werift 0.15.0 → 0.15.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/common/src/index.d.ts +1 -0
- package/lib/common/src/index.js +6 -1
- package/lib/common/src/index.js.map +1 -1
- package/lib/common/src/network.d.ts +5 -0
- package/lib/common/src/network.js +41 -0
- package/lib/common/src/network.js.map +1 -0
- package/lib/dtls/src/cipher/namedCurve.js +5 -1
- package/lib/dtls/src/cipher/namedCurve.js.map +1 -1
- package/lib/dtls/src/cipher/prf.js +5 -1
- package/lib/dtls/src/cipher/prf.js.map +1 -1
- package/lib/dtls/src/cipher/suites/aead.js +5 -1
- package/lib/dtls/src/cipher/suites/aead.js.map +1 -1
- package/lib/dtls/src/context/cipher.js +6 -5
- package/lib/dtls/src/context/cipher.js.map +1 -1
- package/lib/ice/src/exceptions.d.ts +4 -1
- package/lib/ice/src/exceptions.js +5 -3
- package/lib/ice/src/exceptions.js.map +1 -1
- package/lib/ice/src/ice.d.ts +1 -1
- package/lib/ice/src/ice.js +67 -26
- package/lib/ice/src/ice.js.map +1 -1
- package/lib/ice/src/index.js +5 -1
- package/lib/ice/src/index.js.map +1 -1
- package/lib/ice/src/stun/attributes.d.ts +16 -3
- package/lib/ice/src/stun/attributes.js +38 -2
- package/lib/ice/src/stun/attributes.js.map +1 -1
- package/lib/ice/src/stun/const.d.ts +1 -1
- package/lib/ice/src/stun/const.js +5 -2
- package/lib/ice/src/stun/const.js.map +1 -1
- package/lib/ice/src/stun/message.d.ts +6 -10
- package/lib/ice/src/stun/message.js +23 -17
- package/lib/ice/src/stun/message.js.map +1 -1
- package/lib/ice/src/stun/protocol.js +0 -1
- package/lib/ice/src/stun/protocol.js.map +1 -1
- package/lib/ice/src/stun/transaction.d.ts +0 -2
- package/lib/ice/src/stun/transaction.js +1 -1
- package/lib/ice/src/stun/transaction.js.map +1 -1
- package/lib/ice/src/transport.js +2 -2
- package/lib/ice/src/transport.js.map +1 -1
- package/lib/ice/src/turn/protocol.d.ts +8 -6
- package/lib/ice/src/turn/protocol.js +73 -71
- package/lib/ice/src/turn/protocol.js.map +1 -1
- package/lib/ice/src/utils.d.ts +0 -5
- package/lib/ice/src/utils.js +1 -38
- package/lib/ice/src/utils.js.map +1 -1
- package/lib/rtp/src/container/webm.js +5 -1
- package/lib/rtp/src/container/webm.js.map +1 -1
- package/lib/rtp/src/index.js +5 -1
- package/lib/rtp/src/index.js.map +1 -1
- package/lib/rtp/src/processor/webm.js +1 -2
- package/lib/rtp/src/processor/webm.js.map +1 -1
- package/lib/webrtc/src/index.js +5 -1
- package/lib/webrtc/src/index.js.map +1 -1
- package/lib/webrtc/src/media/parameters.d.ts +4 -0
- package/lib/webrtc/src/media/parameters.js.map +1 -1
- package/lib/webrtc/src/media/rtpSender.js +5 -1
- package/lib/webrtc/src/media/rtpSender.js.map +1 -1
- package/lib/webrtc/src/media/rtpTransceiver.js +5 -1
- package/lib/webrtc/src/media/rtpTransceiver.js.map +1 -1
- package/lib/webrtc/src/nonstandard/recorder/writer/webm.js +5 -1
- package/lib/webrtc/src/nonstandard/recorder/writer/webm.js.map +1 -1
- package/lib/webrtc/src/nonstandard/userMedia.js +1 -1
- package/lib/webrtc/src/nonstandard/userMedia.js.map +1 -1
- package/lib/webrtc/src/peerConnection.d.ts +4 -0
- package/lib/webrtc/src/peerConnection.js +9 -1
- package/lib/webrtc/src/peerConnection.js.map +1 -1
- package/lib/webrtc/src/transport/dtls.js +2 -6
- package/lib/webrtc/src/transport/dtls.js.map +1 -1
- package/lib/webrtc/src/transport/sctp.js +5 -1
- package/lib/webrtc/src/transport/sctp.js.map +1 -1
- package/package.json +9 -19
- package/src/media/parameters.ts +4 -0
- package/src/nonstandard/userMedia.ts +1 -1
- package/src/peerConnection.ts +9 -0
- package/src/transport/dtls.ts +2 -6
package/lib/common/src/index.js
CHANGED
|
@@ -1,7 +1,11 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
3
|
if (k2 === undefined) k2 = k;
|
|
4
|
-
Object.
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
5
9
|
}) : (function(o, m, k, k2) {
|
|
6
10
|
if (k2 === undefined) k2 = k;
|
|
7
11
|
o[k2] = m[k];
|
|
@@ -13,4 +17,5 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
13
17
|
__exportStar(require("./binary"), exports);
|
|
14
18
|
__exportStar(require("./number"), exports);
|
|
15
19
|
__exportStar(require("./promise"), exports);
|
|
20
|
+
__exportStar(require("./network"), exports);
|
|
16
21
|
//# sourceMappingURL=index.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../common/src/index.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../common/src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,2CAAyB;AACzB,2CAAyB;AACzB,4CAA0B;AAC1B,4CAA0B","sourcesContent":["export * from \"./binary\";\nexport * from \"./number\";\nexport * from \"./promise\";\nexport * from \"./network\";\n"]}
|
|
@@ -0,0 +1,5 @@
|
|
|
1
|
+
/// <reference types="node" />
|
|
2
|
+
import { SocketType } from "dgram";
|
|
3
|
+
export declare function randomPort(protocol?: SocketType): Promise<number>;
|
|
4
|
+
export declare function randomPorts(num: number, protocol?: SocketType): Promise<number[]>;
|
|
5
|
+
export declare function findPort(min: number, max: number, protocol?: SocketType): Promise<number>;
|
|
@@ -0,0 +1,41 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.findPort = exports.randomPorts = exports.randomPort = void 0;
|
|
4
|
+
const dgram_1 = require("dgram");
|
|
5
|
+
async function randomPort(protocol = "udp4") {
|
|
6
|
+
const socket = (0, dgram_1.createSocket)(protocol);
|
|
7
|
+
setImmediate(() => socket.bind(0));
|
|
8
|
+
await new Promise((r) => {
|
|
9
|
+
socket.once("error", r);
|
|
10
|
+
socket.once("listening", r);
|
|
11
|
+
});
|
|
12
|
+
const port = socket.address()?.port;
|
|
13
|
+
await new Promise((r) => socket.close(() => r()));
|
|
14
|
+
return port;
|
|
15
|
+
}
|
|
16
|
+
exports.randomPort = randomPort;
|
|
17
|
+
async function randomPorts(num, protocol = "udp4") {
|
|
18
|
+
return Promise.all([...Array(num)].map(() => randomPort(protocol)));
|
|
19
|
+
}
|
|
20
|
+
exports.randomPorts = randomPorts;
|
|
21
|
+
async function findPort(min, max, protocol = "udp4") {
|
|
22
|
+
let port;
|
|
23
|
+
for (let i = min; i <= max; i++) {
|
|
24
|
+
const socket = (0, dgram_1.createSocket)(protocol);
|
|
25
|
+
setImmediate(() => socket.bind(i));
|
|
26
|
+
await new Promise((r) => {
|
|
27
|
+
socket.once("error", r);
|
|
28
|
+
socket.once("listening", r);
|
|
29
|
+
});
|
|
30
|
+
port = socket.address()?.port;
|
|
31
|
+
await new Promise((r) => socket.close(() => r()));
|
|
32
|
+
if (min <= port && port <= max) {
|
|
33
|
+
break;
|
|
34
|
+
}
|
|
35
|
+
}
|
|
36
|
+
if (!port)
|
|
37
|
+
throw new Error("port not found");
|
|
38
|
+
return port;
|
|
39
|
+
}
|
|
40
|
+
exports.findPort = findPort;
|
|
41
|
+
//# sourceMappingURL=network.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"network.js","sourceRoot":"","sources":["../../../../common/src/network.ts"],"names":[],"mappings":";;;AAAA,iCAAiD;AAE1C,KAAK,UAAU,UAAU,CAAC,WAAuB,MAAM;IAC5D,MAAM,MAAM,GAAG,IAAA,oBAAY,EAAC,QAAQ,CAAC,CAAC;IAEtC,YAAY,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;IAEnC,MAAM,IAAI,OAAO,CAAO,CAAC,CAAC,EAAE,EAAE;QAC5B,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;QACxB,MAAM,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC;IAC9B,CAAC,CAAC,CAAC;IAEH,MAAM,IAAI,GAAG,MAAM,CAAC,OAAO,EAAE,EAAE,IAAI,CAAC;IACpC,MAAM,IAAI,OAAO,CAAO,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IACxD,OAAO,IAAI,CAAC;AACd,CAAC;AAbD,gCAaC;AAEM,KAAK,UAAU,WAAW,CAAC,GAAW,EAAE,WAAuB,MAAM;IAC1E,OAAO,OAAO,CAAC,GAAG,CAAC,CAAC,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;AACtE,CAAC;AAFD,kCAEC;AAEM,KAAK,UAAU,QAAQ,CAC5B,GAAW,EACX,GAAW,EACX,WAAuB,MAAM;IAE7B,IAAI,IAAwB,CAAC;IAE7B,KAAK,IAAI,CAAC,GAAG,GAAG,EAAE,CAAC,IAAI,GAAG,EAAE,CAAC,EAAE,EAAE;QAC/B,MAAM,MAAM,GAAG,IAAA,oBAAY,EAAC,QAAQ,CAAC,CAAC;QAEtC,YAAY,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;QAEnC,MAAM,IAAI,OAAO,CAAO,CAAC,CAAC,EAAE,EAAE;YAC5B,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;YACxB,MAAM,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC;QAC9B,CAAC,CAAC,CAAC;QAEH,IAAI,GAAG,MAAM,CAAC,OAAO,EAAE,EAAE,IAAI,CAAC;QAC9B,MAAM,IAAI,OAAO,CAAO,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QACxD,IAAI,GAAG,IAAI,IAAI,IAAI,IAAI,IAAI,GAAG,EAAE;YAC9B,MAAM;SACP;KACF;IAED,IAAI,CAAC,IAAI;QAAE,MAAM,IAAI,KAAK,CAAC,gBAAgB,CAAC,CAAC;IAE7C,OAAO,IAAI,CAAC;AACd,CAAC;AA3BD,4BA2BC","sourcesContent":["import { createSocket, SocketType } from \"dgram\";\n\nexport async function randomPort(protocol: SocketType = \"udp4\") {\n const socket = createSocket(protocol);\n\n setImmediate(() => socket.bind(0));\n\n await new Promise<void>((r) => {\n socket.once(\"error\", r);\n socket.once(\"listening\", r);\n });\n\n const port = socket.address()?.port;\n await new Promise<void>((r) => socket.close(() => r()));\n return port;\n}\n\nexport async function randomPorts(num: number, protocol: SocketType = \"udp4\") {\n return Promise.all([...Array(num)].map(() => randomPort(protocol)));\n}\n\nexport async function findPort(\n min: number,\n max: number,\n protocol: SocketType = \"udp4\"\n) {\n let port: number | undefined;\n\n for (let i = min; i <= max; i++) {\n const socket = createSocket(protocol);\n\n setImmediate(() => socket.bind(i));\n\n await new Promise<void>((r) => {\n socket.once(\"error\", r);\n socket.once(\"listening\", r);\n });\n\n port = socket.address()?.port;\n await new Promise<void>((r) => socket.close(() => r()));\n if (min <= port && port <= max) {\n break;\n }\n }\n\n if (!port) throw new Error(\"port not found\");\n\n return port;\n}\n"]}
|
|
@@ -1,7 +1,11 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
3
|
if (k2 === undefined) k2 = k;
|
|
4
|
-
Object.
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
5
9
|
}) : (function(o, m, k, k2) {
|
|
6
10
|
if (k2 === undefined) k2 = k;
|
|
7
11
|
o[k2] = m[k];
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"namedCurve.js","sourceRoot":"","sources":["../../../../../dtls/src/cipher/namedCurve.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"namedCurve.js","sourceRoot":"","sources":["../../../../../dtls/src/cipher/namedCurve.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,uCAA8B;AAC9B,gDAAkC;AAElC,mCAAoE;AAQpE,SAAgB,eAAe,CAC7B,UAAgC;IAEhC,QAAQ,UAAU,EAAE;QAClB,KAAK,2BAAmB,CAAC,YAAY,CAAC,CAAC;YACrC,MAAM,QAAQ,GAAG,IAAI,aAAE,CAAC,MAAM,CAAC,CAAC;YAChC,MAAM,GAAG,GAAG,QAAQ,CAAC,UAAU,EAAE,CAAC;YAClC,MAAM,UAAU,GAAG,GAAG,CAAC,UAAU,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;YACnD,MAAM,SAAS,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,SAAS,EAAE,CAAC,MAAM,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC;YAEtE,OAAO;gBACL,KAAK,EAAE,UAAU;gBACjB,UAAU;gBACV,SAAS;aACV,CAAC;SACH;QACD,KAAK,2BAAmB,CAAC,SAAS,CAAC,CAAC;YAClC,MAAM,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC;YAEhC,OAAO;gBACL,KAAK,EAAE,UAAU;gBACjB,UAAU,EAAE,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC;gBAC9C,SAAS,EAAE,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC;aAC9C,CAAC;SACH;QACD;YACE,MAAM,IAAI,KAAK,EAAE,CAAC;KACrB;AACH,CAAC;AA5BD,0CA4BC","sourcesContent":["import { ec } from \"elliptic\";\nimport * as nacl from \"tweetnacl\";\n\nimport { NamedCurveAlgorithm, NamedCurveAlgorithms } from \"./const\";\n\nexport interface NamedCurveKeyPair {\n curve: NamedCurveAlgorithms;\n publicKey: Buffer;\n privateKey: Buffer;\n}\n\nexport function generateKeyPair(\n namedCurve: NamedCurveAlgorithms\n): NamedCurveKeyPair {\n switch (namedCurve) {\n case NamedCurveAlgorithm.secp256r1_23: {\n const elliptic = new ec(\"p256\");\n const key = elliptic.genKeyPair();\n const privateKey = key.getPrivate().toBuffer(\"be\");\n const publicKey = Buffer.from(key.getPublic().encode(\"array\", false));\n\n return {\n curve: namedCurve,\n privateKey,\n publicKey,\n };\n }\n case NamedCurveAlgorithm.x25519_29: {\n const keys = nacl.box.keyPair();\n\n return {\n curve: namedCurve,\n privateKey: Buffer.from(keys.secretKey.buffer),\n publicKey: Buffer.from(keys.publicKey.buffer),\n };\n }\n default:\n throw new Error();\n }\n}\n"]}
|
|
@@ -1,7 +1,11 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
3
|
if (k2 === undefined) k2 = k;
|
|
4
|
-
Object.
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
5
9
|
}) : (function(o, m, k, k2) {
|
|
6
10
|
if (k2 === undefined) k2 = k;
|
|
7
11
|
o[k2] = m[k];
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"prf.js","sourceRoot":"","sources":["../../../../../dtls/src/cipher/prf.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"prf.js","sourceRoot":"","sources":["../../../../../dtls/src/cipher/prf.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,6CAA2C;AAC3C,mCAAgD;AAChD,uCAA8B;AAC9B,gDAAkC;AAElC,mCAAoE;AAEpE,SAAgB,kBAAkB,CAChC,SAAiB,EACjB,UAAkB,EAClB,KAA2B;IAE3B,QAAQ,KAAK,EAAE;QACb,KAAK,2BAAmB,CAAC,YAAY;YACnC,MAAM,QAAQ,GAAG,IAAI,aAAE,CAAC,MAAM,CAAC,CAAC,CAAC,gBAAgB;YACjD,MAAM,GAAG,GAAG,QAAQ,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC,SAAS,EAAE,CAAC;YAC1D,MAAM,IAAI,GAAG,QAAQ,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC,UAAU,EAAE,CAAC;YAC9D,MAAM,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;YAC1B,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACpE,OAAO,MAAM,CAAC;QAChB,KAAK,2BAAmB,CAAC,SAAS;YAChC,OAAO,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,UAAU,EAAE,SAAS,CAAC,CAAC,CAAC;QAC7D;YACE,MAAM,IAAI,KAAK,EAAE,CAAC;KACrB;AACH,CAAC;AAlBD,gDAkBC;AAED,SAAgB,IAAI,CAAC,SAAiB,EAAE,MAAc,EAAE,IAAY;IAClE,MAAM,IAAI,GAAG,IAAA,mBAAU,EAAC,SAAS,EAAE,MAAM,CAAC,CAAC;IAC3C,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;IAClB,OAAO,IAAI,CAAC,MAAM,EAAE,CAAC;AACvB,CAAC;AAJD,oBAIC;AAED,SAAgB,QAAQ,CACtB,MAAc,EACd,IAAY,EACZ,cAAsB,EACtB,SAAS,GAAG,QAAQ;IAEpB,MAAM,WAAW,GAAG,cAAc,CAAC;IACnC,MAAM,IAAI,GAAa,EAAE,CAAC;IAC1B,IAAI,EAAE,GAAG,IAAI,CAAC,CAAC,KAAK;IAEpB,GAAG;QACD,EAAE,GAAG,IAAI,CAAC,SAAS,EAAE,MAAM,EAAE,EAAE,CAAC,CAAC,CAAC,8BAA8B;QAChE,MAAM,MAAM,GAAG,IAAI,CAAC,SAAS,EAAE,MAAM,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC,EAAE,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC;QAElE,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAClB,cAAc,IAAI,MAAM,CAAC,MAAM,CAAC,CAAC,wCAAwC;KAC1E,QAAQ,cAAc,GAAG,CAAC,EAAE;IAE7B,OAAO,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,WAAW,CAAC,CAAC;AAC1C,CAAC;AAnBD,4BAmBC;AAED,SAAgB,eAAe,CAC7B,eAAuB,EACvB,YAAoB,EACpB,YAAoB;IAEpB,MAAM,IAAI,GAAG,MAAM,CAAC,MAAM,CAAC;QACzB,MAAM,CAAC,IAAI,CAAC,eAAe,CAAC;QAC5B,YAAY;QACZ,YAAY;KACb,CAAC,CAAC;IACH,OAAO,QAAQ,CAAC,eAAe,EAAE,IAAI,EAAE,EAAE,CAAC,CAAC;AAC7C,CAAC;AAXD,0CAWC;AAED,SAAgB,uBAAuB,CACrC,eAAuB,EACvB,UAAkB;IAElB,MAAM,WAAW,GAAG,IAAI,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;IAC/C,MAAM,KAAK,GAAG,wBAAwB,CAAC;IACvC,OAAO,QAAQ,CACb,eAAe,EACf,MAAM,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,WAAW,CAAC,CAAC,EAChD,EAAE,CACH,CAAC;AACJ,CAAC;AAXD,0DAWC;AAED,SAAgB,oBAAoB,CAClC,KAAa,EACb,MAAc,EACd,YAAoB,EACpB,WAAmB,EACnB,YAAoB,EACpB,QAAiB;IAEjB,MAAM,YAAY,GAAG,QAAQ,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,YAAY,CAAC;IAC3D,MAAM,YAAY,GAAG,QAAQ,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,WAAW,CAAC;IAC3D,MAAM,IAAI,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,YAAY,EAAE,YAAY,CAAC,CAAC,CAAC;IAC7E,OAAO,QAAQ,CAAC,YAAY,EAAE,IAAI,EAAE,MAAM,CAAC,CAAC;AAC9C,CAAC;AAZD,oDAYC;AAED,SAAgB,IAAI,CAAC,SAAiB,EAAE,IAAY;IAClD,OAAO,IAAA,mBAAU,EAAC,SAAS,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,CAAC;AACrD,CAAC;AAFD,oBAEC;AAED,SAAgB,aAAa,CAC3B,YAAoB,EACpB,UAAkB,EAClB,KAAa,EACb,IAAI,GAAG,EAAE;IAET,MAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;IACzC,OAAO,QAAQ,CACb,YAAY,EACZ,MAAM,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,KAAK,CAAC,CAAC,EAC1C,IAAI,CACL,CAAC;AACJ,CAAC;AAZD,sCAYC;AAED,SAAgB,mBAAmB,CAAC,YAAoB,EAAE,UAAkB;IAC1E,OAAO,aAAa,CAAC,YAAY,EAAE,UAAU,EAAE,iBAAiB,CAAC,CAAC;AACpE,CAAC;AAFD,kDAEC;AAED,SAAgB,mBAAmB,CAAC,YAAoB,EAAE,UAAkB;IAC1E,OAAO,aAAa,CAAC,YAAY,EAAE,UAAU,EAAE,iBAAiB,CAAC,CAAC;AACpE,CAAC;AAFD,kDAEC;AAED,SAAgB,iBAAiB,CAC/B,YAAoB,EACpB,YAAoB,EACpB,YAAoB,EACpB,SAAiB,EACjB,QAAgB,EAChB,WAAmB,EACnB,SAAS,GAAG,QAAQ;IAEpB,MAAM,IAAI,GAAG,SAAS,GAAG,CAAC,GAAG,QAAQ,GAAG,CAAC,CAAC;IAC1C,MAAM,MAAM,GAAG,YAAY,CAAC;IAC5B,MAAM,IAAI,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,YAAY,EAAE,YAAY,CAAC,CAAC,CAAC;IACzD,MAAM,QAAQ,GAAG,QAAQ,CACvB,MAAM,EACN,MAAM,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,eAAe,CAAC,EAAE,IAAI,CAAC,CAAC,EACnD,IAAI,EACJ,SAAS,CACV,CAAC;IACF,MAAM,MAAM,GAAG,IAAA,0BAAY,EAAC,QAAQ,CAAC,CAAC;IAEtC,MAAM,cAAc,GAAG,MAAM,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC;IACpD,MAAM,cAAc,GAAG,MAAM,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC;IAEpD,MAAM,mBAAmB,GAAG,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;IACxD,MAAM,mBAAmB,GAAG,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;IAExD,MAAM,WAAW,GAAG,MAAM,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC;IACjD,MAAM,WAAW,GAAG,MAAM,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC;IAEjD,mBAAmB,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC;IACzC,mBAAmB,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC;IAEzC,OAAO,EAAE,cAAc,EAAE,cAAc,EAAE,WAAW,EAAE,WAAW,EAAE,CAAC;AACtE,CAAC;AAjCD,8CAiCC","sourcesContent":["import { createDecode } from \"binary-data\";\nimport { createHash, createHmac } from \"crypto\";\nimport { ec } from \"elliptic\";\nimport * as nacl from \"tweetnacl\";\n\nimport { NamedCurveAlgorithm, NamedCurveAlgorithms } from \"./const\";\n\nexport function prfPreMasterSecret(\n publicKey: Buffer,\n privateKey: Buffer,\n curve: NamedCurveAlgorithms\n) {\n switch (curve) {\n case NamedCurveAlgorithm.secp256r1_23:\n const elliptic = new ec(\"p256\"); // aka secp256r1\n const pub = elliptic.keyFromPublic(publicKey).getPublic();\n const priv = elliptic.keyFromPrivate(privateKey).getPrivate();\n const res = pub.mul(priv);\n const secret = Buffer.from(res.encode(\"array\", false)).slice(1, 33);\n return secret;\n case NamedCurveAlgorithm.x25519_29:\n return Buffer.from(nacl.scalarMult(privateKey, publicKey));\n default:\n throw new Error();\n }\n}\n\nexport function hmac(algorithm: string, secret: Buffer, data: Buffer) {\n const hash = createHmac(algorithm, secret);\n hash.update(data);\n return hash.digest();\n}\n\nexport function prfPHash(\n secret: Buffer,\n seed: Buffer,\n requestedLegth: number,\n algorithm = \"sha256\"\n) {\n const totalLength = requestedLegth;\n const bufs: Buffer[] = [];\n let Ai = seed; // A0\n\n do {\n Ai = hmac(algorithm, secret, Ai); // A(i) = HMAC(secret, A(i-1))\n const output = hmac(algorithm, secret, Buffer.concat([Ai, seed]));\n\n bufs.push(output);\n requestedLegth -= output.length; // eslint-disable-line no-param-reassign\n } while (requestedLegth > 0);\n\n return Buffer.concat(bufs, totalLength);\n}\n\nexport function prfMasterSecret(\n preMasterSecret: Buffer,\n clientRandom: Buffer,\n serverRandom: Buffer\n) {\n const seed = Buffer.concat([\n Buffer.from(\"master secret\"),\n clientRandom,\n serverRandom,\n ]);\n return prfPHash(preMasterSecret, seed, 48);\n}\n\nexport function prfExtendedMasterSecret(\n preMasterSecret: Buffer,\n handshakes: Buffer\n) {\n const sessionHash = hash(\"sha256\", handshakes);\n const label = \"extended master secret\";\n return prfPHash(\n preMasterSecret,\n Buffer.concat([Buffer.from(label), sessionHash]),\n 48\n );\n}\n\nexport function exportKeyingMaterial(\n label: string,\n length: number,\n masterSecret: Buffer,\n localRandom: Buffer,\n remoteRandom: Buffer,\n isClient: boolean\n) {\n const clientRandom = isClient ? localRandom : remoteRandom;\n const serverRandom = isClient ? remoteRandom : localRandom;\n const seed = Buffer.concat([Buffer.from(label), clientRandom, serverRandom]);\n return prfPHash(masterSecret, seed, length);\n}\n\nexport function hash(algorithm: string, data: Buffer) {\n return createHash(algorithm).update(data).digest();\n}\n\nexport function prfVerifyData(\n masterSecret: Buffer,\n handshakes: Buffer,\n label: string,\n size = 12\n) {\n const bytes = hash(\"sha256\", handshakes);\n return prfPHash(\n masterSecret,\n Buffer.concat([Buffer.from(label), bytes]),\n size\n );\n}\n\nexport function prfVerifyDataClient(masterSecret: Buffer, handshakes: Buffer) {\n return prfVerifyData(masterSecret, handshakes, \"client finished\");\n}\n\nexport function prfVerifyDataServer(masterSecret: Buffer, handshakes: Buffer) {\n return prfVerifyData(masterSecret, handshakes, \"server finished\");\n}\n\nexport function prfEncryptionKeys(\n masterSecret: Buffer,\n clientRandom: Buffer,\n serverRandom: Buffer,\n prfKeyLen: number,\n prfIvLen: number,\n prfNonceLen: number,\n algorithm = \"sha256\"\n) {\n const size = prfKeyLen * 2 + prfIvLen * 2;\n const secret = masterSecret;\n const seed = Buffer.concat([serverRandom, clientRandom]);\n const keyBlock = prfPHash(\n secret,\n Buffer.concat([Buffer.from(\"key expansion\"), seed]),\n size,\n algorithm\n );\n const stream = createDecode(keyBlock);\n\n const clientWriteKey = stream.readBuffer(prfKeyLen);\n const serverWriteKey = stream.readBuffer(prfKeyLen);\n\n const clientNonceImplicit = stream.readBuffer(prfIvLen);\n const serverNonceImplicit = stream.readBuffer(prfIvLen);\n\n const clientNonce = Buffer.alloc(prfNonceLen, 0);\n const serverNonce = Buffer.alloc(prfNonceLen, 0);\n\n clientNonceImplicit.copy(clientNonce, 0);\n serverNonceImplicit.copy(serverNonce, 0);\n\n return { clientWriteKey, serverWriteKey, clientNonce, serverNonce };\n}\n"]}
|
|
@@ -1,7 +1,11 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
3
|
if (k2 === undefined) k2 = k;
|
|
4
|
-
Object.
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
5
9
|
}) : (function(o, m, k, k2) {
|
|
6
10
|
if (k2 === undefined) k2 = k;
|
|
7
11
|
o[k2] = m[k];
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"aead.js","sourceRoot":"","sources":["../../../../../../dtls/src/cipher/suites/aead.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"aead.js","sourceRoot":"","sources":["../../../../../../dtls/src/cipher/suites/aead.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,+CAAiC;AACjC,kDAA0B;AAE1B,yCAA4D;AAC5D,gCAA2C;AAC3C,uDAA6E;AAC7E,MAAM,EACJ,YAAY,EACZ,MAAM,EACN,KAAK,EAAE,EAAE,KAAK,EAAE,QAAQ,EAAE,QAAQ,EAAE,GACrC,GAAG,OAAO,CAAC,aAAa,CAAC,CAAC;AAE3B,MAAM,WAAW,GAAG,KAAK,CAAC;AAC1B,MAAM,eAAe,GAAG,QAAQ,CAAC;AAEjC,MAAM,kBAAkB,GAAG;IACzB,KAAK,EAAE,QAAQ;IACf,QAAQ,EAAE,QAAQ;IAClB,IAAI,EAAE,WAAW;IACjB,OAAO,EAAE,eAAe;IACxB,MAAM,EAAE,QAAQ;CACjB,CAAC;AAEF,MAAM,GAAG,GAAG,IAAA,eAAK,EACf,6DAA6D,CAC9D,CAAC;AAEF;;GAEG;AACH,MAAqB,UAAW,SAAQ,kBAAM;IAe5C;QACE,KAAK,EAAE,CAAC;QAfV,cAAS,GAAG,CAAC,CAAC;QACd,gBAAW,GAAG,CAAC,CAAC;QAChB,aAAQ,GAAG,CAAC,CAAC;QACb,kBAAa,GAAG,CAAC,CAAC;QAElB,wBAAmB,GAAG,CAAC,CAAC;QACxB,wBAAmB,GAAG,CAAC,CAAC;IAUxB,CAAC;IAED,IAAI,OAAO;QACT,OAAO,IAAA,yBAAgB,EAAC,IAAI,CAAC,CAAC;IAChC,CAAC;IAED,IAAI,CAAC,YAAoB,EAAE,YAAoB,EAAE,YAAoB;QACnE,MAAM,IAAI,GAAG,IAAA,uBAAiB,EAC5B,YAAY,EACZ,YAAY,EACZ,YAAY,EACZ,IAAI,CAAC,SAAS,EACd,IAAI,CAAC,QAAQ,EACb,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,aAAa,CACnB,CAAC;QAEF,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC,cAAc,CAAC;QAC1C,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC,cAAc,CAAC;QAC1C,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC,WAAW,CAAC;QACpC,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC,WAAW,CAAC;IACtC,CAAC;IAED;;OAEG;IACH,OAAO,CAAC,IAAkB,EAAE,IAAY,EAAE,MAAoB;QAC5D,MAAM,QAAQ,GAAG,IAAI,KAAK,sBAAW,CAAC,MAAM,CAAC;QAC7C,MAAM,EAAE,GAAG,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC;QAC1D,MAAM,QAAQ,GAAG,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC;QACtE,IAAI,CAAC,EAAE,IAAI,CAAC,QAAQ;YAAE,MAAM,IAAI,KAAK,EAAE,CAAC;QAExC,EAAE,CAAC,aAAa,CAAC,MAAM,CAAC,KAAK,EAAE,IAAI,CAAC,mBAAmB,CAAC,CAAC;QACzD,EAAE,CAAC,WAAW,CAAC,MAAM,CAAC,cAAc,EAAE,IAAI,CAAC,mBAAmB,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;QAEvE,MAAM,aAAa,GAAG,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;QAEzD,MAAM,cAAc,GAAG;YACrB,KAAK,EAAE,MAAM,CAAC,KAAK;YACnB,QAAQ,EAAE,MAAM,CAAC,cAAc;YAC/B,IAAI,EAAE,MAAM,CAAC,IAAI;YACjB,OAAO,EAAE,MAAM,CAAC,OAAO;YACvB,MAAM,EAAE,IAAI,CAAC,MAAM;SACpB,CAAC;QAEF,MAAM,gBAAgB,GAAG,MAAM,CAAC,cAAc,EAAE,kBAAkB,CAAC,CAAC,KAAK,EAAE,CAAC;QAE5E,MAAM,MAAM,GAAG,MAAM,CAAC,cAAc,CAClC,IAAI,CAAC,cAAuC,EAC5C,QAAQ,EACR,EAAE,EACF;YACE,aAAa,EAAE,IAAI,CAAC,aAAa;SAClC,CACF,CAAC;QAEF,MAAM,CAAC,MAAM,CAAC,gBAAgB,EAAE;YAC9B,eAAe,EAAE,IAAI,CAAC,MAAM;SAC7B,CAAC,CAAC;QAEH,MAAM,QAAQ,GAAG,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACrC,MAAM,SAAS,GAAG,MAAM,CAAC,KAAK,EAAE,CAAC;QACjC,MAAM,OAAO,GAAG,MAAM,CAAC,UAAU,EAAE,CAAC;QAEpC,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,aAAa,EAAE,QAAQ,EAAE,SAAS,EAAE,OAAO,CAAC,CAAC,CAAC;IACtE,CAAC;IAED;;OAEG;IACH,OAAO,CAAC,IAAkB,EAAE,IAAY,EAAE,MAAoB;QAC5D,MAAM,QAAQ,GAAG,IAAI,KAAK,sBAAW,CAAC,MAAM,CAAC;QAC7C,MAAM,EAAE,GAAG,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC;QAC1D,MAAM,QAAQ,GAAG,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC;QACtE,IAAI,CAAC,EAAE,IAAI,CAAC,QAAQ;YAAE,MAAM,IAAI,KAAK,EAAE,CAAC;QAExC,MAAM,KAAK,GAAG,YAAY,CAAC,IAAI,CAAC,CAAC;QAEjC,MAAM,aAAa,GAAG,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;QACjE,aAAa,CAAC,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,mBAAmB,CAAC,CAAC;QAEjD,MAAM,SAAS,GAAG,KAAK,CAAC,UAAU,CAAC,KAAK,CAAC,MAAM,GAAG,IAAI,CAAC,aAAa,CAAC,CAAC;QACtE,MAAM,OAAO,GAAG,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;QAErD,MAAM,cAAc,GAAG;YACrB,KAAK,EAAE,MAAM,CAAC,KAAK;YACnB,QAAQ,EAAE,MAAM,CAAC,cAAc;YAC/B,IAAI,EAAE,MAAM,CAAC,IAAI;YACjB,OAAO,EAAE,MAAM,CAAC,OAAO;YACvB,MAAM,EAAE,SAAS,CAAC,MAAM;SACzB,CAAC;QAEF,MAAM,gBAAgB,GAAG,MAAM,CAAC,cAAc,EAAE,kBAAkB,CAAC,CAAC,KAAK,EAAE,CAAC;QAE5E,MAAM,QAAQ,GAAG,MAAM,CAAC,gBAAgB,CACtC,IAAI,CAAC,cAAuC,EAC5C,QAAQ,EACR,EAAE,EACF;YACE,aAAa,EAAE,IAAI,CAAC,aAAa;SAClC,CACF,CAAC;QAEF,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;QAC7B,QAAQ,CAAC,MAAM,CAAC,gBAAgB,EAAE;YAChC,eAAe,EAAE,SAAS,CAAC,MAAM;SAClC,CAAC,CAAC;QAEH,MAAM,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QAC5C,IAAI;YACF,MAAM,SAAS,GAAG,QAAQ,CAAC,KAAK,EAAE,CAAC;YACnC,OAAO,SAAS,CAAC,MAAM,GAAG,CAAC;gBACzB,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;gBACtC,CAAC,CAAC,QAAQ,CAAC;SACd;QAAC,OAAO,KAAK,EAAE;YACd,GAAG,CACD,gBAAgB,EAChB,KAAK,EACL,IAAI,EACJ,IAAA,mBAAU,EAAC,IAAI,CAAC,EAChB,MAAM,EACN,IAAI,CAAC,OAAO,CACb,CAAC;YACF,MAAM,KAAK,CAAC;SACb;IACH,CAAC;CACF;AA/ID,6BA+IC","sourcesContent":["import * as crypto from \"crypto\";\nimport debug from \"debug\";\n\nimport { dumpBuffer, getObjectSummary } from \"../../helper\";\nimport { prfEncryptionKeys } from \"../prf\";\nimport Cipher, { CipherHeader, SessionType, SessionTypes } from \"./abstract\";\nconst {\n createDecode,\n encode,\n types: { uint8, uint16be, uint48be },\n} = require(\"binary-data\");\n\nconst ContentType = uint8;\nconst ProtocolVersion = uint16be;\n\nconst AEADAdditionalData = {\n epoch: uint16be,\n sequence: uint48be,\n type: ContentType,\n version: ProtocolVersion,\n length: uint16be,\n};\n\nconst err = debug(\n \"werift-dtls : packages/dtls/src/cipher/suites/aead.ts : err\"\n);\n\n/**\n * This class implements AEAD cipher family.\n */\nexport default class AEADCipher extends Cipher {\n keyLength = 0;\n nonceLength = 0;\n ivLength = 0;\n authTagLength = 0;\n\n nonceImplicitLength = 0;\n nonceExplicitLength = 0;\n\n clientWriteKey?: Buffer;\n serverWriteKey?: Buffer;\n\n clientNonce?: Buffer;\n serverNonce?: Buffer;\n\n constructor() {\n super();\n }\n\n get summary() {\n return getObjectSummary(this);\n }\n\n init(masterSecret: Buffer, serverRandom: Buffer, clientRandom: Buffer) {\n const keys = prfEncryptionKeys(\n masterSecret,\n clientRandom,\n serverRandom,\n this.keyLength,\n this.ivLength,\n this.nonceLength,\n this.hashAlgorithm\n );\n\n this.clientWriteKey = keys.clientWriteKey;\n this.serverWriteKey = keys.serverWriteKey;\n this.clientNonce = keys.clientNonce;\n this.serverNonce = keys.serverNonce;\n }\n\n /**\n * Encrypt message.\n */\n encrypt(type: SessionTypes, data: Buffer, header: CipherHeader) {\n const isClient = type === SessionType.CLIENT;\n const iv = isClient ? this.clientNonce : this.serverNonce;\n const writeKey = isClient ? this.clientWriteKey : this.serverWriteKey;\n if (!iv || !writeKey) throw new Error();\n\n iv.writeUInt16BE(header.epoch, this.nonceImplicitLength);\n iv.writeUIntBE(header.sequenceNumber, this.nonceImplicitLength + 2, 6);\n\n const explicitNonce = iv.slice(this.nonceImplicitLength);\n\n const additionalData = {\n epoch: header.epoch,\n sequence: header.sequenceNumber,\n type: header.type,\n version: header.version,\n length: data.length,\n };\n\n const additionalBuffer = encode(additionalData, AEADAdditionalData).slice();\n\n const cipher = crypto.createCipheriv(\n this.blockAlgorithm as crypto.CipherCCMTypes,\n writeKey,\n iv,\n {\n authTagLength: this.authTagLength,\n }\n );\n\n cipher.setAAD(additionalBuffer, {\n plaintextLength: data.length,\n });\n\n const headPart = cipher.update(data);\n const finalPart = cipher.final();\n const authTag = cipher.getAuthTag();\n\n return Buffer.concat([explicitNonce, headPart, finalPart, authTag]);\n }\n\n /**\n * Decrypt message.\n */\n decrypt(type: SessionTypes, data: Buffer, header: CipherHeader) {\n const isClient = type === SessionType.CLIENT;\n const iv = isClient ? this.serverNonce : this.clientNonce;\n const writeKey = isClient ? this.serverWriteKey : this.clientWriteKey;\n if (!iv || !writeKey) throw new Error();\n\n const final = createDecode(data);\n\n const explicitNonce = final.readBuffer(this.nonceExplicitLength);\n explicitNonce.copy(iv, this.nonceImplicitLength);\n\n const encrypted = final.readBuffer(final.length - this.authTagLength);\n const authTag = final.readBuffer(this.authTagLength);\n\n const additionalData = {\n epoch: header.epoch,\n sequence: header.sequenceNumber,\n type: header.type,\n version: header.version,\n length: encrypted.length,\n };\n\n const additionalBuffer = encode(additionalData, AEADAdditionalData).slice();\n\n const decipher = crypto.createDecipheriv(\n this.blockAlgorithm as crypto.CipherCCMTypes,\n writeKey,\n iv,\n {\n authTagLength: this.authTagLength,\n }\n );\n\n decipher.setAuthTag(authTag);\n decipher.setAAD(additionalBuffer, {\n plaintextLength: encrypted.length,\n });\n\n const headPart = decipher.update(encrypted);\n try {\n const finalPart = decipher.final();\n return finalPart.length > 0\n ? Buffer.concat([headPart, finalPart])\n : headPart;\n } catch (error) {\n err(\n \"decrypt failed\",\n error,\n type,\n dumpBuffer(data),\n header,\n this.summary\n );\n throw error;\n }\n }\n}\n"]}
|
|
@@ -1,7 +1,11 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
3
|
if (k2 === undefined) k2 = k;
|
|
4
|
-
Object.
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
5
9
|
}) : (function(o, m, k, k2) {
|
|
6
10
|
if (k2 === undefined) k2 = k;
|
|
7
11
|
o[k2] = m[k];
|
|
@@ -159,10 +163,7 @@ CipherContext.createSelfSignedCertificateWithKey = async (signatureHash, namedCu
|
|
|
159
163
|
};
|
|
160
164
|
}
|
|
161
165
|
})();
|
|
162
|
-
const keys =
|
|
163
|
-
"sign",
|
|
164
|
-
"verify",
|
|
165
|
-
]));
|
|
166
|
+
const keys = await crypto.subtle.generateKey(alg, true, ["sign", "verify"]);
|
|
166
167
|
const cert = await x509.X509CertificateGenerator.createSelfSigned({
|
|
167
168
|
serialNumber: "01",
|
|
168
169
|
name: "C=AU, ST=Some-State, O=Internet Widgits Pty Ltd",
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cipher.js","sourceRoot":"","sources":["../../../../../dtls/src/context/cipher.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,qCAAqD;AACrD,mDAA6C;AAC7C,qDAAuC;AACvC,6CAAoD;AACpD,mCAAoC;AACpC,iEAAyC;AAEzC,2CAQyB;AAEzB,uCAAyE;AACzE,wDAAsE;AAEtE,gDAAsD;AAItD,MAAM,MAAM,GAAG,IAAI,kBAAM,EAAE,CAAC;AAC5B,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,MAAa,CAAC,CAAC;AAEvC,MAAa,aAAa;IAcxB,YACS,WAAyB,EACzB,OAAgB,EAChB,MAAe,EACtB,sBAAsC;QAH/B,gBAAW,GAAX,WAAW,CAAc;QACzB,YAAO,GAAP,OAAO,CAAS;QAChB,WAAM,GAAN,MAAM,CAAS;QAGtB,IAAI,OAAO,IAAI,MAAM,IAAI,sBAAsB,EAAE;YAC/C,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,MAAM,EAAE,sBAAsB,CAAC,CAAC;SACzD;IACH,CAAC;IA8ED,aAAa,CAAC,GAAkB;QAC9B,MAAM,MAAM,GAAG,GAAG,CAAC,iBAAiB,CAAC;QACrC,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,WAAW,EAAE,GAAG,CAAC,QAAQ,EAAE;YAC9D,IAAI,EAAE,MAAM,CAAC,WAAW;YACxB,OAAO,EAAE,IAAA,oBAAM,EACb,MAAM,CAAC,IAAI,CAAC,IAAA,oBAAM,EAAC,MAAM,CAAC,eAAe,EAAE,wBAAe,CAAC,CAAC,KAAK,EAAE,CAAC,EACpE,EAAE,OAAO,EAAE,mBAAK,CAAC,QAAQ,EAAE,CAC5B,CAAC,OAAO;YACT,KAAK,EAAE,MAAM,CAAC,KAAK;YACnB,cAAc,EAAE,MAAM,CAAC,cAAc;SACtC,CAAC,CAAC;QACH,GAAG,CAAC,QAAQ,GAAG,GAAG,CAAC;QACnB,GAAG,CAAC,iBAAiB,CAAC,UAAU,GAAG,GAAG,CAAC,MAAM,CAAC;QAC9C,OAAO,GAAG,CAAC;IACb,CAAC;IAED,aAAa,CAAC,GAAkB;QAC9B,MAAM,MAAM,GAAG,GAAG,CAAC,iBAAiB,CAAC;QACrC,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,WAAW,EAAE,GAAG,CAAC,QAAQ,EAAE;YAC9D,IAAI,EAAE,MAAM,CAAC,WAAW;YACxB,OAAO,EAAE,IAAA,oBAAM,EACb,MAAM,CAAC,IAAI,CAAC,IAAA,oBAAM,EAAC,MAAM,CAAC,eAAe,EAAE,wBAAe,CAAC,CAAC,KAAK,EAAE,CAAC,EACpE,EAAE,OAAO,EAAE,mBAAK,CAAC,QAAQ,EAAE,CAC5B,CAAC,OAAO;YACT,KAAK,EAAE,MAAM,CAAC,KAAK;YACnB,cAAc,EAAE,MAAM,CAAC,cAAc;SACtC,CAAC,CAAC;QACH,OAAO,GAAG,CAAC;IACb,CAAC;IAED,UAAU,CAAC,GAAW;QACpB,IAAI,IAAI,CAAC,WAAW,KAAK,sBAAW,CAAC,MAAM;YACzC,OAAO,IAAA,yBAAmB,EAAC,IAAI,CAAC,YAAY,EAAE,GAAG,CAAC,CAAC;;YAChD,OAAO,IAAA,yBAAmB,EAAC,IAAI,CAAC,YAAY,EAAE,GAAG,CAAC,CAAC;IAC1D,CAAC;IAED,aAAa,CAAC,IAAY,EAAE,IAAY;QACtC,MAAM,SAAS,GAAG,IAAA,mBAAU,EAAC,IAAI,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QAChD,MAAM,GAAG,GAAG,IAAI,CAAC,eAAe,CAAC,KAAK,EAAE,CAAC,QAAQ,EAAE,CAAC;QACpD,MAAM,MAAM,GAAG,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACnC,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,oBAAoB,CAAC,aAAqB;QACxC,MAAM,YAAY,GAChB,IAAI,CAAC,WAAW,KAAK,sBAAW,CAAC,MAAM;YACrC,CAAC,CAAC,IAAI,CAAC,WAAW;YAClB,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC;QACxB,MAAM,YAAY,GAChB,IAAI,CAAC,WAAW,KAAK,sBAAW,CAAC,MAAM;YACrC,CAAC,CAAC,IAAI,CAAC,WAAW;YAClB,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC;QAExB,MAAM,GAAG,GAAG,IAAI,CAAC,iBAAiB,CAChC,YAAY,CAAC,SAAS,EAAE,EACxB,YAAY,CAAC,SAAS,EAAE,EACxB,IAAI,CAAC,YAAY,CAAC,SAAS,EAC3B,IAAI,CAAC,UAAU,CAChB,CAAC;QAEF,MAAM,GAAG,GAAG,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,GAAG,EAAE,aAAa,CAAC,CAAC;QAC1D,OAAO,GAAG,CAAC;IACb,CAAC;IAED,SAAS,CAAC,OAAe,EAAE,MAAc,EAAE,aAA4B;QACrE,MAAM,IAAI,GAAG,kBAAW,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;QACvD,MAAM,GAAG,GAAG,iBAAU,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC;QACpD,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC;QAC1B,IAAI,CAAC,eAAe,GAAG,GAAG,CAAC;QAC3B,IAAI,CAAC,sBAAsB,GAAG,aAAa,CAAC;IAC9C,CAAC;IAEO,iBAAiB,CACvB,YAAoB,EACpB,YAAoB,EACpB,SAAiB,EACjB,UAAkB;QAElB,MAAM,YAAY,GAAG,MAAM,CAAC,IAAI,CAC9B,IAAA,oBAAM,EACJ;YACE,IAAI,EAAE,iBAAS,CAAC,aAAa;YAC7B,KAAK,EAAE,UAAU;YACjB,GAAG,EAAE,SAAS,CAAC,MAAM;SACtB,EACD,EAAE,IAAI,EAAE,mBAAK,CAAC,KAAK,EAAE,KAAK,EAAE,mBAAK,CAAC,QAAQ,EAAE,GAAG,EAAE,mBAAK,CAAC,KAAK,EAAE,CAC/D,CAAC,KAAK,EAAE,CACV,CAAC;QACF,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,YAAY,EAAE,YAAY,EAAE,YAAY,EAAE,SAAS,CAAC,CAAC,CAAC;IAC9E,CAAC;;AA9LH,sCA+LC;;AAtKC;;;;GAIG;AACI,gDAAkC,GAAG,KAAK,EAC/C,aAA4B,EAC5B,mBAA0C,EAC1C,EAAE;IACF,MAAM,sBAAsB,GAAG,CAAC,GAAG,EAAE;QACnC,QAAQ,aAAa,CAAC,SAAS,EAAE;YAC/B,KAAK,0BAAkB,CAAC,KAAK;gBAC3B,OAAO,mBAAmB,CAAC;YAC7B,KAAK,0BAAkB,CAAC,OAAO;gBAC7B,OAAO,OAAO,CAAC;SAClB;IACH,CAAC,CAAC,EAAE,CAAC;IACL,MAAM,IAAI,GAAG,CAAC,GAAG,EAAE;QACjB,QAAQ,aAAa,CAAC,IAAI,EAAE;YAC1B,KAAK,qBAAa,CAAC,QAAQ;gBACzB,OAAO,SAAS,CAAC;SACpB;IACH,CAAC,CAAC,EAAE,CAAC;IACL,MAAM,UAAU,GAAG,CAAC,GAAG,EAAE;QACvB,QAAQ,mBAAmB,EAAE;YAC3B,KAAK,2BAAmB,CAAC,YAAY;gBACnC,OAAO,OAAO,CAAC;YACjB,KAAK,2BAAmB,CAAC,SAAS;gBAChC,6CAA6C;gBAC7C,IAAI,sBAAsB,KAAK,OAAO,EAAE;oBACtC,OAAO,OAAO,CAAC;iBAChB;gBACD,OAAO,QAAQ,CAAC;YAClB,OAAO,CAAC,CAAC;gBACP,IAAI,sBAAsB,KAAK,OAAO;oBAAE,OAAO,OAAO,CAAC;gBACvD,IAAI,sBAAsB,KAAK,mBAAmB;oBAAE,OAAO,QAAQ,CAAC;aACrE;SACF;IACH,CAAC,CAAC,EAAE,CAAC;IACL,MAAM,GAAG,GAAG,CAAC,GAAG,EAAE;QAChB,QAAQ,sBAAsB,EAAE;YAC9B,KAAK,OAAO;gBACV,OAAO,EAAE,IAAI,EAAE,sBAAsB,EAAE,IAAI,EAAE,UAAU,EAAE,CAAC;YAC5D,KAAK,mBAAmB;gBACtB,OAAO;oBACL,IAAI,EAAE,sBAAsB;oBAC5B,IAAI;oBACJ,cAAc,EAAE,IAAI,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;oBACzC,aAAa,EAAE,IAAI;iBACpB,CAAC;SACL;IACH,CAAC,CAAC,EAAE,CAAC;IAEL,MAAM,IAAI,GAAG,CAAC,MAAM,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,GAAG,EAAE,IAAI,EAAE;QACvD,MAAM;QACN,QAAQ;KACT,CAAC,CAAQ,CAAC;IAEX,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,wBAAwB,CAAC,gBAAgB,CAAC;QAChE,YAAY,EAAE,IAAI;QAClB,IAAI,EAAE,iDAAiD;QACvD,SAAS,EAAE,IAAI,IAAI,EAAE;QACrB,QAAQ,EAAE,IAAA,kBAAQ,EAAC,IAAI,CAAC,GAAG,EAAE,EAAE,EAAE,CAAC;QAClC,gBAAgB,EAAE,GAAG;QACrB,IAAI;KACL,CAAC,CAAC;IAEH,MAAM,OAAO,GAAG,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IACrC,MAAM,MAAM,GAAG,IAAI,CAAC,YAAY,CAAC,MAAM,CACrC,MAAM,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,CAAC,UAAiB,CAAC,EAC9D,aAAa,CACd,CAAC;IAEF,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,aAAa,EAAE,CAAC;AAC5C,CAAE,CAAA","sourcesContent":["import { Certificate, PrivateKey } from \"@fidm/x509\";\nimport { Crypto } from \"@peculiar/webcrypto\";\nimport * as x509 from \"@peculiar/x509\";\nimport { decode, encode, types } from \"binary-data\";\nimport { createSign } from \"crypto\";\nimport addYears from \"date-fns/addYears\";\n\nimport {\n CipherSuites,\n CurveType,\n HashAlgorithm,\n NamedCurveAlgorithm,\n NamedCurveAlgorithms,\n SignatureAlgorithm,\n SignatureHash,\n} from \"../cipher/const\";\nimport { NamedCurveKeyPair } from \"../cipher/namedCurve\";\nimport { prfVerifyDataClient, prfVerifyDataServer } from \"../cipher/prf\";\nimport { SessionType, SessionTypes } from \"../cipher/suites/abstract\";\nimport AEADCipher from \"../cipher/suites/aead\";\nimport { ProtocolVersion } from \"../handshake/binary\";\nimport { DtlsRandom } from \"../handshake/random\";\nimport { DtlsPlaintext } from \"../record/message/plaintext\";\n\nconst crypto = new Crypto();\nx509.cryptoProvider.set(crypto as any);\n\nexport class CipherContext {\n localRandom!: DtlsRandom;\n remoteRandom!: DtlsRandom;\n cipherSuite!: CipherSuites;\n remoteCertificate?: Buffer;\n remoteKeyPair!: Partial<NamedCurveKeyPair>;\n localKeyPair!: NamedCurveKeyPair;\n masterSecret!: Buffer;\n cipher!: AEADCipher;\n namedCurve!: NamedCurveAlgorithms;\n signatureHashAlgorithm?: SignatureHash;\n localCert!: Buffer;\n localPrivateKey!: PrivateKey;\n\n constructor(\n public sessionType: SessionTypes,\n public certPem?: string,\n public keyPem?: string,\n signatureHashAlgorithm?: SignatureHash\n ) {\n if (certPem && keyPem && signatureHashAlgorithm) {\n this.parseX509(certPem, keyPem, signatureHashAlgorithm);\n }\n }\n\n /**\n *\n * @param signatureHash\n * @param namedCurveAlgorithm necessary when use ecdsa\n */\n static createSelfSignedCertificateWithKey = async (\n signatureHash: SignatureHash,\n namedCurveAlgorithm?: NamedCurveAlgorithms\n ) => {\n const signatureAlgorithmName = (() => {\n switch (signatureHash.signature) {\n case SignatureAlgorithm.rsa_1:\n return \"RSASSA-PKCS1-v1_5\";\n case SignatureAlgorithm.ecdsa_3:\n return \"ECDSA\";\n }\n })();\n const hash = (() => {\n switch (signatureHash.hash) {\n case HashAlgorithm.sha256_4:\n return \"SHA-256\";\n }\n })();\n const namedCurve = (() => {\n switch (namedCurveAlgorithm) {\n case NamedCurveAlgorithm.secp256r1_23:\n return \"P-256\";\n case NamedCurveAlgorithm.x25519_29:\n // todo fix (X25519 not supported with ECDSA)\n if (signatureAlgorithmName === \"ECDSA\") {\n return \"P-256\";\n }\n return \"X25519\";\n default: {\n if (signatureAlgorithmName === \"ECDSA\") return \"P-256\";\n if (signatureAlgorithmName === \"RSASSA-PKCS1-v1_5\") return \"X25519\";\n }\n }\n })();\n const alg = (() => {\n switch (signatureAlgorithmName) {\n case \"ECDSA\":\n return { name: signatureAlgorithmName, hash, namedCurve };\n case \"RSASSA-PKCS1-v1_5\":\n return {\n name: signatureAlgorithmName,\n hash,\n publicExponent: new Uint8Array([1, 0, 1]),\n modulusLength: 2048,\n };\n }\n })();\n\n const keys = (await crypto.subtle.generateKey(alg, true, [\n \"sign\",\n \"verify\",\n ])) as any;\n\n const cert = await x509.X509CertificateGenerator.createSelfSigned({\n serialNumber: \"01\",\n name: \"C=AU, ST=Some-State, O=Internet Widgits Pty Ltd\",\n notBefore: new Date(),\n notAfter: addYears(Date.now(), 10),\n signingAlgorithm: alg,\n keys,\n });\n\n const certPem = cert.toString(\"pem\");\n const keyPem = x509.PemConverter.encode(\n await crypto.subtle.exportKey(\"pkcs8\", keys.privateKey as any),\n \"private key\"\n );\n\n return { certPem, keyPem, signatureHash };\n };\n\n encryptPacket(pkt: DtlsPlaintext) {\n const header = pkt.recordLayerHeader;\n const enc = this.cipher.encrypt(this.sessionType, pkt.fragment, {\n type: header.contentType,\n version: decode(\n Buffer.from(encode(header.protocolVersion, ProtocolVersion).slice()),\n { version: types.uint16be }\n ).version,\n epoch: header.epoch,\n sequenceNumber: header.sequenceNumber,\n });\n pkt.fragment = enc;\n pkt.recordLayerHeader.contentLen = enc.length;\n return pkt;\n }\n\n decryptPacket(pkt: DtlsPlaintext) {\n const header = pkt.recordLayerHeader;\n const dec = this.cipher.decrypt(this.sessionType, pkt.fragment, {\n type: header.contentType,\n version: decode(\n Buffer.from(encode(header.protocolVersion, ProtocolVersion).slice()),\n { version: types.uint16be }\n ).version,\n epoch: header.epoch,\n sequenceNumber: header.sequenceNumber,\n });\n return dec;\n }\n\n verifyData(buf: Buffer) {\n if (this.sessionType === SessionType.CLIENT)\n return prfVerifyDataClient(this.masterSecret, buf);\n else return prfVerifyDataServer(this.masterSecret, buf);\n }\n\n signatureData(data: Buffer, hash: string) {\n const signature = createSign(hash).update(data);\n const key = this.localPrivateKey.toPEM().toString();\n const signed = signature.sign(key);\n return signed;\n }\n\n generateKeySignature(hashAlgorithm: string) {\n const clientRandom =\n this.sessionType === SessionType.CLIENT\n ? this.localRandom\n : this.remoteRandom;\n const serverRandom =\n this.sessionType === SessionType.SERVER\n ? this.localRandom\n : this.remoteRandom;\n\n const sig = this.valueKeySignature(\n clientRandom.serialize(),\n serverRandom.serialize(),\n this.localKeyPair.publicKey,\n this.namedCurve\n );\n\n const enc = this.localPrivateKey.sign(sig, hashAlgorithm);\n return enc;\n }\n\n parseX509(certPem: string, keyPem: string, signatureHash: SignatureHash) {\n const cert = Certificate.fromPEM(Buffer.from(certPem));\n const sec = PrivateKey.fromPEM(Buffer.from(keyPem));\n this.localCert = cert.raw;\n this.localPrivateKey = sec;\n this.signatureHashAlgorithm = signatureHash;\n }\n\n private valueKeySignature(\n clientRandom: Buffer,\n serverRandom: Buffer,\n publicKey: Buffer,\n namedCurve: number\n ) {\n const serverParams = Buffer.from(\n encode(\n {\n type: CurveType.named_curve_3,\n curve: namedCurve,\n len: publicKey.length,\n },\n { type: types.uint8, curve: types.uint16be, len: types.uint8 }\n ).slice()\n );\n return Buffer.concat([clientRandom, serverRandom, serverParams, publicKey]);\n }\n}\n"]}
|
|
1
|
+
{"version":3,"file":"cipher.js","sourceRoot":"","sources":["../../../../../dtls/src/context/cipher.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,qCAAqD;AACrD,mDAA6C;AAC7C,qDAAuC;AACvC,6CAAoD;AACpD,mCAAoC;AACpC,iEAAyC;AAEzC,2CAQyB;AAEzB,uCAAyE;AACzE,wDAAsE;AAEtE,gDAAsD;AAItD,MAAM,MAAM,GAAG,IAAI,kBAAM,EAAE,CAAC;AAC5B,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,MAAa,CAAC,CAAC;AAEvC,MAAa,aAAa;IAcxB,YACS,WAAyB,EACzB,OAAgB,EAChB,MAAe,EACtB,sBAAsC;QAH/B,gBAAW,GAAX,WAAW,CAAc;QACzB,YAAO,GAAP,OAAO,CAAS;QAChB,WAAM,GAAN,MAAM,CAAS;QAGtB,IAAI,OAAO,IAAI,MAAM,IAAI,sBAAsB,EAAE;YAC/C,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,MAAM,EAAE,sBAAsB,CAAC,CAAC;SACzD;IACH,CAAC;IA2ED,aAAa,CAAC,GAAkB;QAC9B,MAAM,MAAM,GAAG,GAAG,CAAC,iBAAiB,CAAC;QACrC,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,WAAW,EAAE,GAAG,CAAC,QAAQ,EAAE;YAC9D,IAAI,EAAE,MAAM,CAAC,WAAW;YACxB,OAAO,EAAE,IAAA,oBAAM,EACb,MAAM,CAAC,IAAI,CAAC,IAAA,oBAAM,EAAC,MAAM,CAAC,eAAe,EAAE,wBAAe,CAAC,CAAC,KAAK,EAAE,CAAC,EACpE,EAAE,OAAO,EAAE,mBAAK,CAAC,QAAQ,EAAE,CAC5B,CAAC,OAAO;YACT,KAAK,EAAE,MAAM,CAAC,KAAK;YACnB,cAAc,EAAE,MAAM,CAAC,cAAc;SACtC,CAAC,CAAC;QACH,GAAG,CAAC,QAAQ,GAAG,GAAG,CAAC;QACnB,GAAG,CAAC,iBAAiB,CAAC,UAAU,GAAG,GAAG,CAAC,MAAM,CAAC;QAC9C,OAAO,GAAG,CAAC;IACb,CAAC;IAED,aAAa,CAAC,GAAkB;QAC9B,MAAM,MAAM,GAAG,GAAG,CAAC,iBAAiB,CAAC;QACrC,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,WAAW,EAAE,GAAG,CAAC,QAAQ,EAAE;YAC9D,IAAI,EAAE,MAAM,CAAC,WAAW;YACxB,OAAO,EAAE,IAAA,oBAAM,EACb,MAAM,CAAC,IAAI,CAAC,IAAA,oBAAM,EAAC,MAAM,CAAC,eAAe,EAAE,wBAAe,CAAC,CAAC,KAAK,EAAE,CAAC,EACpE,EAAE,OAAO,EAAE,mBAAK,CAAC,QAAQ,EAAE,CAC5B,CAAC,OAAO;YACT,KAAK,EAAE,MAAM,CAAC,KAAK;YACnB,cAAc,EAAE,MAAM,CAAC,cAAc;SACtC,CAAC,CAAC;QACH,OAAO,GAAG,CAAC;IACb,CAAC;IAED,UAAU,CAAC,GAAW;QACpB,IAAI,IAAI,CAAC,WAAW,KAAK,sBAAW,CAAC,MAAM;YACzC,OAAO,IAAA,yBAAmB,EAAC,IAAI,CAAC,YAAY,EAAE,GAAG,CAAC,CAAC;;YAChD,OAAO,IAAA,yBAAmB,EAAC,IAAI,CAAC,YAAY,EAAE,GAAG,CAAC,CAAC;IAC1D,CAAC;IAED,aAAa,CAAC,IAAY,EAAE,IAAY;QACtC,MAAM,SAAS,GAAG,IAAA,mBAAU,EAAC,IAAI,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QAChD,MAAM,GAAG,GAAG,IAAI,CAAC,eAAe,CAAC,KAAK,EAAE,CAAC,QAAQ,EAAE,CAAC;QACpD,MAAM,MAAM,GAAG,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACnC,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,oBAAoB,CAAC,aAAqB;QACxC,MAAM,YAAY,GAChB,IAAI,CAAC,WAAW,KAAK,sBAAW,CAAC,MAAM;YACrC,CAAC,CAAC,IAAI,CAAC,WAAW;YAClB,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC;QACxB,MAAM,YAAY,GAChB,IAAI,CAAC,WAAW,KAAK,sBAAW,CAAC,MAAM;YACrC,CAAC,CAAC,IAAI,CAAC,WAAW;YAClB,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC;QAExB,MAAM,GAAG,GAAG,IAAI,CAAC,iBAAiB,CAChC,YAAY,CAAC,SAAS,EAAE,EACxB,YAAY,CAAC,SAAS,EAAE,EACxB,IAAI,CAAC,YAAY,CAAC,SAAS,EAC3B,IAAI,CAAC,UAAU,CAChB,CAAC;QAEF,MAAM,GAAG,GAAG,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,GAAG,EAAE,aAAa,CAAC,CAAC;QAC1D,OAAO,GAAG,CAAC;IACb,CAAC;IAED,SAAS,CAAC,OAAe,EAAE,MAAc,EAAE,aAA4B;QACrE,MAAM,IAAI,GAAG,kBAAW,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;QACvD,MAAM,GAAG,GAAG,iBAAU,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC;QACpD,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC;QAC1B,IAAI,CAAC,eAAe,GAAG,GAAG,CAAC;QAC3B,IAAI,CAAC,sBAAsB,GAAG,aAAa,CAAC;IAC9C,CAAC;IAEO,iBAAiB,CACvB,YAAoB,EACpB,YAAoB,EACpB,SAAiB,EACjB,UAAkB;QAElB,MAAM,YAAY,GAAG,MAAM,CAAC,IAAI,CAC9B,IAAA,oBAAM,EACJ;YACE,IAAI,EAAE,iBAAS,CAAC,aAAa;YAC7B,KAAK,EAAE,UAAU;YACjB,GAAG,EAAE,SAAS,CAAC,MAAM;SACtB,EACD,EAAE,IAAI,EAAE,mBAAK,CAAC,KAAK,EAAE,KAAK,EAAE,mBAAK,CAAC,QAAQ,EAAE,GAAG,EAAE,mBAAK,CAAC,KAAK,EAAE,CAC/D,CAAC,KAAK,EAAE,CACV,CAAC;QACF,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,YAAY,EAAE,YAAY,EAAE,YAAY,EAAE,SAAS,CAAC,CAAC,CAAC;IAC9E,CAAC;;AA3LH,sCA4LC;;AAnKC;;;;GAIG;AACI,gDAAkC,GAAG,KAAK,EAC/C,aAA4B,EAC5B,mBAA0C,EAC1C,EAAE;IACF,MAAM,sBAAsB,GAAG,CAAC,GAAG,EAAE;QACnC,QAAQ,aAAa,CAAC,SAAS,EAAE;YAC/B,KAAK,0BAAkB,CAAC,KAAK;gBAC3B,OAAO,mBAAmB,CAAC;YAC7B,KAAK,0BAAkB,CAAC,OAAO;gBAC7B,OAAO,OAAO,CAAC;SAClB;IACH,CAAC,CAAC,EAAE,CAAC;IACL,MAAM,IAAI,GAAG,CAAC,GAAG,EAAE;QACjB,QAAQ,aAAa,CAAC,IAAI,EAAE;YAC1B,KAAK,qBAAa,CAAC,QAAQ;gBACzB,OAAO,SAAS,CAAC;SACpB;IACH,CAAC,CAAC,EAAE,CAAC;IACL,MAAM,UAAU,GAAG,CAAC,GAAG,EAAE;QACvB,QAAQ,mBAAmB,EAAE;YAC3B,KAAK,2BAAmB,CAAC,YAAY;gBACnC,OAAO,OAAO,CAAC;YACjB,KAAK,2BAAmB,CAAC,SAAS;gBAChC,6CAA6C;gBAC7C,IAAI,sBAAsB,KAAK,OAAO,EAAE;oBACtC,OAAO,OAAO,CAAC;iBAChB;gBACD,OAAO,QAAQ,CAAC;YAClB,OAAO,CAAC,CAAC;gBACP,IAAI,sBAAsB,KAAK,OAAO;oBAAE,OAAO,OAAO,CAAC;gBACvD,IAAI,sBAAsB,KAAK,mBAAmB;oBAAE,OAAO,QAAQ,CAAC;aACrE;SACF;IACH,CAAC,CAAC,EAAE,CAAC;IACL,MAAM,GAAG,GAAG,CAAC,GAAG,EAAE;QAChB,QAAQ,sBAAsB,EAAE;YAC9B,KAAK,OAAO;gBACV,OAAO,EAAE,IAAI,EAAE,sBAAsB,EAAE,IAAI,EAAE,UAAU,EAAE,CAAC;YAC5D,KAAK,mBAAmB;gBACtB,OAAO;oBACL,IAAI,EAAE,sBAAsB;oBAC5B,IAAI;oBACJ,cAAc,EAAE,IAAI,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;oBACzC,aAAa,EAAE,IAAI;iBACpB,CAAC;SACL;IACH,CAAC,CAAC,EAAE,CAAC;IAEL,MAAM,IAAI,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC;IAE5E,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,wBAAwB,CAAC,gBAAgB,CAAC;QAChE,YAAY,EAAE,IAAI;QAClB,IAAI,EAAE,iDAAiD;QACvD,SAAS,EAAE,IAAI,IAAI,EAAE;QACrB,QAAQ,EAAE,IAAA,kBAAQ,EAAC,IAAI,CAAC,GAAG,EAAE,EAAE,EAAE,CAAC;QAClC,gBAAgB,EAAE,GAAG;QACrB,IAAI;KACL,CAAC,CAAC;IAEH,MAAM,OAAO,GAAG,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IACrC,MAAM,MAAM,GAAG,IAAI,CAAC,YAAY,CAAC,MAAM,CACrC,MAAM,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,CAAC,UAAiB,CAAC,EAC9D,aAAa,CACd,CAAC;IAEF,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,aAAa,EAAE,CAAC;AAC5C,CAAE,CAAA","sourcesContent":["import { Certificate, PrivateKey } from \"@fidm/x509\";\nimport { Crypto } from \"@peculiar/webcrypto\";\nimport * as x509 from \"@peculiar/x509\";\nimport { decode, encode, types } from \"binary-data\";\nimport { createSign } from \"crypto\";\nimport addYears from \"date-fns/addYears\";\n\nimport {\n CipherSuites,\n CurveType,\n HashAlgorithm,\n NamedCurveAlgorithm,\n NamedCurveAlgorithms,\n SignatureAlgorithm,\n SignatureHash,\n} from \"../cipher/const\";\nimport { NamedCurveKeyPair } from \"../cipher/namedCurve\";\nimport { prfVerifyDataClient, prfVerifyDataServer } from \"../cipher/prf\";\nimport { SessionType, SessionTypes } from \"../cipher/suites/abstract\";\nimport AEADCipher from \"../cipher/suites/aead\";\nimport { ProtocolVersion } from \"../handshake/binary\";\nimport { DtlsRandom } from \"../handshake/random\";\nimport { DtlsPlaintext } from \"../record/message/plaintext\";\n\nconst crypto = new Crypto();\nx509.cryptoProvider.set(crypto as any);\n\nexport class CipherContext {\n localRandom!: DtlsRandom;\n remoteRandom!: DtlsRandom;\n cipherSuite!: CipherSuites;\n remoteCertificate?: Buffer;\n remoteKeyPair!: Partial<NamedCurveKeyPair>;\n localKeyPair!: NamedCurveKeyPair;\n masterSecret!: Buffer;\n cipher!: AEADCipher;\n namedCurve!: NamedCurveAlgorithms;\n signatureHashAlgorithm?: SignatureHash;\n localCert!: Buffer;\n localPrivateKey!: PrivateKey;\n\n constructor(\n public sessionType: SessionTypes,\n public certPem?: string,\n public keyPem?: string,\n signatureHashAlgorithm?: SignatureHash\n ) {\n if (certPem && keyPem && signatureHashAlgorithm) {\n this.parseX509(certPem, keyPem, signatureHashAlgorithm);\n }\n }\n\n /**\n *\n * @param signatureHash\n * @param namedCurveAlgorithm necessary when use ecdsa\n */\n static createSelfSignedCertificateWithKey = async (\n signatureHash: SignatureHash,\n namedCurveAlgorithm?: NamedCurveAlgorithms\n ) => {\n const signatureAlgorithmName = (() => {\n switch (signatureHash.signature) {\n case SignatureAlgorithm.rsa_1:\n return \"RSASSA-PKCS1-v1_5\";\n case SignatureAlgorithm.ecdsa_3:\n return \"ECDSA\";\n }\n })();\n const hash = (() => {\n switch (signatureHash.hash) {\n case HashAlgorithm.sha256_4:\n return \"SHA-256\";\n }\n })();\n const namedCurve = (() => {\n switch (namedCurveAlgorithm) {\n case NamedCurveAlgorithm.secp256r1_23:\n return \"P-256\";\n case NamedCurveAlgorithm.x25519_29:\n // todo fix (X25519 not supported with ECDSA)\n if (signatureAlgorithmName === \"ECDSA\") {\n return \"P-256\";\n }\n return \"X25519\";\n default: {\n if (signatureAlgorithmName === \"ECDSA\") return \"P-256\";\n if (signatureAlgorithmName === \"RSASSA-PKCS1-v1_5\") return \"X25519\";\n }\n }\n })();\n const alg = (() => {\n switch (signatureAlgorithmName) {\n case \"ECDSA\":\n return { name: signatureAlgorithmName, hash, namedCurve };\n case \"RSASSA-PKCS1-v1_5\":\n return {\n name: signatureAlgorithmName,\n hash,\n publicExponent: new Uint8Array([1, 0, 1]),\n modulusLength: 2048,\n };\n }\n })();\n\n const keys = await crypto.subtle.generateKey(alg, true, [\"sign\", \"verify\"]);\n\n const cert = await x509.X509CertificateGenerator.createSelfSigned({\n serialNumber: \"01\",\n name: \"C=AU, ST=Some-State, O=Internet Widgits Pty Ltd\",\n notBefore: new Date(),\n notAfter: addYears(Date.now(), 10),\n signingAlgorithm: alg,\n keys,\n });\n\n const certPem = cert.toString(\"pem\");\n const keyPem = x509.PemConverter.encode(\n await crypto.subtle.exportKey(\"pkcs8\", keys.privateKey as any),\n \"private key\"\n );\n\n return { certPem, keyPem, signatureHash };\n };\n\n encryptPacket(pkt: DtlsPlaintext) {\n const header = pkt.recordLayerHeader;\n const enc = this.cipher.encrypt(this.sessionType, pkt.fragment, {\n type: header.contentType,\n version: decode(\n Buffer.from(encode(header.protocolVersion, ProtocolVersion).slice()),\n { version: types.uint16be }\n ).version,\n epoch: header.epoch,\n sequenceNumber: header.sequenceNumber,\n });\n pkt.fragment = enc;\n pkt.recordLayerHeader.contentLen = enc.length;\n return pkt;\n }\n\n decryptPacket(pkt: DtlsPlaintext) {\n const header = pkt.recordLayerHeader;\n const dec = this.cipher.decrypt(this.sessionType, pkt.fragment, {\n type: header.contentType,\n version: decode(\n Buffer.from(encode(header.protocolVersion, ProtocolVersion).slice()),\n { version: types.uint16be }\n ).version,\n epoch: header.epoch,\n sequenceNumber: header.sequenceNumber,\n });\n return dec;\n }\n\n verifyData(buf: Buffer) {\n if (this.sessionType === SessionType.CLIENT)\n return prfVerifyDataClient(this.masterSecret, buf);\n else return prfVerifyDataServer(this.masterSecret, buf);\n }\n\n signatureData(data: Buffer, hash: string) {\n const signature = createSign(hash).update(data);\n const key = this.localPrivateKey.toPEM().toString();\n const signed = signature.sign(key);\n return signed;\n }\n\n generateKeySignature(hashAlgorithm: string) {\n const clientRandom =\n this.sessionType === SessionType.CLIENT\n ? this.localRandom\n : this.remoteRandom;\n const serverRandom =\n this.sessionType === SessionType.SERVER\n ? this.localRandom\n : this.remoteRandom;\n\n const sig = this.valueKeySignature(\n clientRandom.serialize(),\n serverRandom.serialize(),\n this.localKeyPair.publicKey,\n this.namedCurve\n );\n\n const enc = this.localPrivateKey.sign(sig, hashAlgorithm);\n return enc;\n }\n\n parseX509(certPem: string, keyPem: string, signatureHash: SignatureHash) {\n const cert = Certificate.fromPEM(Buffer.from(certPem));\n const sec = PrivateKey.fromPEM(Buffer.from(keyPem));\n this.localCert = cert.raw;\n this.localPrivateKey = sec;\n this.signatureHashAlgorithm = signatureHash;\n }\n\n private valueKeySignature(\n clientRandom: Buffer,\n serverRandom: Buffer,\n publicKey: Buffer,\n namedCurve: number\n ) {\n const serverParams = Buffer.from(\n encode(\n {\n type: CurveType.named_curve_3,\n curve: namedCurve,\n len: publicKey.length,\n },\n { type: types.uint8, curve: types.uint16be, len: types.uint8 }\n ).slice()\n );\n return Buffer.concat([clientRandom, serverRandom, serverParams, publicKey]);\n }\n}\n"]}
|
|
@@ -1,10 +1,13 @@
|
|
|
1
1
|
import { Message } from "./stun/message";
|
|
2
|
+
import { Address } from "./types/model";
|
|
2
3
|
export declare class TransactionError extends Error {
|
|
3
4
|
response?: Message;
|
|
5
|
+
addr?: Address;
|
|
4
6
|
}
|
|
5
7
|
export declare class TransactionFailed extends TransactionError {
|
|
6
8
|
response: Message;
|
|
7
|
-
|
|
9
|
+
addr: Address;
|
|
10
|
+
constructor(response: Message, addr: Address);
|
|
8
11
|
get str(): string;
|
|
9
12
|
}
|
|
10
13
|
export declare class TransactionTimeout extends TransactionError {
|
|
@@ -5,14 +5,16 @@ class TransactionError extends Error {
|
|
|
5
5
|
}
|
|
6
6
|
exports.TransactionError = TransactionError;
|
|
7
7
|
class TransactionFailed extends TransactionError {
|
|
8
|
-
constructor(response) {
|
|
8
|
+
constructor(response, addr) {
|
|
9
9
|
super();
|
|
10
10
|
this.response = response;
|
|
11
|
+
this.addr = addr;
|
|
11
12
|
}
|
|
12
13
|
get str() {
|
|
13
14
|
let out = "STUN transaction failed";
|
|
14
|
-
|
|
15
|
-
|
|
15
|
+
const attribute = this.response.getAttributeValue("ERROR-CODE");
|
|
16
|
+
if (attribute) {
|
|
17
|
+
const [code, msg] = attribute;
|
|
16
18
|
out += ` (${code} - ${msg})`;
|
|
17
19
|
}
|
|
18
20
|
return out;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"exceptions.js","sourceRoot":"","sources":["../../../../ice/src/exceptions.ts"],"names":[],"mappings":";;;
|
|
1
|
+
{"version":3,"file":"exceptions.js","sourceRoot":"","sources":["../../../../ice/src/exceptions.ts"],"names":[],"mappings":";;;AAGA,MAAa,gBAAiB,SAAQ,KAAK;CAG1C;AAHD,4CAGC;AAED,MAAa,iBAAkB,SAAQ,gBAAgB;IACrD,YAAmB,QAAiB,EAAS,IAAa;QACxD,KAAK,EAAE,CAAC;QADS,aAAQ,GAAR,QAAQ,CAAS;QAAS,SAAI,GAAJ,IAAI,CAAS;IAE1D,CAAC;IAED,IAAI,GAAG;QACL,IAAI,GAAG,GAAG,yBAAyB,CAAC;QACpC,MAAM,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC,iBAAiB,CAAC,YAAY,CAAC,CAAC;QAChE,IAAI,SAAS,EAAE;YACb,MAAM,CAAC,IAAI,EAAE,GAAG,CAAC,GAAG,SAAS,CAAC;YAC9B,GAAG,IAAI,KAAK,IAAI,MAAM,GAAG,GAAG,CAAC;SAC9B;QACD,OAAO,GAAG,CAAC;IACb,CAAC;CACF;AAdD,8CAcC;AAED,MAAa,kBAAmB,SAAQ,gBAAgB;IACtD,IAAI,GAAG;QACL,OAAO,4BAA4B,CAAC;IACtC,CAAC;CACF;AAJD,gDAIC","sourcesContent":["import { Message } from \"./stun/message\";\nimport { Address } from \"./types/model\";\n\nexport class TransactionError extends Error {\n response?: Message;\n addr?: Address;\n}\n\nexport class TransactionFailed extends TransactionError {\n constructor(public response: Message, public addr: Address) {\n super();\n }\n\n get str() {\n let out = \"STUN transaction failed\";\n const attribute = this.response.getAttributeValue(\"ERROR-CODE\");\n if (attribute) {\n const [code, msg] = attribute;\n out += ` (${code} - ${msg})`;\n }\n return out;\n }\n}\n\nexport class TransactionTimeout extends TransactionError {\n get str() {\n return \"STUN transaction timed out\";\n }\n}\n"]}
|
package/lib/ice/src/ice.d.ts
CHANGED
|
@@ -103,7 +103,7 @@ export interface IceOptions {
|
|
|
103
103
|
export declare function validateRemoteCandidate(candidate: Candidate): Candidate;
|
|
104
104
|
export declare function sortCandidatePairs(pairs: CandidatePair[], iceControlling: boolean): void;
|
|
105
105
|
export declare function candidatePairPriority(local: Candidate, remote: Candidate, iceControlling: boolean): number;
|
|
106
|
-
export declare function
|
|
106
|
+
export declare function getHostAddresses(useIpv4: boolean, useIpv6: boolean): string[];
|
|
107
107
|
export declare function serverReflexiveCandidate(protocol: Protocol, stunServer: Address): Promise<Candidate | undefined>;
|
|
108
108
|
export declare function validateAddress(addr?: Address): Address | undefined;
|
|
109
109
|
export {};
|
package/lib/ice/src/ice.js
CHANGED
|
@@ -1,7 +1,11 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
3
|
if (k2 === undefined) k2 = k;
|
|
4
|
-
Object.
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
5
9
|
}) : (function(o, m, k, k2) {
|
|
6
10
|
if (k2 === undefined) k2 = k;
|
|
7
11
|
o[k2] = m[k];
|
|
@@ -22,7 +26,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
|
22
26
|
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
23
27
|
};
|
|
24
28
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
25
|
-
exports.validateAddress = exports.serverReflexiveCandidate = exports.
|
|
29
|
+
exports.validateAddress = exports.serverReflexiveCandidate = exports.getHostAddresses = exports.candidatePairPriority = exports.sortCandidatePairs = exports.validateRemoteCandidate = exports.CandidatePairState = exports.CandidatePair = exports.Connection = void 0;
|
|
26
30
|
const crypto_1 = require("crypto");
|
|
27
31
|
const debug_1 = __importDefault(require("debug"));
|
|
28
32
|
const dns_1 = __importDefault(require("dns"));
|
|
@@ -31,6 +35,7 @@ const nodeIp = __importStar(require("ip"));
|
|
|
31
35
|
const isEqual_1 = __importDefault(require("lodash/isEqual"));
|
|
32
36
|
const range_1 = __importDefault(require("lodash/range"));
|
|
33
37
|
const net_1 = require("net");
|
|
38
|
+
const os_1 = __importDefault(require("os"));
|
|
34
39
|
const p_cancelable_1 = __importDefault(require("p-cancelable"));
|
|
35
40
|
const rx_mini_1 = require("rx.mini");
|
|
36
41
|
const promises_1 = __importDefault(require("timers/promises"));
|
|
@@ -94,6 +99,7 @@ class Connection {
|
|
|
94
99
|
}
|
|
95
100
|
}
|
|
96
101
|
catch (error) {
|
|
102
|
+
log("no stun response");
|
|
97
103
|
failures++;
|
|
98
104
|
this.setState("disconnected");
|
|
99
105
|
}
|
|
@@ -129,7 +135,7 @@ class Connection {
|
|
|
129
135
|
const request = this.buildRequest(pair, nominate);
|
|
130
136
|
const result = {};
|
|
131
137
|
try {
|
|
132
|
-
const [response, addr] = await pair.protocol.request(request, pair.remoteAddr, Buffer.from(this.remotePassword, "utf8"));
|
|
138
|
+
const [response, addr] = await pair.protocol.request(request, pair.remoteAddr, Buffer.from(this.remotePassword, "utf8"), 4);
|
|
133
139
|
log("response", response, addr);
|
|
134
140
|
result.response = response;
|
|
135
141
|
result.addr = addr;
|
|
@@ -138,7 +144,7 @@ class Connection {
|
|
|
138
144
|
const exc = error;
|
|
139
145
|
// 7.1.3.1. Failure Cases
|
|
140
146
|
log("failure case", exc.response);
|
|
141
|
-
if (exc.response?.
|
|
147
|
+
if (exc.response?.getAttributeValue("ERROR-CODE")[0] === 487) {
|
|
142
148
|
if (request.attributesKeys.includes("ICE-CONTROLLED")) {
|
|
143
149
|
this.switchRole(true);
|
|
144
150
|
}
|
|
@@ -218,7 +224,7 @@ class Connection {
|
|
|
218
224
|
if (!this.localCandidatesStart) {
|
|
219
225
|
this.localCandidatesStart = true;
|
|
220
226
|
this.promiseGatherCandidates = new rx_mini_1.Event();
|
|
221
|
-
const address =
|
|
227
|
+
const address = getHostAddresses(this.useIpv4, this.useIpv6);
|
|
222
228
|
for (const component of this._components) {
|
|
223
229
|
const candidates = await this.getComponentCandidates(component, address, 5, cb);
|
|
224
230
|
this.localCandidates = [...this.localCandidates, ...candidates];
|
|
@@ -292,7 +298,7 @@ class Connection {
|
|
|
292
298
|
// This coroutine returns if a candidate pair was successfully nominated
|
|
293
299
|
// and raises an exception otherwise.
|
|
294
300
|
// """
|
|
295
|
-
log("start connect ice");
|
|
301
|
+
log("start connect ice", this.localCandidates);
|
|
296
302
|
if (!this._localCandidatesEnd) {
|
|
297
303
|
if (!this.localCandidatesStart)
|
|
298
304
|
throw new Error("Local candidates gathering was not performed");
|
|
@@ -451,6 +457,7 @@ class Connection {
|
|
|
451
457
|
catch (error) {
|
|
452
458
|
return;
|
|
453
459
|
}
|
|
460
|
+
log("addRemoteCandidate", remoteCandidate);
|
|
454
461
|
this.remoteCandidates.push(remoteCandidate);
|
|
455
462
|
this.pairRemoteCandidate(remoteCandidate);
|
|
456
463
|
this.sortCheckList();
|
|
@@ -485,7 +492,7 @@ class Connection {
|
|
|
485
492
|
(0, message_1.parseMessage)(rawData, Buffer.from(this.localPassword, "utf8"));
|
|
486
493
|
if (!this.remoteUsername) {
|
|
487
494
|
const rxUsername = `${this.localUserName}:${this.remoteUsername}`;
|
|
488
|
-
if (message.
|
|
495
|
+
if (message.getAttributeValue("USERNAME") != rxUsername)
|
|
489
496
|
throw new Error("Wrong username");
|
|
490
497
|
}
|
|
491
498
|
}
|
|
@@ -496,7 +503,7 @@ class Connection {
|
|
|
496
503
|
const { iceControlling } = this;
|
|
497
504
|
// 7.2.1.1. Detecting and Repairing Role Conflicts
|
|
498
505
|
if (iceControlling && message.attributesKeys.includes("ICE-CONTROLLING")) {
|
|
499
|
-
if (this._tieBreaker >= message.
|
|
506
|
+
if (this._tieBreaker >= message.getAttributeValue("ICE-CONTROLLING")) {
|
|
500
507
|
this.respondError(message, addr, protocol, [487, "Role Conflict"]);
|
|
501
508
|
return;
|
|
502
509
|
}
|
|
@@ -506,7 +513,7 @@ class Connection {
|
|
|
506
513
|
}
|
|
507
514
|
else if (!iceControlling &&
|
|
508
515
|
message.attributesKeys.includes("ICE-CONTROLLED")) {
|
|
509
|
-
if (this._tieBreaker < message.
|
|
516
|
+
if (this._tieBreaker < message.getAttributeValue("ICE-CONTROLLED")) {
|
|
510
517
|
this.respondError(message, addr, protocol, [487, "Role Conflict"]);
|
|
511
518
|
}
|
|
512
519
|
else {
|
|
@@ -516,9 +523,10 @@ class Connection {
|
|
|
516
523
|
}
|
|
517
524
|
// # send binding response
|
|
518
525
|
const response = new message_1.Message(const_1.methods.BINDING, const_1.classes.RESPONSE, message.transactionId);
|
|
519
|
-
response
|
|
520
|
-
|
|
521
|
-
|
|
526
|
+
response
|
|
527
|
+
.setAttribute("XOR-MAPPED-ADDRESS", addr)
|
|
528
|
+
.addMessageIntegrity(Buffer.from(this.localPassword, "utf8"))
|
|
529
|
+
.addFingerprint();
|
|
522
530
|
protocol.sendStun(response, addr);
|
|
523
531
|
// todo fix
|
|
524
532
|
// if (this.checkList.length === 0) {
|
|
@@ -650,7 +658,7 @@ class Connection {
|
|
|
650
658
|
}
|
|
651
659
|
if (!remoteCandidate) {
|
|
652
660
|
// 7.2.1.3. Learning Peer Reflexive Candidates
|
|
653
|
-
remoteCandidate = new candidate_1.Candidate((0, helper_1.randomString)(10), component, "udp", message.
|
|
661
|
+
remoteCandidate = new candidate_1.Candidate((0, helper_1.randomString)(10), component, "udp", message.getAttributeValue("PRIORITY"), host, port, "prflx");
|
|
654
662
|
this.remoteCandidates.push(remoteCandidate);
|
|
655
663
|
}
|
|
656
664
|
// find pair
|
|
@@ -678,24 +686,26 @@ class Connection {
|
|
|
678
686
|
buildRequest(pair, nominate) {
|
|
679
687
|
const txUsername = `${this.remoteUsername}:${this.localUserName}`;
|
|
680
688
|
const request = new message_1.Message(const_1.methods.BINDING, const_1.classes.REQUEST);
|
|
681
|
-
request
|
|
682
|
-
|
|
689
|
+
request
|
|
690
|
+
.setAttribute("USERNAME", txUsername)
|
|
691
|
+
.setAttribute("PRIORITY", (0, candidate_1.candidatePriority)(pair.component, "prflx"));
|
|
683
692
|
if (this.iceControlling) {
|
|
684
|
-
request.
|
|
693
|
+
request.setAttribute("ICE-CONTROLLING", this._tieBreaker);
|
|
685
694
|
if (nominate) {
|
|
686
|
-
request.
|
|
695
|
+
request.setAttribute("USE-CANDIDATE", null);
|
|
687
696
|
}
|
|
688
697
|
}
|
|
689
698
|
else {
|
|
690
|
-
request.
|
|
699
|
+
request.setAttribute("ICE-CONTROLLED", this._tieBreaker);
|
|
691
700
|
}
|
|
692
701
|
return request;
|
|
693
702
|
}
|
|
694
703
|
respondError(request, addr, protocol, errorCode) {
|
|
695
704
|
const response = new message_1.Message(request.messageMethod, const_1.classes.ERROR, request.transactionId);
|
|
696
|
-
response
|
|
697
|
-
|
|
698
|
-
|
|
705
|
+
response
|
|
706
|
+
.setAttribute("ERROR-CODE", errorCode)
|
|
707
|
+
.addMessageIntegrity(Buffer.from(this.localPassword, "utf8"))
|
|
708
|
+
.addFingerprint();
|
|
699
709
|
protocol.sendStun(response, addr);
|
|
700
710
|
}
|
|
701
711
|
}
|
|
@@ -761,15 +771,46 @@ function candidatePairPriority(local, remote, iceControlling) {
|
|
|
761
771
|
return (1 << 32) * Math.min(G, D) + 2 * Math.max(G, D) + (G > D ? 1 : 0);
|
|
762
772
|
}
|
|
763
773
|
exports.candidatePairPriority = candidatePairPriority;
|
|
764
|
-
function
|
|
774
|
+
function nodeIpAddress(family) {
|
|
775
|
+
// https://chromium.googlesource.com/external/webrtc/+/master/rtc_base/network.cc#236
|
|
776
|
+
const costlyNetworks = ["ipsec", "tun", "utun", "tap"];
|
|
777
|
+
const banNetworks = ["vmnet", "veth"];
|
|
778
|
+
const interfaces = os_1.default.networkInterfaces();
|
|
779
|
+
const all = Object.keys(interfaces)
|
|
780
|
+
.map((nic) => {
|
|
781
|
+
for (const word of [...costlyNetworks, ...banNetworks]) {
|
|
782
|
+
if (nic.startsWith(word)) {
|
|
783
|
+
return {
|
|
784
|
+
nic,
|
|
785
|
+
addresses: [],
|
|
786
|
+
};
|
|
787
|
+
}
|
|
788
|
+
}
|
|
789
|
+
const addresses = interfaces[nic].filter((details) => details.family.toLowerCase() === family &&
|
|
790
|
+
!nodeIp.isLoopback(details.address));
|
|
791
|
+
return {
|
|
792
|
+
nic,
|
|
793
|
+
addresses: addresses.map((address) => address.address),
|
|
794
|
+
};
|
|
795
|
+
})
|
|
796
|
+
.filter((address) => !!address);
|
|
797
|
+
// os.networkInterfaces doesn't actually return addresses in a good order.
|
|
798
|
+
// have seen instances where en0 (ethernet) is after en1 (wlan), etc.
|
|
799
|
+
// eth0 > eth1
|
|
800
|
+
all.sort((a, b) => a.nic.localeCompare(b.nic));
|
|
801
|
+
return Object.values(all)
|
|
802
|
+
.map((entry) => entry.addresses)
|
|
803
|
+
.flat();
|
|
804
|
+
}
|
|
805
|
+
function getHostAddresses(useIpv4, useIpv6) {
|
|
765
806
|
const address = [];
|
|
766
807
|
if (useIpv4)
|
|
767
|
-
address.push(
|
|
808
|
+
address.push(...nodeIpAddress("ipv4"));
|
|
768
809
|
if (useIpv6)
|
|
769
|
-
address.push(
|
|
810
|
+
address.push(...nodeIpAddress("ipv6"));
|
|
770
811
|
return address;
|
|
771
812
|
}
|
|
772
|
-
exports.
|
|
813
|
+
exports.getHostAddresses = getHostAddresses;
|
|
773
814
|
async function serverReflexiveCandidate(protocol, stunServer) {
|
|
774
815
|
// """
|
|
775
816
|
// Query STUN server to obtain a server-reflexive candidate.
|
|
@@ -781,7 +822,7 @@ async function serverReflexiveCandidate(protocol, stunServer) {
|
|
|
781
822
|
const localCandidate = protocol.localCandidate;
|
|
782
823
|
if (!localCandidate)
|
|
783
824
|
throw new Error("not exist");
|
|
784
|
-
return new candidate_1.Candidate((0, candidate_1.candidateFoundation)("srflx", "udp", localCandidate.host), localCandidate.component, localCandidate.transport, (0, candidate_1.candidatePriority)(localCandidate.component, "srflx"), response.
|
|
825
|
+
return new candidate_1.Candidate((0, candidate_1.candidateFoundation)("srflx", "udp", localCandidate.host), localCandidate.component, localCandidate.transport, (0, candidate_1.candidatePriority)(localCandidate.component, "srflx"), response.getAttributeValue("XOR-MAPPED-ADDRESS")[0], response.getAttributeValue("XOR-MAPPED-ADDRESS")[1], "srflx", localCandidate.host, localCandidate.port);
|
|
785
826
|
}
|
|
786
827
|
catch (error) {
|
|
787
828
|
// todo fix
|