hue-node-dtls 0.6.3 → 0.6.4-alpha.2

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "hue-node-dtls",
-  "version": "0.6.3",
+  "version": "0.6.4-alpha.2",
   "description": "Secure UDP communications using DTLS.",
   "main": "src/index.js",
   "scripts": {

package/src/dependencies/cipher/aead.js

@@ -1,7 +1,7 @@
 "use strict";
 
 const crypto = require("crypto");
-const { createDecode, encode } = require("hue-binary-data");
+const { createDecode, encode } = require("binary-data");
 const debug = require("../utils/debug")("dtls:cipher:aead");
 const { sessionType } = require("../lib/constants");
 const { AEADAdditionalData } = require("../lib/protocol");

package/src/dependencies/cipher/chacha20-poly1305.js

@@ -2,7 +2,7 @@
 
 const crypto = require("crypto");
 const xor = require("buffer-xor/inplace");
-const { createDecode, encode } = require("hue-binary-data");
+const { createDecode, encode } = require("binary-data");
 const AEADCipher = require("../cipher/aead");
 const { AEAD_CHACHA20_POLY1305 } = require("../lib/constants");
 const debug = require("../utils/debug")("dtls:cipher:aead");

package/src/dependencies/filter/decoder.js

@@ -1,7 +1,7 @@
 "use strict";
 
 const { Transform } = require("readable-stream");
-const { decode, createDecode } = require("hue-binary-data");
+const { decode, createDecode } = require("binary-data");
 const { contentType } = require("../lib/constants");
 const { DTLSPlaintext, Handshake } = require("../lib/protocol");
 const debug = require("../utils/debug")("dtls:decoder");

package/src/dependencies/lib/constants.js

@@ -37,6 +37,7 @@ const alertDescription = {
   USER_CANCELED: 90,
   NO_RENEGOTIATION: 100,
   UNSUPPORTED_EXTENSION: 110,
+  UNKNOWN_PSK_IDENTITY: 115, // TLS PSK extension - RFC 4279
 };
 
 const sessionType = {

package/src/dependencies/lib/protocol.js

@@ -12,14 +12,14 @@ const {
     select,
     string
   }
-} = require("hue-binary-data");
+} = require("binary-data");
 const { ecCurveTypes } = require("../lib/constants");
 
 /**
  * Internal type for trivial errors check.
  * @private
  * @param {string} errorMessage
- * @returns {Object} The `hue-binary-data` compatible type.
+ * @returns {Object} The `binary-data` compatible type.
  */
 function assertType(errorMessage) {
   return {

package/src/dependencies/lib/retransmitter.js

@@ -67,7 +67,8 @@ class Timer extends Emitter {
    */
   restart(ms) {
     this.stop();
-    this[_onTimeout] = setTimeout(ontimeout, ms, this);
+
+    this[_onTimeout] = setTimeout(ontimeout, ms, this).unref();
   }
 }
 

package/src/dependencies/lib/sender.js

@@ -2,7 +2,7 @@
 
 const { Readable } = require("readable-stream");
 const debug = require("../utils/debug")("dtls:sender");
-const { createEncode, encode, BinaryStream } = require("hue-binary-data");
+const { createEncode, encode, BinaryStream } = require("binary-data");
 const {
   contentType,
   handshakeType,

package/src/dependencies/lib/server.js

@@ -5,7 +5,7 @@ const Emitter = require("events");
 const { Duplex } = require("readable-stream");
 const debug = require("../utils/debug")("dtls:server");
 const CookieManager = require("../lib/cookie-manager");
-const { decode, encode } = require("hue-binary-data");
+const { decode, encode } = require("binary-data");
 const {
   contentType,
   handshakeType,

package/src/dependencies/lib/socket.js

@@ -179,9 +179,42 @@ class Socket extends Duplex {
       process.nextTick(() => this.emit("certificate", cert))
     );
 
-    session.on("error", code =>
-      this.emit("error", new Error(`alert code ${code}`))
-    );
+    session.on('error', code => {
+      // Map DTLS alert codes to descriptive messages
+      const alertMessages = {
+        0: 'close_notify - Server will disconnect (e.g. streaming disabled)',
+        10: 'unexpected_message - Protocol failure',
+        20: 'bad_record_mac - Protocol failure or invalid PSK',
+        21: 'decryption_failed - Decryption failed',
+        22: 'record_overflow - Record overflow',
+        30: 'decompression_failure - Decompression failed',
+        40: 'handshake_failure - Other insufficient security parameters',
+        41: 'no_certificate - No certificate provided',
+        42: 'bad_certificate - Bad certificate',
+        43: 'unsupported_certificate - Unsupported certificate',
+        44: 'certificate_revoked - Certificate revoked',
+        45: 'certificate_expired - Certificate expired',
+        46: 'certificate_unknown - Certificate unknown',
+        47: 'illegal_parameter - Illegal parameter',
+        48: 'unknown_ca - Unknown certificate authority',
+        49: 'access_denied - Access denied',
+        50: 'decode_error - Protocol failure - decode error',
+        51: 'decrypt_error - Invalid PSK or decryption error',
+        60: 'export_restriction - Export restriction',
+        70: 'protocol_version - DTLS version not supported',
+        71: 'insufficient_security - Higher cipher security required',
+        80: 'internal_error - Internal bridge error',
+        90: 'user_canceled - Maximum number of sessions already active',
+        100: 'no_renegotiation - No renegotiation',
+        110: 'unsupported_extension - Unsupported extension',
+        115: 'unknown_psk_identity - Unknown identity',
+      };
+
+      const message = alertMessages[code] || `Unknown alert`;
+      const detailedError = new Error(`DTLS Alert ${code}: ${message}`);
+      debug('DTLS error - code: %d, message: %s', code, message);
+      this.emit('error', detailedError);
+    });
 
     this.once("timeout", () => {
       debug("got timeout, close connection");

package/src/dependencies/protocol/client/handlers.js

@@ -563,11 +563,49 @@ function serverFinished(session, message) {
  * @param {Object} message
  */
 function alert(session, message) {
-  debug("got alert");
+  debug('got alert');
   const packet = message.fragment;
 
   const { level, description } = decode(packet, Alert);
-  debug("level %s, description %s", level, description);
+  debug('level %s, description %s', level, description);
+
+  // Map alert level and description to readable names for debugging
+  const levelName =
+    level === 1 ? 'WARNING' : level === 2 ? 'FATAL' : `UNKNOWN(${level})`;
+  const descriptionNames = {
+    0: 'CLOSE_NOTIFY',
+    10: 'UNEXPECTED_MESSAGE',
+    20: 'BAD_RECORD_MAC',
+    21: 'DECRYPTION_FAILED',
+    22: 'RECORD_OVERFLOW',
+    30: 'DECOMPRESSION_FAILURE',
+    40: 'HANDSHAKE_FAILURE',
+    41: 'NO_CERTIFICATE',
+    42: 'BAD_CERTIFICATE',
+    43: 'UNSUPPORTED_CERTIFICATE',
+    44: 'CERTIFICATE_REVOKED',
+    45: 'CERTIFICATE_EXPIRED',
+    46: 'CERTIFICATE_UNKNOWN',
+    47: 'ILLEGAL_PARAMETER',
+    48: 'UNKNOWN_CA',
+    49: 'ACCESS_DENIED',
+    50: 'DECODE_ERROR',
+    51: 'DECRYPT_ERROR',
+    60: 'EXPORT_RESTRICTION',
+    70: 'PROTOCOL_VERSION',
+    71: 'INSUFFICIENT_SECURITY',
+    80: 'INTERNAL_ERROR',
+    90: 'USER_CANCELED',
+    100: 'NO_RENEGOTIATION',
+    110: 'UNSUPPORTED_EXTENSION',
+    115: 'UNKNOWN_PSK_IDENTITY',
+  };
+
+  const descriptionName =
+    descriptionNames[description] || `UNKNOWN(${description})`;
+  debug(
+    `Alert received - Level: ${levelName} (${level}), Description: ${descriptionName} (${description})`
+  );
 
   session.error(description);
 }

package/src/dependencies/session/abstract.js

@@ -6,7 +6,7 @@
 const assert = require("assert");
 const crypto = require("crypto");
 const Emitter = require("events");
-const { encode, BinaryStream } = require("hue-binary-data");
+const { encode, BinaryStream } = require("binary-data");
 const {
   protocolVersion,
   signTypes,

package/src/dependencies/session/utils.js

@@ -11,7 +11,7 @@ const {
   encode,
   createEncode,
   types: { uint16be, buffer }
-} = require("hue-binary-data");
+} = require("binary-data");
 
 const { RSA_PKCS1_PADDING } = crypto.constants;