livekit-client 2.0.7 → 2.0.9

package/dist/livekit-client.e2ee.worker.mjs

@@ -327,10 +327,6 @@ livekitLogger.setDefaultLevel(LogLevel.info);
 const workerLogger = loglevelExports.getLogger('lk-e2ee');
 
 const ENCRYPTION_ALGORITHM = 'AES-GCM';
-// We use a ringbuffer of keys so we can change them and still decode packets that were
-// encrypted with an old key. We use a size of 16 which corresponds to the four bits
-// in the frame trailer.
-const KEYRING_SIZE = 16;
 // How many consecutive frames can fail decrypting before a particular key gets marked as invalid
 const DECRYPTION_FAILURE_TOLERANCE = 10;
 // We copy the first bytes of the VP8 payload unencrypted.
@@ -358,7 +354,8 @@ const KEY_PROVIDER_DEFAULTS = {
   sharedKey: false,
   ratchetSalt: SALT,
   ratchetWindowSize: 8,
-  failureTolerance: DECRYPTION_FAILURE_TOLERANCE
+  failureTolerance: DECRYPTION_FAILURE_TOLERANCE,
+  keyringSize: 16
 };
 const MAX_SIF_COUNT = 100;
 const MAX_SIF_DURATION = 2000;
@@ -1002,6 +999,12 @@ class FrameCryptor extends BaseFrameCryptor {
    * @param keys
    */
   setParticipant(id, keys) {
+    workerLogger.debug('setting new participant on cryptor', Object.assign(Object.assign({}, this.logContext), {
+      participant: id
+    }));
+    if (this.participantIdentity) {
+      workerLogger.error('cryptor has already a participant set, participant should have been unset before', Object.assign({}, this.logContext));
+    }
     this.participantIdentity = id;
     this.keys = keys;
     this.sifGuard.reset();
@@ -1497,7 +1500,10 @@ class ParticipantKeyHandler extends eventsExports.EventEmitter {
     this.decryptionFailureCount = 0;
     this._hasValidKey = true;
     this.currentKeyIndex = 0;
-    this.cryptoKeyRing = new Array(KEYRING_SIZE).fill(undefined);
+    if (keyProviderOptions.keyringSize < 1 || keyProviderOptions.keyringSize > 255) {
+      throw new TypeError('Keyring size needs to be between 1 and 256');
+    }
+    this.cryptoKeyRing = new Array(keyProviderOptions.keyringSize).fill(undefined);
     this.keyProviderOptions = keyProviderOptions;
     this.ratchetPromiseMap = new Map();
     this.participantIdentity = participantIdentity;
@@ -1649,7 +1655,7 @@ onmessage = ev => {
       break;
     case 'enable':
       setEncryptionEnabled(data.enabled, data.participantIdentity);
-      workerLogger.info('updated e2ee enabled status');
+      workerLogger.info("updated e2ee enabled status for ".concat(data.participantIdentity, " to ").concat(data.enabled));
       // acknowledge enable call successful
       postMessage(ev.data);
       break;
@@ -1709,7 +1715,18 @@ function handleRatchetRequest(data) {
   });
 }
 function getTrackCryptor(participantIdentity, trackId) {
-  let cryptor = participantCryptors.find(c => c.getTrackId() === trackId);
+  let cryptors = participantCryptors.filter(c => c.getTrackId() === trackId);
+  if (cryptors.length > 1) {
+    const debugInfo = cryptors.map(c => {
+      return {
+        participant: c.getParticipantIdentity()
+      };
+    }).join(',');
+    workerLogger.error("Found multiple cryptors for the same trackID ".concat(trackId, ". target participant: ").concat(participantIdentity, " "), {
+      participants: debugInfo
+    });
+  }
+  let cryptor = cryptors[0];
   if (!cryptor) {
     workerLogger.info('creating new cryptor for', {
       participantIdentity
@@ -1751,7 +1768,14 @@ function getSharedKeyHandler() {
   return sharedKeyHandler;
 }
 function unsetCryptorParticipant(trackId, participantIdentity) {
-  const cryptor = participantCryptors.find(c => c.getParticipantIdentity() === participantIdentity && c.getTrackId() === trackId);
+  const cryptors = participantCryptors.filter(c => c.getParticipantIdentity() === participantIdentity && c.getTrackId() === trackId);
+  if (cryptors.length > 1) {
+    workerLogger.error('Found multiple cryptors for the same participant and trackID combination', {
+      trackId,
+      participantIdentity
+    });
+  }
+  const cryptor = cryptors[0];
   if (!cryptor) {
     workerLogger.warn('Could not unset participant on cryptor', {
       trackId,