade outbound', options.role)
-    return options.upgrader.upgradeOutbound(maConn, {
+    maConn.remoteAddr = maConn.remoteAddr.encapsulate(`/p2p/${result.remotePeer}`)
+
+    options.log.trace('%s upgrade inbound', options.role)
+
+    await options.upgrader.upgradeInbound(maConn, {
       skipProtection: true,
       skipEncryption: true,
       muxerFactory,
       signal: options.signal
     })
-  }
+  } catch (err) {
+    handshakeDataChannel.close()
 
-  // For inbound connections, we are expected to start the noise handshake.
-  // Therefore, we need to secure an outbound noise connection from the remote.
-  options.log.trace('%s secure outbound', options.role)
-  const result = await connectionEncrypter.secureOutbound(wrappedDuplex, {
-    remotePeer: options.remotePeerId,
-    signal: options.signal
-  })
-  maConn.remoteAddr = maConn.remoteAddr.encapsulate(`/p2p/${result.remotePeer}`)
-
-  options.log.trace('%s upgrade inbound', options.role)
-
-  await options.upgrader.upgradeInbound(maConn, {
-    skipProtection: true,
-    skipEncryption: true,
-    muxerFactory,
-    signal: options.signal
-  })
+    throw err
+  }
 }

package/src/private-to-public/utils/pem.ts

@@ -0,0 +1,18 @@
+import { privateKeyToCryptoKeyPair } from '@libp2p/crypto/keys'
+import { toString as uint8ArrayToString } from 'uint8arrays/to-string'
+import type { PrivateKey } from '@libp2p/interface'
+
+export function toBuffer (uint8Array: Uint8Array): Buffer {
+  return Buffer.from(uint8Array.buffer, uint8Array.byteOffset, uint8Array.byteLength)
+}
+
+export async function formatAsPem (privateKey: PrivateKey): Promise<string> {
+  const keyPair = await privateKeyToCryptoKeyPair(privateKey)
+  const exported = await crypto.subtle.exportKey('pkcs8', keyPair.privateKey)
+
+  return [
+    '-----BEGIN PRIVATE KEY-----',
+    ...uint8ArrayToString(new Uint8Array(exported), 'base64pad').split(/(.{64})/).filter(Boolean),
+    '-----END PRIVATE KEY-----'
+  ].join('\n')
+}

package/src/stream.ts

@@ -60,7 +60,7 @@ export class WebRTCStream extends AbstractStream {
     // override onEnd to send/receive FIN_ACK before closing the stream
     const originalOnEnd = init.onEnd
     init.onEnd = (err?: Error): void => {
-      this.log.trace('readable and writeable ends closed', this.status)
+      this.log.trace('readable and writeable ends closed with status "%s"', this.status)
 
       void Promise.resolve(async () => {
         if (this.timeline.abort != null || this.timeline.reset !== null) {
@@ -77,9 +77,8 @@ export class WebRTCStream extends AbstractStream {
         }
       })
         .then(() => {
-        // stop processing incoming messages
+          // stop processing incoming messages
           this.incomingData.end()
-          this.channel.close()
 
           // final cleanup
           originalOnEnd?.(err)
@@ -87,6 +86,9 @@ export class WebRTCStream extends AbstractStream {
         .catch(err => {
           this.log.error('error ending stream', err)
         })
+        .finally(() => {
+          this.channel.close()
+        })
     }
 
     super(init)
@@ -229,6 +231,7 @@ export class WebRTCStream extends AbstractStream {
     }
 
     try {
+      this.log.trace('sending message, channel state "%s"', this.channel.readyState)
       // send message without copying data
       this.channel.send(data.subarray())
     } catch (err: any) {
@@ -237,8 +240,7 @@ export class WebRTCStream extends AbstractStream {
   }
 
   async sendData (data: Uint8ArrayList): Promise<void> {
-    this.log.trace('-> will send %d bytes', data.byteLength)
-
+    const bytesTotal = data.byteLength
     // sending messages is an async operation so use a copy of the list as it
     // may be changed beneath us
     data = data.sublist()
@@ -248,14 +250,13 @@ export class WebRTCStream extends AbstractStream {
       const buf = data.subarray(0, toSend)
       const messageBuf = Message.encode({ message: buf })
       const sendBuf = lengthPrefixed.encode.single(messageBuf)
-      this.log.trace('-> sending message %s', this.channel.readyState)
+      this.log.trace('sending %d/%d bytes on channel', buf.byteLength, bytesTotal)
       await this._sendMessage(sendBuf)
-      this.log.trace('-> sent message %s', this.channel.readyState)
 
       data.consume(toSend)
     }
 
-    this.log.trace('-> sent data %s', this.channel.readyState)
+    this.log.trace('finished sending data, channel state "%s"', this.channel.readyState)
   }
 
   async sendReset (): Promise<void> {
@@ -263,6 +264,8 @@ export class WebRTCStream extends AbstractStream {
       await this._sendFlag(Message.Flag.RESET)
     } catch (err) {
       this.log.error('failed to send reset - %e', err)
+    } finally {
+      this.channel.close()
     }
   }
 
@@ -387,14 +390,20 @@ export interface WebRTCStreamOptions extends DataChannelOptions {
   onEnd?(err?: Error | undefined): void
 
   logger: ComponentLogger
+
+  /**
+   * If true the underlying datachannel is being used to perform the noise
+   * handshake during connection establishment
+   */
+  handshake?: boolean
 }
 
 export function createStream (options: WebRTCStreamOptions): WebRTCStream {
-  const { channel, direction } = options
+  const { channel, direction, handshake } = options
 
   return new WebRTCStream({
-    id: direction === 'inbound' ? (`i${channel.id}`) : `r${channel.id}`,
-    log: options.logger.forComponent(`libp2p:webrtc:stream:${direction}:${channel.id}`),
+    id: `${channel.id}`,
+    log: options.logger.forComponent(`libp2p:webrtc:stream:${handshake === true ? 'handshake' : direction}:${channel.id}`),
     ...options
   })
 }

package/dist/typedoc-urls.json

@@ -1,14 +0,0 @@
-{
-  "DataChannelOptions": "https://libp2p.github.io/js-libp2p/interfaces/_libp2p_webrtc.DataChannelOptions.html",
-  ".:DataChannelOptions": "https://libp2p.github.io/js-libp2p/interfaces/_libp2p_webrtc.DataChannelOptions.html",
-  "TransportCertificate": "https://libp2p.github.io/js-libp2p/interfaces/_libp2p_webrtc.TransportCertificate.html",
-  ".:TransportCertificate": "https://libp2p.github.io/js-libp2p/interfaces/_libp2p_webrtc.TransportCertificate.html",
-  "WebRTCDirectTransportComponents": "https://libp2p.github.io/js-libp2p/interfaces/_libp2p_webrtc.WebRTCDirectTransportComponents.html",
-  "WebRTCTransportComponents": "https://libp2p.github.io/js-libp2p/interfaces/_libp2p_webrtc.WebRTCTransportComponents.html",
-  "WebRTCTransportDirectInit": "https://libp2p.github.io/js-libp2p/interfaces/_libp2p_webrtc.WebRTCTransportDirectInit.html",
-  "WebRTCTransportInit": "https://libp2p.github.io/js-libp2p/interfaces/_libp2p_webrtc.WebRTCTransportInit.html",
-  "webRTC": "https://libp2p.github.io/js-libp2p/functions/_libp2p_webrtc.webRTC.html",
-  ".:webRTC": "https://libp2p.github.io/js-libp2p/functions/_libp2p_webrtc.webRTC.html",
-  "webRTCDirect": "https://libp2p.github.io/js-libp2p/functions/_libp2p_webrtc.webRTCDirect.html",
-  ".:webRTCDirect": "https://libp2p.github.io/js-libp2p/functions/_libp2p_webrtc.webRTCDirect.html"
-}