@matter/thread-br-client 0.0.1 → 0.17.5-alpha.0-20260706-fd4c49e2e
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +201 -0
- package/README.md +5 -5
- package/dist/cjs/coap/CoapClient.d.ts +2 -2
- package/dist/cjs/coap/CoapClient.d.ts.map +1 -1
- package/dist/cjs/coap/CoapClient.js +9 -16
- package/dist/cjs/coap/CoapClient.js.map +1 -1
- package/dist/cjs/coap/CoapMessage.d.ts +11 -6
- package/dist/cjs/coap/CoapMessage.d.ts.map +1 -1
- package/dist/cjs/coap/CoapMessage.js +8 -5
- package/dist/cjs/coap/CoapMessage.js.map +1 -1
- package/dist/cjs/commissioner/Commissioner.d.ts.map +1 -1
- package/dist/cjs/commissioner/Commissioner.js +5 -2
- package/dist/cjs/commissioner/Commissioner.js.map +1 -1
- package/dist/cjs/commissioner/LeadKa.d.ts +3 -3
- package/dist/cjs/commissioner/LeadKa.d.ts.map +1 -1
- package/dist/cjs/commissioner/LeadKa.js +1 -1
- package/dist/cjs/commissioner/LeadKa.js.map +1 -1
- package/dist/cjs/commissioner/LeadPet.d.ts +3 -2
- package/dist/cjs/commissioner/LeadPet.d.ts.map +1 -1
- package/dist/cjs/commissioner/LeadPet.js +4 -3
- package/dist/cjs/commissioner/LeadPet.js.map +1 -1
- package/dist/cjs/credentials/ThreadCredentialsRegistry.d.ts +5 -5
- package/dist/cjs/credentials/ThreadCredentialsRegistry.d.ts.map +1 -1
- package/dist/cjs/credentials/ThreadCredentialsRegistry.js +10 -9
- package/dist/cjs/credentials/ThreadCredentialsRegistry.js.map +1 -1
- package/dist/cjs/credentials/ThreadNetworkCredentials.d.ts +4 -3
- package/dist/cjs/credentials/ThreadNetworkCredentials.d.ts.map +1 -1
- package/dist/cjs/crypto/AesCmacPrf128.d.ts +4 -14
- package/dist/cjs/crypto/AesCmacPrf128.d.ts.map +1 -1
- package/dist/cjs/crypto/AesCmacPrf128.js +7 -71
- package/dist/cjs/crypto/AesCmacPrf128.js.map +2 -2
- package/dist/cjs/crypto/Pbkdf2AesCmac.d.ts +5 -4
- package/dist/cjs/crypto/Pbkdf2AesCmac.d.ts.map +1 -1
- package/dist/cjs/crypto/Pbkdf2AesCmac.js +5 -4
- package/dist/cjs/crypto/Pbkdf2AesCmac.js.map +1 -1
- package/dist/cjs/crypto/Pskc.d.ts +4 -3
- package/dist/cjs/crypto/Pskc.d.ts.map +1 -1
- package/dist/cjs/crypto/Pskc.js +6 -5
- package/dist/cjs/crypto/Pskc.js.map +1 -1
- package/dist/cjs/crypto/index.d.ts +1 -1
- package/dist/cjs/crypto/index.d.ts.map +1 -1
- package/dist/cjs/crypto/index.js +0 -1
- package/dist/cjs/crypto/index.js.map +1 -1
- package/dist/cjs/dataset/OperationalDataset.d.ts +10 -10
- package/dist/cjs/dataset/OperationalDataset.d.ts.map +1 -1
- package/dist/cjs/dataset/OperationalDataset.js +32 -31
- package/dist/cjs/dataset/OperationalDataset.js.map +1 -1
- package/dist/cjs/dataset/SecurityPolicy.d.ts +3 -2
- package/dist/cjs/dataset/SecurityPolicy.d.ts.map +1 -1
- package/dist/cjs/dataset/SecurityPolicy.js +5 -4
- package/dist/cjs/dataset/SecurityPolicy.js.map +1 -1
- package/dist/cjs/diagnostic/DiagnosticResponse.d.ts +5 -4
- package/dist/cjs/diagnostic/DiagnosticResponse.d.ts.map +1 -1
- package/dist/cjs/diagnostic/DiagnosticSource.d.ts +2 -2
- package/dist/cjs/diagnostic/DiagnosticSource.d.ts.map +1 -1
- package/dist/cjs/diagnostic/MeshCopDiagnosticSource.d.ts +7 -3
- package/dist/cjs/diagnostic/MeshCopDiagnosticSource.d.ts.map +1 -1
- package/dist/cjs/diagnostic/MeshCopDiagnosticSource.js +48 -43
- package/dist/cjs/diagnostic/MeshCopDiagnosticSource.js.map +1 -1
- package/dist/cjs/diagnostic/connectMeshcop.d.ts.map +1 -1
- package/dist/cjs/diagnostic/connectMeshcop.js +5 -12
- package/dist/cjs/diagnostic/connectMeshcop.js.map +1 -1
- package/dist/cjs/diagnostic/errors.d.ts +1 -1
- package/dist/cjs/diagnostic/errors.d.ts.map +1 -1
- package/dist/cjs/discovery/BorderRouterRegistry.d.ts.map +1 -1
- package/dist/cjs/discovery/BorderRouterRegistry.js +2 -4
- package/dist/cjs/discovery/BorderRouterRegistry.js.map +1 -1
- package/dist/cjs/dtls/channel/DtlsConnectOpts.d.ts +3 -3
- package/dist/cjs/dtls/channel/DtlsConnectOpts.d.ts.map +1 -1
- package/dist/cjs/dtls/channel/NobleDtlsChannel.d.ts.map +1 -1
- package/dist/cjs/dtls/channel/NobleDtlsChannel.js +89 -58
- package/dist/cjs/dtls/channel/NobleDtlsChannel.js.map +1 -1
- package/dist/cjs/dtls/ecjpake/EcJpakePms.d.ts +5 -4
- package/dist/cjs/dtls/ecjpake/EcJpakePms.d.ts.map +1 -1
- package/dist/cjs/dtls/ecjpake/EcJpakePms.js +4 -5
- package/dist/cjs/dtls/ecjpake/EcJpakePms.js.map +1 -1
- package/dist/cjs/dtls/ecjpake/EcJpakeRound.d.ts +16 -15
- package/dist/cjs/dtls/ecjpake/EcJpakeRound.d.ts.map +1 -1
- package/dist/cjs/dtls/ecjpake/EcJpakeRound.js +40 -29
- package/dist/cjs/dtls/ecjpake/EcJpakeRound.js.map +1 -1
- package/dist/cjs/dtls/ecjpake/SchnorrZkp.d.ts +10 -9
- package/dist/cjs/dtls/ecjpake/SchnorrZkp.d.ts.map +1 -1
- package/dist/cjs/dtls/ecjpake/SchnorrZkp.js +17 -13
- package/dist/cjs/dtls/ecjpake/SchnorrZkp.js.map +1 -1
- package/dist/cjs/dtls/handshake/ChangeCipherSpec.d.ts +2 -1
- package/dist/cjs/dtls/handshake/ChangeCipherSpec.d.ts.map +1 -1
- package/dist/cjs/dtls/handshake/ChangeCipherSpec.js +3 -1
- package/dist/cjs/dtls/handshake/ChangeCipherSpec.js.map +1 -1
- package/dist/cjs/dtls/handshake/ClientHelloMessage.d.ts +27 -4
- package/dist/cjs/dtls/handshake/ClientHelloMessage.d.ts.map +1 -1
- package/dist/cjs/dtls/handshake/ClientHelloMessage.js +3 -1
- package/dist/cjs/dtls/handshake/ClientHelloMessage.js.map +1 -1
- package/dist/cjs/dtls/handshake/ClientKeyExchangeMessage.d.ts +2 -1
- package/dist/cjs/dtls/handshake/ClientKeyExchangeMessage.d.ts.map +1 -1
- package/dist/cjs/dtls/handshake/ClientKeyExchangeMessage.js.map +1 -1
- package/dist/cjs/dtls/handshake/DtlsClient.d.ts +9 -6
- package/dist/cjs/dtls/handshake/DtlsClient.d.ts.map +1 -1
- package/dist/cjs/dtls/handshake/DtlsClient.js +99 -77
- package/dist/cjs/dtls/handshake/DtlsClient.js.map +1 -1
- package/dist/cjs/dtls/handshake/FinishedMessage.d.ts +10 -3
- package/dist/cjs/dtls/handshake/FinishedMessage.d.ts.map +1 -1
- package/dist/cjs/dtls/handshake/FinishedMessage.js +4 -2
- package/dist/cjs/dtls/handshake/FinishedMessage.js.map +1 -1
- package/dist/cjs/dtls/handshake/HandshakeMessage.d.ts +5 -4
- package/dist/cjs/dtls/handshake/HandshakeMessage.d.ts.map +1 -1
- package/dist/cjs/dtls/handshake/HandshakeMessage.js +13 -11
- package/dist/cjs/dtls/handshake/HandshakeMessage.js.map +1 -1
- package/dist/cjs/dtls/handshake/HelloVerifyRequestMessage.d.ts +19 -2
- package/dist/cjs/dtls/handshake/HelloVerifyRequestMessage.d.ts.map +1 -1
- package/dist/cjs/dtls/handshake/HelloVerifyRequestMessage.js +3 -1
- package/dist/cjs/dtls/handshake/HelloVerifyRequestMessage.js.map +1 -1
- package/dist/cjs/dtls/handshake/ServerHelloDoneMessage.d.ts +2 -1
- package/dist/cjs/dtls/handshake/ServerHelloDoneMessage.d.ts.map +1 -1
- package/dist/cjs/dtls/handshake/ServerHelloDoneMessage.js +3 -2
- package/dist/cjs/dtls/handshake/ServerHelloDoneMessage.js.map +1 -1
- package/dist/cjs/dtls/handshake/ServerHelloMessage.d.ts +4 -3
- package/dist/cjs/dtls/handshake/ServerHelloMessage.d.ts.map +1 -1
- package/dist/cjs/dtls/handshake/ServerHelloMessage.js +3 -1
- package/dist/cjs/dtls/handshake/ServerHelloMessage.js.map +1 -1
- package/dist/cjs/dtls/handshake/ServerKeyExchangeMessage.d.ts +2 -1
- package/dist/cjs/dtls/handshake/ServerKeyExchangeMessage.d.ts.map +1 -1
- package/dist/cjs/dtls/handshake/ServerKeyExchangeMessage.js.map +1 -1
- package/dist/cjs/dtls/prf/HandshakeTranscript.d.ts +7 -5
- package/dist/cjs/dtls/prf/HandshakeTranscript.d.ts.map +1 -1
- package/dist/cjs/dtls/prf/HandshakeTranscript.js +14 -9
- package/dist/cjs/dtls/prf/HandshakeTranscript.js.map +1 -1
- package/dist/cjs/dtls/prf/TlsPrf.d.ts +23 -22
- package/dist/cjs/dtls/prf/TlsPrf.d.ts.map +1 -1
- package/dist/cjs/dtls/prf/TlsPrf.js +33 -30
- package/dist/cjs/dtls/prf/TlsPrf.js.map +1 -1
- package/dist/cjs/dtls/record/AesCcm8.d.ts +13 -12
- package/dist/cjs/dtls/record/AesCcm8.d.ts.map +1 -1
- package/dist/cjs/dtls/record/AesCcm8.js +12 -34
- package/dist/cjs/dtls/record/AesCcm8.js.map +1 -1
- package/dist/cjs/dtls/record/DtlsCipherState.d.ts +11 -10
- package/dist/cjs/dtls/record/DtlsCipherState.d.ts.map +1 -1
- package/dist/cjs/dtls/record/DtlsCipherState.js +10 -6
- package/dist/cjs/dtls/record/DtlsCipherState.js.map +1 -1
- package/dist/cjs/dtls/record/DtlsRecord.d.ts +10 -10
- package/dist/cjs/dtls/record/DtlsRecord.d.ts.map +1 -1
- package/dist/cjs/dtls/record/DtlsRecord.js +10 -8
- package/dist/cjs/dtls/record/DtlsRecord.js.map +1 -1
- package/dist/cjs/otbr-rest/OtbrRestCapability.d.ts +3 -4
- package/dist/cjs/otbr-rest/OtbrRestCapability.d.ts.map +1 -1
- package/dist/cjs/otbr-rest/OtbrRestClient.d.ts +27 -8
- package/dist/cjs/otbr-rest/OtbrRestClient.d.ts.map +1 -1
- package/dist/cjs/otbr-rest/OtbrRestClient.js +50 -20
- package/dist/cjs/otbr-rest/OtbrRestClient.js.map +1 -1
- package/dist/cjs/otbr-rest/OtbrRestDiagnosticSource.d.ts +2 -1
- package/dist/cjs/otbr-rest/OtbrRestDiagnosticSource.d.ts.map +1 -1
- package/dist/cjs/otbr-rest/OtbrRestDiagnosticSource.js +3 -3
- package/dist/cjs/otbr-rest/OtbrRestDiagnosticSource.js.map +1 -1
- package/dist/cjs/otbr-rest/OtbrRestProbe.d.ts +6 -4
- package/dist/cjs/otbr-rest/OtbrRestProbe.d.ts.map +1 -1
- package/dist/cjs/otbr-rest/OtbrRestProbe.js +11 -43
- package/dist/cjs/otbr-rest/OtbrRestProbe.js.map +1 -1
- package/dist/cjs/otbr-rest/caseNormalizer.d.ts +7 -0
- package/dist/cjs/otbr-rest/caseNormalizer.d.ts.map +1 -1
- package/dist/cjs/otbr-rest/caseNormalizer.js +11 -0
- package/dist/cjs/otbr-rest/caseNormalizer.js.map +1 -1
- package/dist/cjs/otbr-rest/parseHexBytes.d.ts +22 -0
- package/dist/cjs/otbr-rest/parseHexBytes.d.ts.map +1 -0
- package/dist/cjs/otbr-rest/parseHexBytes.js +50 -0
- package/dist/cjs/otbr-rest/parseHexBytes.js.map +6 -0
- package/dist/cjs/otbr-rest/translation.d.ts +2 -1
- package/dist/cjs/otbr-rest/translation.d.ts.map +1 -1
- package/dist/cjs/otbr-rest/translation.js +20 -22
- package/dist/cjs/otbr-rest/translation.js.map +1 -1
- package/dist/cjs/selection/selectBr.d.ts +8 -4
- package/dist/cjs/selection/selectBr.d.ts.map +1 -1
- package/dist/cjs/selection/selectBr.js +6 -5
- package/dist/cjs/selection/selectBr.js.map +1 -1
- package/dist/cjs/selection/withExtPanIdLock.d.ts +2 -1
- package/dist/cjs/selection/withExtPanIdLock.d.ts.map +1 -1
- package/dist/cjs/selection/withExtPanIdLock.js.map +1 -1
- package/dist/cjs/tlv/BasicTlvCodec.d.ts +4 -4
- package/dist/cjs/tlv/BasicTlvCodec.d.ts.map +1 -1
- package/dist/cjs/tlv/BasicTlvCodec.js +13 -11
- package/dist/cjs/tlv/BasicTlvCodec.js.map +1 -1
- package/dist/cjs/tlv/NetworkDiagnosticTlv.d.ts +3 -2
- package/dist/cjs/tlv/NetworkDiagnosticTlv.d.ts.map +1 -1
- package/dist/cjs/tlv/NetworkDiagnosticTlv.js.map +1 -1
- package/dist/cjs/tlv/TypeListTlv.d.ts +3 -2
- package/dist/cjs/tlv/TypeListTlv.d.ts.map +1 -1
- package/dist/cjs/tlv/TypeListTlv.js +1 -1
- package/dist/cjs/tlv/TypeListTlv.js.map +1 -1
- package/dist/cjs/tlv/diag/ChildIpv6AddressList.d.ts +3 -2
- package/dist/cjs/tlv/diag/ChildIpv6AddressList.d.ts.map +1 -1
- package/dist/cjs/tlv/diag/ChildIpv6AddressList.js +5 -3
- package/dist/cjs/tlv/diag/ChildIpv6AddressList.js.map +1 -1
- package/dist/cjs/tlv/diag/ChildTable.d.ts +3 -2
- package/dist/cjs/tlv/diag/ChildTable.d.ts.map +1 -1
- package/dist/cjs/tlv/diag/ChildTable.js +7 -6
- package/dist/cjs/tlv/diag/ChildTable.js.map +1 -1
- package/dist/cjs/tlv/diag/Connectivity.d.ts +3 -2
- package/dist/cjs/tlv/diag/Connectivity.d.ts.map +1 -1
- package/dist/cjs/tlv/diag/Connectivity.js +14 -14
- package/dist/cjs/tlv/diag/Connectivity.js.map +1 -1
- package/dist/cjs/tlv/diag/Ipv6AddressList.d.ts +3 -2
- package/dist/cjs/tlv/diag/Ipv6AddressList.d.ts.map +1 -1
- package/dist/cjs/tlv/diag/Ipv6AddressList.js +6 -5
- package/dist/cjs/tlv/diag/Ipv6AddressList.js.map +1 -1
- package/dist/cjs/tlv/diag/LeaderData.d.ts +3 -2
- package/dist/cjs/tlv/diag/LeaderData.d.ts.map +1 -1
- package/dist/cjs/tlv/diag/LeaderData.js +8 -7
- package/dist/cjs/tlv/diag/LeaderData.js.map +1 -1
- package/dist/cjs/tlv/diag/MacCounters.d.ts +3 -2
- package/dist/cjs/tlv/diag/MacCounters.d.ts.map +1 -1
- package/dist/cjs/tlv/diag/MacCounters.js +12 -11
- package/dist/cjs/tlv/diag/MacCounters.js.map +1 -1
- package/dist/cjs/tlv/diag/MleCounters.d.ts +3 -2
- package/dist/cjs/tlv/diag/MleCounters.d.ts.map +1 -1
- package/dist/cjs/tlv/diag/MleCounters.js +18 -17
- package/dist/cjs/tlv/diag/MleCounters.js.map +1 -1
- package/dist/cjs/tlv/diag/Mode.d.ts +3 -2
- package/dist/cjs/tlv/diag/Mode.d.ts.map +1 -1
- package/dist/cjs/tlv/diag/Mode.js +5 -3
- package/dist/cjs/tlv/diag/Mode.js.map +1 -1
- package/dist/cjs/tlv/diag/NetworkData.d.ts +7 -6
- package/dist/cjs/tlv/diag/NetworkData.d.ts.map +1 -1
- package/dist/cjs/tlv/diag/NetworkData.js +23 -18
- package/dist/cjs/tlv/diag/NetworkData.js.map +1 -1
- package/dist/cjs/tlv/diag/Primitives.d.ts +15 -14
- package/dist/cjs/tlv/diag/Primitives.d.ts.map +1 -1
- package/dist/cjs/tlv/diag/Primitives.js +25 -19
- package/dist/cjs/tlv/diag/Primitives.js.map +1 -1
- package/dist/cjs/tlv/diag/Route64.d.ts +3 -2
- package/dist/cjs/tlv/diag/Route64.d.ts.map +1 -1
- package/dist/cjs/tlv/diag/Route64.js +8 -7
- package/dist/cjs/tlv/diag/Route64.js.map +1 -1
- package/dist/cjs/tlv/diag/RouterNeighbor.d.ts +3 -2
- package/dist/cjs/tlv/diag/RouterNeighbor.d.ts.map +1 -1
- package/dist/cjs/tlv/diag/RouterNeighbor.js +13 -11
- package/dist/cjs/tlv/diag/RouterNeighbor.js.map +1 -1
- package/dist/cjs/tlv/diag/Timeout.d.ts +3 -2
- package/dist/cjs/tlv/diag/Timeout.d.ts.map +1 -1
- package/dist/cjs/tlv/diag/Timeout.js +4 -3
- package/dist/cjs/tlv/diag/Timeout.js.map +1 -1
- package/dist/cjs/tlv/diag/VendorInfo.d.ts +13 -12
- package/dist/cjs/tlv/diag/VendorInfo.d.ts.map +1 -1
- package/dist/cjs/tlv/diag/VendorInfo.js +4 -3
- package/dist/cjs/tlv/diag/VendorInfo.js.map +1 -1
- package/dist/cjs/tlv/meshcop/Ip6AddressTlv.d.ts +3 -2
- package/dist/cjs/tlv/meshcop/Ip6AddressTlv.d.ts.map +1 -1
- package/dist/cjs/tlv/meshcop/Ip6AddressTlv.js +7 -4
- package/dist/cjs/tlv/meshcop/Ip6AddressTlv.js.map +1 -1
- package/dist/cjs/tlv/meshcop/UdpEncapsulationTlv.d.ts +4 -3
- package/dist/cjs/tlv/meshcop/UdpEncapsulationTlv.d.ts.map +1 -1
- package/dist/cjs/tlv/meshcop/UdpEncapsulationTlv.js +9 -7
- package/dist/cjs/tlv/meshcop/UdpEncapsulationTlv.js.map +1 -1
- package/dist/cjs/util/meshLocalAddr.d.ts +5 -4
- package/dist/cjs/util/meshLocalAddr.d.ts.map +1 -1
- package/dist/cjs/util/meshLocalAddr.js +6 -4
- package/dist/cjs/util/meshLocalAddr.js.map +1 -1
- package/dist/esm/coap/CoapClient.d.ts +2 -2
- package/dist/esm/coap/CoapClient.d.ts.map +1 -1
- package/dist/esm/coap/CoapClient.js +11 -17
- package/dist/esm/coap/CoapClient.js.map +1 -1
- package/dist/esm/coap/CoapMessage.d.ts +11 -6
- package/dist/esm/coap/CoapMessage.d.ts.map +1 -1
- package/dist/esm/coap/CoapMessage.js +8 -5
- package/dist/esm/coap/CoapMessage.js.map +1 -1
- package/dist/esm/commissioner/Commissioner.d.ts.map +1 -1
- package/dist/esm/commissioner/Commissioner.js +5 -2
- package/dist/esm/commissioner/Commissioner.js.map +1 -1
- package/dist/esm/commissioner/LeadKa.d.ts +3 -3
- package/dist/esm/commissioner/LeadKa.d.ts.map +1 -1
- package/dist/esm/commissioner/LeadKa.js +2 -2
- package/dist/esm/commissioner/LeadKa.js.map +1 -1
- package/dist/esm/commissioner/LeadPet.d.ts +3 -2
- package/dist/esm/commissioner/LeadPet.d.ts.map +1 -1
- package/dist/esm/commissioner/LeadPet.js +4 -3
- package/dist/esm/commissioner/LeadPet.js.map +1 -1
- package/dist/esm/credentials/ThreadCredentialsRegistry.d.ts +5 -5
- package/dist/esm/credentials/ThreadCredentialsRegistry.d.ts.map +1 -1
- package/dist/esm/credentials/ThreadCredentialsRegistry.js +10 -9
- package/dist/esm/credentials/ThreadCredentialsRegistry.js.map +1 -1
- package/dist/esm/credentials/ThreadNetworkCredentials.d.ts +4 -3
- package/dist/esm/credentials/ThreadNetworkCredentials.d.ts.map +1 -1
- package/dist/esm/crypto/AesCmacPrf128.d.ts +4 -14
- package/dist/esm/crypto/AesCmacPrf128.d.ts.map +1 -1
- package/dist/esm/crypto/AesCmacPrf128.js +8 -72
- package/dist/esm/crypto/AesCmacPrf128.js.map +2 -2
- package/dist/esm/crypto/Pbkdf2AesCmac.d.ts +5 -4
- package/dist/esm/crypto/Pbkdf2AesCmac.d.ts.map +1 -1
- package/dist/esm/crypto/Pbkdf2AesCmac.js +6 -5
- package/dist/esm/crypto/Pbkdf2AesCmac.js.map +1 -1
- package/dist/esm/crypto/Pskc.d.ts +4 -3
- package/dist/esm/crypto/Pskc.d.ts.map +1 -1
- package/dist/esm/crypto/Pskc.js +7 -6
- package/dist/esm/crypto/Pskc.js.map +1 -1
- package/dist/esm/crypto/index.d.ts +1 -1
- package/dist/esm/crypto/index.d.ts.map +1 -1
- package/dist/esm/crypto/index.js +1 -2
- package/dist/esm/crypto/index.js.map +1 -1
- package/dist/esm/dataset/OperationalDataset.d.ts +10 -10
- package/dist/esm/dataset/OperationalDataset.d.ts.map +1 -1
- package/dist/esm/dataset/OperationalDataset.js +32 -31
- package/dist/esm/dataset/OperationalDataset.js.map +1 -1
- package/dist/esm/dataset/SecurityPolicy.d.ts +3 -2
- package/dist/esm/dataset/SecurityPolicy.d.ts.map +1 -1
- package/dist/esm/dataset/SecurityPolicy.js +6 -5
- package/dist/esm/dataset/SecurityPolicy.js.map +1 -1
- package/dist/esm/diagnostic/DiagnosticResponse.d.ts +5 -4
- package/dist/esm/diagnostic/DiagnosticResponse.d.ts.map +1 -1
- package/dist/esm/diagnostic/DiagnosticSource.d.ts +2 -2
- package/dist/esm/diagnostic/DiagnosticSource.d.ts.map +1 -1
- package/dist/esm/diagnostic/MeshCopDiagnosticSource.d.ts +7 -3
- package/dist/esm/diagnostic/MeshCopDiagnosticSource.d.ts.map +1 -1
- package/dist/esm/diagnostic/MeshCopDiagnosticSource.js +49 -43
- package/dist/esm/diagnostic/MeshCopDiagnosticSource.js.map +1 -1
- package/dist/esm/diagnostic/connectMeshcop.d.ts.map +1 -1
- package/dist/esm/diagnostic/connectMeshcop.js +6 -13
- package/dist/esm/diagnostic/connectMeshcop.js.map +1 -1
- package/dist/esm/diagnostic/errors.d.ts +1 -1
- package/dist/esm/diagnostic/errors.d.ts.map +1 -1
- package/dist/esm/discovery/BorderRouterRegistry.d.ts.map +1 -1
- package/dist/esm/discovery/BorderRouterRegistry.js +2 -4
- package/dist/esm/discovery/BorderRouterRegistry.js.map +1 -1
- package/dist/esm/dtls/channel/DtlsConnectOpts.d.ts +3 -3
- package/dist/esm/dtls/channel/DtlsConnectOpts.d.ts.map +1 -1
- package/dist/esm/dtls/channel/NobleDtlsChannel.d.ts.map +1 -1
- package/dist/esm/dtls/channel/NobleDtlsChannel.js +90 -58
- package/dist/esm/dtls/channel/NobleDtlsChannel.js.map +1 -1
- package/dist/esm/dtls/ecjpake/EcJpakePms.d.ts +5 -4
- package/dist/esm/dtls/ecjpake/EcJpakePms.d.ts.map +1 -1
- package/dist/esm/dtls/ecjpake/EcJpakePms.js +5 -6
- package/dist/esm/dtls/ecjpake/EcJpakePms.js.map +1 -1
- package/dist/esm/dtls/ecjpake/EcJpakeRound.d.ts +16 -15
- package/dist/esm/dtls/ecjpake/EcJpakeRound.d.ts.map +1 -1
- package/dist/esm/dtls/ecjpake/EcJpakeRound.js +41 -30
- package/dist/esm/dtls/ecjpake/EcJpakeRound.js.map +1 -1
- package/dist/esm/dtls/ecjpake/SchnorrZkp.d.ts +10 -9
- package/dist/esm/dtls/ecjpake/SchnorrZkp.d.ts.map +1 -1
- package/dist/esm/dtls/ecjpake/SchnorrZkp.js +18 -14
- package/dist/esm/dtls/ecjpake/SchnorrZkp.js.map +1 -1
- package/dist/esm/dtls/handshake/ChangeCipherSpec.d.ts +2 -1
- package/dist/esm/dtls/handshake/ChangeCipherSpec.d.ts.map +1 -1
- package/dist/esm/dtls/handshake/ChangeCipherSpec.js +3 -1
- package/dist/esm/dtls/handshake/ChangeCipherSpec.js.map +1 -1
- package/dist/esm/dtls/handshake/ClientHelloMessage.d.ts +27 -4
- package/dist/esm/dtls/handshake/ClientHelloMessage.d.ts.map +1 -1
- package/dist/esm/dtls/handshake/ClientHelloMessage.js +4 -2
- package/dist/esm/dtls/handshake/ClientHelloMessage.js.map +1 -1
- package/dist/esm/dtls/handshake/ClientKeyExchangeMessage.d.ts +2 -1
- package/dist/esm/dtls/handshake/ClientKeyExchangeMessage.d.ts.map +1 -1
- package/dist/esm/dtls/handshake/ClientKeyExchangeMessage.js.map +1 -1
- package/dist/esm/dtls/handshake/DtlsClient.d.ts +9 -6
- package/dist/esm/dtls/handshake/DtlsClient.d.ts.map +1 -1
- package/dist/esm/dtls/handshake/DtlsClient.js +100 -78
- package/dist/esm/dtls/handshake/DtlsClient.js.map +1 -1
- package/dist/esm/dtls/handshake/FinishedMessage.d.ts +10 -3
- package/dist/esm/dtls/handshake/FinishedMessage.d.ts.map +1 -1
- package/dist/esm/dtls/handshake/FinishedMessage.js +5 -3
- package/dist/esm/dtls/handshake/FinishedMessage.js.map +1 -1
- package/dist/esm/dtls/handshake/HandshakeMessage.d.ts +5 -4
- package/dist/esm/dtls/handshake/HandshakeMessage.d.ts.map +1 -1
- package/dist/esm/dtls/handshake/HandshakeMessage.js +14 -12
- package/dist/esm/dtls/handshake/HandshakeMessage.js.map +1 -1
- package/dist/esm/dtls/handshake/HelloVerifyRequestMessage.d.ts +19 -2
- package/dist/esm/dtls/handshake/HelloVerifyRequestMessage.d.ts.map +1 -1
- package/dist/esm/dtls/handshake/HelloVerifyRequestMessage.js +3 -1
- package/dist/esm/dtls/handshake/HelloVerifyRequestMessage.js.map +1 -1
- package/dist/esm/dtls/handshake/ServerHelloDoneMessage.d.ts +2 -1
- package/dist/esm/dtls/handshake/ServerHelloDoneMessage.d.ts.map +1 -1
- package/dist/esm/dtls/handshake/ServerHelloDoneMessage.js +3 -2
- package/dist/esm/dtls/handshake/ServerHelloDoneMessage.js.map +1 -1
- package/dist/esm/dtls/handshake/ServerHelloMessage.d.ts +4 -3
- package/dist/esm/dtls/handshake/ServerHelloMessage.d.ts.map +1 -1
- package/dist/esm/dtls/handshake/ServerHelloMessage.js +3 -1
- package/dist/esm/dtls/handshake/ServerHelloMessage.js.map +1 -1
- package/dist/esm/dtls/handshake/ServerKeyExchangeMessage.d.ts +2 -1
- package/dist/esm/dtls/handshake/ServerKeyExchangeMessage.d.ts.map +1 -1
- package/dist/esm/dtls/handshake/ServerKeyExchangeMessage.js.map +1 -1
- package/dist/esm/dtls/prf/HandshakeTranscript.d.ts +7 -5
- package/dist/esm/dtls/prf/HandshakeTranscript.d.ts.map +1 -1
- package/dist/esm/dtls/prf/HandshakeTranscript.js +15 -10
- package/dist/esm/dtls/prf/HandshakeTranscript.js.map +1 -1
- package/dist/esm/dtls/prf/TlsPrf.d.ts +23 -22
- package/dist/esm/dtls/prf/TlsPrf.d.ts.map +1 -1
- package/dist/esm/dtls/prf/TlsPrf.js +34 -31
- package/dist/esm/dtls/prf/TlsPrf.js.map +1 -1
- package/dist/esm/dtls/record/AesCcm8.d.ts +13 -12
- package/dist/esm/dtls/record/AesCcm8.d.ts.map +1 -1
- package/dist/esm/dtls/record/AesCcm8.js +13 -35
- package/dist/esm/dtls/record/AesCcm8.js.map +1 -1
- package/dist/esm/dtls/record/DtlsCipherState.d.ts +11 -10
- package/dist/esm/dtls/record/DtlsCipherState.d.ts.map +1 -1
- package/dist/esm/dtls/record/DtlsCipherState.js +11 -7
- package/dist/esm/dtls/record/DtlsCipherState.js.map +1 -1
- package/dist/esm/dtls/record/DtlsRecord.d.ts +10 -10
- package/dist/esm/dtls/record/DtlsRecord.d.ts.map +1 -1
- package/dist/esm/dtls/record/DtlsRecord.js +11 -9
- package/dist/esm/dtls/record/DtlsRecord.js.map +1 -1
- package/dist/esm/otbr-rest/OtbrRestCapability.d.ts +3 -4
- package/dist/esm/otbr-rest/OtbrRestCapability.d.ts.map +1 -1
- package/dist/esm/otbr-rest/OtbrRestClient.d.ts +27 -8
- package/dist/esm/otbr-rest/OtbrRestClient.d.ts.map +1 -1
- package/dist/esm/otbr-rest/OtbrRestClient.js +51 -21
- package/dist/esm/otbr-rest/OtbrRestClient.js.map +1 -1
- package/dist/esm/otbr-rest/OtbrRestDiagnosticSource.d.ts +2 -1
- package/dist/esm/otbr-rest/OtbrRestDiagnosticSource.d.ts.map +1 -1
- package/dist/esm/otbr-rest/OtbrRestDiagnosticSource.js +4 -4
- package/dist/esm/otbr-rest/OtbrRestDiagnosticSource.js.map +1 -1
- package/dist/esm/otbr-rest/OtbrRestProbe.d.ts +6 -4
- package/dist/esm/otbr-rest/OtbrRestProbe.d.ts.map +1 -1
- package/dist/esm/otbr-rest/OtbrRestProbe.js +12 -44
- package/dist/esm/otbr-rest/OtbrRestProbe.js.map +1 -1
- package/dist/esm/otbr-rest/caseNormalizer.d.ts +7 -0
- package/dist/esm/otbr-rest/caseNormalizer.d.ts.map +1 -1
- package/dist/esm/otbr-rest/caseNormalizer.js +11 -0
- package/dist/esm/otbr-rest/caseNormalizer.js.map +1 -1
- package/dist/esm/otbr-rest/parseHexBytes.d.ts +22 -0
- package/dist/esm/otbr-rest/parseHexBytes.d.ts.map +1 -0
- package/dist/esm/otbr-rest/parseHexBytes.js +30 -0
- package/dist/esm/otbr-rest/parseHexBytes.js.map +6 -0
- package/dist/esm/otbr-rest/translation.d.ts +2 -1
- package/dist/esm/otbr-rest/translation.d.ts.map +1 -1
- package/dist/esm/otbr-rest/translation.js +16 -18
- package/dist/esm/otbr-rest/translation.js.map +1 -1
- package/dist/esm/selection/selectBr.d.ts +8 -4
- package/dist/esm/selection/selectBr.d.ts.map +1 -1
- package/dist/esm/selection/selectBr.js +6 -5
- package/dist/esm/selection/selectBr.js.map +1 -1
- package/dist/esm/selection/withExtPanIdLock.d.ts +2 -1
- package/dist/esm/selection/withExtPanIdLock.d.ts.map +1 -1
- package/dist/esm/selection/withExtPanIdLock.js.map +1 -1
- package/dist/esm/tlv/BasicTlvCodec.d.ts +4 -4
- package/dist/esm/tlv/BasicTlvCodec.d.ts.map +1 -1
- package/dist/esm/tlv/BasicTlvCodec.js +14 -12
- package/dist/esm/tlv/BasicTlvCodec.js.map +1 -1
- package/dist/esm/tlv/NetworkDiagnosticTlv.d.ts +3 -2
- package/dist/esm/tlv/NetworkDiagnosticTlv.d.ts.map +1 -1
- package/dist/esm/tlv/NetworkDiagnosticTlv.js.map +1 -1
- package/dist/esm/tlv/TypeListTlv.d.ts +3 -2
- package/dist/esm/tlv/TypeListTlv.d.ts.map +1 -1
- package/dist/esm/tlv/TypeListTlv.js +2 -2
- package/dist/esm/tlv/TypeListTlv.js.map +1 -1
- package/dist/esm/tlv/diag/ChildIpv6AddressList.d.ts +3 -2
- package/dist/esm/tlv/diag/ChildIpv6AddressList.d.ts.map +1 -1
- package/dist/esm/tlv/diag/ChildIpv6AddressList.js +5 -3
- package/dist/esm/tlv/diag/ChildIpv6AddressList.js.map +1 -1
- package/dist/esm/tlv/diag/ChildTable.d.ts +3 -2
- package/dist/esm/tlv/diag/ChildTable.d.ts.map +1 -1
- package/dist/esm/tlv/diag/ChildTable.js +8 -7
- package/dist/esm/tlv/diag/ChildTable.js.map +1 -1
- package/dist/esm/tlv/diag/Connectivity.d.ts +3 -2
- package/dist/esm/tlv/diag/Connectivity.d.ts.map +1 -1
- package/dist/esm/tlv/diag/Connectivity.js +14 -14
- package/dist/esm/tlv/diag/Connectivity.js.map +1 -1
- package/dist/esm/tlv/diag/Ipv6AddressList.d.ts +3 -2
- package/dist/esm/tlv/diag/Ipv6AddressList.d.ts.map +1 -1
- package/dist/esm/tlv/diag/Ipv6AddressList.js +7 -6
- package/dist/esm/tlv/diag/Ipv6AddressList.js.map +1 -1
- package/dist/esm/tlv/diag/LeaderData.d.ts +3 -2
- package/dist/esm/tlv/diag/LeaderData.d.ts.map +1 -1
- package/dist/esm/tlv/diag/LeaderData.js +9 -8
- package/dist/esm/tlv/diag/LeaderData.js.map +1 -1
- package/dist/esm/tlv/diag/MacCounters.d.ts +3 -2
- package/dist/esm/tlv/diag/MacCounters.d.ts.map +1 -1
- package/dist/esm/tlv/diag/MacCounters.js +13 -12
- package/dist/esm/tlv/diag/MacCounters.js.map +1 -1
- package/dist/esm/tlv/diag/MleCounters.d.ts +3 -2
- package/dist/esm/tlv/diag/MleCounters.d.ts.map +1 -1
- package/dist/esm/tlv/diag/MleCounters.js +19 -18
- package/dist/esm/tlv/diag/MleCounters.js.map +1 -1
- package/dist/esm/tlv/diag/Mode.d.ts +3 -2
- package/dist/esm/tlv/diag/Mode.d.ts.map +1 -1
- package/dist/esm/tlv/diag/Mode.js +5 -3
- package/dist/esm/tlv/diag/Mode.js.map +1 -1
- package/dist/esm/tlv/diag/NetworkData.d.ts +7 -6
- package/dist/esm/tlv/diag/NetworkData.d.ts.map +1 -1
- package/dist/esm/tlv/diag/NetworkData.js +23 -18
- package/dist/esm/tlv/diag/NetworkData.js.map +1 -1
- package/dist/esm/tlv/diag/Primitives.d.ts +15 -14
- package/dist/esm/tlv/diag/Primitives.d.ts.map +1 -1
- package/dist/esm/tlv/diag/Primitives.js +26 -20
- package/dist/esm/tlv/diag/Primitives.js.map +1 -1
- package/dist/esm/tlv/diag/Route64.d.ts +3 -2
- package/dist/esm/tlv/diag/Route64.d.ts.map +1 -1
- package/dist/esm/tlv/diag/Route64.js +9 -8
- package/dist/esm/tlv/diag/Route64.js.map +1 -1
- package/dist/esm/tlv/diag/RouterNeighbor.d.ts +3 -2
- package/dist/esm/tlv/diag/RouterNeighbor.d.ts.map +1 -1
- package/dist/esm/tlv/diag/RouterNeighbor.js +13 -11
- package/dist/esm/tlv/diag/RouterNeighbor.js.map +1 -1
- package/dist/esm/tlv/diag/Timeout.d.ts +3 -2
- package/dist/esm/tlv/diag/Timeout.d.ts.map +1 -1
- package/dist/esm/tlv/diag/Timeout.js +5 -4
- package/dist/esm/tlv/diag/Timeout.js.map +1 -1
- package/dist/esm/tlv/diag/VendorInfo.d.ts +13 -12
- package/dist/esm/tlv/diag/VendorInfo.d.ts.map +1 -1
- package/dist/esm/tlv/diag/VendorInfo.js +5 -4
- package/dist/esm/tlv/diag/VendorInfo.js.map +1 -1
- package/dist/esm/tlv/meshcop/Ip6AddressTlv.d.ts +3 -2
- package/dist/esm/tlv/meshcop/Ip6AddressTlv.d.ts.map +1 -1
- package/dist/esm/tlv/meshcop/Ip6AddressTlv.js +7 -4
- package/dist/esm/tlv/meshcop/Ip6AddressTlv.js.map +1 -1
- package/dist/esm/tlv/meshcop/UdpEncapsulationTlv.d.ts +4 -3
- package/dist/esm/tlv/meshcop/UdpEncapsulationTlv.d.ts.map +1 -1
- package/dist/esm/tlv/meshcop/UdpEncapsulationTlv.js +10 -8
- package/dist/esm/tlv/meshcop/UdpEncapsulationTlv.js.map +1 -1
- package/dist/esm/util/meshLocalAddr.d.ts +5 -4
- package/dist/esm/util/meshLocalAddr.d.ts.map +1 -1
- package/dist/esm/util/meshLocalAddr.js +7 -5
- package/dist/esm/util/meshLocalAddr.js.map +1 -1
- package/package.json +5 -5
- package/src/coap/CoapClient.ts +13 -20
- package/src/coap/CoapMessage.ts +17 -9
- package/src/commissioner/Commissioner.ts +5 -2
- package/src/commissioner/LeadKa.ts +4 -4
- package/src/commissioner/LeadPet.ts +6 -5
- package/src/credentials/ThreadCredentialsRegistry.ts +14 -13
- package/src/credentials/ThreadNetworkCredentials.ts +5 -3
- package/src/crypto/AesCmacPrf128.ts +10 -87
- package/src/crypto/Pbkdf2AesCmac.ts +14 -10
- package/src/crypto/Pskc.ts +7 -6
- package/src/crypto/index.ts +1 -1
- package/src/dataset/OperationalDataset.ts +48 -47
- package/src/dataset/SecurityPolicy.ts +8 -7
- package/src/diagnostic/DiagnosticResponse.ts +5 -4
- package/src/diagnostic/DiagnosticSource.ts +2 -2
- package/src/diagnostic/MeshCopDiagnosticSource.ts +80 -64
- package/src/diagnostic/connectMeshcop.ts +6 -14
- package/src/diagnostic/errors.ts +1 -1
- package/src/discovery/BorderRouterRegistry.ts +2 -4
- package/src/dtls/channel/DtlsConnectOpts.ts +3 -3
- package/src/dtls/channel/NobleDtlsChannel.ts +96 -60
- package/src/dtls/ecjpake/EcJpakePms.ts +5 -6
- package/src/dtls/ecjpake/EcJpakeRound.ts +57 -37
- package/src/dtls/ecjpake/SchnorrZkp.ts +43 -30
- package/src/dtls/handshake/ChangeCipherSpec.ts +3 -1
- package/src/dtls/handshake/ClientHelloMessage.ts +8 -6
- package/src/dtls/handshake/ClientKeyExchangeMessage.ts +2 -1
- package/src/dtls/handshake/DtlsClient.ts +119 -95
- package/src/dtls/handshake/FinishedMessage.ts +5 -3
- package/src/dtls/handshake/HandshakeMessage.ts +18 -16
- package/src/dtls/handshake/HelloVerifyRequestMessage.ts +3 -1
- package/src/dtls/handshake/ServerHelloDoneMessage.ts +5 -3
- package/src/dtls/handshake/ServerHelloMessage.ts +5 -3
- package/src/dtls/handshake/ServerKeyExchangeMessage.ts +2 -1
- package/src/dtls/prf/HandshakeTranscript.ts +18 -11
- package/src/dtls/prf/TlsPrf.ts +68 -54
- package/src/dtls/record/AesCcm8.ts +23 -49
- package/src/dtls/record/DtlsCipherState.ts +20 -16
- package/src/dtls/record/DtlsRecord.ts +17 -15
- package/src/otbr-rest/OtbrRestCapability.ts +4 -4
- package/src/otbr-rest/OtbrRestClient.ts +64 -29
- package/src/otbr-rest/OtbrRestDiagnosticSource.ts +5 -5
- package/src/otbr-rest/OtbrRestProbe.ts +12 -47
- package/src/otbr-rest/caseNormalizer.ts +17 -0
- package/src/otbr-rest/parseHexBytes.ts +47 -0
- package/src/otbr-rest/translation.ts +24 -22
- package/src/selection/selectBr.ts +26 -13
- package/src/selection/withExtPanIdLock.ts +1 -1
- package/src/tlv/BasicTlvCodec.ts +17 -15
- package/src/tlv/NetworkDiagnosticTlv.ts +3 -2
- package/src/tlv/TypeListTlv.ts +4 -4
- package/src/tlv/diag/ChildIpv6AddressList.ts +8 -5
- package/src/tlv/diag/ChildTable.ts +10 -9
- package/src/tlv/diag/Connectivity.ts +16 -16
- package/src/tlv/diag/Ipv6AddressList.ts +9 -8
- package/src/tlv/diag/LeaderData.ts +11 -10
- package/src/tlv/diag/MacCounters.ts +15 -14
- package/src/tlv/diag/MleCounters.ts +21 -20
- package/src/tlv/diag/Mode.ts +7 -5
- package/src/tlv/diag/NetworkData.ts +31 -26
- package/src/tlv/diag/Primitives.ts +42 -36
- package/src/tlv/diag/Route64.ts +11 -10
- package/src/tlv/diag/RouterNeighbor.ts +16 -13
- package/src/tlv/diag/Timeout.ts +7 -6
- package/src/tlv/diag/VendorInfo.ts +19 -18
- package/src/tlv/meshcop/Ip6AddressTlv.ts +9 -6
- package/src/tlv/meshcop/UdpEncapsulationTlv.ts +13 -11
- package/src/util/meshLocalAddr.ts +10 -8
|
@@ -4,7 +4,7 @@
|
|
|
4
4
|
* SPDX-License-Identifier: Apache-2.0
|
|
5
5
|
*/
|
|
6
6
|
|
|
7
|
-
import { ImplementationError, InternalError } from "@matter/general";
|
|
7
|
+
import { Bytes, Crypto, ImplementationError, InternalError } from "@matter/general";
|
|
8
8
|
import { DtlsError } from "../channel/DtlsChannel.js";
|
|
9
9
|
import { EcJpakePms } from "../ecjpake/EcJpakePms.js";
|
|
10
10
|
import { ECJPAKE_ID_CLIENT, ECJPAKE_ID_SERVER, EcJpakeRound } from "../ecjpake/EcJpakeRound.js";
|
|
@@ -52,10 +52,12 @@ export type DtlsClientState =
|
|
|
52
52
|
| "failed";
|
|
53
53
|
|
|
54
54
|
export interface DtlsClientConfig {
|
|
55
|
+
/** Crypto backend threaded through record codec, EC-JPAKE, PRF and transcript. */
|
|
56
|
+
crypto: Crypto;
|
|
55
57
|
/** EC-JPAKE password (PSKc bytes for Thread). Hashed by mbedTLS as the integer of these bytes. */
|
|
56
|
-
password:
|
|
58
|
+
password: Bytes;
|
|
57
59
|
/** Returns 32 bytes for `ClientHello.random`. Production: CSPRNG. */
|
|
58
|
-
random: () =>
|
|
60
|
+
random: () => Bytes;
|
|
59
61
|
/**
|
|
60
62
|
* Returns a fresh scalar in [1, n-1]. Called five times per attempt:
|
|
61
63
|
* x1, x2 (round-1 private keys), v1, v2 (round-1 ZKP ephemerals), v3 (round-2 ZKP ephemeral).
|
|
@@ -71,7 +73,7 @@ export interface DtlsClientConfig {
|
|
|
71
73
|
|
|
72
74
|
export interface DtlsClientStep {
|
|
73
75
|
/** Records to emit on the wire (already framed as DTLS records). */
|
|
74
|
-
records:
|
|
76
|
+
records: Bytes[];
|
|
75
77
|
}
|
|
76
78
|
|
|
77
79
|
const RANDOM_LEN = 32;
|
|
@@ -85,14 +87,14 @@ interface InboundRecord {
|
|
|
85
87
|
|
|
86
88
|
interface InboundHandshake {
|
|
87
89
|
msgType: HandshakeType;
|
|
88
|
-
body:
|
|
90
|
+
body: Bytes;
|
|
89
91
|
/** TLS-form bytes for transcript hashing. */
|
|
90
|
-
transcriptBytes:
|
|
92
|
+
transcriptBytes: Bytes;
|
|
91
93
|
}
|
|
92
94
|
|
|
93
|
-
function bigintFromBE(bytes:
|
|
95
|
+
function bigintFromBE(bytes: Bytes): bigint {
|
|
94
96
|
let v = 0n;
|
|
95
|
-
for (const byte of bytes) {
|
|
97
|
+
for (const byte of Bytes.of(bytes)) {
|
|
96
98
|
v = (v << 8n) | BigInt(byte);
|
|
97
99
|
}
|
|
98
100
|
return v;
|
|
@@ -100,31 +102,34 @@ function bigintFromBE(bytes: Uint8Array): bigint {
|
|
|
100
102
|
|
|
101
103
|
export class DtlsClient {
|
|
102
104
|
readonly #config: DtlsClientConfig;
|
|
105
|
+
readonly #crypto: Crypto;
|
|
103
106
|
|
|
104
107
|
#state: DtlsClientState = "initial";
|
|
105
|
-
#transcript
|
|
108
|
+
#transcript: HandshakeTranscript;
|
|
106
109
|
#handshakeMessageSeq = 0;
|
|
107
110
|
#recordSeq = 0n;
|
|
108
111
|
#lastFlight = new Array<Uint8Array>();
|
|
109
112
|
|
|
110
113
|
#x2!: bigint;
|
|
111
|
-
#X1!:
|
|
112
|
-
#X2!:
|
|
114
|
+
#X1!: Bytes;
|
|
115
|
+
#X2!: Bytes;
|
|
113
116
|
/** Round-1 wire bytes — bytes-identical across cookie-exchange retries (mbedTLS `ecjpake_cache`). */
|
|
114
|
-
#round1Bytes!:
|
|
117
|
+
#round1Bytes!: Bytes;
|
|
115
118
|
|
|
116
119
|
/** 32-byte ClientHello.random — bytes-identical across cookie retries. */
|
|
117
|
-
#clientRandom!:
|
|
120
|
+
#clientRandom!: Bytes;
|
|
118
121
|
|
|
119
|
-
#X3?:
|
|
120
|
-
#X4?:
|
|
121
|
-
#serverRandom?:
|
|
122
|
+
#X3?: Bytes;
|
|
123
|
+
#X4?: Bytes;
|
|
124
|
+
#serverRandom?: Bytes;
|
|
122
125
|
|
|
123
126
|
#masterSecret?: Uint8Array;
|
|
124
127
|
#cipherState?: DtlsCipherState;
|
|
125
128
|
|
|
126
129
|
constructor(config: DtlsClientConfig) {
|
|
127
130
|
this.#config = config;
|
|
131
|
+
this.#crypto = config.crypto;
|
|
132
|
+
this.#transcript = new HandshakeTranscript(this.#crypto);
|
|
128
133
|
}
|
|
129
134
|
|
|
130
135
|
state(): DtlsClientState {
|
|
@@ -145,11 +150,11 @@ export class DtlsClient {
|
|
|
145
150
|
}
|
|
146
151
|
|
|
147
152
|
/** Initial flight: ClientHello with empty cookie. */
|
|
148
|
-
start(): DtlsClientStep {
|
|
153
|
+
async start(): Promise<DtlsClientStep> {
|
|
149
154
|
if (this.#state !== "initial") {
|
|
150
155
|
throw new ImplementationError(`DtlsClient.start() called in state '${this.#state}'`);
|
|
151
156
|
}
|
|
152
|
-
const random = this.#config.random();
|
|
157
|
+
const random = Bytes.of(this.#config.random());
|
|
153
158
|
if (random.length !== RANDOM_LEN) {
|
|
154
159
|
throw new ImplementationError(
|
|
155
160
|
`DtlsClient config.random() returned ${random.length} bytes, need ${RANDOM_LEN}`,
|
|
@@ -160,41 +165,42 @@ export class DtlsClient {
|
|
|
160
165
|
const x2 = this.#config.ephemeralScalar();
|
|
161
166
|
const v1 = this.#config.ephemeralScalar();
|
|
162
167
|
const v2 = this.#config.ephemeralScalar();
|
|
163
|
-
const round1 = EcJpakeRound.buildRound1({ x1, x2, v1, v2, id: ECJPAKE_ID_CLIENT });
|
|
168
|
+
const round1 = await EcJpakeRound.buildRound1(this.#crypto, { x1, x2, v1, v2, id: ECJPAKE_ID_CLIENT });
|
|
164
169
|
this.#x2 = x2;
|
|
165
170
|
this.#X1 = round1.kp1.X;
|
|
166
171
|
this.#X2 = round1.kp2.X;
|
|
167
172
|
this.#round1Bytes = EcJpakeRound.serializeRound1(round1.kp1, round1.kp2);
|
|
168
173
|
|
|
169
|
-
const records = this.#emitClientHello(new Uint8Array(0), false);
|
|
174
|
+
const records = await this.#emitClientHello(new Uint8Array(0), false);
|
|
170
175
|
this.#state = "sent_first_clienthello";
|
|
171
176
|
return { records };
|
|
172
177
|
}
|
|
173
178
|
|
|
174
179
|
/** Re-emit the last flight bytes-identically (RFC 6347 §4.2.4). */
|
|
175
|
-
onRetransmit(): DtlsClientStep {
|
|
180
|
+
async onRetransmit(): Promise<DtlsClientStep> {
|
|
176
181
|
if (this.#state === "initial" || this.#state === "established" || this.#state === "failed") {
|
|
177
182
|
throw new ImplementationError(`DtlsClient.onRetransmit() called in state '${this.#state}'`);
|
|
178
183
|
}
|
|
179
184
|
return { records: this.#lastFlight.map(r => r.slice()) };
|
|
180
185
|
}
|
|
181
186
|
|
|
182
|
-
onDatagram(bytes:
|
|
187
|
+
async onDatagram(bytes: Bytes): Promise<DtlsClientStep> {
|
|
183
188
|
if (this.#state === "established" || this.#state === "failed" || this.#state === "initial") {
|
|
184
189
|
throw new ImplementationError(`DtlsClient.onDatagram() called in state '${this.#state}'`);
|
|
185
190
|
}
|
|
191
|
+
const buf = Bytes.of(bytes);
|
|
186
192
|
try {
|
|
187
193
|
switch (this.#state) {
|
|
188
194
|
case "sent_first_clienthello":
|
|
189
|
-
return this.#handleHelloVerifyOrServerHello(this.#splitDatagramIntoRecords(
|
|
195
|
+
return await this.#handleHelloVerifyOrServerHello(await this.#splitDatagramIntoRecords(buf));
|
|
190
196
|
case "sent_clienthello_with_cookie":
|
|
191
|
-
return this.#handleServerHelloFlight(this.#splitDatagramIntoRecords(
|
|
197
|
+
return await this.#handleServerHelloFlight(await this.#splitDatagramIntoRecords(buf));
|
|
192
198
|
case "sent_clientkeyexchange_flight":
|
|
193
199
|
// Cannot eagerly split this datagram — the encrypted Finished record is at
|
|
194
200
|
// epoch 1 and needs the CCS earlier in the same datagram to bump the read
|
|
195
201
|
// epoch first. Walk the record envelopes lazily so CCS arrives before the
|
|
196
202
|
// AEAD decrypt is attempted.
|
|
197
|
-
return this.#handleServerFinishedFlightLazy(
|
|
203
|
+
return await this.#handleServerFinishedFlightLazy(buf);
|
|
198
204
|
default:
|
|
199
205
|
throw new InternalError(`DtlsClient: state ${this.#state} cannot consume a datagram`);
|
|
200
206
|
}
|
|
@@ -207,12 +213,12 @@ export class DtlsClient {
|
|
|
207
213
|
// -----------------------------------------------------------------------
|
|
208
214
|
// Datagram / record splitting
|
|
209
215
|
|
|
210
|
-
#splitDatagramIntoRecords(bytes: Uint8Array): InboundRecord[] {
|
|
216
|
+
async #splitDatagramIntoRecords(bytes: Uint8Array): Promise<InboundRecord[]> {
|
|
211
217
|
const out = new Array<InboundRecord>();
|
|
212
218
|
let p = 0;
|
|
213
219
|
while (p < bytes.length) {
|
|
214
|
-
const { record, consumed } = DtlsRecord.decode(bytes.subarray(p), this.#cipherState);
|
|
215
|
-
out.push(record);
|
|
220
|
+
const { record, consumed } = await DtlsRecord.decode(this.#crypto, bytes.subarray(p), this.#cipherState);
|
|
221
|
+
out.push({ ...record, fragment: Bytes.of(record.fragment) });
|
|
216
222
|
p += consumed;
|
|
217
223
|
}
|
|
218
224
|
return out;
|
|
@@ -241,7 +247,7 @@ export class DtlsClient {
|
|
|
241
247
|
// -----------------------------------------------------------------------
|
|
242
248
|
// Outbound encoding helpers
|
|
243
249
|
|
|
244
|
-
#emitClientHello(cookie:
|
|
250
|
+
async #emitClientHello(cookie: Bytes, contributesToTranscript: boolean): Promise<Uint8Array[]> {
|
|
245
251
|
const body = ClientHelloMessage.build({
|
|
246
252
|
random: this.#clientRandom,
|
|
247
253
|
cookie,
|
|
@@ -261,12 +267,14 @@ export class DtlsClient {
|
|
|
261
267
|
}),
|
|
262
268
|
);
|
|
263
269
|
}
|
|
264
|
-
const record =
|
|
265
|
-
|
|
266
|
-
|
|
267
|
-
|
|
268
|
-
|
|
269
|
-
|
|
270
|
+
const record = Bytes.of(
|
|
271
|
+
await DtlsRecord.encode(this.#crypto, {
|
|
272
|
+
type: ContentType.HANDSHAKE,
|
|
273
|
+
epoch: 0,
|
|
274
|
+
sequenceNumber: this.#recordSeq,
|
|
275
|
+
fragment: handshake,
|
|
276
|
+
}),
|
|
277
|
+
);
|
|
270
278
|
this.#recordSeq += 1n;
|
|
271
279
|
this.#handshakeMessageSeq += 1;
|
|
272
280
|
this.#lastFlight = [record];
|
|
@@ -276,7 +284,7 @@ export class DtlsClient {
|
|
|
276
284
|
// -----------------------------------------------------------------------
|
|
277
285
|
// State handlers
|
|
278
286
|
|
|
279
|
-
#handleHelloVerifyOrServerHello(records: InboundRecord[]): DtlsClientStep {
|
|
287
|
+
async #handleHelloVerifyOrServerHello(records: InboundRecord[]): Promise<DtlsClientStep> {
|
|
280
288
|
const messages = this.#extractHandshakeMessages(records);
|
|
281
289
|
if (messages.length === 0) {
|
|
282
290
|
throw new DtlsError("DtlsClient: expected handshake message, got none");
|
|
@@ -285,14 +293,14 @@ export class DtlsClient {
|
|
|
285
293
|
const { cookie } = HelloVerifyRequestMessage.parse(messages[0].body);
|
|
286
294
|
// RFC 6347 §4.2.6: the first ClientHello and HelloVerifyRequest are NOT in the
|
|
287
295
|
// transcript; the transcript starts with the second ClientHello.
|
|
288
|
-
this.#transcript = new HandshakeTranscript();
|
|
289
|
-
const records2 = this.#emitClientHello(cookie, true);
|
|
296
|
+
this.#transcript = new HandshakeTranscript(this.#crypto);
|
|
297
|
+
const records2 = await this.#emitClientHello(cookie, true);
|
|
290
298
|
this.#state = "sent_clienthello_with_cookie";
|
|
291
299
|
return { records: records2 };
|
|
292
300
|
}
|
|
293
301
|
// Cookieless server (mbedTLS always cookies, but the spec allows skipping). Seed the
|
|
294
302
|
// transcript with our first (and only) ClientHello — the bytes match what we sent.
|
|
295
|
-
this.#transcript = new HandshakeTranscript();
|
|
303
|
+
this.#transcript = new HandshakeTranscript(this.#crypto);
|
|
296
304
|
const firstHelloBody = ClientHelloMessage.build({
|
|
297
305
|
random: this.#clientRandom,
|
|
298
306
|
cookie: new Uint8Array(0),
|
|
@@ -305,15 +313,15 @@ export class DtlsClient {
|
|
|
305
313
|
body: firstHelloBody,
|
|
306
314
|
}),
|
|
307
315
|
);
|
|
308
|
-
return this.#consumeServerFlight(messages);
|
|
316
|
+
return await this.#consumeServerFlight(messages);
|
|
309
317
|
}
|
|
310
318
|
|
|
311
|
-
#handleServerHelloFlight(records: InboundRecord[]): DtlsClientStep {
|
|
319
|
+
async #handleServerHelloFlight(records: InboundRecord[]): Promise<DtlsClientStep> {
|
|
312
320
|
const messages = this.#extractHandshakeMessages(records);
|
|
313
|
-
return this.#consumeServerFlight(messages);
|
|
321
|
+
return await this.#consumeServerFlight(messages);
|
|
314
322
|
}
|
|
315
323
|
|
|
316
|
-
#consumeServerFlight(messages: InboundHandshake[]): DtlsClientStep {
|
|
324
|
+
async #consumeServerFlight(messages: InboundHandshake[]): Promise<DtlsClientStep> {
|
|
317
325
|
if (messages.length < 3) {
|
|
318
326
|
throw new DtlsError(
|
|
319
327
|
`DtlsClient: server flight needs ServerHello+ServerKeyExchange+ServerHelloDone, got ${messages.length} message(s)`,
|
|
@@ -342,20 +350,20 @@ export class DtlsClient {
|
|
|
342
350
|
this.#X4 = serverRound1.kp2.X;
|
|
343
351
|
// Verify the server's round-1 ZKPs against the curve base point.
|
|
344
352
|
if (
|
|
345
|
-
!SchnorrZkp.verify({
|
|
353
|
+
!(await SchnorrZkp.verify(this.#crypto, {
|
|
346
354
|
zkp: serverRound1.kp1.zkp,
|
|
347
355
|
publicKey: serverRound1.kp1.X,
|
|
348
356
|
id: ECJPAKE_ID_SERVER,
|
|
349
|
-
})
|
|
357
|
+
}))
|
|
350
358
|
) {
|
|
351
359
|
throw new DtlsError("DtlsClient: server round-1 KP1 ZKP verification failed");
|
|
352
360
|
}
|
|
353
361
|
if (
|
|
354
|
-
!SchnorrZkp.verify({
|
|
362
|
+
!(await SchnorrZkp.verify(this.#crypto, {
|
|
355
363
|
zkp: serverRound1.kp2.zkp,
|
|
356
364
|
publicKey: serverRound1.kp2.X,
|
|
357
365
|
id: ECJPAKE_ID_SERVER,
|
|
358
|
-
})
|
|
366
|
+
}))
|
|
359
367
|
) {
|
|
360
368
|
throw new DtlsError("DtlsClient: server round-1 KP2 ZKP verification failed");
|
|
361
369
|
}
|
|
@@ -369,11 +377,11 @@ export class DtlsClient {
|
|
|
369
377
|
Xm1: this.#X3,
|
|
370
378
|
});
|
|
371
379
|
if (
|
|
372
|
-
!EcJpakeRound.verifyRound2Zkp({
|
|
380
|
+
!(await EcJpakeRound.verifyRound2Zkp(this.#crypto, {
|
|
373
381
|
kp: skeKp,
|
|
374
382
|
generator: serverGenerator,
|
|
375
383
|
peerId: ECJPAKE_ID_SERVER,
|
|
376
|
-
})
|
|
384
|
+
}))
|
|
377
385
|
) {
|
|
378
386
|
throw new DtlsError("DtlsClient: server round-2 ZKP verification failed");
|
|
379
387
|
}
|
|
@@ -386,14 +394,14 @@ export class DtlsClient {
|
|
|
386
394
|
this.#transcript.appendHandshakeMessage(shd.transcriptBytes);
|
|
387
395
|
|
|
388
396
|
this.#state = "received_serverhello_flight";
|
|
389
|
-
return this.#emitClientFlight(skeKp.X);
|
|
397
|
+
return await this.#emitClientFlight(skeKp.X);
|
|
390
398
|
}
|
|
391
399
|
|
|
392
400
|
/**
|
|
393
401
|
* Build the client's CKE + CCS + Finished flight and arm the cipher state.
|
|
394
402
|
* `serverRound2X` is the server's round-2 public point (`Xp` for the PMS derivation).
|
|
395
403
|
*/
|
|
396
|
-
#emitClientFlight(serverRound2X:
|
|
404
|
+
async #emitClientFlight(serverRound2X: Bytes): Promise<DtlsClientStep> {
|
|
397
405
|
if (this.#X3 === undefined || this.#X4 === undefined || this.#serverRandom === undefined) {
|
|
398
406
|
throw new InternalError("DtlsClient: emitClientFlight called before server flight was parsed");
|
|
399
407
|
}
|
|
@@ -406,7 +414,7 @@ export class DtlsClient {
|
|
|
406
414
|
Xp2: this.#X4,
|
|
407
415
|
Xm1: this.#X1,
|
|
408
416
|
});
|
|
409
|
-
const clientRound2 = EcJpakeRound.buildRound2({
|
|
417
|
+
const clientRound2 = await EcJpakeRound.buildRound2(this.#crypto, {
|
|
410
418
|
xm2: this.#x2,
|
|
411
419
|
s,
|
|
412
420
|
v: v3,
|
|
@@ -432,19 +440,21 @@ export class DtlsClient {
|
|
|
432
440
|
);
|
|
433
441
|
|
|
434
442
|
// Derive PMS, master_secret, key_block, cipher state.
|
|
435
|
-
const pms = EcJpakePms.derive({
|
|
443
|
+
const pms = await EcJpakePms.derive(this.#crypto, {
|
|
436
444
|
Xp: serverRound2X,
|
|
437
445
|
Xp2: this.#X4,
|
|
438
446
|
xm2: this.#x2,
|
|
439
447
|
s,
|
|
440
448
|
});
|
|
441
|
-
const masterSecret =
|
|
442
|
-
|
|
443
|
-
|
|
444
|
-
|
|
445
|
-
|
|
449
|
+
const masterSecret = Bytes.of(
|
|
450
|
+
await TlsPrf.masterSecret(this.#crypto, {
|
|
451
|
+
premasterSecret: pms,
|
|
452
|
+
clientRandom: this.#clientRandom,
|
|
453
|
+
serverRandom: this.#serverRandom,
|
|
454
|
+
}),
|
|
455
|
+
);
|
|
446
456
|
this.#masterSecret = masterSecret;
|
|
447
|
-
const keyBlock = TlsPrf.keyBlock({
|
|
457
|
+
const keyBlock = await TlsPrf.keyBlock(this.#crypto, {
|
|
448
458
|
masterSecret,
|
|
449
459
|
clientRandom: this.#clientRandom,
|
|
450
460
|
serverRandom: this.#serverRandom,
|
|
@@ -458,11 +468,13 @@ export class DtlsClient {
|
|
|
458
468
|
this.#cipherState = cipherState;
|
|
459
469
|
|
|
460
470
|
// Compute client Finished verify_data over the transcript (CH..SHD..CKE).
|
|
461
|
-
const verifyData =
|
|
462
|
-
|
|
463
|
-
|
|
464
|
-
|
|
465
|
-
|
|
471
|
+
const verifyData = Bytes.of(
|
|
472
|
+
await TlsPrf.verifyData(this.#crypto, {
|
|
473
|
+
masterSecret,
|
|
474
|
+
role: "client",
|
|
475
|
+
transcriptDigest: await this.#transcript.digest(),
|
|
476
|
+
}),
|
|
477
|
+
);
|
|
466
478
|
const finishedBody = FinishedMessage.build(verifyData);
|
|
467
479
|
const finishedMsgSeq = this.#handshakeMessageSeq;
|
|
468
480
|
const finishedHandshake = HandshakeMessage.encode({
|
|
@@ -481,30 +493,37 @@ export class DtlsClient {
|
|
|
481
493
|
}),
|
|
482
494
|
);
|
|
483
495
|
|
|
484
|
-
const ckeRecord =
|
|
485
|
-
|
|
486
|
-
|
|
487
|
-
|
|
488
|
-
|
|
489
|
-
|
|
496
|
+
const ckeRecord = Bytes.of(
|
|
497
|
+
await DtlsRecord.encode(this.#crypto, {
|
|
498
|
+
type: ContentType.HANDSHAKE,
|
|
499
|
+
epoch: 0,
|
|
500
|
+
sequenceNumber: this.#recordSeq,
|
|
501
|
+
fragment: ckeHandshake,
|
|
502
|
+
}),
|
|
503
|
+
);
|
|
490
504
|
this.#recordSeq += 1n;
|
|
491
|
-
const ccsRecord =
|
|
492
|
-
|
|
493
|
-
|
|
494
|
-
|
|
495
|
-
|
|
496
|
-
|
|
505
|
+
const ccsRecord = Bytes.of(
|
|
506
|
+
await DtlsRecord.encode(this.#crypto, {
|
|
507
|
+
type: ContentType.CHANGE_CIPHER_SPEC,
|
|
508
|
+
epoch: 0,
|
|
509
|
+
sequenceNumber: this.#recordSeq,
|
|
510
|
+
fragment: CHANGE_CIPHER_SPEC_BODY,
|
|
511
|
+
}),
|
|
512
|
+
);
|
|
497
513
|
this.#recordSeq += 1n;
|
|
498
514
|
cipherState.advanceWriteEpoch();
|
|
499
515
|
const finishedSeq = cipherState.nextWriteSeq();
|
|
500
|
-
const finishedRecord =
|
|
501
|
-
|
|
502
|
-
|
|
503
|
-
|
|
504
|
-
|
|
505
|
-
|
|
506
|
-
|
|
507
|
-
|
|
516
|
+
const finishedRecord = Bytes.of(
|
|
517
|
+
await DtlsRecord.encode(
|
|
518
|
+
this.#crypto,
|
|
519
|
+
{
|
|
520
|
+
type: ContentType.HANDSHAKE,
|
|
521
|
+
epoch: cipherState.writeEpoch,
|
|
522
|
+
sequenceNumber: finishedSeq,
|
|
523
|
+
fragment: finishedHandshake,
|
|
524
|
+
},
|
|
525
|
+
cipherState,
|
|
526
|
+
),
|
|
508
527
|
);
|
|
509
528
|
|
|
510
529
|
const flight = [ckeRecord, ccsRecord, finishedRecord];
|
|
@@ -520,14 +539,14 @@ export class DtlsClient {
|
|
|
520
539
|
* `DtlsRecord.decode` for both records would feed CCS to the codec only after the
|
|
521
540
|
* decrypt of the Finished record had already failed with a wrong-epoch error.
|
|
522
541
|
*/
|
|
523
|
-
#handleServerFinishedFlightLazy(bytes: Uint8Array): DtlsClientStep {
|
|
542
|
+
async #handleServerFinishedFlightLazy(bytes: Uint8Array): Promise<DtlsClientStep> {
|
|
524
543
|
const cipherState = this.#cipherState;
|
|
525
544
|
const masterSecret = this.#masterSecret;
|
|
526
545
|
if (cipherState === undefined || masterSecret === undefined) {
|
|
527
546
|
throw new InternalError("DtlsClient: server-finished handler reached without armed cipher state");
|
|
528
547
|
}
|
|
529
548
|
let sawCcs = false;
|
|
530
|
-
let serverFinishedBody:
|
|
549
|
+
let serverFinishedBody: Bytes | undefined;
|
|
531
550
|
let serverFinishedMsgSeq = 0;
|
|
532
551
|
let p = 0;
|
|
533
552
|
while (p < bytes.length) {
|
|
@@ -542,7 +561,7 @@ export class DtlsClient {
|
|
|
542
561
|
}
|
|
543
562
|
const recordBytes = bytes.subarray(p, recordEnd);
|
|
544
563
|
const stateForDecode = epoch === 0 ? undefined : cipherState;
|
|
545
|
-
const { record } = DtlsRecord.decode(recordBytes, stateForDecode);
|
|
564
|
+
const { record } = await DtlsRecord.decode(this.#crypto, recordBytes, stateForDecode);
|
|
546
565
|
if (record.type === ContentType.CHANGE_CIPHER_SPEC) {
|
|
547
566
|
ChangeCipherSpec.parse(record.fragment);
|
|
548
567
|
cipherState.advanceReadEpoch();
|
|
@@ -556,9 +575,10 @@ export class DtlsClient {
|
|
|
556
575
|
`DtlsClient: server Finished record at epoch ${record.epoch}, expected ${cipherState.readEpoch}`,
|
|
557
576
|
);
|
|
558
577
|
}
|
|
578
|
+
const fragment = Bytes.of(record.fragment);
|
|
559
579
|
let q = 0;
|
|
560
|
-
while (q <
|
|
561
|
-
const { message, consumed } = HandshakeMessage.decode(
|
|
580
|
+
while (q < fragment.length) {
|
|
581
|
+
const { message, consumed } = HandshakeMessage.decode(fragment.subarray(q));
|
|
562
582
|
if (message.msgType !== HandshakeType.FINISHED) {
|
|
563
583
|
throw new DtlsError(`DtlsClient: expected Finished, got msg_type=${message.msgType}`);
|
|
564
584
|
}
|
|
@@ -577,11 +597,13 @@ export class DtlsClient {
|
|
|
577
597
|
// Snapshot the transcript BEFORE appending the server's Finished body — the server's
|
|
578
598
|
// verify_data was computed over (CH..SHD..CKE..clientFinished), exactly the digest we
|
|
579
599
|
// already hold from the previous append in #emitClientFlight.
|
|
580
|
-
const expected =
|
|
581
|
-
|
|
582
|
-
|
|
583
|
-
|
|
584
|
-
|
|
600
|
+
const expected = Bytes.of(
|
|
601
|
+
await TlsPrf.verifyData(this.#crypto, {
|
|
602
|
+
masterSecret,
|
|
603
|
+
role: "server",
|
|
604
|
+
transcriptDigest: await this.#transcript.digest(),
|
|
605
|
+
}),
|
|
606
|
+
);
|
|
585
607
|
const actual = FinishedMessage.parse(serverFinishedBody).verifyData;
|
|
586
608
|
if (!constantTimeEqual(expected, actual)) {
|
|
587
609
|
throw new DtlsError("DtlsClient: server Finished verify_data mismatch");
|
|
@@ -598,7 +620,9 @@ export class DtlsClient {
|
|
|
598
620
|
}
|
|
599
621
|
}
|
|
600
622
|
|
|
601
|
-
function constantTimeEqual(
|
|
623
|
+
function constantTimeEqual(rawA: Bytes, rawB: Bytes): boolean {
|
|
624
|
+
const a = Bytes.of(rawA);
|
|
625
|
+
const b = Bytes.of(rawB);
|
|
602
626
|
if (a.length !== b.length || a.length !== FINISHED_VERIFY_DATA_LEN) {
|
|
603
627
|
return false;
|
|
604
628
|
}
|
|
@@ -11,13 +11,14 @@
|
|
|
11
11
|
* `TlsPrf.verifyData` and the state machine.
|
|
12
12
|
*/
|
|
13
13
|
|
|
14
|
-
import { InternalError } from "@matter/general";
|
|
14
|
+
import { Bytes, InternalError } from "@matter/general";
|
|
15
15
|
import { DtlsError } from "../channel/DtlsChannel.js";
|
|
16
16
|
|
|
17
17
|
const VERIFY_DATA_LEN = 12;
|
|
18
18
|
|
|
19
19
|
export const FinishedMessage = {
|
|
20
|
-
build(
|
|
20
|
+
build(rawVerifyData: Bytes): Bytes {
|
|
21
|
+
const verifyData = Bytes.of(rawVerifyData);
|
|
21
22
|
if (verifyData.length !== VERIFY_DATA_LEN) {
|
|
22
23
|
throw new InternalError(`Finished verify_data must be ${VERIFY_DATA_LEN} bytes, got ${verifyData.length}`);
|
|
23
24
|
}
|
|
@@ -25,7 +26,8 @@ export const FinishedMessage = {
|
|
|
25
26
|
return verifyData.slice();
|
|
26
27
|
},
|
|
27
28
|
|
|
28
|
-
parse(
|
|
29
|
+
parse(rawBody: Bytes): { verifyData: Bytes } {
|
|
30
|
+
const body = Bytes.of(rawBody);
|
|
29
31
|
if (body.length !== VERIFY_DATA_LEN) {
|
|
30
32
|
throw new DtlsError(`Finished body must be ${VERIFY_DATA_LEN} bytes, got ${body.length}`);
|
|
31
33
|
}
|
|
@@ -4,7 +4,7 @@
|
|
|
4
4
|
* SPDX-License-Identifier: Apache-2.0
|
|
5
5
|
*/
|
|
6
6
|
|
|
7
|
-
import { InternalError } from "@matter/general";
|
|
7
|
+
import { Bytes, InternalError } from "@matter/general";
|
|
8
8
|
import { DtlsError } from "../channel/DtlsChannel.js";
|
|
9
9
|
import { HandshakeType, isHandshakeType } from "./HandshakeType.js";
|
|
10
10
|
|
|
@@ -34,7 +34,7 @@ const UINT16_MAX = 0xffff;
|
|
|
34
34
|
export interface HandshakeMessage {
|
|
35
35
|
msgType: HandshakeType;
|
|
36
36
|
messageSeq: number;
|
|
37
|
-
body:
|
|
37
|
+
body: Bytes;
|
|
38
38
|
}
|
|
39
39
|
|
|
40
40
|
function writeUint16BE(buf: Uint8Array, offset: number, value: number): void {
|
|
@@ -77,8 +77,9 @@ function readUint24BE(buf: Uint8Array, offset: number): number {
|
|
|
77
77
|
* `fragment_length=length`).
|
|
78
78
|
*/
|
|
79
79
|
export namespace HandshakeMessage {
|
|
80
|
-
export function encode(message: HandshakeMessage):
|
|
81
|
-
const { msgType, messageSeq
|
|
80
|
+
export function encode(message: HandshakeMessage): Bytes {
|
|
81
|
+
const { msgType, messageSeq } = message;
|
|
82
|
+
const body = Bytes.of(message.body);
|
|
82
83
|
if (!isHandshakeType(msgType)) {
|
|
83
84
|
throw new InternalError(`HandshakeMessage unknown msg_type: ${msgType}`);
|
|
84
85
|
}
|
|
@@ -98,7 +99,7 @@ export namespace HandshakeMessage {
|
|
|
98
99
|
return out;
|
|
99
100
|
}
|
|
100
101
|
|
|
101
|
-
export function encodeForTranscript(message: HandshakeMessage):
|
|
102
|
+
export function encodeForTranscript(message: HandshakeMessage): Bytes {
|
|
102
103
|
return encode(message);
|
|
103
104
|
}
|
|
104
105
|
|
|
@@ -107,36 +108,37 @@ export namespace HandshakeMessage {
|
|
|
107
108
|
consumed: number;
|
|
108
109
|
}
|
|
109
110
|
|
|
110
|
-
export function decode(bytes:
|
|
111
|
-
|
|
111
|
+
export function decode(bytes: Bytes): DecodeResult {
|
|
112
|
+
const buf = Bytes.of(bytes);
|
|
113
|
+
if (buf.length < DTLS_HANDSHAKE_HEADER_LEN) {
|
|
112
114
|
throw new DtlsError(
|
|
113
|
-
`HandshakeMessage header truncated: have ${
|
|
115
|
+
`HandshakeMessage header truncated: have ${buf.length}, need ${DTLS_HANDSHAKE_HEADER_LEN}`,
|
|
114
116
|
);
|
|
115
117
|
}
|
|
116
|
-
const msgType =
|
|
118
|
+
const msgType = buf[0];
|
|
117
119
|
if (!isHandshakeType(msgType)) {
|
|
118
120
|
throw new DtlsError(`HandshakeMessage unknown msg_type: ${msgType}`);
|
|
119
121
|
}
|
|
120
|
-
const length = readUint24BE(
|
|
121
|
-
const messageSeq = readUint16BE(
|
|
122
|
-
const fragmentOffset = readUint24BE(
|
|
123
|
-
const fragmentLength = readUint24BE(
|
|
122
|
+
const length = readUint24BE(buf, 1);
|
|
123
|
+
const messageSeq = readUint16BE(buf, 4);
|
|
124
|
+
const fragmentOffset = readUint24BE(buf, 6);
|
|
125
|
+
const fragmentLength = readUint24BE(buf, 9);
|
|
124
126
|
if (fragmentOffset !== 0 || fragmentLength !== length) {
|
|
125
127
|
throw new DtlsError(
|
|
126
128
|
`HandshakeMessage fragmented input not supported: offset=${fragmentOffset} fragLen=${fragmentLength} totalLen=${length}`,
|
|
127
129
|
);
|
|
128
130
|
}
|
|
129
131
|
const total = DTLS_HANDSHAKE_HEADER_LEN + length;
|
|
130
|
-
if (
|
|
132
|
+
if (buf.length < total) {
|
|
131
133
|
throw new DtlsError(
|
|
132
|
-
`HandshakeMessage body truncated: header says ${length}, have ${
|
|
134
|
+
`HandshakeMessage body truncated: header says ${length}, have ${buf.length - DTLS_HANDSHAKE_HEADER_LEN}`,
|
|
133
135
|
);
|
|
134
136
|
}
|
|
135
137
|
return {
|
|
136
138
|
message: {
|
|
137
139
|
msgType,
|
|
138
140
|
messageSeq,
|
|
139
|
-
body:
|
|
141
|
+
body: buf.slice(DTLS_HANDSHAKE_HEADER_LEN, total),
|
|
140
142
|
},
|
|
141
143
|
consumed: total,
|
|
142
144
|
};
|
|
@@ -21,12 +21,14 @@
|
|
|
21
21
|
* ClientHello carry the spec-mandated DTLS 1.2 version regardless.
|
|
22
22
|
*/
|
|
23
23
|
|
|
24
|
+
import { Bytes } from "@matter/general";
|
|
24
25
|
import { DtlsError } from "../channel/DtlsChannel.js";
|
|
25
26
|
|
|
26
27
|
const MAX_COOKIE_LEN = 0xff;
|
|
27
28
|
|
|
28
29
|
export const HelloVerifyRequestMessage = {
|
|
29
|
-
parse(
|
|
30
|
+
parse(rawBody: Bytes): { cookie: Bytes } {
|
|
31
|
+
const body = Bytes.of(rawBody);
|
|
30
32
|
if (body.length < 2 + 1) {
|
|
31
33
|
throw new DtlsError(`HelloVerifyRequest body truncated: have ${body.length}, need >= 3`);
|
|
32
34
|
}
|
|
@@ -4,6 +4,7 @@
|
|
|
4
4
|
* SPDX-License-Identifier: Apache-2.0
|
|
5
5
|
*/
|
|
6
6
|
|
|
7
|
+
import { Bytes } from "@matter/general";
|
|
7
8
|
import { DtlsError } from "../channel/DtlsChannel.js";
|
|
8
9
|
|
|
9
10
|
/**
|
|
@@ -12,9 +13,10 @@ import { DtlsError } from "../channel/DtlsChannel.js";
|
|
|
12
13
|
* a single place to fail loudly if a future BR ever sends payload bytes here.
|
|
13
14
|
*/
|
|
14
15
|
export const ServerHelloDoneMessage = {
|
|
15
|
-
parse(body:
|
|
16
|
-
|
|
17
|
-
|
|
16
|
+
parse(body: Bytes): void {
|
|
17
|
+
const length = body.byteLength;
|
|
18
|
+
if (length !== 0) {
|
|
19
|
+
throw new DtlsError(`ServerHelloDone body must be empty, got ${length} bytes`);
|
|
18
20
|
}
|
|
19
21
|
},
|
|
20
22
|
} as const;
|
|
@@ -4,6 +4,7 @@
|
|
|
4
4
|
* SPDX-License-Identifier: Apache-2.0
|
|
5
5
|
*/
|
|
6
6
|
|
|
7
|
+
import { Bytes } from "@matter/general";
|
|
7
8
|
import { DtlsError } from "../channel/DtlsChannel.js";
|
|
8
9
|
import { CIPHER_SUITE_ECJPAKE_WITH_AES_128_CCM_8, EXTENSION_TYPE_ECJPAKE_KKPP } from "./ClientHelloMessage.js";
|
|
9
10
|
|
|
@@ -44,13 +45,14 @@ function readUint16BE(buf: Uint8Array, offset: number): number {
|
|
|
44
45
|
|
|
45
46
|
export interface ParsedServerHello {
|
|
46
47
|
/** Server's 32-byte random — feeds the TLS PRF. */
|
|
47
|
-
serverRandom:
|
|
48
|
+
serverRandom: Bytes;
|
|
48
49
|
/** Server's `ecjpake_kkpp` extension data (round-1 ECJPAKEKeyKPPairList). */
|
|
49
|
-
ecjpakeKkpp:
|
|
50
|
+
ecjpakeKkpp: Bytes;
|
|
50
51
|
}
|
|
51
52
|
|
|
52
53
|
export const ServerHelloMessage = {
|
|
53
|
-
parse(
|
|
54
|
+
parse(rawBody: Bytes): ParsedServerHello {
|
|
55
|
+
const body = Bytes.of(rawBody);
|
|
54
56
|
if (body.length < 2 + RANDOM_LEN + 1 + 2 + 1) {
|
|
55
57
|
throw new DtlsError(`ServerHello body truncated: have ${body.length}`);
|
|
56
58
|
}
|