werift 0.15.10 → 0.16.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (164) hide show
  1. package/lib/common/src/index.d.ts +2 -0
  2. package/lib/common/src/index.js +2 -0
  3. package/lib/common/src/index.js.map +1 -1
  4. package/lib/common/src/log.d.ts +11 -0
  5. package/lib/common/src/log.js +17 -0
  6. package/lib/common/src/log.js.map +1 -0
  7. package/lib/common/src/network.d.ts +7 -3
  8. package/lib/common/src/network.js +15 -7
  9. package/lib/common/src/network.js.map +1 -1
  10. package/lib/common/src/type.d.ts +3 -0
  11. package/lib/common/src/type.js +3 -0
  12. package/lib/common/src/type.js.map +1 -0
  13. package/lib/dtls/src/context/cipher.js.map +1 -1
  14. package/lib/dtls/src/flight/server/flight2.js +10 -0
  15. package/lib/dtls/src/flight/server/flight2.js.map +1 -1
  16. package/lib/ice/src/ice.d.ts +3 -0
  17. package/lib/ice/src/ice.js +9 -2
  18. package/lib/ice/src/ice.js.map +1 -1
  19. package/lib/ice/src/stun/protocol.d.ts +2 -1
  20. package/lib/ice/src/stun/protocol.js +3 -3
  21. package/lib/ice/src/stun/protocol.js.map +1 -1
  22. package/lib/ice/src/transport.d.ts +4 -2
  23. package/lib/ice/src/transport.js +8 -6
  24. package/lib/ice/src/transport.js.map +1 -1
  25. package/lib/ice/src/turn/protocol.d.ts +3 -1
  26. package/lib/ice/src/turn/protocol.js +2 -2
  27. package/lib/ice/src/turn/protocol.js.map +1 -1
  28. package/lib/ice/src/utils.d.ts +2 -1
  29. package/lib/ice/src/utils.js +2 -2
  30. package/lib/ice/src/utils.js.map +1 -1
  31. package/lib/rtp/src/codec/index.d.ts +18 -0
  32. package/lib/rtp/src/codec/index.js +81 -0
  33. package/lib/rtp/src/codec/index.js.map +1 -0
  34. package/lib/rtp/src/codec/vp8.d.ts +5 -3
  35. package/lib/rtp/src/codec/vp8.js +19 -5
  36. package/lib/rtp/src/codec/vp8.js.map +1 -1
  37. package/lib/rtp/src/container/webm.d.ts +6 -1
  38. package/lib/rtp/src/container/webm.js +9 -2
  39. package/lib/rtp/src/container/webm.js.map +1 -1
  40. package/lib/rtp/src/index.d.ts +2 -6
  41. package/lib/rtp/src/index.js +2 -6
  42. package/lib/rtp/src/index.js.map +1 -1
  43. package/lib/rtp/src/processor/base.d.ts +3 -1
  44. package/lib/rtp/src/processor/base.js +19 -6
  45. package/lib/rtp/src/processor/base.js.map +1 -1
  46. package/lib/rtp/src/processor/jitterBuffer.js +1 -2
  47. package/lib/rtp/src/processor/jitterBuffer.js.map +1 -1
  48. package/lib/rtp/src/processor/lipsync.js +22 -2
  49. package/lib/rtp/src/processor/lipsync.js.map +1 -1
  50. package/lib/rtp/src/processor/webm.d.ts +11 -7
  51. package/lib/rtp/src/processor/webm.js +16 -41
  52. package/lib/rtp/src/processor/webm.js.map +1 -1
  53. package/lib/rtp/src/processor_v2/depacketizer.d.ts +17 -0
  54. package/lib/rtp/src/processor_v2/depacketizer.js +84 -0
  55. package/lib/rtp/src/processor_v2/depacketizer.js.map +1 -0
  56. package/lib/rtp/src/processor_v2/index.d.ts +4 -0
  57. package/lib/rtp/src/processor_v2/index.js +21 -0
  58. package/lib/rtp/src/processor_v2/index.js.map +1 -0
  59. package/lib/rtp/src/processor_v2/jitterBuffer.d.ts +33 -0
  60. package/lib/rtp/src/processor_v2/jitterBuffer.js +154 -0
  61. package/lib/rtp/src/processor_v2/jitterBuffer.js.map +1 -0
  62. package/lib/rtp/src/processor_v2/source/base.d.ts +8 -0
  63. package/lib/rtp/src/processor_v2/source/base.js +16 -0
  64. package/lib/rtp/src/processor_v2/source/base.js.map +1 -0
  65. package/lib/rtp/src/processor_v2/source/index.d.ts +2 -0
  66. package/lib/rtp/src/processor_v2/source/index.js +6 -0
  67. package/lib/rtp/src/processor_v2/source/index.js.map +1 -0
  68. package/lib/rtp/src/processor_v2/source/rtp.d.ts +14 -0
  69. package/lib/rtp/src/processor_v2/source/rtp.js +24 -0
  70. package/lib/rtp/src/processor_v2/source/rtp.js.map +1 -0
  71. package/lib/rtp/src/processor_v2/webmLive.d.ts +51 -0
  72. package/lib/rtp/src/processor_v2/webmLive.js +154 -0
  73. package/lib/rtp/src/processor_v2/webmLive.js.map +1 -0
  74. package/lib/rtp/src/rtcp/header.d.ts +2 -1
  75. package/lib/rtp/src/rtcp/header.js +3 -2
  76. package/lib/rtp/src/rtcp/header.js.map +1 -1
  77. package/lib/rtp/src/rtcp/rr.d.ts +2 -0
  78. package/lib/rtp/src/rtcp/rr.js.map +1 -1
  79. package/lib/rtp/src/rtcp/rtcp.js +4 -4
  80. package/lib/rtp/src/rtcp/rtcp.js.map +1 -1
  81. package/lib/rtp/src/rtcp/rtpfb/index.js +1 -1
  82. package/lib/rtp/src/rtcp/rtpfb/index.js.map +1 -1
  83. package/lib/rtp/src/rtcp/rtpfb/nack.js +15 -7
  84. package/lib/rtp/src/rtcp/rtpfb/nack.js.map +1 -1
  85. package/lib/rtp/src/rtp/red/packet.d.ts +1 -0
  86. package/lib/rtp/src/rtp/red/packet.js.map +1 -1
  87. package/lib/rtp/src/rtp/rtp.d.ts +1 -0
  88. package/lib/rtp/src/rtp/rtp.js +27 -26
  89. package/lib/rtp/src/rtp/rtp.js.map +1 -1
  90. package/lib/rtp/src/srtp/cipher/ctr.d.ts +1 -1
  91. package/lib/rtp/src/srtp/cipher/ctr.js +14 -20
  92. package/lib/rtp/src/srtp/cipher/ctr.js.map +1 -1
  93. package/lib/webrtc/src/dataChannel.js +1 -1
  94. package/lib/webrtc/src/dataChannel.js.map +1 -1
  95. package/lib/webrtc/src/media/extension/rtpExtension.d.ts +2 -0
  96. package/lib/webrtc/src/media/extension/rtpExtension.js +8 -1
  97. package/lib/webrtc/src/media/extension/rtpExtension.js.map +1 -1
  98. package/lib/webrtc/src/media/parameters.d.ts +2 -0
  99. package/lib/webrtc/src/media/parameters.js +1 -0
  100. package/lib/webrtc/src/media/parameters.js.map +1 -1
  101. package/lib/webrtc/src/media/receiver/nack.d.ts +10 -5
  102. package/lib/webrtc/src/media/receiver/nack.js +44 -27
  103. package/lib/webrtc/src/media/receiver/nack.js.map +1 -1
  104. package/lib/webrtc/src/media/receiver/receiverTwcc.js +1 -1
  105. package/lib/webrtc/src/media/receiver/receiverTwcc.js.map +1 -1
  106. package/lib/webrtc/src/media/receiver/red.d.ts +1 -1
  107. package/lib/webrtc/src/media/receiver/red.js +14 -3
  108. package/lib/webrtc/src/media/receiver/red.js.map +1 -1
  109. package/lib/webrtc/src/media/router.d.ts +10 -3
  110. package/lib/webrtc/src/media/router.js +2 -0
  111. package/lib/webrtc/src/media/router.js.map +1 -1
  112. package/lib/webrtc/src/media/rtpReceiver.d.ts +11 -3
  113. package/lib/webrtc/src/media/rtpReceiver.js +42 -23
  114. package/lib/webrtc/src/media/rtpReceiver.js.map +1 -1
  115. package/lib/webrtc/src/media/rtpSender.d.ts +23 -2
  116. package/lib/webrtc/src/media/rtpSender.js +34 -10
  117. package/lib/webrtc/src/media/rtpSender.js.map +1 -1
  118. package/lib/webrtc/src/media/rtpTransceiver.d.ts +5 -1
  119. package/lib/webrtc/src/media/rtpTransceiver.js +9 -9
  120. package/lib/webrtc/src/media/rtpTransceiver.js.map +1 -1
  121. package/lib/webrtc/src/media/track.js +4 -2
  122. package/lib/webrtc/src/media/track.js.map +1 -1
  123. package/lib/webrtc/src/nonstandard/recorder/index.d.ts +5 -1
  124. package/lib/webrtc/src/nonstandard/recorder/index.js +2 -2
  125. package/lib/webrtc/src/nonstandard/recorder/index.js.map +1 -1
  126. package/lib/webrtc/src/nonstandard/recorder/writer/index.d.ts +1 -1
  127. package/lib/webrtc/src/nonstandard/recorder/writer/index.js +1 -1
  128. package/lib/webrtc/src/nonstandard/recorder/writer/index.js.map +1 -1
  129. package/lib/webrtc/src/nonstandard/recorder/writer/webm.d.ts +3 -3
  130. package/lib/webrtc/src/nonstandard/recorder/writer/webm.js +61 -41
  131. package/lib/webrtc/src/nonstandard/recorder/writer/webm.js.map +1 -1
  132. package/lib/webrtc/src/peerConnection.d.ts +13 -0
  133. package/lib/webrtc/src/peerConnection.js +40 -3
  134. package/lib/webrtc/src/peerConnection.js.map +1 -1
  135. package/lib/webrtc/src/sdp.d.ts +1 -0
  136. package/lib/webrtc/src/sdp.js +4 -0
  137. package/lib/webrtc/src/sdp.js.map +1 -1
  138. package/lib/webrtc/src/transport/dtls.js +6 -1
  139. package/lib/webrtc/src/transport/dtls.js.map +1 -1
  140. package/lib/webrtc/src/transport/sctp.js +1 -1
  141. package/lib/webrtc/src/transport/sctp.js.map +1 -1
  142. package/lib/webrtc/src/utils.d.ts +7 -2
  143. package/lib/webrtc/src/utils.js +9 -3
  144. package/lib/webrtc/src/utils.js.map +1 -1
  145. package/package.json +2 -2
  146. package/src/dataChannel.ts +1 -1
  147. package/src/media/extension/rtpExtension.ts +8 -0
  148. package/src/media/parameters.ts +3 -0
  149. package/src/media/receiver/nack.ts +45 -26
  150. package/src/media/receiver/receiverTwcc.ts +1 -1
  151. package/src/media/receiver/red.ts +14 -1
  152. package/src/media/router.ts +5 -3
  153. package/src/media/rtpReceiver.ts +59 -28
  154. package/src/media/rtpSender.ts +38 -12
  155. package/src/media/rtpTransceiver.ts +10 -8
  156. package/src/media/track.ts +6 -2
  157. package/src/nonstandard/recorder/index.ts +6 -2
  158. package/src/nonstandard/recorder/writer/index.ts +1 -1
  159. package/src/nonstandard/recorder/writer/webm.ts +105 -57
  160. package/src/peerConnection.ts +61 -7
  161. package/src/sdp.ts +3 -0
  162. package/src/transport/dtls.ts +5 -1
  163. package/src/transport/sctp.ts +1 -1
  164. package/src/utils.ts +8 -2
package/lib/common/src/index.d.ts CHANGED
@@ -3,3 +3,5 @@ export * from "./number";
3
3
  export * from "./promise";
4
4
  export * from "./network";
5
5
  export * from "./array";
6
+ export * from "./type";
7
+ export * from "./log";
package/lib/common/src/index.js CHANGED
@@ -19,4 +19,6 @@ __exportStar(require("./number"), exports);
19
19
  __exportStar(require("./promise"), exports);
20
20
  __exportStar(require("./network"), exports);
21
21
  __exportStar(require("./array"), exports);
22
+ __exportStar(require("./type"), exports);
23
+ __exportStar(require("./log"), exports);
22
24
  //# sourceMappingURL=index.js.map
package/lib/common/src/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../common/src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,2CAAyB;AACzB,2CAAyB;AACzB,4CAA0B;AAC1B,4CAA0B;AAC1B,0CAAwB","sourcesContent":["export * from \"./binary\";\nexport * from \"./number\";\nexport * from \"./promise\";\nexport * from \"./network\";\nexport * from \"./array\";\n"]}
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../common/src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,2CAAyB;AACzB,2CAAyB;AACzB,4CAA0B;AAC1B,4CAA0B;AAC1B,0CAAwB;AACxB,yCAAuB;AACvB,wCAAsB","sourcesContent":["export * from \"./binary\";\nexport * from \"./number\";\nexport * from \"./promise\";\nexport * from \"./network\";\nexport * from \"./array\";\nexport * from \"./type\";\nexport * from \"./log\";\n"]}
package/lib/common/src/log.d.ts ADDED
@@ -0,0 +1,11 @@
1
+ export declare class WeriftError extends Error {
2
+ message: string;
3
+ payload?: object;
4
+ path?: string;
5
+ constructor(props: Pick<WeriftError, "message" | "payload" | "path">);
6
+ toJSON(): {
7
+ message: string;
8
+ payload: any;
9
+ path: string | undefined;
10
+ };
11
+ }
package/lib/common/src/log.js ADDED
@@ -0,0 +1,17 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.WeriftError = void 0;
4
+ class WeriftError extends Error {
5
+ constructor(props) {
6
+ super(props.message);
7
+ }
8
+ toJSON() {
9
+ return {
10
+ message: this.message,
11
+ payload: JSON.parse(JSON.stringify(this.payload)),
12
+ path: this.path,
13
+ };
14
+ }
15
+ }
16
+ exports.WeriftError = WeriftError;
17
+ //# sourceMappingURL=log.js.map
package/lib/common/src/log.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"log.js","sourceRoot":"","sources":["../../../../common/src/log.ts"],"names":[],"mappings":";;;AAAA,MAAa,WAAY,SAAQ,KAAK;IAKpC,YAAY,KAAwD;QAClE,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IACvB,CAAC;IAED,MAAM;QACJ,OAAO;YACL,OAAO,EAAE,IAAI,CAAC,OAAO;YACrB,OAAO,EAAE,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YACjD,IAAI,EAAE,IAAI,CAAC,IAAI;SAChB,CAAC;IACJ,CAAC;CACF;AAhBD,kCAgBC","sourcesContent":["export class WeriftError extends Error {\n message!: string;\n payload?: object;\n path?: string;\n\n constructor(props: Pick<WeriftError, \"message\" | \"payload\" | \"path\">) {\n super(props.message);\n }\n\n toJSON() {\n return {\n message: this.message,\n payload: JSON.parse(JSON.stringify(this.payload)),\n path: this.path,\n };\n }\n}\n"]}
package/lib/common/src/network.d.ts CHANGED
@@ -1,5 +1,9 @@
1
1
  /// <reference types="node" />
2
2
  import { SocketType } from "dgram";
3
- export declare function randomPort(protocol?: SocketType): Promise<number>;
4
- export declare function randomPorts(num: number, protocol?: SocketType): Promise<number[]>;
5
- export declare function findPort(min: number, max: number, protocol?: SocketType): Promise<number>;
3
+ export declare type InterfaceAddresses = {
4
+ [K in SocketType]?: string;
5
+ };
6
+ export declare const interfaceAddress: (type: SocketType, interfaceAddresses: InterfaceAddresses | undefined) => string | undefined;
7
+ export declare function randomPort(protocol?: SocketType, interfaceAddresses?: InterfaceAddresses): Promise<number>;
8
+ export declare function randomPorts(num: number, protocol?: SocketType, interfaceAddresses?: InterfaceAddresses): Promise<number[]>;
9
+ export declare function findPort(min: number, max: number, protocol?: SocketType, interfaceAddresses?: InterfaceAddresses): Promise<number>;
package/lib/common/src/network.js CHANGED
@@ -1,10 +1,15 @@
1
1
  "use strict";
2
2
  Object.defineProperty(exports, "__esModule", { value: true });
3
- exports.findPort = exports.randomPorts = exports.randomPort = void 0;
3
+ exports.findPort = exports.randomPorts = exports.randomPort = exports.interfaceAddress = void 0;
4
4
  const dgram_1 = require("dgram");
5
- async function randomPort(protocol = "udp4") {
5
+ const interfaceAddress = (type, interfaceAddresses) => (interfaceAddresses ? interfaceAddresses[type] : undefined);
6
+ exports.interfaceAddress = interfaceAddress;
7
+ async function randomPort(protocol = "udp4", interfaceAddresses) {
6
8
  const socket = (0, dgram_1.createSocket)(protocol);
7
- setImmediate(() => socket.bind(0));
9
+ setImmediate(() => socket.bind({
10
+ port: 0,
11
+ address: (0, exports.interfaceAddress)(protocol, interfaceAddresses),
12
+ }));
8
13
  await new Promise((r) => {
9
14
  socket.once("error", r);
10
15
  socket.once("listening", r);
@@ -14,15 +19,18 @@ async function randomPort(protocol = "udp4") {
14
19
  return port;
15
20
  }
16
21
  exports.randomPort = randomPort;
17
- async function randomPorts(num, protocol = "udp4") {
18
- return Promise.all([...Array(num)].map(() => randomPort(protocol)));
22
+ async function randomPorts(num, protocol = "udp4", interfaceAddresses) {
23
+ return Promise.all([...Array(num)].map(() => randomPort(protocol, interfaceAddresses)));
19
24
  }
20
25
  exports.randomPorts = randomPorts;
21
- async function findPort(min, max, protocol = "udp4") {
26
+ async function findPort(min, max, protocol = "udp4", interfaceAddresses) {
22
27
  let port;
23
28
  for (let i = min; i <= max; i++) {
24
29
  const socket = (0, dgram_1.createSocket)(protocol);
25
- setImmediate(() => socket.bind(i));
30
+ setImmediate(() => socket.bind({
31
+ port: i,
32
+ address: (0, exports.interfaceAddress)(protocol, interfaceAddresses),
33
+ }));
26
34
  await new Promise((r) => {
27
35
  socket.once("error", r);
28
36
  socket.once("listening", r);
package/lib/common/src/network.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"network.js","sourceRoot":"","sources":["../../../../common/src/network.ts"],"names":[],"mappings":";;;AAAA,iCAAiD;AAE1C,KAAK,UAAU,UAAU,CAAC,WAAuB,MAAM;IAC5D,MAAM,MAAM,GAAG,IAAA,oBAAY,EAAC,QAAQ,CAAC,CAAC;IAEtC,YAAY,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;IAEnC,MAAM,IAAI,OAAO,CAAO,CAAC,CAAC,EAAE,EAAE;QAC5B,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;QACxB,MAAM,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC;IAC9B,CAAC,CAAC,CAAC;IAEH,MAAM,IAAI,GAAG,MAAM,CAAC,OAAO,EAAE,EAAE,IAAI,CAAC;IACpC,MAAM,IAAI,OAAO,CAAO,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IACxD,OAAO,IAAI,CAAC;AACd,CAAC;AAbD,gCAaC;AAEM,KAAK,UAAU,WAAW,CAAC,GAAW,EAAE,WAAuB,MAAM;IAC1E,OAAO,OAAO,CAAC,GAAG,CAAC,CAAC,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;AACtE,CAAC;AAFD,kCAEC;AAEM,KAAK,UAAU,QAAQ,CAC5B,GAAW,EACX,GAAW,EACX,WAAuB,MAAM;IAE7B,IAAI,IAAwB,CAAC;IAE7B,KAAK,IAAI,CAAC,GAAG,GAAG,EAAE,CAAC,IAAI,GAAG,EAAE,CAAC,EAAE,EAAE;QAC/B,MAAM,MAAM,GAAG,IAAA,oBAAY,EAAC,QAAQ,CAAC,CAAC;QAEtC,YAAY,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;QAEnC,MAAM,IAAI,OAAO,CAAO,CAAC,CAAC,EAAE,EAAE;YAC5B,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;YACxB,MAAM,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC;QAC9B,CAAC,CAAC,CAAC;QAEH,IAAI,GAAG,MAAM,CAAC,OAAO,EAAE,EAAE,IAAI,CAAC;QAC9B,MAAM,IAAI,OAAO,CAAO,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QACxD,IAAI,GAAG,IAAI,IAAI,IAAI,IAAI,IAAI,GAAG,EAAE;YAC9B,MAAM;SACP;KACF;IAED,IAAI,CAAC,IAAI;QAAE,MAAM,IAAI,KAAK,CAAC,gBAAgB,CAAC,CAAC;IAE7C,OAAO,IAAI,CAAC;AACd,CAAC;AA3BD,4BA2BC","sourcesContent":["import { createSocket, SocketType } from \"dgram\";\n\nexport async function randomPort(protocol: SocketType = \"udp4\") {\n const socket = createSocket(protocol);\n\n setImmediate(() => socket.bind(0));\n\n await new Promise<void>((r) => {\n socket.once(\"error\", r);\n socket.once(\"listening\", r);\n });\n\n const port = socket.address()?.port;\n await new Promise<void>((r) => socket.close(() => r()));\n return port;\n}\n\nexport async function randomPorts(num: number, protocol: SocketType = \"udp4\") {\n return Promise.all([...Array(num)].map(() => randomPort(protocol)));\n}\n\nexport async function findPort(\n min: number,\n max: number,\n protocol: SocketType = \"udp4\"\n) {\n let port: number | undefined;\n\n for (let i = min; i <= max; i++) {\n const socket = createSocket(protocol);\n\n setImmediate(() => socket.bind(i));\n\n await new Promise<void>((r) => {\n socket.once(\"error\", r);\n socket.once(\"listening\", r);\n });\n\n port = socket.address()?.port;\n await new Promise<void>((r) => socket.close(() => r()));\n if (min <= port && port <= max) {\n break;\n }\n }\n\n if (!port) throw new Error(\"port not found\");\n\n return port;\n}\n"]}
1
+ {"version":3,"file":"network.js","sourceRoot":"","sources":["../../../../common/src/network.ts"],"names":[],"mappings":";;;AAAA,iCAAiD;AAM1C,MAAM,gBAAgB,GAAG,CAC9B,IAAgB,EAChB,kBAAkD,EAClD,EAAE,CAAC,CAAC,kBAAkB,CAAC,CAAC,CAAC,kBAAkB,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC;AAHpD,QAAA,gBAAgB,oBAGoC;AAE1D,KAAK,UAAU,UAAU,CAC9B,WAAuB,MAAM,EAC7B,kBAAuC;IAEvC,MAAM,MAAM,GAAG,IAAA,oBAAY,EAAC,QAAQ,CAAC,CAAC;IAEtC,YAAY,CAAC,GAAG,EAAE,CAChB,MAAM,CAAC,IAAI,CAAC;QACV,IAAI,EAAE,CAAC;QACP,OAAO,EAAE,IAAA,wBAAgB,EAAC,QAAQ,EAAE,kBAAkB,CAAC;KACxD,CAAC,CACH,CAAC;IAEF,MAAM,IAAI,OAAO,CAAO,CAAC,CAAC,EAAE,EAAE;QAC5B,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;QACxB,MAAM,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC;IAC9B,CAAC,CAAC,CAAC;IAEH,MAAM,IAAI,GAAG,MAAM,CAAC,OAAO,EAAE,EAAE,IAAI,CAAC;IACpC,MAAM,IAAI,OAAO,CAAO,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IACxD,OAAO,IAAI,CAAC;AACd,CAAC;AArBD,gCAqBC;AAEM,KAAK,UAAU,WAAW,CAC/B,GAAW,EACX,WAAuB,MAAM,EAC7B,kBAAuC;IAEvC,OAAO,OAAO,CAAC,GAAG,CAChB,CAAC,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,QAAQ,EAAE,kBAAkB,CAAC,CAAC,CACpE,CAAC;AACJ,CAAC;AARD,kCAQC;AAEM,KAAK,UAAU,QAAQ,CAC5B,GAAW,EACX,GAAW,EACX,WAAuB,MAAM,EAC7B,kBAAuC;IAEvC,IAAI,IAAwB,CAAC;IAE7B,KAAK,IAAI,CAAC,GAAG,GAAG,EAAE,CAAC,IAAI,GAAG,EAAE,CAAC,EAAE,EAAE;QAC/B,MAAM,MAAM,GAAG,IAAA,oBAAY,EAAC,QAAQ,CAAC,CAAC;QAEtC,YAAY,CAAC,GAAG,EAAE,CAChB,MAAM,CAAC,IAAI,CAAC;YACV,IAAI,EAAE,CAAC;YACP,OAAO,EAAE,IAAA,wBAAgB,EAAC,QAAQ,EAAE,kBAAkB,CAAC;SACxD,CAAC,CACH,CAAC;QAEF,MAAM,IAAI,OAAO,CAAO,CAAC,CAAC,EAAE,EAAE;YAC5B,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;YACxB,MAAM,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC;QAC9B,CAAC,CAAC,CAAC;QAEH,IAAI,GAAG,MAAM,CAAC,OAAO,EAAE,EAAE,IAAI,CAAC;QAC9B,MAAM,IAAI,OAAO,CAAO,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QACxD,IAAI,GAAG,IAAI,IAAI,IAAI,IAAI,IAAI,GAAG,EAAE;YAC9B,MAAM;SACP;KACF;IAED,IAAI,CAAC,IAAI;QAAE,MAAM,IAAI,KAAK,CAAC,gBAAgB,CAAC,CAAC;IAE7C,OAAO,IAAI,CAAC;AACd,CAAC;AAjCD,4BAiCC","sourcesContent":["import { createSocket, SocketType } from \"dgram\";\n\nexport type InterfaceAddresses = {\n [K in SocketType]?: string;\n};\n\nexport const interfaceAddress = (\n type: SocketType,\n interfaceAddresses: InterfaceAddresses | undefined\n) => (interfaceAddresses ? interfaceAddresses[type] : undefined);\n\nexport async function randomPort(\n protocol: SocketType = \"udp4\",\n interfaceAddresses?: InterfaceAddresses\n) {\n const socket = createSocket(protocol);\n\n setImmediate(() =>\n socket.bind({\n port: 0,\n address: interfaceAddress(protocol, interfaceAddresses),\n })\n );\n\n await new Promise<void>((r) => {\n socket.once(\"error\", r);\n socket.once(\"listening\", r);\n });\n\n const port = socket.address()?.port;\n await new Promise<void>((r) => socket.close(() => r()));\n return port;\n}\n\nexport async function randomPorts(\n num: number,\n protocol: SocketType = \"udp4\",\n interfaceAddresses?: InterfaceAddresses\n) {\n return Promise.all(\n [...Array(num)].map(() => randomPort(protocol, interfaceAddresses))\n );\n}\n\nexport async function findPort(\n min: number,\n max: number,\n protocol: SocketType = \"udp4\",\n interfaceAddresses?: InterfaceAddresses\n) {\n let port: number | undefined;\n\n for (let i = min; i <= max; i++) {\n const socket = createSocket(protocol);\n\n setImmediate(() =>\n socket.bind({\n port: i,\n address: interfaceAddress(protocol, interfaceAddresses),\n })\n );\n\n await new Promise<void>((r) => {\n socket.once(\"error\", r);\n socket.once(\"listening\", r);\n });\n\n port = socket.address()?.port;\n await new Promise<void>((r) => socket.close(() => r()));\n if (min <= port && port <= max) {\n break;\n }\n }\n\n if (!port) throw new Error(\"port not found\");\n\n return port;\n}\n"]}
package/lib/common/src/type.d.ts ADDED
@@ -0,0 +1,3 @@
1
+ export declare type RequireAtLeastOne<T> = {
2
+ [K in keyof T]-?: Required<Pick<T, K>> & Partial<Pick<T, Exclude<keyof T, K>>>;
3
+ }[keyof T];
package/lib/common/src/type.js ADDED
@@ -0,0 +1,3 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ //# sourceMappingURL=type.js.map
package/lib/common/src/type.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"type.js","sourceRoot":"","sources":["../../../../common/src/type.ts"],"names":[],"mappings":"","sourcesContent":["export type RequireAtLeastOne<T> = {\n [K in keyof T]-?: Required<Pick<T, K>> &\n Partial<Pick<T, Exclude<keyof T, K>>>;\n}[keyof T];\n"]}
package/lib/dtls/src/context/cipher.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"cipher.js","sourceRoot":"","sources":["../../../../../dtls/src/context/cipher.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,qCAAqD;AACrD,mDAA6C;AAC7C,qDAAuC;AACvC,6CAAoD;AACpD,iDAAgD;AAChD,iEAAyC;AAEzC,2CAQyB;AAEzB,uCAAyE;AACzE,wDAAsE;AAEtE,gDAAsD;AAItD,MAAM,MAAM,GAAG,IAAI,kBAAM,EAAE,CAAC;AAC5B,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,MAAa,CAAC,CAAC;AAEvC,MAAa,aAAa;IAcxB,YACS,WAAyB,EACzB,OAAgB,EAChB,MAAe,EACtB,sBAAsC;QAH/B,gBAAW,GAAX,WAAW,CAAc;QACzB,YAAO,GAAP,OAAO,CAAS;QAChB,WAAM,GAAN,MAAM,CAAS;QAGtB,IAAI,OAAO,IAAI,MAAM,IAAI,sBAAsB,EAAE;YAC/C,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,MAAM,EAAE,sBAAsB,CAAC,CAAC;SACzD;IACH,CAAC;IA2ED,aAAa,CAAC,GAAkB;QAC9B,MAAM,MAAM,GAAG,GAAG,CAAC,iBAAiB,CAAC;QACrC,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,WAAW,EAAE,GAAG,CAAC,QAAQ,EAAE;YAC9D,IAAI,EAAE,MAAM,CAAC,WAAW;YACxB,OAAO,EAAE,IAAA,oBAAM,EACb,MAAM,CAAC,IAAI,CAAC,IAAA,oBAAM,EAAC,MAAM,CAAC,eAAe,EAAE,wBAAe,CAAC,CAAC,KAAK,EAAE,CAAC,EACpE,EAAE,OAAO,EAAE,mBAAK,CAAC,QAAQ,EAAE,CAC5B,CAAC,OAAO;YACT,KAAK,EAAE,MAAM,CAAC,KAAK;YACnB,cAAc,EAAE,MAAM,CAAC,cAAc;SACtC,CAAC,CAAC;QACH,GAAG,CAAC,QAAQ,GAAG,GAAG,CAAC;QACnB,GAAG,CAAC,iBAAiB,CAAC,UAAU,GAAG,GAAG,CAAC,MAAM,CAAC;QAC9C,OAAO,GAAG,CAAC;IACb,CAAC;IAED,aAAa,CAAC,GAAkB;QAC9B,MAAM,MAAM,GAAG,GAAG,CAAC,iBAAiB,CAAC;QACrC,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,WAAW,EAAE,GAAG,CAAC,QAAQ,EAAE;YAC9D,IAAI,EAAE,MAAM,CAAC,WAAW;YACxB,OAAO,EAAE,IAAA,oBAAM,EACb,MAAM,CAAC,IAAI,CAAC,IAAA,oBAAM,EAAC,MAAM,CAAC,eAAe,EAAE,wBAAe,CAAC,CAAC,KAAK,EAAE,CAAC,EACpE,EAAE,OAAO,EAAE,mBAAK,CAAC,QAAQ,EAAE,CAC5B,CAAC,OAAO;YACT,KAAK,EAAE,MAAM,CAAC,KAAK;YACnB,cAAc,EAAE,MAAM,CAAC,cAAc;SACtC,CAAC,CAAC;QACH,OAAO,GAAG,CAAC;IACb,CAAC;IAED,UAAU,CAAC,GAAW;QACpB,IAAI,IAAI,CAAC,WAAW,KAAK,sBAAW,CAAC,MAAM;YACzC,OAAO,IAAA,yBAAmB,EAAC,IAAI,CAAC,YAAY,EAAE,GAAG,CAAC,CAAC;;YAChD,OAAO,IAAA,yBAAmB,EAAC,IAAI,CAAC,YAAY,EAAE,GAAG,CAAC,CAAC;IAC1D,CAAC;IAED,aAAa,CAAC,IAAY,EAAE,IAAY;QACtC,MAAM,SAAS,GAAG,IAAA,mBAAU,EAAC,IAAI,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QAChD,MAAM,GAAG,GAAG,IAAI,CAAC,eAAe,CAAC,KAAK,EAAE,CAAC,QAAQ,EAAE,CAAC;QACpD,MAAM,MAAM,GAAG,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACnC,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,oBAAoB,CAAC,aAAqB;QACxC,MAAM,YAAY,GAChB,IAAI,CAAC,WAAW,KAAK,sBAAW,CAAC,MAAM;YACrC,CAAC,CAAC,IAAI,CAAC,WAAW;YAClB,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC;QACxB,MAAM,YAAY,GAChB,IAAI,CAAC,WAAW,KAAK,sBAAW,CAAC,MAAM;YACrC,CAAC,CAAC,IAAI,CAAC,WAAW;YAClB,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC;QAExB,MAAM,GAAG,GAAG,IAAI,CAAC,iBAAiB,CAChC,YAAY,CAAC,SAAS,EAAE,EACxB,YAAY,CAAC,SAAS,EAAE,EACxB,IAAI,CAAC,YAAY,CAAC,SAAS,EAC3B,IAAI,CAAC,UAAU,CAChB,CAAC;QAEF,MAAM,GAAG,GAAG,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,GAAG,EAAE,aAAa,CAAC,CAAC;QAC1D,OAAO,GAAG,CAAC;IACb,CAAC;IAED,SAAS,CAAC,OAAe,EAAE,MAAc,EAAE,aAA4B;QACrE,MAAM,IAAI,GAAG,kBAAW,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;QACvD,MAAM,GAAG,GAAG,iBAAU,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC;QACpD,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC;QAC1B,IAAI,CAAC,eAAe,GAAG,GAAG,CAAC;QAC3B,IAAI,CAAC,sBAAsB,GAAG,aAAa,CAAC;IAC9C,CAAC;IAEO,iBAAiB,CACvB,YAAoB,EACpB,YAAoB,EACpB,SAAiB,EACjB,UAAkB;QAElB,MAAM,YAAY,GAAG,MAAM,CAAC,IAAI,CAC9B,IAAA,oBAAM,EACJ;YACE,IAAI,EAAE,iBAAS,CAAC,aAAa;YAC7B,KAAK,EAAE,UAAU;YACjB,GAAG,EAAE,SAAS,CAAC,MAAM;SACtB,EACD,EAAE,IAAI,EAAE,mBAAK,CAAC,KAAK,EAAE,KAAK,EAAE,mBAAK,CAAC,QAAQ,EAAE,GAAG,EAAE,mBAAK,CAAC,KAAK,EAAE,CAC/D,CAAC,KAAK,EAAE,CACV,CAAC;QACF,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,YAAY,EAAE,YAAY,EAAE,YAAY,EAAE,SAAS,CAAC,CAAC,CAAC;IAC9E,CAAC;;AA3LH,sCA4LC;;AAnKC;;;;GAIG;AACI,gDAAkC,GAAG,KAAK,EAC/C,aAA4B,EAC5B,mBAA0C,EAC1C,EAAE;IACF,MAAM,sBAAsB,GAAG,CAAC,GAAG,EAAE;QACnC,QAAQ,aAAa,CAAC,SAAS,EAAE;YAC/B,KAAK,0BAAkB,CAAC,KAAK;gBAC3B,OAAO,mBAAmB,CAAC;YAC7B,KAAK,0BAAkB,CAAC,OAAO;gBAC7B,OAAO,OAAO,CAAC;SAClB;IACH,CAAC,CAAC,EAAE,CAAC;IACL,MAAM,IAAI,GAAG,CAAC,GAAG,EAAE;QACjB,QAAQ,aAAa,CAAC,IAAI,EAAE;YAC1B,KAAK,qBAAa,CAAC,QAAQ;gBACzB,OAAO,SAAS,CAAC;SACpB;IACH,CAAC,CAAC,EAAE,CAAC;IACL,MAAM,UAAU,GAAG,CAAC,GAAG,EAAE;QACvB,QAAQ,mBAAmB,EAAE;YAC3B,KAAK,2BAAmB,CAAC,YAAY;gBACnC,OAAO,OAAO,CAAC;YACjB,KAAK,2BAAmB,CAAC,SAAS;gBAChC,6CAA6C;gBAC7C,IAAI,sBAAsB,KAAK,OAAO,EAAE;oBACtC,OAAO,OAAO,CAAC;iBAChB;gBACD,OAAO,QAAQ,CAAC;YAClB,OAAO,CAAC,CAAC;gBACP,IAAI,sBAAsB,KAAK,OAAO;oBAAE,OAAO,OAAO,CAAC;gBACvD,IAAI,sBAAsB,KAAK,mBAAmB;oBAAE,OAAO,QAAQ,CAAC;aACrE;SACF;IACH,CAAC,CAAC,EAAE,CAAC;IACL,MAAM,GAAG,GAAG,CAAC,GAAG,EAAE;QAChB,QAAQ,sBAAsB,EAAE;YAC9B,KAAK,OAAO;gBACV,OAAO,EAAE,IAAI,EAAE,sBAAsB,EAAE,IAAI,EAAE,UAAU,EAAE,CAAC;YAC5D,KAAK,mBAAmB;gBACtB,OAAO;oBACL,IAAI,EAAE,sBAAsB;oBAC5B,IAAI;oBACJ,cAAc,EAAE,IAAI,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;oBACzC,aAAa,EAAE,IAAI;iBACpB,CAAC;SACL;IACH,CAAC,CAAC,EAAE,CAAC;IAEL,MAAM,IAAI,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC;IAE5E,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,wBAAwB,CAAC,gBAAgB,CAAC;QAChE,YAAY,EAAE,gBAAU,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC;QACvD,IAAI,EAAE,iDAAiD;QACvD,SAAS,EAAE,IAAI,IAAI,EAAE;QACrB,QAAQ,EAAE,IAAA,kBAAQ,EAAC,IAAI,CAAC,GAAG,EAAE,EAAE,EAAE,CAAC;QAClC,gBAAgB,EAAE,GAAG;QACrB,IAAI;KACL,CAAC,CAAC;IAEH,MAAM,OAAO,GAAG,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IACrC,MAAM,MAAM,GAAG,IAAI,CAAC,YAAY,CAAC,MAAM,CACrC,MAAM,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,CAAC,UAAiB,CAAC,EAC9D,aAAa,CACd,CAAC;IAEF,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,aAAa,EAAE,CAAC;AAC5C,CAAE,CAAA","sourcesContent":["import { Certificate, PrivateKey } from \"@fidm/x509\";\nimport { Crypto } from \"@peculiar/webcrypto\";\nimport * as x509 from \"@peculiar/x509\";\nimport { decode, encode, types } from \"binary-data\";\nimport nodeCrypto, { createSign } from \"crypto\";\nimport addYears from \"date-fns/addYears\";\n\nimport {\n CipherSuites,\n CurveType,\n HashAlgorithm,\n NamedCurveAlgorithm,\n NamedCurveAlgorithms,\n SignatureAlgorithm,\n SignatureHash,\n} from \"../cipher/const\";\nimport { NamedCurveKeyPair } from \"../cipher/namedCurve\";\nimport { prfVerifyDataClient, prfVerifyDataServer } from \"../cipher/prf\";\nimport { SessionType, SessionTypes } from \"../cipher/suites/abstract\";\nimport AEADCipher from \"../cipher/suites/aead\";\nimport { ProtocolVersion } from \"../handshake/binary\";\nimport { DtlsRandom } from \"../handshake/random\";\nimport { DtlsPlaintext } from \"../record/message/plaintext\";\n\nconst crypto = new Crypto();\nx509.cryptoProvider.set(crypto as any);\n\nexport class CipherContext {\n localRandom!: DtlsRandom;\n remoteRandom!: DtlsRandom;\n cipherSuite!: CipherSuites;\n remoteCertificate?: Buffer;\n remoteKeyPair!: Partial<NamedCurveKeyPair>;\n localKeyPair!: NamedCurveKeyPair;\n masterSecret!: Buffer;\n cipher!: AEADCipher;\n namedCurve!: NamedCurveAlgorithms;\n signatureHashAlgorithm?: SignatureHash;\n localCert!: Buffer;\n localPrivateKey!: PrivateKey;\n\n constructor(\n public sessionType: SessionTypes,\n public certPem?: string,\n public keyPem?: string,\n signatureHashAlgorithm?: SignatureHash\n ) {\n if (certPem && keyPem && signatureHashAlgorithm) {\n this.parseX509(certPem, keyPem, signatureHashAlgorithm);\n }\n }\n\n /**\n *\n * @param signatureHash\n * @param namedCurveAlgorithm necessary when use ecdsa\n */\n static createSelfSignedCertificateWithKey = async (\n signatureHash: SignatureHash,\n namedCurveAlgorithm?: NamedCurveAlgorithms\n ) => {\n const signatureAlgorithmName = (() => {\n switch (signatureHash.signature) {\n case SignatureAlgorithm.rsa_1:\n return \"RSASSA-PKCS1-v1_5\";\n case SignatureAlgorithm.ecdsa_3:\n return \"ECDSA\";\n }\n })();\n const hash = (() => {\n switch (signatureHash.hash) {\n case HashAlgorithm.sha256_4:\n return \"SHA-256\";\n }\n })();\n const namedCurve = (() => {\n switch (namedCurveAlgorithm) {\n case NamedCurveAlgorithm.secp256r1_23:\n return \"P-256\";\n case NamedCurveAlgorithm.x25519_29:\n // todo fix (X25519 not supported with ECDSA)\n if (signatureAlgorithmName === \"ECDSA\") {\n return \"P-256\";\n }\n return \"X25519\";\n default: {\n if (signatureAlgorithmName === \"ECDSA\") return \"P-256\";\n if (signatureAlgorithmName === \"RSASSA-PKCS1-v1_5\") return \"X25519\";\n }\n }\n })();\n const alg = (() => {\n switch (signatureAlgorithmName) {\n case \"ECDSA\":\n return { name: signatureAlgorithmName, hash, namedCurve };\n case \"RSASSA-PKCS1-v1_5\":\n return {\n name: signatureAlgorithmName,\n hash,\n publicExponent: new Uint8Array([1, 0, 1]),\n modulusLength: 2048,\n };\n }\n })();\n\n const keys = await crypto.subtle.generateKey(alg, true, [\"sign\", \"verify\"]);\n\n const cert = await x509.X509CertificateGenerator.createSelfSigned({\n serialNumber: nodeCrypto.randomBytes(8).toString(\"hex\"),\n name: \"C=AU, ST=Some-State, O=Internet Widgits Pty Ltd\",\n notBefore: new Date(),\n notAfter: addYears(Date.now(), 10),\n signingAlgorithm: alg,\n keys,\n });\n\n const certPem = cert.toString(\"pem\");\n const keyPem = x509.PemConverter.encode(\n await crypto.subtle.exportKey(\"pkcs8\", keys.privateKey as any),\n \"private key\"\n );\n\n return { certPem, keyPem, signatureHash };\n };\n\n encryptPacket(pkt: DtlsPlaintext) {\n const header = pkt.recordLayerHeader;\n const enc = this.cipher.encrypt(this.sessionType, pkt.fragment, {\n type: header.contentType,\n version: decode(\n Buffer.from(encode(header.protocolVersion, ProtocolVersion).slice()),\n { version: types.uint16be }\n ).version,\n epoch: header.epoch,\n sequenceNumber: header.sequenceNumber,\n });\n pkt.fragment = enc;\n pkt.recordLayerHeader.contentLen = enc.length;\n return pkt;\n }\n\n decryptPacket(pkt: DtlsPlaintext) {\n const header = pkt.recordLayerHeader;\n const dec = this.cipher.decrypt(this.sessionType, pkt.fragment, {\n type: header.contentType,\n version: decode(\n Buffer.from(encode(header.protocolVersion, ProtocolVersion).slice()),\n { version: types.uint16be }\n ).version,\n epoch: header.epoch,\n sequenceNumber: header.sequenceNumber,\n });\n return dec;\n }\n\n verifyData(buf: Buffer) {\n if (this.sessionType === SessionType.CLIENT)\n return prfVerifyDataClient(this.masterSecret, buf);\n else return prfVerifyDataServer(this.masterSecret, buf);\n }\n\n signatureData(data: Buffer, hash: string) {\n const signature = createSign(hash).update(data);\n const key = this.localPrivateKey.toPEM().toString();\n const signed = signature.sign(key);\n return signed;\n }\n\n generateKeySignature(hashAlgorithm: string) {\n const clientRandom =\n this.sessionType === SessionType.CLIENT\n ? this.localRandom\n : this.remoteRandom;\n const serverRandom =\n this.sessionType === SessionType.SERVER\n ? this.localRandom\n : this.remoteRandom;\n\n const sig = this.valueKeySignature(\n clientRandom.serialize(),\n serverRandom.serialize(),\n this.localKeyPair.publicKey,\n this.namedCurve\n );\n\n const enc = this.localPrivateKey.sign(sig, hashAlgorithm);\n return enc;\n }\n\n parseX509(certPem: string, keyPem: string, signatureHash: SignatureHash) {\n const cert = Certificate.fromPEM(Buffer.from(certPem));\n const sec = PrivateKey.fromPEM(Buffer.from(keyPem));\n this.localCert = cert.raw;\n this.localPrivateKey = sec;\n this.signatureHashAlgorithm = signatureHash;\n }\n\n private valueKeySignature(\n clientRandom: Buffer,\n serverRandom: Buffer,\n publicKey: Buffer,\n namedCurve: number\n ) {\n const serverParams = Buffer.from(\n encode(\n {\n type: CurveType.named_curve_3,\n curve: namedCurve,\n len: publicKey.length,\n },\n { type: types.uint8, curve: types.uint16be, len: types.uint8 }\n ).slice()\n );\n return Buffer.concat([clientRandom, serverRandom, serverParams, publicKey]);\n }\n}\n"]}
1
+ {"version":3,"file":"cipher.js","sourceRoot":"","sources":["../../../../../dtls/src/context/cipher.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,qCAAqD;AACrD,mDAA6C;AAC7C,qDAAuC;AACvC,6CAAoD;AACpD,iDAAgD;AAChD,iEAAyC;AAEzC,2CAQyB;AAEzB,uCAAyE;AACzE,wDAAsE;AAEtE,gDAAsD;AAItD,MAAM,MAAM,GAAG,IAAI,kBAAM,EAAE,CAAC;AAC5B,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,MAAa,CAAC,CAAC;AAEvC,MAAa,aAAa;IAcxB,YACS,WAAyB,EACzB,OAAgB,EAChB,MAAe,EACtB,sBAAsC;QAH/B,gBAAW,GAAX,WAAW,CAAc;QACzB,YAAO,GAAP,OAAO,CAAS;QAChB,WAAM,GAAN,MAAM,CAAS;QAGtB,IAAI,OAAO,IAAI,MAAM,IAAI,sBAAsB,EAAE;YAC/C,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,MAAM,EAAE,sBAAsB,CAAC,CAAC;SACzD;IACH,CAAC;IA2ED,aAAa,CAAC,GAAkB;QAC9B,MAAM,MAAM,GAAG,GAAG,CAAC,iBAAiB,CAAC;QACrC,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,WAAW,EAAE,GAAG,CAAC,QAAQ,EAAE;YAC9D,IAAI,EAAE,MAAM,CAAC,WAAW;YACxB,OAAO,EAAE,IAAA,oBAAM,EACb,MAAM,CAAC,IAAI,CAAC,IAAA,oBAAM,EAAC,MAAM,CAAC,eAAe,EAAE,wBAAe,CAAC,CAAC,KAAK,EAAE,CAAC,EACpE,EAAE,OAAO,EAAE,mBAAK,CAAC,QAAQ,EAAE,CAC5B,CAAC,OAAO;YACT,KAAK,EAAE,MAAM,CAAC,KAAK;YACnB,cAAc,EAAE,MAAM,CAAC,cAAc;SACtC,CAAC,CAAC;QACH,GAAG,CAAC,QAAQ,GAAG,GAAG,CAAC;QACnB,GAAG,CAAC,iBAAiB,CAAC,UAAU,GAAG,GAAG,CAAC,MAAM,CAAC;QAC9C,OAAO,GAAG,CAAC;IACb,CAAC;IAED,aAAa,CAAC,GAAkB;QAC9B,MAAM,MAAM,GAAG,GAAG,CAAC,iBAAiB,CAAC;QACrC,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,WAAW,EAAE,GAAG,CAAC,QAAQ,EAAE;YAC9D,IAAI,EAAE,MAAM,CAAC,WAAW;YACxB,OAAO,EAAE,IAAA,oBAAM,EACb,MAAM,CAAC,IAAI,CAAC,IAAA,oBAAM,EAAC,MAAM,CAAC,eAAe,EAAE,wBAAe,CAAC,CAAC,KAAK,EAAE,CAAC,EACpE,EAAE,OAAO,EAAE,mBAAK,CAAC,QAAQ,EAAE,CAC5B,CAAC,OAAO;YACT,KAAK,EAAE,MAAM,CAAC,KAAK;YACnB,cAAc,EAAE,MAAM,CAAC,cAAc;SACtC,CAAC,CAAC;QACH,OAAO,GAAG,CAAC;IACb,CAAC;IAED,UAAU,CAAC,GAAW;QACpB,IAAI,IAAI,CAAC,WAAW,KAAK,sBAAW,CAAC,MAAM;YACzC,OAAO,IAAA,yBAAmB,EAAC,IAAI,CAAC,YAAY,EAAE,GAAG,CAAC,CAAC;;YAChD,OAAO,IAAA,yBAAmB,EAAC,IAAI,CAAC,YAAY,EAAE,GAAG,CAAC,CAAC;IAC1D,CAAC;IAED,aAAa,CAAC,IAAY,EAAE,IAAY;QACtC,MAAM,SAAS,GAAG,IAAA,mBAAU,EAAC,IAAI,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QAChD,MAAM,GAAG,GAAG,IAAI,CAAC,eAAe,CAAC,KAAK,EAAE,CAAC,QAAQ,EAAE,CAAC;QACpD,MAAM,MAAM,GAAG,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACnC,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,oBAAoB,CAAC,aAAqB;QACxC,MAAM,YAAY,GAChB,IAAI,CAAC,WAAW,KAAK,sBAAW,CAAC,MAAM;YACrC,CAAC,CAAC,IAAI,CAAC,WAAW;YAClB,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC;QACxB,MAAM,YAAY,GAChB,IAAI,CAAC,WAAW,KAAK,sBAAW,CAAC,MAAM;YACrC,CAAC,CAAC,IAAI,CAAC,WAAW;YAClB,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC;QAExB,MAAM,GAAG,GAAG,IAAI,CAAC,iBAAiB,CAChC,YAAY,CAAC,SAAS,EAAE,EACxB,YAAY,CAAC,SAAS,EAAE,EACxB,IAAI,CAAC,YAAY,CAAC,SAAS,EAC3B,IAAI,CAAC,UAAU,CAChB,CAAC;QAEF,MAAM,GAAG,GAAG,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,GAAG,EAAE,aAAa,CAAC,CAAC;QAC1D,OAAO,GAAG,CAAC;IACb,CAAC;IAED,SAAS,CAAC,OAAe,EAAE,MAAc,EAAE,aAA4B;QACrE,MAAM,IAAI,GAAG,kBAAW,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;QACvD,MAAM,GAAG,GAAG,iBAAU,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC;QACpD,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC;QAC1B,IAAI,CAAC,eAAe,GAAG,GAAG,CAAC;QAC3B,IAAI,CAAC,sBAAsB,GAAG,aAAa,CAAC;IAC9C,CAAC;IAEO,iBAAiB,CACvB,YAAoB,EACpB,YAAoB,EACpB,SAAiB,EACjB,UAAkB;QAElB,MAAM,YAAY,GAAG,MAAM,CAAC,IAAI,CAC9B,IAAA,oBAAM,EACJ;YACE,IAAI,EAAE,iBAAS,CAAC,aAAa;YAC7B,KAAK,EAAE,UAAU;YACjB,GAAG,EAAE,SAAS,CAAC,MAAM;SACtB,EACD,EAAE,IAAI,EAAE,mBAAK,CAAC,KAAK,EAAE,KAAK,EAAE,mBAAK,CAAC,QAAQ,EAAE,GAAG,EAAE,mBAAK,CAAC,KAAK,EAAE,CAC/D,CAAC,KAAK,EAAE,CACV,CAAC;QACF,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,YAAY,EAAE,YAAY,EAAE,YAAY,EAAE,SAAS,CAAC,CAAC,CAAC;IAC9E,CAAC;;AA3LH,sCA4LC;;AAnKC;;;;GAIG;AACI,gDAAkC,GAAG,KAAK,EAC/C,aAA4B,EAC5B,mBAA0C,EAC1C,EAAE;IACF,MAAM,sBAAsB,GAAG,CAAC,GAAG,EAAE;QACnC,QAAQ,aAAa,CAAC,SAAS,EAAE;YAC/B,KAAK,0BAAkB,CAAC,KAAK;gBAC3B,OAAO,mBAAmB,CAAC;YAC7B,KAAK,0BAAkB,CAAC,OAAO;gBAC7B,OAAO,OAAO,CAAC;SAClB;IACH,CAAC,CAAC,EAAE,CAAC;IACL,MAAM,IAAI,GAAG,CAAC,GAAG,EAAE;QACjB,QAAQ,aAAa,CAAC,IAAI,EAAE;YAC1B,KAAK,qBAAa,CAAC,QAAQ;gBACzB,OAAO,SAAS,CAAC;SACpB;IACH,CAAC,CAAC,EAAE,CAAC;IACL,MAAM,UAAU,GAAG,CAAC,GAAG,EAAE;QACvB,QAAQ,mBAAmB,EAAE;YAC3B,KAAK,2BAAmB,CAAC,YAAY;gBACnC,OAAO,OAAO,CAAC;YACjB,KAAK,2BAAmB,CAAC,SAAS;gBAChC,6CAA6C;gBAC7C,IAAI,sBAAsB,KAAK,OAAO,EAAE;oBACtC,OAAO,OAAO,CAAC;iBAChB;gBACD,OAAO,QAAQ,CAAC;YAClB,OAAO,CAAC,CAAC;gBACP,IAAI,sBAAsB,KAAK,OAAO;oBAAE,OAAO,OAAO,CAAC;gBACvD,IAAI,sBAAsB,KAAK,mBAAmB;oBAAE,OAAO,QAAQ,CAAC;aACrE;SACF;IACH,CAAC,CAAC,EAAE,CAAC;IACL,MAAM,GAAG,GAAG,CAAC,GAAG,EAAE;QAChB,QAAQ,sBAAsB,EAAE;YAC9B,KAAK,OAAO;gBACV,OAAO,EAAE,IAAI,EAAE,sBAAsB,EAAE,IAAI,EAAE,UAAU,EAAE,CAAC;YAC5D,KAAK,mBAAmB;gBACtB,OAAO;oBACL,IAAI,EAAE,sBAAsB;oBAC5B,IAAI;oBACJ,cAAc,EAAE,IAAI,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;oBACzC,aAAa,EAAE,IAAI;iBACpB,CAAC;SACL;IACH,CAAC,CAAC,EAAE,CAAC;IAEL,MAAM,IAAI,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC;IAE5E,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,wBAAwB,CAAC,gBAAgB,CAAC;QAChE,YAAY,EAAE,gBAAU,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC;QACvD,IAAI,EAAE,iDAAiD;QACvD,SAAS,EAAE,IAAI,IAAI,EAAE;QACrB,QAAQ,EAAE,IAAA,kBAAQ,EAAC,IAAI,CAAC,GAAG,EAAE,EAAE,EAAE,CAAC;QAClC,gBAAgB,EAAE,GAAG;QACrB,IAAI;KACL,CAAC,CAAC;IAEH,MAAM,OAAO,GAAG,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IACrC,MAAM,MAAM,GAAG,IAAI,CAAC,YAAY,CAAC,MAAM,CACrC,MAAM,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,CAAC,UAAiB,CAAC,EAC9D,aAAa,CACd,CAAC;IAEF,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,aAAa,EAAE,CAAC;AAC5C,CAAC,CAAC","sourcesContent":["import { Certificate, PrivateKey } from \"@fidm/x509\";\nimport { Crypto } from \"@peculiar/webcrypto\";\nimport * as x509 from \"@peculiar/x509\";\nimport { decode, encode, types } from \"binary-data\";\nimport nodeCrypto, { createSign } from \"crypto\";\nimport addYears from \"date-fns/addYears\";\n\nimport {\n CipherSuites,\n CurveType,\n HashAlgorithm,\n NamedCurveAlgorithm,\n NamedCurveAlgorithms,\n SignatureAlgorithm,\n SignatureHash,\n} from \"../cipher/const\";\nimport { NamedCurveKeyPair } from \"../cipher/namedCurve\";\nimport { prfVerifyDataClient, prfVerifyDataServer } from \"../cipher/prf\";\nimport { SessionType, SessionTypes } from \"../cipher/suites/abstract\";\nimport AEADCipher from \"../cipher/suites/aead\";\nimport { ProtocolVersion } from \"../handshake/binary\";\nimport { DtlsRandom } from \"../handshake/random\";\nimport { DtlsPlaintext } from \"../record/message/plaintext\";\n\nconst crypto = new Crypto();\nx509.cryptoProvider.set(crypto as any);\n\nexport class CipherContext {\n localRandom!: DtlsRandom;\n remoteRandom!: DtlsRandom;\n cipherSuite!: CipherSuites;\n remoteCertificate?: Buffer;\n remoteKeyPair!: Partial<NamedCurveKeyPair>;\n localKeyPair!: NamedCurveKeyPair;\n masterSecret!: Buffer;\n cipher!: AEADCipher;\n namedCurve!: NamedCurveAlgorithms;\n signatureHashAlgorithm?: SignatureHash;\n localCert!: Buffer;\n localPrivateKey!: PrivateKey;\n\n constructor(\n public sessionType: SessionTypes,\n public certPem?: string,\n public keyPem?: string,\n signatureHashAlgorithm?: SignatureHash\n ) {\n if (certPem && keyPem && signatureHashAlgorithm) {\n this.parseX509(certPem, keyPem, signatureHashAlgorithm);\n }\n }\n\n /**\n *\n * @param signatureHash\n * @param namedCurveAlgorithm necessary when use ecdsa\n */\n static createSelfSignedCertificateWithKey = async (\n signatureHash: SignatureHash,\n namedCurveAlgorithm?: NamedCurveAlgorithms\n ) => {\n const signatureAlgorithmName = (() => {\n switch (signatureHash.signature) {\n case SignatureAlgorithm.rsa_1:\n return \"RSASSA-PKCS1-v1_5\";\n case SignatureAlgorithm.ecdsa_3:\n return \"ECDSA\";\n }\n })();\n const hash = (() => {\n switch (signatureHash.hash) {\n case HashAlgorithm.sha256_4:\n return \"SHA-256\";\n }\n })();\n const namedCurve = (() => {\n switch (namedCurveAlgorithm) {\n case NamedCurveAlgorithm.secp256r1_23:\n return \"P-256\";\n case NamedCurveAlgorithm.x25519_29:\n // todo fix (X25519 not supported with ECDSA)\n if (signatureAlgorithmName === \"ECDSA\") {\n return \"P-256\";\n }\n return \"X25519\";\n default: {\n if (signatureAlgorithmName === \"ECDSA\") return \"P-256\";\n if (signatureAlgorithmName === \"RSASSA-PKCS1-v1_5\") return \"X25519\";\n }\n }\n })();\n const alg = (() => {\n switch (signatureAlgorithmName) {\n case \"ECDSA\":\n return { name: signatureAlgorithmName, hash, namedCurve };\n case \"RSASSA-PKCS1-v1_5\":\n return {\n name: signatureAlgorithmName,\n hash,\n publicExponent: new Uint8Array([1, 0, 1]),\n modulusLength: 2048,\n };\n }\n })();\n\n const keys = await crypto.subtle.generateKey(alg, true, [\"sign\", \"verify\"]);\n\n const cert = await x509.X509CertificateGenerator.createSelfSigned({\n serialNumber: nodeCrypto.randomBytes(8).toString(\"hex\"),\n name: \"C=AU, ST=Some-State, O=Internet Widgits Pty Ltd\",\n notBefore: new Date(),\n notAfter: addYears(Date.now(), 10),\n signingAlgorithm: alg,\n keys,\n });\n\n const certPem = cert.toString(\"pem\");\n const keyPem = x509.PemConverter.encode(\n await crypto.subtle.exportKey(\"pkcs8\", keys.privateKey as any),\n \"private key\"\n );\n\n return { certPem, keyPem, signatureHash };\n };\n\n encryptPacket(pkt: DtlsPlaintext) {\n const header = pkt.recordLayerHeader;\n const enc = this.cipher.encrypt(this.sessionType, pkt.fragment, {\n type: header.contentType,\n version: decode(\n Buffer.from(encode(header.protocolVersion, ProtocolVersion).slice()),\n { version: types.uint16be }\n ).version,\n epoch: header.epoch,\n sequenceNumber: header.sequenceNumber,\n });\n pkt.fragment = enc;\n pkt.recordLayerHeader.contentLen = enc.length;\n return pkt;\n }\n\n decryptPacket(pkt: DtlsPlaintext) {\n const header = pkt.recordLayerHeader;\n const dec = this.cipher.decrypt(this.sessionType, pkt.fragment, {\n type: header.contentType,\n version: decode(\n Buffer.from(encode(header.protocolVersion, ProtocolVersion).slice()),\n { version: types.uint16be }\n ).version,\n epoch: header.epoch,\n sequenceNumber: header.sequenceNumber,\n });\n return dec;\n }\n\n verifyData(buf: Buffer) {\n if (this.sessionType === SessionType.CLIENT)\n return prfVerifyDataClient(this.masterSecret, buf);\n else return prfVerifyDataServer(this.masterSecret, buf);\n }\n\n signatureData(data: Buffer, hash: string) {\n const signature = createSign(hash).update(data);\n const key = this.localPrivateKey.toPEM().toString();\n const signed = signature.sign(key);\n return signed;\n }\n\n generateKeySignature(hashAlgorithm: string) {\n const clientRandom =\n this.sessionType === SessionType.CLIENT\n ? this.localRandom\n : this.remoteRandom;\n const serverRandom =\n this.sessionType === SessionType.SERVER\n ? this.localRandom\n : this.remoteRandom;\n\n const sig = this.valueKeySignature(\n clientRandom.serialize(),\n serverRandom.serialize(),\n this.localKeyPair.publicKey,\n this.namedCurve\n );\n\n const enc = this.localPrivateKey.sign(sig, hashAlgorithm);\n return enc;\n }\n\n parseX509(certPem: string, keyPem: string, signatureHash: SignatureHash) {\n const cert = Certificate.fromPEM(Buffer.from(certPem));\n const sec = PrivateKey.fromPEM(Buffer.from(keyPem));\n this.localCert = cert.raw;\n this.localPrivateKey = sec;\n this.signatureHashAlgorithm = signatureHash;\n }\n\n private valueKeySignature(\n clientRandom: Buffer,\n serverRandom: Buffer,\n publicKey: Buffer,\n namedCurve: number\n ) {\n const serverParams = Buffer.from(\n encode(\n {\n type: CurveType.named_curve_3,\n curve: namedCurve,\n len: publicKey.length,\n },\n { type: types.uint8, curve: types.uint16be, len: types.uint8 }\n ).slice()\n );\n return Buffer.concat([clientRandom, serverRandom, serverParams, publicKey]);\n }\n}\n"]}
package/lib/dtls/src/flight/server/flight2.js CHANGED
@@ -22,6 +22,16 @@ const log = (0, debug_1.default)("werift-dtls : packages/dtls/flight/server/flig
22
22
  // HelloVerifyRequest do not retransmit
23
23
  const flight2 = (udp, dtls, cipher, srtp) => (clientHello) => {
24
24
  dtls.flight = 2;
25
+ // if flight 2 restarts due to packet loss, sequence numbers are reused from the top:
26
+ // https://datatracker.ietf.org/doc/html/rfc6347#section-4.2.2
27
+ // The first message each side transmits in each handshake always has
28
+ // message_seq = 0. Whenever each new message is generated, the
29
+ // message_seq value is incremented by one. Note that in the case of a
30
+ // rehandshake, this implies that the HelloRequest will have message_seq = 0
31
+ // and the ServerHello will have message_seq = 1. When a message is
32
+ // retransmitted, the same message_seq value is used.
33
+ dtls.recordSequenceNumber = 0;
34
+ dtls.sequenceNumber = 0;
25
35
  clientHello.extensions.forEach((extension) => {
26
36
  switch (extension.type) {
27
37
  case ellipticCurves_1.EllipticCurves.type:
package/lib/dtls/src/flight/server/flight2.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"flight2.js","sourceRoot":"","sources":["../../../../../../dtls/src/flight/server/flight2.ts"],"names":[],"mappings":";;;;;;AAAA,mCAAqC;AACrC,kDAA0B;AAE1B,8CAK4B;AAC5B,wDAA0D;AAG1D,6CAA0D;AAE1D,8EAA2E;AAC3E,0FAAuF;AACvF,gGAA6F;AAC7F,oEAAiE;AACjE,gEAA6D;AAE7D,0FAA6F;AAC7F,mDAAoD;AACpD,kDAAwE;AACxE,8CAAiD;AAEjD,MAAM,GAAG,GAAG,IAAA,eAAK,EAAC,4DAA4D,CAAC,CAAC;AAEhF,uCAAuC;AAEhC,MAAM,OAAO,GAClB,CACE,GAAqB,EACrB,IAAiB,EACjB,MAAqB,EACrB,IAAiB,EACjB,EAAE,CACJ,CAAC,WAAwB,EAAE,EAAE;IAC3B,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC;IAEhB,WAAW,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,SAAS,EAAE,EAAE;QAC3C,QAAQ,SAAS,CAAC,IAAI,EAAE;YACtB,KAAK,+BAAc,CAAC,IAAI;gBACtB;oBACE,MAAM,MAAM,GAAG,+BAAc,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC;oBAC5D,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE,QAAQ,EAAE,MAAM,CAAC,CAAC;oBACtC,MAAM,KAAK,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE,CAClC,+BAAuB,CAAC,QAAQ,CAAC,KAAY,CAAC,CACvB,CAAC;oBAC1B,MAAM,CAAC,UAAU,GAAG,KAAK,CAAC;oBAC1B,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE,gBAAgB,EAAE,MAAM,CAAC,UAAU,CAAC,CAAC;iBAC1D;gBACD,MAAM;YACR,KAAK,qBAAS,CAAC,IAAI;gBACjB;oBACE,IAAI,CAAC,MAAM,CAAC,sBAAsB;wBAChC,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;oBAE7C,MAAM,aAAa,GAAG,qBAAS,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC;oBAC9D,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE,gBAAgB,EAAE,aAAa,CAAC,CAAC;oBACrD,MAAM,SAAS,GAAG,aAAa,CAAC,IAAI,CAClC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,KAAK,MAAM,CAAC,sBAAsB,EAAE,SAAS,CAChE,EAAE,SAAS,CAAC;oBACb,MAAM,IAAI,GAAG,aAAa,CAAC,IAAI,CAC7B,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,MAAM,CAAC,sBAAsB,EAAE,IAAI,CACtD,EAAE,IAAI,CAAC;oBACR,IAAI,SAAS,IAAI,SAAS,IAAI,IAAI,IAAI,SAAS,EAAE;wBAC/C,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;qBAC1C;iBACF;gBACD,MAAM;YACR,KAAK,iBAAO,CAAC,IAAI;gBACf;oBACE,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,YAAY;wBAAE,OAAO;oBACxC,IAAI,IAAI,CAAC,OAAO,CAAC,YAAY,CAAC,MAAM,KAAK,CAAC;wBAAE,OAAO;oBAEnD,MAAM,OAAO,GAAG,iBAAO,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;oBACjD,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE,eAAe,EAAE,OAAO,CAAC,QAAQ,CAAC,CAAC;oBACvD,MAAM,OAAO,GAAG,kBAAW,CAAC,uBAAuB,CACjD,OAAO,CAAC,QAAqB,EAC7B,IAAI,CAAC,OAAO,EAAE,YAAY,CAC3B,CAAC;oBACF,IAAI,CAAC,OAAO,EAAE;wBACZ,MAAM,IAAI,KAAK,EAAE,CAAC;qBACnB;oBACD,IAAI,CAAC,WAAW,GAAG,OAAO,CAAC;oBAC3B,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE,uBAAuB,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC;iBAChE;gBACD,MAAM;YACR,KAAK,2CAAoB,CAAC,IAAI;gBAC5B;oBACE,IAAI,CAAC,0BAA0B,GAAG,IAAI,CAAC;iBACxC;gBACD,MAAM;YACR,KAAK,iDAAuB,CAAC,IAAI;gBAC/B;oBACE,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE,yBAAyB,EAAE,SAAS,CAAC,IAAI,CAAC,CAAC;iBAChE;gBACD,MAAM;SACT;IACH,CAAC,CAAC,CAAC;IAEH,MAAM,CAAC,WAAW,GAAG,IAAI,mBAAU,EAAE,CAAC;IACtC,MAAM,CAAC,YAAY,GAAG,mBAAU,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;IAE1D,MAAM,MAAM,GAAG,WAAW,CAAC,YAAY,CAAC;IACxC,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE,eAAe,EAAE,MAAM,CAAC,CAAC;IAC7C,MAAM,KAAK,GAAG,CAAC,GAAG,EAAE;QAClB,QAAQ,MAAM,CAAC,sBAAsB,EAAE,SAAS,EAAE;YAChD,KAAK,0BAAkB,CAAC,OAAO;gBAC7B,OAAO,mBAAW,CAAC,6CAA6C,CAAC;YACnE,KAAK,0BAAkB,CAAC,KAAK;gBAC3B,OAAO,mBAAW,CAAC,2CAA2C,CAAC;SAClE;IACH,CAAC,CAAC,EAAE,CAAC;IACL,IAAI,KAAK,KAAK,SAAS,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE;QAClD,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;KACzD;IACD,MAAM,CAAC,WAAW,GAAG,KAAK,CAAC;IAC3B,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE,sBAAsB,EAAE,MAAM,CAAC,WAAW,CAAC,CAAC;IAEhE,MAAM,CAAC,YAAY,GAAG,IAAA,4BAAe,EAAC,MAAM,CAAC,UAAU,CAAC,CAAC;IAEzD,IAAI,CAAC,MAAM,GAAG,IAAA,oBAAW,EAAC,EAAE,CAAC,CAAC;IAC9B,MAAM,cAAc,GAAG,IAAI,6CAAwB,CACjD;QACE,KAAK,EAAE,GAAG,GAAG,CAAC;QACd,KAAK,EAAE,GAAG,GAAG,CAAC;KACf,EACD,IAAI,CAAC,MAAM,CACZ,CAAC;IACF,MAAM,SAAS,GAAG,IAAA,yBAAe,EAAC,IAAI,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC;IAC1D,MAAM,OAAO,GAAG,IAAA,yBAAe,EAAC,IAAI,CAAC,CACnC,SAAS,CAAC,GAAG,CAAC,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;QAC3B,IAAI,EAAE,mBAAW,CAAC,SAAS;QAC3B,QAAQ,EAAE,QAAQ,CAAC,SAAS,EAAE;KAC/B,CAAC,CAAC,EACH,EAAE,IAAI,CAAC,oBAAoB,CAC5B,CAAC;IAEF,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,EAAE,CAAC,CAAC;IAC9C,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;AAClC,CAAC,CAAC;AAhHS,QAAA,OAAO,WAgHhB","sourcesContent":["import { randomBytes } from \"crypto\";\nimport debug from \"debug\";\n\nimport {\n CipherSuite,\n NamedCurveAlgorithmList,\n NamedCurveAlgorithms,\n SignatureAlgorithm,\n} from \"../../cipher/const\";\nimport { generateKeyPair } from \"../../cipher/namedCurve\";\nimport { CipherContext } from \"../../context/cipher\";\nimport { DtlsContext } from \"../../context/dtls\";\nimport { Profile, SrtpContext } from \"../../context/srtp\";\nimport { TransportContext } from \"../../context/transport\";\nimport { EllipticCurves } from \"../../handshake/extensions/ellipticCurves\";\nimport { ExtendedMasterSecret } from \"../../handshake/extensions/extendedMasterSecret\";\nimport { RenegotiationIndication } from \"../../handshake/extensions/renegotiationIndication\";\nimport { Signature } from \"../../handshake/extensions/signature\";\nimport { UseSRTP } from \"../../handshake/extensions/useSrtp\";\nimport { ClientHello } from \"../../handshake/message/client/hello\";\nimport { ServerHelloVerifyRequest } from \"../../handshake/message/server/helloVerifyRequest\";\nimport { DtlsRandom } from \"../../handshake/random\";\nimport { createFragments, createPlaintext } from \"../../record/builder\";\nimport { ContentType } from \"../../record/const\";\n\nconst log = debug(\"werift-dtls : packages/dtls/flight/server/flight2.ts : log\");\n\n// HelloVerifyRequest do not retransmit\n\nexport const flight2 =\n (\n udp: TransportContext,\n dtls: DtlsContext,\n cipher: CipherContext,\n srtp: SrtpContext\n ) =>\n (clientHello: ClientHello) => {\n dtls.flight = 2;\n\n clientHello.extensions.forEach((extension) => {\n switch (extension.type) {\n case EllipticCurves.type:\n {\n const curves = EllipticCurves.fromData(extension.data).data;\n log(dtls.sessionId, \"curves\", curves);\n const curve = curves.find((curve) =>\n NamedCurveAlgorithmList.includes(curve as any)\n ) as NamedCurveAlgorithms;\n cipher.namedCurve = curve;\n log(dtls.sessionId, \"curve selected\", cipher.namedCurve);\n }\n break;\n case Signature.type:\n {\n if (!cipher.signatureHashAlgorithm)\n throw new Error(\"need to set certificate\");\n\n const signatureHash = Signature.fromData(extension.data).data;\n log(dtls.sessionId, \"hash,signature\", signatureHash);\n const signature = signatureHash.find(\n (v) => v.signature === cipher.signatureHashAlgorithm?.signature\n )?.signature;\n const hash = signatureHash.find(\n (v) => v.hash === cipher.signatureHashAlgorithm?.hash\n )?.hash;\n if (signature == undefined || hash == undefined) {\n throw new Error(\"invalid signatureHash\");\n }\n }\n break;\n case UseSRTP.type:\n {\n if (!dtls.options?.srtpProfiles) return;\n if (dtls.options.srtpProfiles.length === 0) return;\n\n const useSrtp = UseSRTP.fromData(extension.data);\n log(dtls.sessionId, \"srtp profiles\", useSrtp.profiles);\n const profile = SrtpContext.findMatchingSRTPProfile(\n useSrtp.profiles as Profile[],\n dtls.options?.srtpProfiles\n );\n if (!profile) {\n throw new Error();\n }\n srtp.srtpProfile = profile;\n log(dtls.sessionId, \"srtp profile selected\", srtp.srtpProfile);\n }\n break;\n case ExtendedMasterSecret.type:\n {\n dtls.remoteExtendedMasterSecret = true;\n }\n break;\n case RenegotiationIndication.type:\n {\n log(dtls.sessionId, \"RenegotiationIndication\", extension.data);\n }\n break;\n }\n });\n\n cipher.localRandom = new DtlsRandom();\n cipher.remoteRandom = DtlsRandom.from(clientHello.random);\n\n const suites = clientHello.cipherSuites;\n log(dtls.sessionId, \"cipher suites\", suites);\n const suite = (() => {\n switch (cipher.signatureHashAlgorithm?.signature) {\n case SignatureAlgorithm.ecdsa_3:\n return CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256_49195;\n case SignatureAlgorithm.rsa_1:\n return CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256_49199;\n }\n })();\n if (suite === undefined || !suites.includes(suite)) {\n throw new Error(\"dtls cipher suite negotiation failed\");\n }\n cipher.cipherSuite = suite;\n log(dtls.sessionId, \"selected cipherSuite\", cipher.cipherSuite);\n\n cipher.localKeyPair = generateKeyPair(cipher.namedCurve);\n\n dtls.cookie = randomBytes(20);\n const helloVerifyReq = new ServerHelloVerifyRequest(\n {\n major: 255 - 1,\n minor: 255 - 2,\n },\n dtls.cookie\n );\n const fragments = createFragments(dtls)([helloVerifyReq]);\n const packets = createPlaintext(dtls)(\n fragments.map((fragment) => ({\n type: ContentType.handshake,\n fragment: fragment.serialize(),\n })),\n ++dtls.recordSequenceNumber\n );\n\n const buf = packets.map((v) => v.serialize());\n buf.forEach((v) => udp.send(v));\n };\n"]}
1
+ {"version":3,"file":"flight2.js","sourceRoot":"","sources":["../../../../../../dtls/src/flight/server/flight2.ts"],"names":[],"mappings":";;;;;;AAAA,mCAAqC;AACrC,kDAA0B;AAE1B,8CAK4B;AAC5B,wDAA0D;AAG1D,6CAA0D;AAE1D,8EAA2E;AAC3E,0FAAuF;AACvF,gGAA6F;AAC7F,oEAAiE;AACjE,gEAA6D;AAE7D,0FAA6F;AAC7F,mDAAoD;AACpD,kDAAwE;AACxE,8CAAiD;AAEjD,MAAM,GAAG,GAAG,IAAA,eAAK,EAAC,4DAA4D,CAAC,CAAC;AAEhF,uCAAuC;AAEhC,MAAM,OAAO,GAClB,CACE,GAAqB,EACrB,IAAiB,EACjB,MAAqB,EACrB,IAAiB,EACjB,EAAE,CACJ,CAAC,WAAwB,EAAE,EAAE;IAC3B,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC;IAEhB,qFAAqF;IACrF,8DAA8D;IAC9D,qEAAqE;IACrE,gEAAgE;IAChE,uEAAuE;IACvE,4EAA4E;IAC5E,oEAAoE;IACpE,qDAAqD;IACrD,IAAI,CAAC,oBAAoB,GAAG,CAAC,CAAC;IAC9B,IAAI,CAAC,cAAc,GAAG,CAAC,CAAC;IAExB,WAAW,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,SAAS,EAAE,EAAE;QAC3C,QAAQ,SAAS,CAAC,IAAI,EAAE;YACtB,KAAK,+BAAc,CAAC,IAAI;gBACtB;oBACE,MAAM,MAAM,GAAG,+BAAc,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC;oBAC5D,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE,QAAQ,EAAE,MAAM,CAAC,CAAC;oBACtC,MAAM,KAAK,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE,CAClC,+BAAuB,CAAC,QAAQ,CAAC,KAAY,CAAC,CACvB,CAAC;oBAC1B,MAAM,CAAC,UAAU,GAAG,KAAK,CAAC;oBAC1B,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE,gBAAgB,EAAE,MAAM,CAAC,UAAU,CAAC,CAAC;iBAC1D;gBACD,MAAM;YACR,KAAK,qBAAS,CAAC,IAAI;gBACjB;oBACE,IAAI,CAAC,MAAM,CAAC,sBAAsB;wBAChC,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;oBAE7C,MAAM,aAAa,GAAG,qBAAS,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC;oBAC9D,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE,gBAAgB,EAAE,aAAa,CAAC,CAAC;oBACrD,MAAM,SAAS,GAAG,aAAa,CAAC,IAAI,CAClC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,KAAK,MAAM,CAAC,sBAAsB,EAAE,SAAS,CAChE,EAAE,SAAS,CAAC;oBACb,MAAM,IAAI,GAAG,aAAa,CAAC,IAAI,CAC7B,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,MAAM,CAAC,sBAAsB,EAAE,IAAI,CACtD,EAAE,IAAI,CAAC;oBACR,IAAI,SAAS,IAAI,SAAS,IAAI,IAAI,IAAI,SAAS,EAAE;wBAC/C,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;qBAC1C;iBACF;gBACD,MAAM;YACR,KAAK,iBAAO,CAAC,IAAI;gBACf;oBACE,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,YAAY;wBAAE,OAAO;oBACxC,IAAI,IAAI,CAAC,OAAO,CAAC,YAAY,CAAC,MAAM,KAAK,CAAC;wBAAE,OAAO;oBAEnD,MAAM,OAAO,GAAG,iBAAO,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;oBACjD,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE,eAAe,EAAE,OAAO,CAAC,QAAQ,CAAC,CAAC;oBACvD,MAAM,OAAO,GAAG,kBAAW,CAAC,uBAAuB,CACjD,OAAO,CAAC,QAAqB,EAC7B,IAAI,CAAC,OAAO,EAAE,YAAY,CAC3B,CAAC;oBACF,IAAI,CAAC,OAAO,EAAE;wBACZ,MAAM,IAAI,KAAK,EAAE,CAAC;qBACnB;oBACD,IAAI,CAAC,WAAW,GAAG,OAAO,CAAC;oBAC3B,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE,uBAAuB,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC;iBAChE;gBACD,MAAM;YACR,KAAK,2CAAoB,CAAC,IAAI;gBAC5B;oBACE,IAAI,CAAC,0BAA0B,GAAG,IAAI,CAAC;iBACxC;gBACD,MAAM;YACR,KAAK,iDAAuB,CAAC,IAAI;gBAC/B;oBACE,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE,yBAAyB,EAAE,SAAS,CAAC,IAAI,CAAC,CAAC;iBAChE;gBACD,MAAM;SACT;IACH,CAAC,CAAC,CAAC;IAEH,MAAM,CAAC,WAAW,GAAG,IAAI,mBAAU,EAAE,CAAC;IACtC,MAAM,CAAC,YAAY,GAAG,mBAAU,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;IAE1D,MAAM,MAAM,GAAG,WAAW,CAAC,YAAY,CAAC;IACxC,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE,eAAe,EAAE,MAAM,CAAC,CAAC;IAC7C,MAAM,KAAK,GAAG,CAAC,GAAG,EAAE;QAClB,QAAQ,MAAM,CAAC,sBAAsB,EAAE,SAAS,EAAE;YAChD,KAAK,0BAAkB,CAAC,OAAO;gBAC7B,OAAO,mBAAW,CAAC,6CAA6C,CAAC;YACnE,KAAK,0BAAkB,CAAC,KAAK;gBAC3B,OAAO,mBAAW,CAAC,2CAA2C,CAAC;SAClE;IACH,CAAC,CAAC,EAAE,CAAC;IACL,IAAI,KAAK,KAAK,SAAS,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE;QAClD,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;KACzD;IACD,MAAM,CAAC,WAAW,GAAG,KAAK,CAAC;IAC3B,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE,sBAAsB,EAAE,MAAM,CAAC,WAAW,CAAC,CAAC;IAEhE,MAAM,CAAC,YAAY,GAAG,IAAA,4BAAe,EAAC,MAAM,CAAC,UAAU,CAAC,CAAC;IAEzD,IAAI,CAAC,MAAM,GAAG,IAAA,oBAAW,EAAC,EAAE,CAAC,CAAC;IAC9B,MAAM,cAAc,GAAG,IAAI,6CAAwB,CACjD;QACE,KAAK,EAAE,GAAG,GAAG,CAAC;QACd,KAAK,EAAE,GAAG,GAAG,CAAC;KACf,EACD,IAAI,CAAC,MAAM,CACZ,CAAC;IACF,MAAM,SAAS,GAAG,IAAA,yBAAe,EAAC,IAAI,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC;IAC1D,MAAM,OAAO,GAAG,IAAA,yBAAe,EAAC,IAAI,CAAC,CACnC,SAAS,CAAC,GAAG,CAAC,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;QAC3B,IAAI,EAAE,mBAAW,CAAC,SAAS;QAC3B,QAAQ,EAAE,QAAQ,CAAC,SAAS,EAAE;KAC/B,CAAC,CAAC,EACH,EAAE,IAAI,CAAC,oBAAoB,CAC5B,CAAC;IAEF,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,EAAE,CAAC,CAAC;IAC9C,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;AAClC,CAAC,CAAC;AA3HS,QAAA,OAAO,WA2HhB","sourcesContent":["import { randomBytes } from \"crypto\";\nimport debug from \"debug\";\n\nimport {\n CipherSuite,\n NamedCurveAlgorithmList,\n NamedCurveAlgorithms,\n SignatureAlgorithm,\n} from \"../../cipher/const\";\nimport { generateKeyPair } from \"../../cipher/namedCurve\";\nimport { CipherContext } from \"../../context/cipher\";\nimport { DtlsContext } from \"../../context/dtls\";\nimport { Profile, SrtpContext } from \"../../context/srtp\";\nimport { TransportContext } from \"../../context/transport\";\nimport { EllipticCurves } from \"../../handshake/extensions/ellipticCurves\";\nimport { ExtendedMasterSecret } from \"../../handshake/extensions/extendedMasterSecret\";\nimport { RenegotiationIndication } from \"../../handshake/extensions/renegotiationIndication\";\nimport { Signature } from \"../../handshake/extensions/signature\";\nimport { UseSRTP } from \"../../handshake/extensions/useSrtp\";\nimport { ClientHello } from \"../../handshake/message/client/hello\";\nimport { ServerHelloVerifyRequest } from \"../../handshake/message/server/helloVerifyRequest\";\nimport { DtlsRandom } from \"../../handshake/random\";\nimport { createFragments, createPlaintext } from \"../../record/builder\";\nimport { ContentType } from \"../../record/const\";\n\nconst log = debug(\"werift-dtls : packages/dtls/flight/server/flight2.ts : log\");\n\n// HelloVerifyRequest do not retransmit\n\nexport const flight2 =\n (\n udp: TransportContext,\n dtls: DtlsContext,\n cipher: CipherContext,\n srtp: SrtpContext\n ) =>\n (clientHello: ClientHello) => {\n dtls.flight = 2;\n\n // if flight 2 restarts due to packet loss, sequence numbers are reused from the top:\n // https://datatracker.ietf.org/doc/html/rfc6347#section-4.2.2\n // The first message each side transmits in each handshake always has\n // message_seq = 0. Whenever each new message is generated, the\n // message_seq value is incremented by one. Note that in the case of a\n // rehandshake, this implies that the HelloRequest will have message_seq = 0\n // and the ServerHello will have message_seq = 1. When a message is\n // retransmitted, the same message_seq value is used.\n dtls.recordSequenceNumber = 0;\n dtls.sequenceNumber = 0;\n\n clientHello.extensions.forEach((extension) => {\n switch (extension.type) {\n case EllipticCurves.type:\n {\n const curves = EllipticCurves.fromData(extension.data).data;\n log(dtls.sessionId, \"curves\", curves);\n const curve = curves.find((curve) =>\n NamedCurveAlgorithmList.includes(curve as any)\n ) as NamedCurveAlgorithms;\n cipher.namedCurve = curve;\n log(dtls.sessionId, \"curve selected\", cipher.namedCurve);\n }\n break;\n case Signature.type:\n {\n if (!cipher.signatureHashAlgorithm)\n throw new Error(\"need to set certificate\");\n\n const signatureHash = Signature.fromData(extension.data).data;\n log(dtls.sessionId, \"hash,signature\", signatureHash);\n const signature = signatureHash.find(\n (v) => v.signature === cipher.signatureHashAlgorithm?.signature\n )?.signature;\n const hash = signatureHash.find(\n (v) => v.hash === cipher.signatureHashAlgorithm?.hash\n )?.hash;\n if (signature == undefined || hash == undefined) {\n throw new Error(\"invalid signatureHash\");\n }\n }\n break;\n case UseSRTP.type:\n {\n if (!dtls.options?.srtpProfiles) return;\n if (dtls.options.srtpProfiles.length === 0) return;\n\n const useSrtp = UseSRTP.fromData(extension.data);\n log(dtls.sessionId, \"srtp profiles\", useSrtp.profiles);\n const profile = SrtpContext.findMatchingSRTPProfile(\n useSrtp.profiles as Profile[],\n dtls.options?.srtpProfiles\n );\n if (!profile) {\n throw new Error();\n }\n srtp.srtpProfile = profile;\n log(dtls.sessionId, \"srtp profile selected\", srtp.srtpProfile);\n }\n break;\n case ExtendedMasterSecret.type:\n {\n dtls.remoteExtendedMasterSecret = true;\n }\n break;\n case RenegotiationIndication.type:\n {\n log(dtls.sessionId, \"RenegotiationIndication\", extension.data);\n }\n break;\n }\n });\n\n cipher.localRandom = new DtlsRandom();\n cipher.remoteRandom = DtlsRandom.from(clientHello.random);\n\n const suites = clientHello.cipherSuites;\n log(dtls.sessionId, \"cipher suites\", suites);\n const suite = (() => {\n switch (cipher.signatureHashAlgorithm?.signature) {\n case SignatureAlgorithm.ecdsa_3:\n return CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256_49195;\n case SignatureAlgorithm.rsa_1:\n return CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256_49199;\n }\n })();\n if (suite === undefined || !suites.includes(suite)) {\n throw new Error(\"dtls cipher suite negotiation failed\");\n }\n cipher.cipherSuite = suite;\n log(dtls.sessionId, \"selected cipherSuite\", cipher.cipherSuite);\n\n cipher.localKeyPair = generateKeyPair(cipher.namedCurve);\n\n dtls.cookie = randomBytes(20);\n const helloVerifyReq = new ServerHelloVerifyRequest(\n {\n major: 255 - 1,\n minor: 255 - 2,\n },\n dtls.cookie\n );\n const fragments = createFragments(dtls)([helloVerifyReq]);\n const packets = createPlaintext(dtls)(\n fragments.map((fragment) => ({\n type: ContentType.handshake,\n fragment: fragment.serialize(),\n })),\n ++dtls.recordSequenceNumber\n );\n\n const buf = packets.map((v) => v.serialize());\n buf.forEach((v) => udp.send(v));\n };\n"]}
package/lib/ice/src/ice.d.ts CHANGED
@@ -1,6 +1,7 @@
1
1
  /// <reference types="node" />
2
2
  import PCancelable from "p-cancelable";
3
3
  import { Event } from "rx.mini";
4
+ import { InterfaceAddresses } from "../../common/src/network";
4
5
  import { Candidate } from "./candidate";
5
6
  import { DnsLookup } from "./dns/lookup";
6
7
  import { Future } from "./helper";
@@ -101,6 +102,8 @@ export interface IceOptions {
101
102
  useIpv4: boolean;
102
103
  useIpv6: boolean;
103
104
  portRange?: [number, number];
105
+ interfaceAddresses?: InterfaceAddresses;
106
+ filterStunResponse?: (message: Message, addr: Address, protocol: Protocol) => boolean;
104
107
  }
105
108
  export declare function validateRemoteCandidate(candidate: Candidate): Candidate;
106
109
  export declare function sortCandidatePairs(pairs: CandidatePair[], iceControlling: boolean): void;
package/lib/ice/src/ice.js CHANGED
@@ -239,7 +239,7 @@ class Connection {
239
239
  for (const address of addresses) {
240
240
  // # create transport
241
241
  const protocol = new protocol_1.StunProtocol(this);
242
- await protocol.connectionMade((0, net_1.isIPv4)(address), this.options.portRange);
242
+ await protocol.connectionMade((0, net_1.isIPv4)(address), this.options.portRange, this.options.interfaceAddresses);
243
243
  protocol.localAddress = address;
244
244
  this.protocols.push(protocol);
245
245
  // # add host candidate
@@ -278,7 +278,10 @@ class Connection {
278
278
  if (this.turnServer &&
279
279
  this.options.turnUsername &&
280
280
  this.options.turnPassword) {
281
- const protocol = await (0, protocol_2.createTurnEndpoint)(this.turnServer, this.options.turnUsername, this.options.turnPassword, { portRange: this.options.portRange });
281
+ const protocol = await (0, protocol_2.createTurnEndpoint)(this.turnServer, this.options.turnUsername, this.options.turnPassword, {
282
+ portRange: this.options.portRange,
283
+ interfaceAddresses: this.options.interfaceAddresses,
284
+ });
282
285
  this.protocols.push(protocol);
283
286
  const candidateAddress = protocol.turn.relayedAddress;
284
287
  const relatedAddress = protocol.turn.mappedAddress;
@@ -522,6 +525,10 @@ class Connection {
522
525
  return;
523
526
  }
524
527
  }
528
+ if (this.options.filterStunResponse &&
529
+ !this.options.filterStunResponse(message, addr, protocol)) {
530
+ return;
531
+ }
525
532
  // # send binding response
526
533
  const response = new message_1.Message(const_1.methods.BINDING, const_1.classes.RESPONSE, message.transactionId);
527
534
  response