lemon-tls 0.2.2 → 0.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +258 -203
- package/index.d.ts +145 -14
- package/index.js +12 -0
- package/package.json +1 -1
- package/src/compat.js +290 -31
- package/src/crypto.js +127 -7
- package/src/record.js +408 -61
- package/src/session/message.js +27 -2
- package/src/session/ticket.js +185 -0
- package/src/tls_session.js +780 -94
- package/src/tls_socket.js +815 -249
- package/src/wire.js +25 -0
package/src/wire.js
CHANGED
|
@@ -90,6 +90,8 @@ const TLS_EXT = {
|
|
|
90
90
|
CLIENT_CERT_TYPE: 19,
|
|
91
91
|
SERVER_CERT_TYPE: 20,
|
|
92
92
|
PADDING: 21,
|
|
93
|
+
EXTENDED_MASTER_SECRET: 23,
|
|
94
|
+
SESSION_TICKET: 35,
|
|
93
95
|
PRE_SHARED_KEY: 41,
|
|
94
96
|
EARLY_DATA: 42,
|
|
95
97
|
SUPPORTED_VERSIONS: 43,
|
|
@@ -240,6 +242,8 @@ exts.KEY_SHARE = { encode: null, decode: null };
|
|
|
240
242
|
exts.ALPN = { encode: null, decode: null };
|
|
241
243
|
exts.COOKIE = { encode: null, decode: null };
|
|
242
244
|
exts.RENEGOTIATION_INFO = { encode: null, decode: null };
|
|
245
|
+
exts.SESSION_TICKET = { encode: null, decode: null };
|
|
246
|
+
exts.EXTENDED_MASTER_SECRET = { encode: null, decode: null };
|
|
243
247
|
|
|
244
248
|
/* ------------------------------ SERVER_NAME (0) ------------------------------ */
|
|
245
249
|
exts.SERVER_NAME.encode = function (value) {
|
|
@@ -666,6 +670,27 @@ exts.COOKIE.decode = function (data) {
|
|
|
666
670
|
return v; // Uint8Array — opaque cookie
|
|
667
671
|
};
|
|
668
672
|
|
|
673
|
+
/* ---------------------------- SESSION_TICKET (35) ---------------------------- */
|
|
674
|
+
// RFC 5077. Both directions carry opaque bytes (not a length-prefixed vector).
|
|
675
|
+
// ClientHello: empty = "I support tickets" / non-empty = "resume using this ticket"
|
|
676
|
+
// ServerHello: empty = "I will send a NewSessionTicket" (never non-empty in ServerHello)
|
|
677
|
+
exts.SESSION_TICKET.encode = function (value) {
|
|
678
|
+
return toU8(value || new Uint8Array(0));
|
|
679
|
+
};
|
|
680
|
+
|
|
681
|
+
exts.SESSION_TICKET.decode = function (data) {
|
|
682
|
+
return data; // opaque bytes — caller interprets
|
|
683
|
+
};
|
|
684
|
+
|
|
685
|
+
/* -------------------------- EXTENDED_MASTER_SECRET (23) -------------------------- */
|
|
686
|
+
// RFC 7627. Both directions: empty body. Signals support for Extended Master Secret.
|
|
687
|
+
exts.EXTENDED_MASTER_SECRET.encode = function (value) {
|
|
688
|
+
return new Uint8Array(0);
|
|
689
|
+
};
|
|
690
|
+
|
|
691
|
+
exts.EXTENDED_MASTER_SECRET.decode = function (data) {
|
|
692
|
+
return true; // presence is the signal
|
|
693
|
+
};
|
|
669
694
|
/* ============================= Extensions helpers ============================= */
|
|
670
695
|
function ext_name_by_code(code) {
|
|
671
696
|
// best-effort pretty name
|