werift 0.17.6 → 0.18.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/common/src/binary.d.ts +1 -0
- package/lib/common/src/binary.js +74 -21
- package/lib/common/src/binary.js.map +1 -1
- package/lib/common/src/log.js +18 -0
- package/lib/common/src/log.js.map +1 -1
- package/lib/common/src/network.d.ts +1 -1
- package/lib/common/src/network.js +1 -0
- package/lib/common/src/network.js.map +1 -1
- package/lib/common/src/promise.js +22 -7
- package/lib/common/src/promise.js.map +1 -1
- package/lib/common/src/type.d.ts +1 -1
- package/lib/dtls/src/cipher/const.d.ts +7 -7
- package/lib/dtls/src/cipher/key-exchange.js +24 -1
- package/lib/dtls/src/cipher/key-exchange.js.map +1 -1
- package/lib/dtls/src/cipher/suites/abstract.d.ts +2 -2
- package/lib/dtls/src/cipher/suites/abstract.js +36 -2
- package/lib/dtls/src/cipher/suites/abstract.js.map +1 -1
- package/lib/dtls/src/cipher/suites/aead.js +60 -6
- package/lib/dtls/src/cipher/suites/aead.js.map +1 -1
- package/lib/dtls/src/client.js +62 -51
- package/lib/dtls/src/client.js.map +1 -1
- package/lib/dtls/src/context/cipher.js +151 -59
- package/lib/dtls/src/context/cipher.js.map +1 -1
- package/lib/dtls/src/context/dtls.js +90 -14
- package/lib/dtls/src/context/dtls.js.map +1 -1
- package/lib/dtls/src/context/srtp.d.ts +1 -1
- package/lib/dtls/src/context/srtp.js +8 -0
- package/lib/dtls/src/context/srtp.js.map +1 -1
- package/lib/dtls/src/context/transport.js +14 -2
- package/lib/dtls/src/context/transport.js.map +1 -1
- package/lib/dtls/src/flight/client/flight1.js +6 -1
- package/lib/dtls/src/flight/client/flight1.js.map +1 -1
- package/lib/dtls/src/flight/client/flight5.js +12 -2
- package/lib/dtls/src/flight/client/flight5.js.map +1 -1
- package/lib/dtls/src/flight/flight.d.ts +1 -1
- package/lib/dtls/src/flight/flight.js +42 -7
- package/lib/dtls/src/flight/flight.js.map +1 -1
- package/lib/dtls/src/flight/server/flight2.js +4 -2
- package/lib/dtls/src/flight/server/flight2.js.map +1 -1
- package/lib/dtls/src/flight/server/flight4.js +12 -2
- package/lib/dtls/src/flight/server/flight4.js.map +1 -1
- package/lib/dtls/src/flight/server/flight6.js +6 -1
- package/lib/dtls/src/flight/server/flight6.js.map +1 -1
- package/lib/dtls/src/handshake/extensions/ellipticCurves.js +27 -7
- package/lib/dtls/src/handshake/extensions/ellipticCurves.js.map +1 -1
- package/lib/dtls/src/handshake/extensions/extendedMasterSecret.js +6 -1
- package/lib/dtls/src/handshake/extensions/extendedMasterSecret.js.map +1 -1
- package/lib/dtls/src/handshake/extensions/renegotiationIndication.js +27 -7
- package/lib/dtls/src/handshake/extensions/renegotiationIndication.js.map +1 -1
- package/lib/dtls/src/handshake/extensions/signature.js +27 -7
- package/lib/dtls/src/handshake/extensions/signature.js.map +1 -1
- package/lib/dtls/src/handshake/extensions/useSrtp.js +39 -9
- package/lib/dtls/src/handshake/extensions/useSrtp.js.map +1 -1
- package/lib/dtls/src/handshake/message/alert.js +21 -6
- package/lib/dtls/src/handshake/message/alert.js.map +1 -1
- package/lib/dtls/src/handshake/message/certificate.js +26 -5
- package/lib/dtls/src/handshake/message/certificate.js.map +1 -1
- package/lib/dtls/src/handshake/message/changeCipherSpec.js +14 -4
- package/lib/dtls/src/handshake/message/changeCipherSpec.js.map +1 -1
- package/lib/dtls/src/handshake/message/client/certificateVerify.js +33 -7
- package/lib/dtls/src/handshake/message/client/certificateVerify.js.map +1 -1
- package/lib/dtls/src/handshake/message/client/hello.js +68 -18
- package/lib/dtls/src/handshake/message/client/hello.js.map +1 -1
- package/lib/dtls/src/handshake/message/client/keyExchange.js +26 -5
- package/lib/dtls/src/handshake/message/client/keyExchange.js.map +1 -1
- package/lib/dtls/src/handshake/message/finished.js +18 -2
- package/lib/dtls/src/handshake/message/finished.js.map +1 -1
- package/lib/dtls/src/handshake/message/server/certificateRequest.js +40 -9
- package/lib/dtls/src/handshake/message/server/certificateRequest.js.map +1 -1
- package/lib/dtls/src/handshake/message/server/hello.js +60 -14
- package/lib/dtls/src/handshake/message/server/hello.js.map +1 -1
- package/lib/dtls/src/handshake/message/server/helloDone.js +18 -2
- package/lib/dtls/src/handshake/message/server/helloDone.js.map +1 -1
- package/lib/dtls/src/handshake/message/server/helloVerifyRequest.js +33 -7
- package/lib/dtls/src/handshake/message/server/helloVerifyRequest.js.map +1 -1
- package/lib/dtls/src/handshake/message/server/keyExchange.js +75 -19
- package/lib/dtls/src/handshake/message/server/keyExchange.js.map +1 -1
- package/lib/dtls/src/handshake/random.js +21 -6
- package/lib/dtls/src/handshake/random.js.map +1 -1
- package/lib/dtls/src/record/builder.d.ts +1 -1
- package/lib/dtls/src/record/message/fragment.js +49 -14
- package/lib/dtls/src/record/message/fragment.js.map +1 -1
- package/lib/dtls/src/record/message/header.js +84 -24
- package/lib/dtls/src/record/message/header.js.map +1 -1
- package/lib/dtls/src/record/message/plaintext.js +21 -6
- package/lib/dtls/src/record/message/plaintext.js.map +1 -1
- package/lib/dtls/src/server.js +59 -42
- package/lib/dtls/src/server.js.map +1 -1
- package/lib/dtls/src/socket.js +153 -64
- package/lib/dtls/src/socket.js.map +1 -1
- package/lib/dtls/src/transport.js +38 -11
- package/lib/dtls/src/transport.js.map +1 -1
- package/lib/dtls/src/typings/domain.d.ts +4 -4
- package/lib/ice/src/candidate.js +66 -11
- package/lib/ice/src/candidate.js.map +1 -1
- package/lib/ice/src/dns/lookup.js +12 -1
- package/lib/ice/src/dns/lookup.js.map +1 -1
- package/lib/ice/src/exceptions.js +27 -2
- package/lib/ice/src/exceptions.js.map +1 -1
- package/lib/ice/src/helper.d.ts +1 -1
- package/lib/ice/src/helper.js +12 -2
- package/lib/ice/src/helper.js.map +1 -1
- package/lib/ice/src/ice.d.ts +9 -3
- package/lib/ice/src/ice.js +407 -155
- package/lib/ice/src/ice.js.map +1 -1
- package/lib/ice/src/stun/attributes.d.ts +3 -3
- package/lib/ice/src/stun/attributes.js +6 -1
- package/lib/ice/src/stun/attributes.js.map +1 -1
- package/lib/ice/src/stun/message.d.ts +4 -0
- package/lib/ice/src/stun/message.js +24 -3
- package/lib/ice/src/stun/message.js.map +1 -1
- package/lib/ice/src/stun/protocol.js +64 -15
- package/lib/ice/src/stun/protocol.js.map +1 -1
- package/lib/ice/src/stun/transaction.js +99 -36
- package/lib/ice/src/stun/transaction.js.map +1 -1
- package/lib/ice/src/transport.js +57 -21
- package/lib/ice/src/transport.js.map +1 -1
- package/lib/ice/src/turn/protocol.js +176 -40
- package/lib/ice/src/turn/protocol.js.map +1 -1
- package/lib/ice/src/types/model.d.ts +1 -1
- package/lib/rtp/src/codec/av1.d.ts +1 -1
- package/lib/rtp/src/codec/av1.js +118 -30
- package/lib/rtp/src/codec/av1.js.map +1 -1
- package/lib/rtp/src/codec/base.js +8 -0
- package/lib/rtp/src/codec/base.js.map +1 -1
- package/lib/rtp/src/codec/h264.js +55 -0
- package/lib/rtp/src/codec/h264.js.map +1 -1
- package/lib/rtp/src/codec/index.d.ts +2 -0
- package/lib/rtp/src/codec/index.js +12 -2
- package/lib/rtp/src/codec/index.js.map +1 -1
- package/lib/rtp/src/codec/opus.js +8 -0
- package/lib/rtp/src/codec/opus.js.map +1 -1
- package/lib/rtp/src/codec/vp8.js +102 -3
- package/lib/rtp/src/codec/vp8.js.map +1 -1
- package/lib/rtp/src/codec/vp9.js +164 -7
- package/lib/rtp/src/codec/vp9.js.map +1 -1
- package/lib/rtp/src/container/ebml/ebml.js +30 -3
- package/lib/rtp/src/container/ebml/ebml.js.map +1 -1
- package/lib/rtp/src/container/webm.d.ts +1 -1
- package/lib/rtp/src/container/webm.js +44 -13
- package/lib/rtp/src/container/webm.js.map +1 -1
- package/lib/rtp/src/processor/depacketizer.d.ts +16 -8
- package/lib/rtp/src/processor/depacketizer.js +59 -22
- package/lib/rtp/src/processor/depacketizer.js.map +1 -1
- package/lib/rtp/src/processor/depacketizerCallback.js +24 -8
- package/lib/rtp/src/processor/depacketizerCallback.js.map +1 -1
- package/lib/rtp/src/processor/depacketizerTransformer.d.ts +2 -2
- package/lib/rtp/src/processor/depacketizerTransformer.js +6 -0
- package/lib/rtp/src/processor/depacketizerTransformer.js.map +1 -1
- package/lib/rtp/src/processor/index.d.ts +4 -2
- package/lib/rtp/src/processor/index.js +4 -2
- package/lib/rtp/src/processor/index.js.map +1 -1
- package/lib/rtp/src/processor/interface.d.ts +4 -0
- package/lib/rtp/src/processor/interface.js.map +1 -1
- package/lib/rtp/src/processor/jitterBuffer.d.ts +2 -1
- package/lib/rtp/src/processor/jitterBuffer.js +40 -8
- package/lib/rtp/src/processor/jitterBuffer.js.map +1 -1
- package/lib/rtp/src/processor/jitterBufferCallback.js +30 -9
- package/lib/rtp/src/processor/jitterBufferCallback.js.map +1 -1
- package/lib/rtp/src/processor/jitterBufferTransformer.js +12 -1
- package/lib/rtp/src/processor/jitterBufferTransformer.js.map +1 -1
- package/lib/rtp/src/processor/lipsync.d.ts +42 -0
- package/lib/rtp/src/processor/lipsync.js +178 -0
- package/lib/rtp/src/processor/lipsync.js.map +1 -0
- package/lib/rtp/src/processor/lipsyncCallback.d.ts +10 -0
- package/lib/rtp/src/processor/lipsyncCallback.js +59 -0
- package/lib/rtp/src/processor/lipsyncCallback.js.map +1 -0
- package/lib/rtp/src/processor/ntpTime.d.ts +24 -0
- package/lib/rtp/src/processor/ntpTime.js +91 -0
- package/lib/rtp/src/processor/ntpTime.js.map +1 -0
- package/lib/rtp/src/processor/ntpTimeCallback.d.ts +7 -0
- package/lib/rtp/src/processor/ntpTimeCallback.js +36 -0
- package/lib/rtp/src/processor/ntpTimeCallback.js.map +1 -0
- package/lib/rtp/src/processor/source/index.d.ts +1 -0
- package/lib/rtp/src/processor/source/index.js +1 -0
- package/lib/rtp/src/processor/source/index.js.map +1 -1
- package/lib/rtp/src/processor/source/rtcpCallback.d.ts +12 -0
- package/lib/rtp/src/processor/source/rtcpCallback.js +33 -0
- package/lib/rtp/src/processor/source/rtcpCallback.js.map +1 -0
- package/lib/rtp/src/processor/source/rtpCallback.js +28 -12
- package/lib/rtp/src/processor/source/rtpCallback.js.map +1 -1
- package/lib/rtp/src/processor/source/rtpStream.js +38 -10
- package/lib/rtp/src/processor/source/rtpStream.js.map +1 -1
- package/lib/rtp/src/processor/webm.d.ts +11 -4
- package/lib/rtp/src/processor/webm.js +169 -46
- package/lib/rtp/src/processor/webm.js.map +1 -1
- package/lib/rtp/src/processor/webmCallback.d.ts +5 -3
- package/lib/rtp/src/processor/webmCallback.js +52 -8
- package/lib/rtp/src/processor/webmCallback.js.map +1 -1
- package/lib/rtp/src/processor/webmStream.d.ts +2 -2
- package/lib/rtp/src/processor/webmStream.js +24 -0
- package/lib/rtp/src/processor/webmStream.js.map +1 -1
- package/lib/rtp/src/processor_old/base.d.ts +18 -0
- package/lib/rtp/src/processor_old/base.js +51 -0
- package/lib/rtp/src/processor_old/base.js.map +1 -0
- package/lib/rtp/src/processor_old/lipsync.d.ts +30 -0
- package/lib/rtp/src/processor_old/lipsync.js +119 -0
- package/lib/rtp/src/processor_old/lipsync.js.map +1 -0
- package/lib/rtp/src/rtcp/header.js +30 -5
- package/lib/rtp/src/rtcp/header.js.map +1 -1
- package/lib/rtp/src/rtcp/psfb/fullIntraRequest.d.ts +1 -1
- package/lib/rtp/src/rtcp/psfb/fullIntraRequest.js +30 -3
- package/lib/rtp/src/rtcp/psfb/fullIntraRequest.js.map +1 -1
- package/lib/rtp/src/rtcp/psfb/index.d.ts +1 -1
- package/lib/rtp/src/rtcp/psfb/index.js +18 -2
- package/lib/rtp/src/rtcp/psfb/index.js.map +1 -1
- package/lib/rtp/src/rtcp/psfb/pictureLossIndication.js +30 -3
- package/lib/rtp/src/rtcp/psfb/pictureLossIndication.js.map +1 -1
- package/lib/rtp/src/rtcp/psfb/remb.js +66 -5
- package/lib/rtp/src/rtcp/psfb/remb.js.map +1 -1
- package/lib/rtp/src/rtcp/rr.js +68 -4
- package/lib/rtp/src/rtcp/rr.js.map +1 -1
- package/lib/rtp/src/rtcp/rtcp.d.ts +1 -1
- package/lib/rtp/src/rtcp/rtpfb/index.d.ts +1 -1
- package/lib/rtp/src/rtcp/rtpfb/index.js +24 -2
- package/lib/rtp/src/rtcp/rtpfb/index.js.map +1 -1
- package/lib/rtp/src/rtcp/rtpfb/nack.d.ts +5 -0
- package/lib/rtp/src/rtcp/rtpfb/nack.js +43 -3
- package/lib/rtp/src/rtcp/rtpfb/nack.js.map +1 -1
- package/lib/rtp/src/rtcp/rtpfb/twcc.js +154 -11
- package/lib/rtp/src/rtcp/rtpfb/twcc.js.map +1 -1
- package/lib/rtp/src/rtcp/sdes.js +42 -4
- package/lib/rtp/src/rtcp/sdes.js.map +1 -1
- package/lib/rtp/src/rtcp/sr.js +56 -5
- package/lib/rtp/src/rtcp/sr.js.map +1 -1
- package/lib/rtp/src/rtp/red/encoder.js +18 -3
- package/lib/rtp/src/rtp/red/encoder.js.map +1 -1
- package/lib/rtp/src/rtp/red/handler.js +12 -2
- package/lib/rtp/src/rtp/red/handler.js.map +1 -1
- package/lib/rtp/src/rtp/red/packet.js +18 -2
- package/lib/rtp/src/rtp/red/packet.js.map +1 -1
- package/lib/rtp/src/rtp/rtp.d.ts +3 -3
- package/lib/rtp/src/rtp/rtp.js +104 -17
- package/lib/rtp/src/rtp/rtp.js.map +1 -1
- package/lib/rtp/src/srtp/cipher/ctr.js +26 -10
- package/lib/rtp/src/srtp/cipher/ctr.js.map +1 -1
- package/lib/rtp/src/srtp/cipher/gcm.d.ts +3 -0
- package/lib/rtp/src/srtp/cipher/gcm.js +40 -20
- package/lib/rtp/src/srtp/cipher/gcm.js.map +1 -1
- package/lib/rtp/src/srtp/cipher/index.js +24 -4
- package/lib/rtp/src/srtp/cipher/index.js.map +1 -1
- package/lib/rtp/src/srtp/const.d.ts +1 -1
- package/lib/rtp/src/srtp/context/context.d.ts +1 -1
- package/lib/rtp/src/srtp/context/context.js +84 -5
- package/lib/rtp/src/srtp/context/context.js.map +1 -1
- package/lib/rtp/src/srtp/session.d.ts +2 -2
- package/lib/rtp/src/srtp/session.js +24 -1
- package/lib/rtp/src/srtp/session.js.map +1 -1
- package/lib/rtp/src/srtp/srtcp.js +15 -5
- package/lib/rtp/src/srtp/srtcp.js.map +1 -1
- package/lib/rtp/src/srtp/srtp.js +15 -5
- package/lib/rtp/src/srtp/srtp.js.map +1 -1
- package/lib/sctp/src/chunk.js +349 -69
- package/lib/sctp/src/chunk.js.map +1 -1
- package/lib/sctp/src/helper.d.ts +1 -1
- package/lib/sctp/src/param.d.ts +3 -3
- package/lib/sctp/src/param.js +66 -11
- package/lib/sctp/src/param.js.map +1 -1
- package/lib/sctp/src/sctp.d.ts +1 -1
- package/lib/sctp/src/sctp.js +479 -138
- package/lib/sctp/src/sctp.js.map +1 -1
- package/lib/sctp/src/transport.js +31 -10
- package/lib/sctp/src/transport.js.map +1 -1
- package/lib/webrtc/src/dataChannel.d.ts +1 -1
- package/lib/webrtc/src/dataChannel.js +145 -15
- package/lib/webrtc/src/dataChannel.js.map +1 -1
- package/lib/webrtc/src/helper.js +37 -12
- package/lib/webrtc/src/helper.js.map +1 -1
- package/lib/webrtc/src/media/parameters.d.ts +1 -1
- package/lib/webrtc/src/media/parameters.js +124 -3
- package/lib/webrtc/src/media/parameters.js.map +1 -1
- package/lib/webrtc/src/media/receiver/nack.d.ts +4 -4
- package/lib/webrtc/src/media/receiver/nack.js +85 -33
- package/lib/webrtc/src/media/receiver/nack.js.map +1 -1
- package/lib/webrtc/src/media/receiver/receiverTwcc.d.ts +1 -1
- package/lib/webrtc/src/media/receiver/receiverTwcc.js +42 -6
- package/lib/webrtc/src/media/receiver/receiverTwcc.js.map +1 -1
- package/lib/webrtc/src/media/receiver/statistics.js +61 -5
- package/lib/webrtc/src/media/receiver/statistics.js.map +1 -1
- package/lib/webrtc/src/media/router.d.ts +1 -1
- package/lib/webrtc/src/media/router.js +108 -83
- package/lib/webrtc/src/media/router.js.map +1 -1
- package/lib/webrtc/src/media/rtpReceiver.js +188 -33
- package/lib/webrtc/src/media/rtpReceiver.js.map +1 -1
- package/lib/webrtc/src/media/rtpSender.js +279 -42
- package/lib/webrtc/src/media/rtpSender.js.map +1 -1
- package/lib/webrtc/src/media/rtpTransceiver.d.ts +2 -2
- package/lib/webrtc/src/media/rtpTransceiver.js +102 -18
- package/lib/webrtc/src/media/rtpTransceiver.js.map +1 -1
- package/lib/webrtc/src/media/sender/cumulativeResult.js +36 -6
- package/lib/webrtc/src/media/sender/cumulativeResult.js.map +1 -1
- package/lib/webrtc/src/media/sender/senderBWE.js +57 -12
- package/lib/webrtc/src/media/sender/senderBWE.js.map +1 -1
- package/lib/webrtc/src/media/track.js +135 -24
- package/lib/webrtc/src/media/track.js.map +1 -1
- package/lib/webrtc/src/nonstandard/recorder/index.d.ts +7 -4
- package/lib/webrtc/src/nonstandard/recorder/index.js +50 -6
- package/lib/webrtc/src/nonstandard/recorder/index.js.map +1 -1
- package/lib/webrtc/src/nonstandard/recorder/writer/index.js +12 -2
- package/lib/webrtc/src/nonstandard/recorder/writer/index.js.map +1 -1
- package/lib/webrtc/src/nonstandard/recorder/writer/webm.d.ts +2 -2
- package/lib/webrtc/src/nonstandard/recorder/writer/webm.js +39 -35
- package/lib/webrtc/src/nonstandard/recorder/writer/webm.js.map +1 -1
- package/lib/webrtc/src/nonstandard/userMedia.js +158 -56
- package/lib/webrtc/src/nonstandard/userMedia.js.map +1 -1
- package/lib/webrtc/src/peerConnection.d.ts +2 -2
- package/lib/webrtc/src/peerConnection.js +260 -58
- package/lib/webrtc/src/peerConnection.js.map +1 -1
- package/lib/webrtc/src/sdp.js +287 -24
- package/lib/webrtc/src/sdp.js.map +1 -1
- package/lib/webrtc/src/transport/dtls.d.ts +3 -3
- package/lib/webrtc/src/transport/dtls.js +185 -30
- package/lib/webrtc/src/transport/dtls.js.map +1 -1
- package/lib/webrtc/src/transport/ice.d.ts +2 -2
- package/lib/webrtc/src/transport/ice.js +193 -25
- package/lib/webrtc/src/transport/ice.js.map +1 -1
- package/lib/webrtc/src/transport/sctp.js +193 -101
- package/lib/webrtc/src/transport/sctp.js.map +1 -1
- package/lib/webrtc/src/types/domain.d.ts +3 -3
- package/lib/webrtc/src/types/util.d.ts +2 -2
- package/lib/webrtc/src/utils.js +12 -2
- package/lib/webrtc/src/utils.js.map +1 -1
- package/package.json +15 -15
- package/src/dataChannel.ts +3 -1
- package/src/media/receiver/nack.ts +23 -19
- package/src/media/rtpReceiver.ts +5 -0
- package/src/media/rtpSender.ts +22 -19
- package/src/nonstandard/recorder/index.ts +12 -4
- package/src/nonstandard/recorder/writer/webm.ts +42 -50
- package/src/transport/dtls.ts +7 -3
- package/src/transport/ice.ts +6 -3
- package/src/transport/sctp.ts +3 -1
- package/lib/rtp/src/processor/avBuffer.d.ts +0 -36
- package/lib/rtp/src/processor/avBuffer.js +0 -107
- package/lib/rtp/src/processor/avBuffer.js.map +0 -1
- package/lib/rtp/src/processor/avBufferCallback.d.ts +0 -10
- package/lib/rtp/src/processor/avBufferCallback.js +0 -27
- package/lib/rtp/src/processor/avBufferCallback.js.map +0 -1
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"aead.js","sourceRoot":"","sources":["../../../../../../dtls/src/cipher/suites/aead.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,+CAAiC;AACjC,kDAA0B;AAE1B,yCAA4D;AAC5D,gCAA2C;AAC3C,uDAA6E;AAC7E,MAAM,EACJ,YAAY,EACZ,MAAM,EACN,KAAK,EAAE,EAAE,KAAK,EAAE,QAAQ,EAAE,QAAQ,EAAE,GACrC,GAAG,OAAO,CAAC,aAAa,CAAC,CAAC;AAE3B,MAAM,WAAW,GAAG,KAAK,CAAC;AAC1B,MAAM,eAAe,GAAG,QAAQ,CAAC;AAEjC,MAAM,kBAAkB,GAAG;IACzB,KAAK,EAAE,QAAQ;IACf,QAAQ,EAAE,QAAQ;IAClB,IAAI,EAAE,WAAW;IACjB,OAAO,EAAE,eAAe;IACxB,MAAM,EAAE,QAAQ;CACjB,CAAC;AAEF,MAAM,GAAG,GAAG,IAAA,eAAK,EACf,6DAA6D,CAC9D,CAAC;AAEF;;GAEG;AACH,MAAqB,UAAW,SAAQ,kBAAM;IAe5C;QACE,KAAK,EAAE,CAAC;QAfV,
|
|
1
|
+
{"version":3,"file":"aead.js","sourceRoot":"","sources":["../../../../../../dtls/src/cipher/suites/aead.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,+CAAiC;AACjC,kDAA0B;AAE1B,yCAA4D;AAC5D,gCAA2C;AAC3C,uDAA6E;AAC7E,MAAM,EACJ,YAAY,EACZ,MAAM,EACN,KAAK,EAAE,EAAE,KAAK,EAAE,QAAQ,EAAE,QAAQ,EAAE,GACrC,GAAG,OAAO,CAAC,aAAa,CAAC,CAAC;AAE3B,MAAM,WAAW,GAAG,KAAK,CAAC;AAC1B,MAAM,eAAe,GAAG,QAAQ,CAAC;AAEjC,MAAM,kBAAkB,GAAG;IACzB,KAAK,EAAE,QAAQ;IACf,QAAQ,EAAE,QAAQ;IAClB,IAAI,EAAE,WAAW;IACjB,OAAO,EAAE,eAAe;IACxB,MAAM,EAAE,QAAQ;CACjB,CAAC;AAEF,MAAM,GAAG,GAAG,IAAA,eAAK,EACf,6DAA6D,CAC9D,CAAC;AAEF;;GAEG;AACH,MAAqB,UAAW,SAAQ,kBAAM;IAe5C;QACE,KAAK,EAAE,CAAC;QAfV;;;;mBAAY,CAAC;WAAC;QACd;;;;mBAAc,CAAC;WAAC;QAChB;;;;mBAAW,CAAC;WAAC;QACb;;;;mBAAgB,CAAC;WAAC;QAElB;;;;mBAAsB,CAAC;WAAC;QACxB;;;;mBAAsB,CAAC;WAAC;QAExB;;;;;WAAwB;QACxB;;;;;WAAwB;QAExB;;;;;WAAqB;QACrB;;;;;WAAqB;IAIrB,CAAC;IAED,IAAI,OAAO;QACT,OAAO,IAAA,yBAAgB,EAAC,IAAI,CAAC,CAAC;IAChC,CAAC;IAED,IAAI,CAAC,YAAoB,EAAE,YAAoB,EAAE,YAAoB;QACnE,MAAM,IAAI,GAAG,IAAA,uBAAiB,EAC5B,YAAY,EACZ,YAAY,EACZ,YAAY,EACZ,IAAI,CAAC,SAAS,EACd,IAAI,CAAC,QAAQ,EACb,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,aAAa,CACnB,CAAC;QAEF,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC,cAAc,CAAC;QAC1C,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC,cAAc,CAAC;QAC1C,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC,WAAW,CAAC;QACpC,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC,WAAW,CAAC;IACtC,CAAC;IAED;;OAEG;IACH,OAAO,CAAC,IAAkB,EAAE,IAAY,EAAE,MAAoB;QAC5D,MAAM,QAAQ,GAAG,IAAI,KAAK,sBAAW,CAAC,MAAM,CAAC;QAC7C,MAAM,EAAE,GAAG,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC;QAC1D,MAAM,QAAQ,GAAG,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC;QACtE,IAAI,CAAC,EAAE,IAAI,CAAC,QAAQ;YAAE,MAAM,IAAI,KAAK,EAAE,CAAC;QAExC,EAAE,CAAC,aAAa,CAAC,MAAM,CAAC,KAAK,EAAE,IAAI,CAAC,mBAAmB,CAAC,CAAC;QACzD,EAAE,CAAC,WAAW,CAAC,MAAM,CAAC,cAAc,EAAE,IAAI,CAAC,mBAAmB,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;QAEvE,MAAM,aAAa,GAAG,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;QAEzD,MAAM,cAAc,GAAG;YACrB,KAAK,EAAE,MAAM,CAAC,KAAK;YACnB,QAAQ,EAAE,MAAM,CAAC,cAAc;YAC/B,IAAI,EAAE,MAAM,CAAC,IAAI;YACjB,OAAO,EAAE,MAAM,CAAC,OAAO;YACvB,MAAM,EAAE,IAAI,CAAC,MAAM;SACpB,CAAC;QAEF,MAAM,gBAAgB,GAAG,MAAM,CAAC,cAAc,EAAE,kBAAkB,CAAC,CAAC,KAAK,EAAE,CAAC;QAE5E,MAAM,MAAM,GAAG,MAAM,CAAC,cAAc,CAClC,IAAI,CAAC,cAAuC,EAC5C,QAAQ,EACR,EAAE,EACF;YACE,aAAa,EAAE,IAAI,CAAC,aAAa;SAClC,CACF,CAAC;QAEF,MAAM,CAAC,MAAM,CAAC,gBAAgB,EAAE;YAC9B,eAAe,EAAE,IAAI,CAAC,MAAM;SAC7B,CAAC,CAAC;QAEH,MAAM,QAAQ,GAAG,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACrC,MAAM,SAAS,GAAG,MAAM,CAAC,KAAK,EAAE,CAAC;QACjC,MAAM,OAAO,GAAG,MAAM,CAAC,UAAU,EAAE,CAAC;QAEpC,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,aAAa,EAAE,QAAQ,EAAE,SAAS,EAAE,OAAO,CAAC,CAAC,CAAC;IACtE,CAAC;IAED;;OAEG;IACH,OAAO,CAAC,IAAkB,EAAE,IAAY,EAAE,MAAoB;QAC5D,MAAM,QAAQ,GAAG,IAAI,KAAK,sBAAW,CAAC,MAAM,CAAC;QAC7C,MAAM,EAAE,GAAG,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC;QAC1D,MAAM,QAAQ,GAAG,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC;QACtE,IAAI,CAAC,EAAE,IAAI,CAAC,QAAQ;YAAE,MAAM,IAAI,KAAK,EAAE,CAAC;QAExC,MAAM,KAAK,GAAG,YAAY,CAAC,IAAI,CAAC,CAAC;QAEjC,MAAM,aAAa,GAAG,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;QACjE,aAAa,CAAC,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,mBAAmB,CAAC,CAAC;QAEjD,MAAM,SAAS,GAAG,KAAK,CAAC,UAAU,CAAC,KAAK,CAAC,MAAM,GAAG,IAAI,CAAC,aAAa,CAAC,CAAC;QACtE,MAAM,OAAO,GAAG,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;QAErD,MAAM,cAAc,GAAG;YACrB,KAAK,EAAE,MAAM,CAAC,KAAK;YACnB,QAAQ,EAAE,MAAM,CAAC,cAAc;YAC/B,IAAI,EAAE,MAAM,CAAC,IAAI;YACjB,OAAO,EAAE,MAAM,CAAC,OAAO;YACvB,MAAM,EAAE,SAAS,CAAC,MAAM;SACzB,CAAC;QAEF,MAAM,gBAAgB,GAAG,MAAM,CAAC,cAAc,EAAE,kBAAkB,CAAC,CAAC,KAAK,EAAE,CAAC;QAE5E,MAAM,QAAQ,GAAG,MAAM,CAAC,gBAAgB,CACtC,IAAI,CAAC,cAAuC,EAC5C,QAAQ,EACR,EAAE,EACF;YACE,aAAa,EAAE,IAAI,CAAC,aAAa;SAClC,CACF,CAAC;QAEF,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;QAC7B,QAAQ,CAAC,MAAM,CAAC,gBAAgB,EAAE;YAChC,eAAe,EAAE,SAAS,CAAC,MAAM;SAClC,CAAC,CAAC;QAEH,MAAM,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QAC5C,IAAI;YACF,MAAM,SAAS,GAAG,QAAQ,CAAC,KAAK,EAAE,CAAC;YACnC,OAAO,SAAS,CAAC,MAAM,GAAG,CAAC;gBACzB,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;gBACtC,CAAC,CAAC,QAAQ,CAAC;SACd;QAAC,OAAO,KAAK,EAAE;YACd,GAAG,CACD,gBAAgB,EAChB,KAAK,EACL,IAAI,EACJ,IAAA,mBAAU,EAAC,IAAI,CAAC,EAChB,MAAM,EACN,IAAI,CAAC,OAAO,CACb,CAAC;YACF,MAAM,KAAK,CAAC;SACb;IACH,CAAC;CACF;AA/ID,6BA+IC","sourcesContent":["import * as crypto from \"crypto\";\nimport debug from \"debug\";\n\nimport { dumpBuffer, getObjectSummary } from \"../../helper\";\nimport { prfEncryptionKeys } from \"../prf\";\nimport Cipher, { CipherHeader, SessionType, SessionTypes } from \"./abstract\";\nconst {\n createDecode,\n encode,\n types: { uint8, uint16be, uint48be },\n} = require(\"binary-data\");\n\nconst ContentType = uint8;\nconst ProtocolVersion = uint16be;\n\nconst AEADAdditionalData = {\n epoch: uint16be,\n sequence: uint48be,\n type: ContentType,\n version: ProtocolVersion,\n length: uint16be,\n};\n\nconst err = debug(\n \"werift-dtls : packages/dtls/src/cipher/suites/aead.ts : err\"\n);\n\n/**\n * This class implements AEAD cipher family.\n */\nexport default class AEADCipher extends Cipher {\n keyLength = 0;\n nonceLength = 0;\n ivLength = 0;\n authTagLength = 0;\n\n nonceImplicitLength = 0;\n nonceExplicitLength = 0;\n\n clientWriteKey?: Buffer;\n serverWriteKey?: Buffer;\n\n clientNonce?: Buffer;\n serverNonce?: Buffer;\n\n constructor() {\n super();\n }\n\n get summary() {\n return getObjectSummary(this);\n }\n\n init(masterSecret: Buffer, serverRandom: Buffer, clientRandom: Buffer) {\n const keys = prfEncryptionKeys(\n masterSecret,\n clientRandom,\n serverRandom,\n this.keyLength,\n this.ivLength,\n this.nonceLength,\n this.hashAlgorithm\n );\n\n this.clientWriteKey = keys.clientWriteKey;\n this.serverWriteKey = keys.serverWriteKey;\n this.clientNonce = keys.clientNonce;\n this.serverNonce = keys.serverNonce;\n }\n\n /**\n * Encrypt message.\n */\n encrypt(type: SessionTypes, data: Buffer, header: CipherHeader) {\n const isClient = type === SessionType.CLIENT;\n const iv = isClient ? this.clientNonce : this.serverNonce;\n const writeKey = isClient ? this.clientWriteKey : this.serverWriteKey;\n if (!iv || !writeKey) throw new Error();\n\n iv.writeUInt16BE(header.epoch, this.nonceImplicitLength);\n iv.writeUIntBE(header.sequenceNumber, this.nonceImplicitLength + 2, 6);\n\n const explicitNonce = iv.slice(this.nonceImplicitLength);\n\n const additionalData = {\n epoch: header.epoch,\n sequence: header.sequenceNumber,\n type: header.type,\n version: header.version,\n length: data.length,\n };\n\n const additionalBuffer = encode(additionalData, AEADAdditionalData).slice();\n\n const cipher = crypto.createCipheriv(\n this.blockAlgorithm as crypto.CipherCCMTypes,\n writeKey,\n iv,\n {\n authTagLength: this.authTagLength,\n }\n );\n\n cipher.setAAD(additionalBuffer, {\n plaintextLength: data.length,\n });\n\n const headPart = cipher.update(data);\n const finalPart = cipher.final();\n const authTag = cipher.getAuthTag();\n\n return Buffer.concat([explicitNonce, headPart, finalPart, authTag]);\n }\n\n /**\n * Decrypt message.\n */\n decrypt(type: SessionTypes, data: Buffer, header: CipherHeader) {\n const isClient = type === SessionType.CLIENT;\n const iv = isClient ? this.serverNonce : this.clientNonce;\n const writeKey = isClient ? this.serverWriteKey : this.clientWriteKey;\n if (!iv || !writeKey) throw new Error();\n\n const final = createDecode(data);\n\n const explicitNonce = final.readBuffer(this.nonceExplicitLength);\n explicitNonce.copy(iv, this.nonceImplicitLength);\n\n const encrypted = final.readBuffer(final.length - this.authTagLength);\n const authTag = final.readBuffer(this.authTagLength);\n\n const additionalData = {\n epoch: header.epoch,\n sequence: header.sequenceNumber,\n type: header.type,\n version: header.version,\n length: encrypted.length,\n };\n\n const additionalBuffer = encode(additionalData, AEADAdditionalData).slice();\n\n const decipher = crypto.createDecipheriv(\n this.blockAlgorithm as crypto.CipherCCMTypes,\n writeKey,\n iv,\n {\n authTagLength: this.authTagLength,\n }\n );\n\n decipher.setAuthTag(authTag);\n decipher.setAAD(additionalBuffer, {\n plaintextLength: encrypted.length,\n });\n\n const headPart = decipher.update(encrypted);\n try {\n const finalPart = decipher.final();\n return finalPart.length > 0\n ? Buffer.concat([headPart, finalPart])\n : headPart;\n } catch (error) {\n err(\n \"decrypt failed\",\n error,\n type,\n dumpBuffer(data),\n header,\n this.summary\n );\n throw error;\n }\n }\n}\n"]}
|
package/lib/dtls/src/client.js
CHANGED
|
@@ -16,59 +16,70 @@ const log = (0, debug_1.default)("werift-dtls : packages/dtls/src/client.ts : lo
|
|
|
16
16
|
class DtlsClient extends socket_1.DtlsSocket {
|
|
17
17
|
constructor(options) {
|
|
18
18
|
super(options, abstract_1.SessionType.CLIENT);
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
this.
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
|
|
19
|
+
Object.defineProperty(this, "flight5", {
|
|
20
|
+
enumerable: true,
|
|
21
|
+
configurable: true,
|
|
22
|
+
writable: true,
|
|
23
|
+
value: void 0
|
|
24
|
+
});
|
|
25
|
+
Object.defineProperty(this, "handleHandshakes", {
|
|
26
|
+
enumerable: true,
|
|
27
|
+
configurable: true,
|
|
28
|
+
writable: true,
|
|
29
|
+
value: async (assembled) => {
|
|
30
|
+
log(this.dtls.sessionId, "handleHandshakes", assembled.map((a) => a.msg_type));
|
|
31
|
+
for (const handshake of assembled) {
|
|
32
|
+
switch (handshake.msg_type) {
|
|
33
|
+
// flight2
|
|
34
|
+
case const_1.HandshakeType.hello_verify_request_3:
|
|
35
|
+
{
|
|
36
|
+
const verifyReq = helloVerifyRequest_1.ServerHelloVerifyRequest.deSerialize(handshake.fragment);
|
|
37
|
+
await new flight3_1.Flight3(this.transport, this.dtls).exec(verifyReq);
|
|
38
|
+
}
|
|
39
|
+
break;
|
|
40
|
+
// flight 4
|
|
41
|
+
case const_1.HandshakeType.server_hello_2:
|
|
42
|
+
{
|
|
43
|
+
if (this.connected)
|
|
44
|
+
return;
|
|
45
|
+
this.flight5 = new flight5_1.Flight5(this.transport, this.dtls, this.cipher, this.srtp);
|
|
46
|
+
this.flight5.handleHandshake(handshake);
|
|
47
|
+
}
|
|
48
|
+
break;
|
|
49
|
+
case const_1.HandshakeType.certificate_11:
|
|
50
|
+
case const_1.HandshakeType.server_key_exchange_12:
|
|
51
|
+
case const_1.HandshakeType.certificate_request_13:
|
|
52
|
+
{
|
|
53
|
+
await this.waitForReady(() => !!this.flight5);
|
|
54
|
+
this.flight5?.handleHandshake(handshake);
|
|
55
|
+
}
|
|
56
|
+
break;
|
|
57
|
+
case const_1.HandshakeType.server_hello_done_14:
|
|
58
|
+
{
|
|
59
|
+
await this.waitForReady(() => !!this.flight5);
|
|
60
|
+
this.flight5?.handleHandshake(handshake);
|
|
61
|
+
const targets = [
|
|
62
|
+
11,
|
|
63
|
+
12,
|
|
64
|
+
this.options.certificateRequest && 13,
|
|
65
|
+
].filter((n) => typeof n === "number");
|
|
66
|
+
await this.waitForReady(() => this.dtls.checkHandshakesExist(targets));
|
|
67
|
+
await this.flight5?.exec();
|
|
68
|
+
}
|
|
69
|
+
break;
|
|
70
|
+
// flight 6
|
|
71
|
+
case const_1.HandshakeType.finished_20:
|
|
72
|
+
{
|
|
73
|
+
this.dtls.flight = 7;
|
|
74
|
+
this.connected = true;
|
|
75
|
+
this.onConnect.execute();
|
|
76
|
+
log(this.dtls.sessionId, "dtls connected");
|
|
77
|
+
}
|
|
78
|
+
break;
|
|
79
|
+
}
|
|
69
80
|
}
|
|
70
81
|
}
|
|
71
|
-
};
|
|
82
|
+
});
|
|
72
83
|
this.onHandleHandshakes = this.handleHandshakes;
|
|
73
84
|
log(this.dtls.sessionId, "start client");
|
|
74
85
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"client.js","sourceRoot":"","sources":["../../../../dtls/src/client.ts"],"names":[],"mappings":";;;;;;AAAA,kDAA0B;AAE1B,uDAAuD;AACvD,qDAAkD;AAClD,qDAAkD;AAClD,qDAAkD;AAClD,6CAAkD;AAClD,sFAAyF;AAEzF,qCAA+C;AAE/C,MAAM,GAAG,GAAG,IAAA,eAAK,EAAC,iDAAiD,CAAC,CAAC;AAErE,MAAa,UAAW,SAAQ,mBAAU;IACxC,YAAY,OAAgB;QAC1B,KAAK,CAAC,OAAO,EAAE,sBAAW,CAAC,MAAM,CAAC,CAAC;
|
|
1
|
+
{"version":3,"file":"client.js","sourceRoot":"","sources":["../../../../dtls/src/client.ts"],"names":[],"mappings":";;;;;;AAAA,kDAA0B;AAE1B,uDAAuD;AACvD,qDAAkD;AAClD,qDAAkD;AAClD,qDAAkD;AAClD,6CAAkD;AAClD,sFAAyF;AAEzF,qCAA+C;AAE/C,MAAM,GAAG,GAAG,IAAA,eAAK,EAAC,iDAAiD,CAAC,CAAC;AAErE,MAAa,UAAW,SAAQ,mBAAU;IACxC,YAAY,OAAgB;QAC1B,KAAK,CAAC,OAAO,EAAE,sBAAW,CAAC,MAAM,CAAC,CAAC;QAWrC;;;;;WAA0B;QAC1B;;;;mBAA2B,KAAK,EAAE,SAAgC,EAAE,EAAE;gBACpE,GAAG,CACD,IAAI,CAAC,IAAI,CAAC,SAAS,EACnB,kBAAkB,EAClB,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CACjC,CAAC;gBAEF,KAAK,MAAM,SAAS,IAAI,SAAS,EAAE;oBACjC,QAAQ,SAAS,CAAC,QAAQ,EAAE;wBAC1B,UAAU;wBACV,KAAK,qBAAa,CAAC,sBAAsB;4BACvC;gCACE,MAAM,SAAS,GAAG,6CAAwB,CAAC,WAAW,CACpD,SAAS,CAAC,QAAQ,CACnB,CAAC;gCACF,MAAM,IAAI,iBAAO,CAAC,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;6BAC9D;4BACD,MAAM;wBACR,WAAW;wBACX,KAAK,qBAAa,CAAC,cAAc;4BAC/B;gCACE,IAAI,IAAI,CAAC,SAAS;oCAAE,OAAO;gCAC3B,IAAI,CAAC,OAAO,GAAG,IAAI,iBAAO,CACxB,IAAI,CAAC,SAAS,EACd,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,MAAM,EACX,IAAI,CAAC,IAAI,CACV,CAAC;gCACF,IAAI,CAAC,OAAO,CAAC,eAAe,CAAC,SAAS,CAAC,CAAC;6BACzC;4BACD,MAAM;wBACR,KAAK,qBAAa,CAAC,cAAc,CAAC;wBAClC,KAAK,qBAAa,CAAC,sBAAsB,CAAC;wBAC1C,KAAK,qBAAa,CAAC,sBAAsB;4BACvC;gCACE,MAAM,IAAI,CAAC,YAAY,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;gCAC9C,IAAI,CAAC,OAAO,EAAE,eAAe,CAAC,SAAS,CAAC,CAAC;6BAC1C;4BACD,MAAM;wBACR,KAAK,qBAAa,CAAC,oBAAoB;4BACrC;gCACE,MAAM,IAAI,CAAC,YAAY,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;gCAC9C,IAAI,CAAC,OAAO,EAAE,eAAe,CAAC,SAAS,CAAC,CAAC;gCAEzC,MAAM,OAAO,GAAG;oCACd,EAAE;oCACF,EAAE;oCACF,IAAI,CAAC,OAAO,CAAC,kBAAkB,IAAI,EAAE;iCACtC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAe,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAC;gCACpD,MAAM,IAAI,CAAC,YAAY,CAAC,GAAG,EAAE,CAC3B,IAAI,CAAC,IAAI,CAAC,oBAAoB,CAAC,OAAO,CAAC,CACxC,CAAC;gCACF,MAAM,IAAI,CAAC,OAAO,EAAE,IAAI,EAAE,CAAC;6BAC5B;4BACD,MAAM;wBACR,WAAW;wBACX,KAAK,qBAAa,CAAC,WAAW;4BAC5B;gCACE,IAAI,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC;gCACrB,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC;gCACtB,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,CAAC;gCACzB,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,gBAAgB,CAAC,CAAC;6BAC5C;4BACD,MAAM;qBACT;iBACF;YACH,CAAC;WAAC;QA7EA,IAAI,CAAC,kBAAkB,GAAG,IAAI,CAAC,gBAAgB,CAAC;QAChD,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,cAAc,CAAC,CAAC;IAC3C,CAAC;IAED,KAAK,CAAC,OAAO;QACX,MAAM,IAAI,iBAAO,CAAC,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC,IAAI,CAC5D,IAAI,CAAC,UAAU,CAChB,CAAC;IACJ,CAAC;CAsEF;AAjFD,gCAiFC","sourcesContent":["import debug from \"debug\";\n\nimport { SessionType } from \"./cipher/suites/abstract\";\nimport { Flight1 } from \"./flight/client/flight1\";\nimport { Flight3 } from \"./flight/client/flight3\";\nimport { Flight5 } from \"./flight/client/flight5\";\nimport { HandshakeType } from \"./handshake/const\";\nimport { ServerHelloVerifyRequest } from \"./handshake/message/server/helloVerifyRequest\";\nimport { FragmentedHandshake } from \"./record/message/fragment\";\nimport { DtlsSocket, Options } from \"./socket\";\n\nconst log = debug(\"werift-dtls : packages/dtls/src/client.ts : log\");\n\nexport class DtlsClient extends DtlsSocket {\n constructor(options: Options) {\n super(options, SessionType.CLIENT);\n this.onHandleHandshakes = this.handleHandshakes;\n log(this.dtls.sessionId, \"start client\");\n }\n\n async connect() {\n await new Flight1(this.transport, this.dtls, this.cipher).exec(\n this.extensions\n );\n }\n\n private flight5?: Flight5;\n private handleHandshakes = async (assembled: FragmentedHandshake[]) => {\n log(\n this.dtls.sessionId,\n \"handleHandshakes\",\n assembled.map((a) => a.msg_type)\n );\n\n for (const handshake of assembled) {\n switch (handshake.msg_type) {\n // flight2\n case HandshakeType.hello_verify_request_3:\n {\n const verifyReq = ServerHelloVerifyRequest.deSerialize(\n handshake.fragment\n );\n await new Flight3(this.transport, this.dtls).exec(verifyReq);\n }\n break;\n // flight 4\n case HandshakeType.server_hello_2:\n {\n if (this.connected) return;\n this.flight5 = new Flight5(\n this.transport,\n this.dtls,\n this.cipher,\n this.srtp\n );\n this.flight5.handleHandshake(handshake);\n }\n break;\n case HandshakeType.certificate_11:\n case HandshakeType.server_key_exchange_12:\n case HandshakeType.certificate_request_13:\n {\n await this.waitForReady(() => !!this.flight5);\n this.flight5?.handleHandshake(handshake);\n }\n break;\n case HandshakeType.server_hello_done_14:\n {\n await this.waitForReady(() => !!this.flight5);\n this.flight5?.handleHandshake(handshake);\n\n const targets = [\n 11,\n 12,\n this.options.certificateRequest && 13,\n ].filter((n): n is number => typeof n === \"number\");\n await this.waitForReady(() =>\n this.dtls.checkHandshakesExist(targets)\n );\n await this.flight5?.exec();\n }\n break;\n // flight 6\n case HandshakeType.finished_20:\n {\n this.dtls.flight = 7;\n this.connected = true;\n this.onConnect.execute();\n log(this.dtls.sessionId, \"dtls connected\");\n }\n break;\n }\n }\n };\n}\n"]}
|
|
@@ -42,9 +42,96 @@ const crypto = new webcrypto_1.Crypto();
|
|
|
42
42
|
x509.cryptoProvider.set(crypto);
|
|
43
43
|
class CipherContext {
|
|
44
44
|
constructor(sessionType, certPem, keyPem, signatureHashAlgorithm) {
|
|
45
|
-
this
|
|
46
|
-
|
|
47
|
-
|
|
45
|
+
Object.defineProperty(this, "sessionType", {
|
|
46
|
+
enumerable: true,
|
|
47
|
+
configurable: true,
|
|
48
|
+
writable: true,
|
|
49
|
+
value: sessionType
|
|
50
|
+
});
|
|
51
|
+
Object.defineProperty(this, "certPem", {
|
|
52
|
+
enumerable: true,
|
|
53
|
+
configurable: true,
|
|
54
|
+
writable: true,
|
|
55
|
+
value: certPem
|
|
56
|
+
});
|
|
57
|
+
Object.defineProperty(this, "keyPem", {
|
|
58
|
+
enumerable: true,
|
|
59
|
+
configurable: true,
|
|
60
|
+
writable: true,
|
|
61
|
+
value: keyPem
|
|
62
|
+
});
|
|
63
|
+
Object.defineProperty(this, "localRandom", {
|
|
64
|
+
enumerable: true,
|
|
65
|
+
configurable: true,
|
|
66
|
+
writable: true,
|
|
67
|
+
value: void 0
|
|
68
|
+
});
|
|
69
|
+
Object.defineProperty(this, "remoteRandom", {
|
|
70
|
+
enumerable: true,
|
|
71
|
+
configurable: true,
|
|
72
|
+
writable: true,
|
|
73
|
+
value: void 0
|
|
74
|
+
});
|
|
75
|
+
Object.defineProperty(this, "cipherSuite", {
|
|
76
|
+
enumerable: true,
|
|
77
|
+
configurable: true,
|
|
78
|
+
writable: true,
|
|
79
|
+
value: void 0
|
|
80
|
+
});
|
|
81
|
+
Object.defineProperty(this, "remoteCertificate", {
|
|
82
|
+
enumerable: true,
|
|
83
|
+
configurable: true,
|
|
84
|
+
writable: true,
|
|
85
|
+
value: void 0
|
|
86
|
+
});
|
|
87
|
+
Object.defineProperty(this, "remoteKeyPair", {
|
|
88
|
+
enumerable: true,
|
|
89
|
+
configurable: true,
|
|
90
|
+
writable: true,
|
|
91
|
+
value: void 0
|
|
92
|
+
});
|
|
93
|
+
Object.defineProperty(this, "localKeyPair", {
|
|
94
|
+
enumerable: true,
|
|
95
|
+
configurable: true,
|
|
96
|
+
writable: true,
|
|
97
|
+
value: void 0
|
|
98
|
+
});
|
|
99
|
+
Object.defineProperty(this, "masterSecret", {
|
|
100
|
+
enumerable: true,
|
|
101
|
+
configurable: true,
|
|
102
|
+
writable: true,
|
|
103
|
+
value: void 0
|
|
104
|
+
});
|
|
105
|
+
Object.defineProperty(this, "cipher", {
|
|
106
|
+
enumerable: true,
|
|
107
|
+
configurable: true,
|
|
108
|
+
writable: true,
|
|
109
|
+
value: void 0
|
|
110
|
+
});
|
|
111
|
+
Object.defineProperty(this, "namedCurve", {
|
|
112
|
+
enumerable: true,
|
|
113
|
+
configurable: true,
|
|
114
|
+
writable: true,
|
|
115
|
+
value: void 0
|
|
116
|
+
});
|
|
117
|
+
Object.defineProperty(this, "signatureHashAlgorithm", {
|
|
118
|
+
enumerable: true,
|
|
119
|
+
configurable: true,
|
|
120
|
+
writable: true,
|
|
121
|
+
value: void 0
|
|
122
|
+
});
|
|
123
|
+
Object.defineProperty(this, "localCert", {
|
|
124
|
+
enumerable: true,
|
|
125
|
+
configurable: true,
|
|
126
|
+
writable: true,
|
|
127
|
+
value: void 0
|
|
128
|
+
});
|
|
129
|
+
Object.defineProperty(this, "localPrivateKey", {
|
|
130
|
+
enumerable: true,
|
|
131
|
+
configurable: true,
|
|
132
|
+
writable: true,
|
|
133
|
+
value: void 0
|
|
134
|
+
});
|
|
48
135
|
if (certPem && keyPem && signatureHashAlgorithm) {
|
|
49
136
|
this.parseX509(certPem, keyPem, signatureHashAlgorithm);
|
|
50
137
|
}
|
|
@@ -117,63 +204,68 @@ _a = CipherContext;
|
|
|
117
204
|
* @param signatureHash
|
|
118
205
|
* @param namedCurveAlgorithm necessary when use ecdsa
|
|
119
206
|
*/
|
|
120
|
-
|
|
121
|
-
|
|
122
|
-
|
|
123
|
-
|
|
124
|
-
|
|
125
|
-
|
|
126
|
-
|
|
127
|
-
|
|
128
|
-
|
|
129
|
-
|
|
130
|
-
|
|
131
|
-
|
|
132
|
-
|
|
133
|
-
|
|
134
|
-
|
|
135
|
-
|
|
136
|
-
|
|
137
|
-
|
|
138
|
-
|
|
139
|
-
|
|
140
|
-
|
|
141
|
-
|
|
142
|
-
return "P-256";
|
|
143
|
-
}
|
|
144
|
-
return "X25519";
|
|
145
|
-
default: {
|
|
146
|
-
if (signatureAlgorithmName === "ECDSA")
|
|
207
|
+
Object.defineProperty(CipherContext, "createSelfSignedCertificateWithKey", {
|
|
208
|
+
enumerable: true,
|
|
209
|
+
configurable: true,
|
|
210
|
+
writable: true,
|
|
211
|
+
value: async (signatureHash, namedCurveAlgorithm) => {
|
|
212
|
+
const signatureAlgorithmName = (() => {
|
|
213
|
+
switch (signatureHash.signature) {
|
|
214
|
+
case const_1.SignatureAlgorithm.rsa_1:
|
|
215
|
+
return "RSASSA-PKCS1-v1_5";
|
|
216
|
+
case const_1.SignatureAlgorithm.ecdsa_3:
|
|
217
|
+
return "ECDSA";
|
|
218
|
+
}
|
|
219
|
+
})();
|
|
220
|
+
const hash = (() => {
|
|
221
|
+
switch (signatureHash.hash) {
|
|
222
|
+
case const_1.HashAlgorithm.sha256_4:
|
|
223
|
+
return "SHA-256";
|
|
224
|
+
}
|
|
225
|
+
})();
|
|
226
|
+
const namedCurve = (() => {
|
|
227
|
+
switch (namedCurveAlgorithm) {
|
|
228
|
+
case const_1.NamedCurveAlgorithm.secp256r1_23:
|
|
147
229
|
return "P-256";
|
|
148
|
-
|
|
230
|
+
case const_1.NamedCurveAlgorithm.x25519_29:
|
|
231
|
+
// todo fix (X25519 not supported with ECDSA)
|
|
232
|
+
if (signatureAlgorithmName === "ECDSA") {
|
|
233
|
+
return "P-256";
|
|
234
|
+
}
|
|
149
235
|
return "X25519";
|
|
236
|
+
default: {
|
|
237
|
+
if (signatureAlgorithmName === "ECDSA")
|
|
238
|
+
return "P-256";
|
|
239
|
+
if (signatureAlgorithmName === "RSASSA-PKCS1-v1_5")
|
|
240
|
+
return "X25519";
|
|
241
|
+
}
|
|
150
242
|
}
|
|
151
|
-
}
|
|
152
|
-
|
|
153
|
-
|
|
154
|
-
|
|
155
|
-
|
|
156
|
-
|
|
157
|
-
|
|
158
|
-
|
|
159
|
-
|
|
160
|
-
|
|
161
|
-
|
|
162
|
-
|
|
163
|
-
|
|
164
|
-
}
|
|
165
|
-
|
|
166
|
-
|
|
167
|
-
|
|
168
|
-
|
|
169
|
-
|
|
170
|
-
|
|
171
|
-
|
|
172
|
-
|
|
173
|
-
|
|
174
|
-
|
|
175
|
-
|
|
176
|
-
|
|
177
|
-
|
|
178
|
-
};
|
|
243
|
+
})();
|
|
244
|
+
const alg = (() => {
|
|
245
|
+
switch (signatureAlgorithmName) {
|
|
246
|
+
case "ECDSA":
|
|
247
|
+
return { name: signatureAlgorithmName, hash, namedCurve };
|
|
248
|
+
case "RSASSA-PKCS1-v1_5":
|
|
249
|
+
return {
|
|
250
|
+
name: signatureAlgorithmName,
|
|
251
|
+
hash,
|
|
252
|
+
publicExponent: new Uint8Array([1, 0, 1]),
|
|
253
|
+
modulusLength: 2048,
|
|
254
|
+
};
|
|
255
|
+
}
|
|
256
|
+
})();
|
|
257
|
+
const keys = await crypto.subtle.generateKey(alg, true, ["sign", "verify"]);
|
|
258
|
+
const cert = await x509.X509CertificateGenerator.createSelfSigned({
|
|
259
|
+
serialNumber: crypto_1.default.randomBytes(8).toString("hex"),
|
|
260
|
+
name: "C=AU, ST=Some-State, O=Internet Widgits Pty Ltd",
|
|
261
|
+
notBefore: new Date(),
|
|
262
|
+
notAfter: (0, addYears_1.default)(Date.now(), 10),
|
|
263
|
+
signingAlgorithm: alg,
|
|
264
|
+
keys,
|
|
265
|
+
});
|
|
266
|
+
const certPem = cert.toString("pem");
|
|
267
|
+
const keyPem = x509.PemConverter.encode(await crypto.subtle.exportKey("pkcs8", keys.privateKey), "private key");
|
|
268
|
+
return { certPem, keyPem, signatureHash };
|
|
269
|
+
}
|
|
270
|
+
});
|
|
179
271
|
//# sourceMappingURL=cipher.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cipher.js","sourceRoot":"","sources":["../../../../../dtls/src/context/cipher.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,qCAAqD;AACrD,mDAA6C;AAC7C,qDAAuC;AACvC,6CAAoD;AACpD,iDAAgD;AAChD,iEAAyC;AAEzC,2CAQyB;AAEzB,uCAAyE;AACzE,wDAAsE;AAEtE,gDAAsD;AAItD,MAAM,MAAM,GAAG,IAAI,kBAAM,EAAE,CAAC;AAC5B,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,MAAa,CAAC,CAAC;AAEvC,MAAa,aAAa;IAcxB,YACS,WAAyB,EACzB,OAAgB,EAChB,MAAe,EACtB,sBAAsC;QAH/B,gBAAW,GAAX,WAAW,CAAc;QACzB,YAAO,GAAP,OAAO,CAAS;QAChB,WAAM,GAAN,MAAM,CAAS;QAGtB,IAAI,OAAO,IAAI,MAAM,IAAI,sBAAsB,EAAE;YAC/C,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,MAAM,EAAE,sBAAsB,CAAC,CAAC;SACzD;IACH,CAAC;IA2ED,aAAa,CAAC,GAAkB;QAC9B,MAAM,MAAM,GAAG,GAAG,CAAC,iBAAiB,CAAC;QACrC,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,WAAW,EAAE,GAAG,CAAC,QAAQ,EAAE;YAC9D,IAAI,EAAE,MAAM,CAAC,WAAW;YACxB,OAAO,EAAE,IAAA,oBAAM,EACb,MAAM,CAAC,IAAI,CAAC,IAAA,oBAAM,EAAC,MAAM,CAAC,eAAe,EAAE,wBAAe,CAAC,CAAC,KAAK,EAAE,CAAC,EACpE,EAAE,OAAO,EAAE,mBAAK,CAAC,QAAQ,EAAE,CAC5B,CAAC,OAAO;YACT,KAAK,EAAE,MAAM,CAAC,KAAK;YACnB,cAAc,EAAE,MAAM,CAAC,cAAc;SACtC,CAAC,CAAC;QACH,GAAG,CAAC,QAAQ,GAAG,GAAG,CAAC;QACnB,GAAG,CAAC,iBAAiB,CAAC,UAAU,GAAG,GAAG,CAAC,MAAM,CAAC;QAC9C,OAAO,GAAG,CAAC;IACb,CAAC;IAED,aAAa,CAAC,GAAkB;QAC9B,MAAM,MAAM,GAAG,GAAG,CAAC,iBAAiB,CAAC;QACrC,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,WAAW,EAAE,GAAG,CAAC,QAAQ,EAAE;YAC9D,IAAI,EAAE,MAAM,CAAC,WAAW;YACxB,OAAO,EAAE,IAAA,oBAAM,EACb,MAAM,CAAC,IAAI,CAAC,IAAA,oBAAM,EAAC,MAAM,CAAC,eAAe,EAAE,wBAAe,CAAC,CAAC,KAAK,EAAE,CAAC,EACpE,EAAE,OAAO,EAAE,mBAAK,CAAC,QAAQ,EAAE,CAC5B,CAAC,OAAO;YACT,KAAK,EAAE,MAAM,CAAC,KAAK;YACnB,cAAc,EAAE,MAAM,CAAC,cAAc;SACtC,CAAC,CAAC;QACH,OAAO,GAAG,CAAC;IACb,CAAC;IAED,UAAU,CAAC,GAAW;QACpB,IAAI,IAAI,CAAC,WAAW,KAAK,sBAAW,CAAC,MAAM;YACzC,OAAO,IAAA,yBAAmB,EAAC,IAAI,CAAC,YAAY,EAAE,GAAG,CAAC,CAAC;;YAChD,OAAO,IAAA,yBAAmB,EAAC,IAAI,CAAC,YAAY,EAAE,GAAG,CAAC,CAAC;IAC1D,CAAC;IAED,aAAa,CAAC,IAAY,EAAE,IAAY;QACtC,MAAM,SAAS,GAAG,IAAA,mBAAU,EAAC,IAAI,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QAChD,MAAM,GAAG,GAAG,IAAI,CAAC,eAAe,CAAC,KAAK,EAAE,CAAC,QAAQ,EAAE,CAAC;QACpD,MAAM,MAAM,GAAG,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACnC,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,oBAAoB,CAAC,aAAqB;QACxC,MAAM,YAAY,GAChB,IAAI,CAAC,WAAW,KAAK,sBAAW,CAAC,MAAM;YACrC,CAAC,CAAC,IAAI,CAAC,WAAW;YAClB,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC;QACxB,MAAM,YAAY,GAChB,IAAI,CAAC,WAAW,KAAK,sBAAW,CAAC,MAAM;YACrC,CAAC,CAAC,IAAI,CAAC,WAAW;YAClB,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC;QAExB,MAAM,GAAG,GAAG,IAAI,CAAC,iBAAiB,CAChC,YAAY,CAAC,SAAS,EAAE,EACxB,YAAY,CAAC,SAAS,EAAE,EACxB,IAAI,CAAC,YAAY,CAAC,SAAS,EAC3B,IAAI,CAAC,UAAU,CAChB,CAAC;QAEF,MAAM,GAAG,GAAG,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,GAAG,EAAE,aAAa,CAAC,CAAC;QAC1D,OAAO,GAAG,CAAC;IACb,CAAC;IAED,SAAS,CAAC,OAAe,EAAE,MAAc,EAAE,aAA4B;QACrE,MAAM,IAAI,GAAG,kBAAW,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;QACvD,MAAM,GAAG,GAAG,iBAAU,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC;QACpD,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC;QAC1B,IAAI,CAAC,eAAe,GAAG,GAAG,CAAC;QAC3B,IAAI,CAAC,sBAAsB,GAAG,aAAa,CAAC;IAC9C,CAAC;IAEO,iBAAiB,CACvB,YAAoB,EACpB,YAAoB,EACpB,SAAiB,EACjB,UAAkB;QAElB,MAAM,YAAY,GAAG,MAAM,CAAC,IAAI,CAC9B,IAAA,oBAAM,EACJ;YACE,IAAI,EAAE,iBAAS,CAAC,aAAa;YAC7B,KAAK,EAAE,UAAU;YACjB,GAAG,EAAE,SAAS,CAAC,MAAM;SACtB,EACD,EAAE,IAAI,EAAE,mBAAK,CAAC,KAAK,EAAE,KAAK,EAAE,mBAAK,CAAC,QAAQ,EAAE,GAAG,EAAE,mBAAK,CAAC,KAAK,EAAE,CAC/D,CAAC,KAAK,EAAE,CACV,CAAC;QACF,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,YAAY,EAAE,YAAY,EAAE,YAAY,EAAE,SAAS,CAAC,CAAC,CAAC;IAC9E,CAAC;;AA3LH,sCA4LC;;AAnKC;;;;GAIG;AACI,gDAAkC,GAAG,KAAK,EAC/C,aAA4B,EAC5B,mBAA0C,EAC1C,EAAE;IACF,MAAM,sBAAsB,GAAG,CAAC,GAAG,EAAE;QACnC,QAAQ,aAAa,CAAC,SAAS,EAAE;YAC/B,KAAK,0BAAkB,CAAC,KAAK;gBAC3B,OAAO,mBAAmB,CAAC;YAC7B,KAAK,0BAAkB,CAAC,OAAO;gBAC7B,OAAO,OAAO,CAAC;SAClB;IACH,CAAC,CAAC,EAAE,CAAC;IACL,MAAM,IAAI,GAAG,CAAC,GAAG,EAAE;QACjB,QAAQ,aAAa,CAAC,IAAI,EAAE;YAC1B,KAAK,qBAAa,CAAC,QAAQ;gBACzB,OAAO,SAAS,CAAC;SACpB;IACH,CAAC,CAAC,EAAE,CAAC;IACL,MAAM,UAAU,GAAG,CAAC,GAAG,EAAE;QACvB,QAAQ,mBAAmB,EAAE;YAC3B,KAAK,2BAAmB,CAAC,YAAY;gBACnC,OAAO,OAAO,CAAC;YACjB,KAAK,2BAAmB,CAAC,SAAS;gBAChC,6CAA6C;gBAC7C,IAAI,sBAAsB,KAAK,OAAO,EAAE;oBACtC,OAAO,OAAO,CAAC;iBAChB;gBACD,OAAO,QAAQ,CAAC;YAClB,OAAO,CAAC,CAAC;gBACP,IAAI,sBAAsB,KAAK,OAAO;oBAAE,OAAO,OAAO,CAAC;gBACvD,IAAI,sBAAsB,KAAK,mBAAmB;oBAAE,OAAO,QAAQ,CAAC;aACrE;SACF;IACH,CAAC,CAAC,EAAE,CAAC;IACL,MAAM,GAAG,GAAG,CAAC,GAAG,EAAE;QAChB,QAAQ,sBAAsB,EAAE;YAC9B,KAAK,OAAO;gBACV,OAAO,EAAE,IAAI,EAAE,sBAAsB,EAAE,IAAI,EAAE,UAAU,EAAE,CAAC;YAC5D,KAAK,mBAAmB;gBACtB,OAAO;oBACL,IAAI,EAAE,sBAAsB;oBAC5B,IAAI;oBACJ,cAAc,EAAE,IAAI,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;oBACzC,aAAa,EAAE,IAAI;iBACpB,CAAC;SACL;IACH,CAAC,CAAC,EAAE,CAAC;IAEL,MAAM,IAAI,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC;IAE5E,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,wBAAwB,CAAC,gBAAgB,CAAC;QAChE,YAAY,EAAE,gBAAU,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC;QACvD,IAAI,EAAE,iDAAiD;QACvD,SAAS,EAAE,IAAI,IAAI,EAAE;QACrB,QAAQ,EAAE,IAAA,kBAAQ,EAAC,IAAI,CAAC,GAAG,EAAE,EAAE,EAAE,CAAC;QAClC,gBAAgB,EAAE,GAAG;QACrB,IAAI;KACL,CAAC,CAAC;IAEH,MAAM,OAAO,GAAG,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IACrC,MAAM,MAAM,GAAG,IAAI,CAAC,YAAY,CAAC,MAAM,CACrC,MAAM,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,CAAC,UAAiB,CAAC,EAC9D,aAAa,CACd,CAAC;IAEF,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,aAAa,EAAE,CAAC;AAC5C,CAAC,CAAC","sourcesContent":["import { Certificate, PrivateKey } from \"@fidm/x509\";\nimport { Crypto } from \"@peculiar/webcrypto\";\nimport * as x509 from \"@peculiar/x509\";\nimport { decode, encode, types } from \"binary-data\";\nimport nodeCrypto, { createSign } from \"crypto\";\nimport addYears from \"date-fns/addYears\";\n\nimport {\n CipherSuites,\n CurveType,\n HashAlgorithm,\n NamedCurveAlgorithm,\n NamedCurveAlgorithms,\n SignatureAlgorithm,\n SignatureHash,\n} from \"../cipher/const\";\nimport { NamedCurveKeyPair } from \"../cipher/namedCurve\";\nimport { prfVerifyDataClient, prfVerifyDataServer } from \"../cipher/prf\";\nimport { SessionType, SessionTypes } from \"../cipher/suites/abstract\";\nimport AEADCipher from \"../cipher/suites/aead\";\nimport { ProtocolVersion } from \"../handshake/binary\";\nimport { DtlsRandom } from \"../handshake/random\";\nimport { DtlsPlaintext } from \"../record/message/plaintext\";\n\nconst crypto = new Crypto();\nx509.cryptoProvider.set(crypto as any);\n\nexport class CipherContext {\n localRandom!: DtlsRandom;\n remoteRandom!: DtlsRandom;\n cipherSuite!: CipherSuites;\n remoteCertificate?: Buffer;\n remoteKeyPair!: Partial<NamedCurveKeyPair>;\n localKeyPair!: NamedCurveKeyPair;\n masterSecret!: Buffer;\n cipher!: AEADCipher;\n namedCurve!: NamedCurveAlgorithms;\n signatureHashAlgorithm?: SignatureHash;\n localCert!: Buffer;\n localPrivateKey!: PrivateKey;\n\n constructor(\n public sessionType: SessionTypes,\n public certPem?: string,\n public keyPem?: string,\n signatureHashAlgorithm?: SignatureHash\n ) {\n if (certPem && keyPem && signatureHashAlgorithm) {\n this.parseX509(certPem, keyPem, signatureHashAlgorithm);\n }\n }\n\n /**\n *\n * @param signatureHash\n * @param namedCurveAlgorithm necessary when use ecdsa\n */\n static createSelfSignedCertificateWithKey = async (\n signatureHash: SignatureHash,\n namedCurveAlgorithm?: NamedCurveAlgorithms\n ) => {\n const signatureAlgorithmName = (() => {\n switch (signatureHash.signature) {\n case SignatureAlgorithm.rsa_1:\n return \"RSASSA-PKCS1-v1_5\";\n case SignatureAlgorithm.ecdsa_3:\n return \"ECDSA\";\n }\n })();\n const hash = (() => {\n switch (signatureHash.hash) {\n case HashAlgorithm.sha256_4:\n return \"SHA-256\";\n }\n })();\n const namedCurve = (() => {\n switch (namedCurveAlgorithm) {\n case NamedCurveAlgorithm.secp256r1_23:\n return \"P-256\";\n case NamedCurveAlgorithm.x25519_29:\n // todo fix (X25519 not supported with ECDSA)\n if (signatureAlgorithmName === \"ECDSA\") {\n return \"P-256\";\n }\n return \"X25519\";\n default: {\n if (signatureAlgorithmName === \"ECDSA\") return \"P-256\";\n if (signatureAlgorithmName === \"RSASSA-PKCS1-v1_5\") return \"X25519\";\n }\n }\n })();\n const alg = (() => {\n switch (signatureAlgorithmName) {\n case \"ECDSA\":\n return { name: signatureAlgorithmName, hash, namedCurve };\n case \"RSASSA-PKCS1-v1_5\":\n return {\n name: signatureAlgorithmName,\n hash,\n publicExponent: new Uint8Array([1, 0, 1]),\n modulusLength: 2048,\n };\n }\n })();\n\n const keys = await crypto.subtle.generateKey(alg, true, [\"sign\", \"verify\"]);\n\n const cert = await x509.X509CertificateGenerator.createSelfSigned({\n serialNumber: nodeCrypto.randomBytes(8).toString(\"hex\"),\n name: \"C=AU, ST=Some-State, O=Internet Widgits Pty Ltd\",\n notBefore: new Date(),\n notAfter: addYears(Date.now(), 10),\n signingAlgorithm: alg,\n keys,\n });\n\n const certPem = cert.toString(\"pem\");\n const keyPem = x509.PemConverter.encode(\n await crypto.subtle.exportKey(\"pkcs8\", keys.privateKey as any),\n \"private key\"\n );\n\n return { certPem, keyPem, signatureHash };\n };\n\n encryptPacket(pkt: DtlsPlaintext) {\n const header = pkt.recordLayerHeader;\n const enc = this.cipher.encrypt(this.sessionType, pkt.fragment, {\n type: header.contentType,\n version: decode(\n Buffer.from(encode(header.protocolVersion, ProtocolVersion).slice()),\n { version: types.uint16be }\n ).version,\n epoch: header.epoch,\n sequenceNumber: header.sequenceNumber,\n });\n pkt.fragment = enc;\n pkt.recordLayerHeader.contentLen = enc.length;\n return pkt;\n }\n\n decryptPacket(pkt: DtlsPlaintext) {\n const header = pkt.recordLayerHeader;\n const dec = this.cipher.decrypt(this.sessionType, pkt.fragment, {\n type: header.contentType,\n version: decode(\n Buffer.from(encode(header.protocolVersion, ProtocolVersion).slice()),\n { version: types.uint16be }\n ).version,\n epoch: header.epoch,\n sequenceNumber: header.sequenceNumber,\n });\n return dec;\n }\n\n verifyData(buf: Buffer) {\n if (this.sessionType === SessionType.CLIENT)\n return prfVerifyDataClient(this.masterSecret, buf);\n else return prfVerifyDataServer(this.masterSecret, buf);\n }\n\n signatureData(data: Buffer, hash: string) {\n const signature = createSign(hash).update(data);\n const key = this.localPrivateKey.toPEM().toString();\n const signed = signature.sign(key);\n return signed;\n }\n\n generateKeySignature(hashAlgorithm: string) {\n const clientRandom =\n this.sessionType === SessionType.CLIENT\n ? this.localRandom\n : this.remoteRandom;\n const serverRandom =\n this.sessionType === SessionType.SERVER\n ? this.localRandom\n : this.remoteRandom;\n\n const sig = this.valueKeySignature(\n clientRandom.serialize(),\n serverRandom.serialize(),\n this.localKeyPair.publicKey,\n this.namedCurve\n );\n\n const enc = this.localPrivateKey.sign(sig, hashAlgorithm);\n return enc;\n }\n\n parseX509(certPem: string, keyPem: string, signatureHash: SignatureHash) {\n const cert = Certificate.fromPEM(Buffer.from(certPem));\n const sec = PrivateKey.fromPEM(Buffer.from(keyPem));\n this.localCert = cert.raw;\n this.localPrivateKey = sec;\n this.signatureHashAlgorithm = signatureHash;\n }\n\n private valueKeySignature(\n clientRandom: Buffer,\n serverRandom: Buffer,\n publicKey: Buffer,\n namedCurve: number\n ) {\n const serverParams = Buffer.from(\n encode(\n {\n type: CurveType.named_curve_3,\n curve: namedCurve,\n len: publicKey.length,\n },\n { type: types.uint8, curve: types.uint16be, len: types.uint8 }\n ).slice()\n );\n return Buffer.concat([clientRandom, serverRandom, serverParams, publicKey]);\n }\n}\n"]}
|
|
1
|
+
{"version":3,"file":"cipher.js","sourceRoot":"","sources":["../../../../../dtls/src/context/cipher.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,qCAAqD;AACrD,mDAA6C;AAC7C,qDAAuC;AACvC,6CAAoD;AACpD,iDAAgD;AAChD,iEAAyC;AAEzC,2CAQyB;AAEzB,uCAAyE;AACzE,wDAAsE;AAEtE,gDAAsD;AAItD,MAAM,MAAM,GAAG,IAAI,kBAAM,EAAE,CAAC;AAC5B,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,MAAa,CAAC,CAAC;AAEvC,MAAa,aAAa;IAcxB,YACS,WAAyB,EACzB,OAAgB,EAChB,MAAe,EACtB,sBAAsC;;;;;mBAH/B;;;;;;mBACA;;;;;;mBACA;;QAhBT;;;;;WAAyB;QACzB;;;;;WAA0B;QAC1B;;;;;WAA2B;QAC3B;;;;;WAA2B;QAC3B;;;;;WAA2C;QAC3C;;;;;WAAiC;QACjC;;;;;WAAsB;QACtB;;;;;WAAoB;QACpB;;;;;WAAkC;QAClC;;;;;WAAuC;QACvC;;;;;WAAmB;QACnB;;;;;WAA6B;QAQ3B,IAAI,OAAO,IAAI,MAAM,IAAI,sBAAsB,EAAE;YAC/C,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,MAAM,EAAE,sBAAsB,CAAC,CAAC;SACzD;IACH,CAAC;IA2ED,aAAa,CAAC,GAAkB;QAC9B,MAAM,MAAM,GAAG,GAAG,CAAC,iBAAiB,CAAC;QACrC,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,WAAW,EAAE,GAAG,CAAC,QAAQ,EAAE;YAC9D,IAAI,EAAE,MAAM,CAAC,WAAW;YACxB,OAAO,EAAE,IAAA,oBAAM,EACb,MAAM,CAAC,IAAI,CAAC,IAAA,oBAAM,EAAC,MAAM,CAAC,eAAe,EAAE,wBAAe,CAAC,CAAC,KAAK,EAAE,CAAC,EACpE,EAAE,OAAO,EAAE,mBAAK,CAAC,QAAQ,EAAE,CAC5B,CAAC,OAAO;YACT,KAAK,EAAE,MAAM,CAAC,KAAK;YACnB,cAAc,EAAE,MAAM,CAAC,cAAc;SACtC,CAAC,CAAC;QACH,GAAG,CAAC,QAAQ,GAAG,GAAG,CAAC;QACnB,GAAG,CAAC,iBAAiB,CAAC,UAAU,GAAG,GAAG,CAAC,MAAM,CAAC;QAC9C,OAAO,GAAG,CAAC;IACb,CAAC;IAED,aAAa,CAAC,GAAkB;QAC9B,MAAM,MAAM,GAAG,GAAG,CAAC,iBAAiB,CAAC;QACrC,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,WAAW,EAAE,GAAG,CAAC,QAAQ,EAAE;YAC9D,IAAI,EAAE,MAAM,CAAC,WAAW;YACxB,OAAO,EAAE,IAAA,oBAAM,EACb,MAAM,CAAC,IAAI,CAAC,IAAA,oBAAM,EAAC,MAAM,CAAC,eAAe,EAAE,wBAAe,CAAC,CAAC,KAAK,EAAE,CAAC,EACpE,EAAE,OAAO,EAAE,mBAAK,CAAC,QAAQ,EAAE,CAC5B,CAAC,OAAO;YACT,KAAK,EAAE,MAAM,CAAC,KAAK;YACnB,cAAc,EAAE,MAAM,CAAC,cAAc;SACtC,CAAC,CAAC;QACH,OAAO,GAAG,CAAC;IACb,CAAC;IAED,UAAU,CAAC,GAAW;QACpB,IAAI,IAAI,CAAC,WAAW,KAAK,sBAAW,CAAC,MAAM;YACzC,OAAO,IAAA,yBAAmB,EAAC,IAAI,CAAC,YAAY,EAAE,GAAG,CAAC,CAAC;;YAChD,OAAO,IAAA,yBAAmB,EAAC,IAAI,CAAC,YAAY,EAAE,GAAG,CAAC,CAAC;IAC1D,CAAC;IAED,aAAa,CAAC,IAAY,EAAE,IAAY;QACtC,MAAM,SAAS,GAAG,IAAA,mBAAU,EAAC,IAAI,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QAChD,MAAM,GAAG,GAAG,IAAI,CAAC,eAAe,CAAC,KAAK,EAAE,CAAC,QAAQ,EAAE,CAAC;QACpD,MAAM,MAAM,GAAG,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACnC,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,oBAAoB,CAAC,aAAqB;QACxC,MAAM,YAAY,GAChB,IAAI,CAAC,WAAW,KAAK,sBAAW,CAAC,MAAM;YACrC,CAAC,CAAC,IAAI,CAAC,WAAW;YAClB,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC;QACxB,MAAM,YAAY,GAChB,IAAI,CAAC,WAAW,KAAK,sBAAW,CAAC,MAAM;YACrC,CAAC,CAAC,IAAI,CAAC,WAAW;YAClB,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC;QAExB,MAAM,GAAG,GAAG,IAAI,CAAC,iBAAiB,CAChC,YAAY,CAAC,SAAS,EAAE,EACxB,YAAY,CAAC,SAAS,EAAE,EACxB,IAAI,CAAC,YAAY,CAAC,SAAS,EAC3B,IAAI,CAAC,UAAU,CAChB,CAAC;QAEF,MAAM,GAAG,GAAG,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,GAAG,EAAE,aAAa,CAAC,CAAC;QAC1D,OAAO,GAAG,CAAC;IACb,CAAC;IAED,SAAS,CAAC,OAAe,EAAE,MAAc,EAAE,aAA4B;QACrE,MAAM,IAAI,GAAG,kBAAW,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;QACvD,MAAM,GAAG,GAAG,iBAAU,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC;QACpD,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC;QAC1B,IAAI,CAAC,eAAe,GAAG,GAAG,CAAC;QAC3B,IAAI,CAAC,sBAAsB,GAAG,aAAa,CAAC;IAC9C,CAAC;IAEO,iBAAiB,CACvB,YAAoB,EACpB,YAAoB,EACpB,SAAiB,EACjB,UAAkB;QAElB,MAAM,YAAY,GAAG,MAAM,CAAC,IAAI,CAC9B,IAAA,oBAAM,EACJ;YACE,IAAI,EAAE,iBAAS,CAAC,aAAa;YAC7B,KAAK,EAAE,UAAU;YACjB,GAAG,EAAE,SAAS,CAAC,MAAM;SACtB,EACD,EAAE,IAAI,EAAE,mBAAK,CAAC,KAAK,EAAE,KAAK,EAAE,mBAAK,CAAC,QAAQ,EAAE,GAAG,EAAE,mBAAK,CAAC,KAAK,EAAE,CAC/D,CAAC,KAAK,EAAE,CACV,CAAC;QACF,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,YAAY,EAAE,YAAY,EAAE,YAAY,EAAE,SAAS,CAAC,CAAC,CAAC;IAC9E,CAAC;;AA3LH,sCA4LC;;AAnKC;;;;GAIG;AACI;;;;WAAqC,KAAK,EAC/C,aAA4B,EAC5B,mBAA0C,EAC1C,EAAE;QACF,MAAM,sBAAsB,GAAG,CAAC,GAAG,EAAE;YACnC,QAAQ,aAAa,CAAC,SAAS,EAAE;gBAC/B,KAAK,0BAAkB,CAAC,KAAK;oBAC3B,OAAO,mBAAmB,CAAC;gBAC7B,KAAK,0BAAkB,CAAC,OAAO;oBAC7B,OAAO,OAAO,CAAC;aAClB;QACH,CAAC,CAAC,EAAE,CAAC;QACL,MAAM,IAAI,GAAG,CAAC,GAAG,EAAE;YACjB,QAAQ,aAAa,CAAC,IAAI,EAAE;gBAC1B,KAAK,qBAAa,CAAC,QAAQ;oBACzB,OAAO,SAAS,CAAC;aACpB;QACH,CAAC,CAAC,EAAE,CAAC;QACL,MAAM,UAAU,GAAG,CAAC,GAAG,EAAE;YACvB,QAAQ,mBAAmB,EAAE;gBAC3B,KAAK,2BAAmB,CAAC,YAAY;oBACnC,OAAO,OAAO,CAAC;gBACjB,KAAK,2BAAmB,CAAC,SAAS;oBAChC,6CAA6C;oBAC7C,IAAI,sBAAsB,KAAK,OAAO,EAAE;wBACtC,OAAO,OAAO,CAAC;qBAChB;oBACD,OAAO,QAAQ,CAAC;gBAClB,OAAO,CAAC,CAAC;oBACP,IAAI,sBAAsB,KAAK,OAAO;wBAAE,OAAO,OAAO,CAAC;oBACvD,IAAI,sBAAsB,KAAK,mBAAmB;wBAAE,OAAO,QAAQ,CAAC;iBACrE;aACF;QACH,CAAC,CAAC,EAAE,CAAC;QACL,MAAM,GAAG,GAAG,CAAC,GAAG,EAAE;YAChB,QAAQ,sBAAsB,EAAE;gBAC9B,KAAK,OAAO;oBACV,OAAO,EAAE,IAAI,EAAE,sBAAsB,EAAE,IAAI,EAAE,UAAU,EAAE,CAAC;gBAC5D,KAAK,mBAAmB;oBACtB,OAAO;wBACL,IAAI,EAAE,sBAAsB;wBAC5B,IAAI;wBACJ,cAAc,EAAE,IAAI,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;wBACzC,aAAa,EAAE,IAAI;qBACpB,CAAC;aACL;QACH,CAAC,CAAC,EAAE,CAAC;QAEL,MAAM,IAAI,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC;QAE5E,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,wBAAwB,CAAC,gBAAgB,CAAC;YAChE,YAAY,EAAE,gBAAU,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC;YACvD,IAAI,EAAE,iDAAiD;YACvD,SAAS,EAAE,IAAI,IAAI,EAAE;YACrB,QAAQ,EAAE,IAAA,kBAAQ,EAAC,IAAI,CAAC,GAAG,EAAE,EAAE,EAAE,CAAC;YAClC,gBAAgB,EAAE,GAAG;YACrB,IAAI;SACL,CAAC,CAAC;QAEH,MAAM,OAAO,GAAG,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;QACrC,MAAM,MAAM,GAAG,IAAI,CAAC,YAAY,CAAC,MAAM,CACrC,MAAM,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,CAAC,UAAiB,CAAC,EAC9D,aAAa,CACd,CAAC;QAEF,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,aAAa,EAAE,CAAC;IAC5C,CAAC;GAAC","sourcesContent":["import { Certificate, PrivateKey } from \"@fidm/x509\";\nimport { Crypto } from \"@peculiar/webcrypto\";\nimport * as x509 from \"@peculiar/x509\";\nimport { decode, encode, types } from \"binary-data\";\nimport nodeCrypto, { createSign } from \"crypto\";\nimport addYears from \"date-fns/addYears\";\n\nimport {\n CipherSuites,\n CurveType,\n HashAlgorithm,\n NamedCurveAlgorithm,\n NamedCurveAlgorithms,\n SignatureAlgorithm,\n SignatureHash,\n} from \"../cipher/const\";\nimport { NamedCurveKeyPair } from \"../cipher/namedCurve\";\nimport { prfVerifyDataClient, prfVerifyDataServer } from \"../cipher/prf\";\nimport { SessionType, SessionTypes } from \"../cipher/suites/abstract\";\nimport AEADCipher from \"../cipher/suites/aead\";\nimport { ProtocolVersion } from \"../handshake/binary\";\nimport { DtlsRandom } from \"../handshake/random\";\nimport { DtlsPlaintext } from \"../record/message/plaintext\";\n\nconst crypto = new Crypto();\nx509.cryptoProvider.set(crypto as any);\n\nexport class CipherContext {\n localRandom!: DtlsRandom;\n remoteRandom!: DtlsRandom;\n cipherSuite!: CipherSuites;\n remoteCertificate?: Buffer;\n remoteKeyPair!: Partial<NamedCurveKeyPair>;\n localKeyPair!: NamedCurveKeyPair;\n masterSecret!: Buffer;\n cipher!: AEADCipher;\n namedCurve!: NamedCurveAlgorithms;\n signatureHashAlgorithm?: SignatureHash;\n localCert!: Buffer;\n localPrivateKey!: PrivateKey;\n\n constructor(\n public sessionType: SessionTypes,\n public certPem?: string,\n public keyPem?: string,\n signatureHashAlgorithm?: SignatureHash\n ) {\n if (certPem && keyPem && signatureHashAlgorithm) {\n this.parseX509(certPem, keyPem, signatureHashAlgorithm);\n }\n }\n\n /**\n *\n * @param signatureHash\n * @param namedCurveAlgorithm necessary when use ecdsa\n */\n static createSelfSignedCertificateWithKey = async (\n signatureHash: SignatureHash,\n namedCurveAlgorithm?: NamedCurveAlgorithms\n ) => {\n const signatureAlgorithmName = (() => {\n switch (signatureHash.signature) {\n case SignatureAlgorithm.rsa_1:\n return \"RSASSA-PKCS1-v1_5\";\n case SignatureAlgorithm.ecdsa_3:\n return \"ECDSA\";\n }\n })();\n const hash = (() => {\n switch (signatureHash.hash) {\n case HashAlgorithm.sha256_4:\n return \"SHA-256\";\n }\n })();\n const namedCurve = (() => {\n switch (namedCurveAlgorithm) {\n case NamedCurveAlgorithm.secp256r1_23:\n return \"P-256\";\n case NamedCurveAlgorithm.x25519_29:\n // todo fix (X25519 not supported with ECDSA)\n if (signatureAlgorithmName === \"ECDSA\") {\n return \"P-256\";\n }\n return \"X25519\";\n default: {\n if (signatureAlgorithmName === \"ECDSA\") return \"P-256\";\n if (signatureAlgorithmName === \"RSASSA-PKCS1-v1_5\") return \"X25519\";\n }\n }\n })();\n const alg = (() => {\n switch (signatureAlgorithmName) {\n case \"ECDSA\":\n return { name: signatureAlgorithmName, hash, namedCurve };\n case \"RSASSA-PKCS1-v1_5\":\n return {\n name: signatureAlgorithmName,\n hash,\n publicExponent: new Uint8Array([1, 0, 1]),\n modulusLength: 2048,\n };\n }\n })();\n\n const keys = await crypto.subtle.generateKey(alg, true, [\"sign\", \"verify\"]);\n\n const cert = await x509.X509CertificateGenerator.createSelfSigned({\n serialNumber: nodeCrypto.randomBytes(8).toString(\"hex\"),\n name: \"C=AU, ST=Some-State, O=Internet Widgits Pty Ltd\",\n notBefore: new Date(),\n notAfter: addYears(Date.now(), 10),\n signingAlgorithm: alg,\n keys,\n });\n\n const certPem = cert.toString(\"pem\");\n const keyPem = x509.PemConverter.encode(\n await crypto.subtle.exportKey(\"pkcs8\", keys.privateKey as any),\n \"private key\"\n );\n\n return { certPem, keyPem, signatureHash };\n };\n\n encryptPacket(pkt: DtlsPlaintext) {\n const header = pkt.recordLayerHeader;\n const enc = this.cipher.encrypt(this.sessionType, pkt.fragment, {\n type: header.contentType,\n version: decode(\n Buffer.from(encode(header.protocolVersion, ProtocolVersion).slice()),\n { version: types.uint16be }\n ).version,\n epoch: header.epoch,\n sequenceNumber: header.sequenceNumber,\n });\n pkt.fragment = enc;\n pkt.recordLayerHeader.contentLen = enc.length;\n return pkt;\n }\n\n decryptPacket(pkt: DtlsPlaintext) {\n const header = pkt.recordLayerHeader;\n const dec = this.cipher.decrypt(this.sessionType, pkt.fragment, {\n type: header.contentType,\n version: decode(\n Buffer.from(encode(header.protocolVersion, ProtocolVersion).slice()),\n { version: types.uint16be }\n ).version,\n epoch: header.epoch,\n sequenceNumber: header.sequenceNumber,\n });\n return dec;\n }\n\n verifyData(buf: Buffer) {\n if (this.sessionType === SessionType.CLIENT)\n return prfVerifyDataClient(this.masterSecret, buf);\n else return prfVerifyDataServer(this.masterSecret, buf);\n }\n\n signatureData(data: Buffer, hash: string) {\n const signature = createSign(hash).update(data);\n const key = this.localPrivateKey.toPEM().toString();\n const signed = signature.sign(key);\n return signed;\n }\n\n generateKeySignature(hashAlgorithm: string) {\n const clientRandom =\n this.sessionType === SessionType.CLIENT\n ? this.localRandom\n : this.remoteRandom;\n const serverRandom =\n this.sessionType === SessionType.SERVER\n ? this.localRandom\n : this.remoteRandom;\n\n const sig = this.valueKeySignature(\n clientRandom.serialize(),\n serverRandom.serialize(),\n this.localKeyPair.publicKey,\n this.namedCurve\n );\n\n const enc = this.localPrivateKey.sign(sig, hashAlgorithm);\n return enc;\n }\n\n parseX509(certPem: string, keyPem: string, signatureHash: SignatureHash) {\n const cert = Certificate.fromPEM(Buffer.from(certPem));\n const sec = PrivateKey.fromPEM(Buffer.from(keyPem));\n this.localCert = cert.raw;\n this.localPrivateKey = sec;\n this.signatureHashAlgorithm = signatureHash;\n }\n\n private valueKeySignature(\n clientRandom: Buffer,\n serverRandom: Buffer,\n publicKey: Buffer,\n namedCurve: number\n ) {\n const serverParams = Buffer.from(\n encode(\n {\n type: CurveType.named_curve_3,\n curve: namedCurve,\n len: publicKey.length,\n },\n { type: types.uint8, curve: types.uint16be, len: types.uint8 }\n ).slice()\n );\n return Buffer.concat([clientRandom, serverRandom, serverParams, publicKey]);\n }\n}\n"]}
|
|
@@ -5,20 +5,96 @@ const debug_1 = require("debug");
|
|
|
5
5
|
const log = (0, debug_1.debug)("werift-dtls : packages/dtls/src/context/dtls.ts : log");
|
|
6
6
|
class DtlsContext {
|
|
7
7
|
constructor(options, sessionType) {
|
|
8
|
-
this
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
this
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
this
|
|
21
|
-
|
|
8
|
+
Object.defineProperty(this, "options", {
|
|
9
|
+
enumerable: true,
|
|
10
|
+
configurable: true,
|
|
11
|
+
writable: true,
|
|
12
|
+
value: options
|
|
13
|
+
});
|
|
14
|
+
Object.defineProperty(this, "sessionType", {
|
|
15
|
+
enumerable: true,
|
|
16
|
+
configurable: true,
|
|
17
|
+
writable: true,
|
|
18
|
+
value: sessionType
|
|
19
|
+
});
|
|
20
|
+
Object.defineProperty(this, "version", {
|
|
21
|
+
enumerable: true,
|
|
22
|
+
configurable: true,
|
|
23
|
+
writable: true,
|
|
24
|
+
value: { major: 255 - 1, minor: 255 - 2 }
|
|
25
|
+
});
|
|
26
|
+
Object.defineProperty(this, "lastFlight", {
|
|
27
|
+
enumerable: true,
|
|
28
|
+
configurable: true,
|
|
29
|
+
writable: true,
|
|
30
|
+
value: []
|
|
31
|
+
});
|
|
32
|
+
Object.defineProperty(this, "lastMessage", {
|
|
33
|
+
enumerable: true,
|
|
34
|
+
configurable: true,
|
|
35
|
+
writable: true,
|
|
36
|
+
value: []
|
|
37
|
+
});
|
|
38
|
+
Object.defineProperty(this, "recordSequenceNumber", {
|
|
39
|
+
enumerable: true,
|
|
40
|
+
configurable: true,
|
|
41
|
+
writable: true,
|
|
42
|
+
value: 0
|
|
43
|
+
});
|
|
44
|
+
Object.defineProperty(this, "sequenceNumber", {
|
|
45
|
+
enumerable: true,
|
|
46
|
+
configurable: true,
|
|
47
|
+
writable: true,
|
|
48
|
+
value: 0
|
|
49
|
+
});
|
|
50
|
+
Object.defineProperty(this, "epoch", {
|
|
51
|
+
enumerable: true,
|
|
52
|
+
configurable: true,
|
|
53
|
+
writable: true,
|
|
54
|
+
value: 0
|
|
55
|
+
});
|
|
56
|
+
Object.defineProperty(this, "flight", {
|
|
57
|
+
enumerable: true,
|
|
58
|
+
configurable: true,
|
|
59
|
+
writable: true,
|
|
60
|
+
value: 0
|
|
61
|
+
});
|
|
62
|
+
Object.defineProperty(this, "handshakeCache", {
|
|
63
|
+
enumerable: true,
|
|
64
|
+
configurable: true,
|
|
65
|
+
writable: true,
|
|
66
|
+
value: {}
|
|
67
|
+
});
|
|
68
|
+
Object.defineProperty(this, "cookie", {
|
|
69
|
+
enumerable: true,
|
|
70
|
+
configurable: true,
|
|
71
|
+
writable: true,
|
|
72
|
+
value: void 0
|
|
73
|
+
});
|
|
74
|
+
Object.defineProperty(this, "requestedCertificateTypes", {
|
|
75
|
+
enumerable: true,
|
|
76
|
+
configurable: true,
|
|
77
|
+
writable: true,
|
|
78
|
+
value: []
|
|
79
|
+
});
|
|
80
|
+
Object.defineProperty(this, "requestedSignatureAlgorithms", {
|
|
81
|
+
enumerable: true,
|
|
82
|
+
configurable: true,
|
|
83
|
+
writable: true,
|
|
84
|
+
value: []
|
|
85
|
+
});
|
|
86
|
+
Object.defineProperty(this, "remoteExtendedMasterSecret", {
|
|
87
|
+
enumerable: true,
|
|
88
|
+
configurable: true,
|
|
89
|
+
writable: true,
|
|
90
|
+
value: false
|
|
91
|
+
});
|
|
92
|
+
Object.defineProperty(this, "checkHandshakesExist", {
|
|
93
|
+
enumerable: true,
|
|
94
|
+
configurable: true,
|
|
95
|
+
writable: true,
|
|
96
|
+
value: (handshakes) => !handshakes.find((type) => this.sortedHandshakeCache.find((h) => h.msg_type === type) == undefined)
|
|
97
|
+
});
|
|
22
98
|
}
|
|
23
99
|
get sessionId() {
|
|
24
100
|
return this.cookie ? this.cookie.toString("hex").slice(0, 10) : "";
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"dtls.js","sourceRoot":"","sources":["../../../../../dtls/src/context/dtls.ts"],"names":[],"mappings":";;;AAAA,iCAA8B;AAQ9B,MAAM,GAAG,GAAG,IAAA,aAAK,EAAC,uDAAuD,CAAC,CAAC;AAE3E,MAAa,WAAW;IAwBtB,YAAmB,OAAgB,EAAS,WAAyB
|
|
1
|
+
{"version":3,"file":"dtls.js","sourceRoot":"","sources":["../../../../../dtls/src/context/dtls.ts"],"names":[],"mappings":";;;AAAA,iCAA8B;AAQ9B,MAAM,GAAG,GAAG,IAAA,aAAK,EAAC,uDAAuD,CAAC,CAAC;AAE3E,MAAa,WAAW;IAwBtB,YAAmB,OAAgB,EAAS,WAAyB;;;;;mBAAlD;;;;;;mBAAyB;;QAvB5C;;;;mBAAU,EAAE,KAAK,EAAE,GAAG,GAAG,CAAC,EAAE,KAAK,EAAE,GAAG,GAAG,CAAC,EAAE;WAAC;QAE7C;;;;mBAA0B,EAAE;WAAC;QAC7B;;;;mBAAwB,EAAE;WAAC;QAC3B;;;;mBAAuB,CAAC;WAAC;QACzB;;;;mBAAiB,CAAC;WAAC;QACnB;;;;mBAAQ,CAAC;WAAC;QACV;;;;mBAAS,CAAC;WAAC;QACX;;;;mBAMI,EAAE;WAAC;QACP;;;;;WAAgB;QAChB;;;;mBAAsC,EAAE;WAAC;QACzC;;;;mBAGM,EAAE;WAAC;QACT;;;;mBAA6B,KAAK;WAAC;QAenC;;;;mBAAuB,CAAC,UAAoB,EAAE,EAAE,CAC9C,CAAC,UAAU,CAAC,IAAI,CACd,CAAC,IAAI,EAAE,EAAE,CACP,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,IAAI,CAAC,IAAI,SAAS,CAC1E;WAAC;IAjBoE,CAAC;IAEzE,IAAI,SAAS;QACX,OAAO,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IACrE,CAAC;IAED,IAAI,oBAAoB;QACtB,OAAO,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,cAAc,CAAC;aACvC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;aACzC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,IAAI,EAAE,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,GAAG,CAAC,CAAC,WAAW,CAAC,CAAC;aACzE,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;IACvB,CAAC;IAQD,oBAAoB,CAClB,UAAiC,EACjC,OAAgB,EAChB,MAAc;QAEd,IAAI,CAAC,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,EAAE;YAChC,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,GAAG,EAAE,IAAI,EAAE,EAAE,EAAE,OAAO,EAAE,MAAM,EAAE,CAAC;SAC7D;QAED,MAAM,QAAQ,GAAG,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;YACvC,MAAM,KAAK,GAAG,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,IAAI,CACjD,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,CAAC,CAAC,QAAQ,CACjC,CAAC;YACF,IAAI,KAAK,EAAE;gBACT,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE,OAAO,EAAE,KAAK,CAAC,OAAO,EAAE,OAAO,EAAE,MAAM,CAAC,CAAC;gBAC7D,OAAO,KAAK,CAAC;aACd;YACD,OAAO,IAAI,CAAC;QACd,CAAC,CAAC,CAAC;QAEH,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC,IAAI,GAAG;YACjC,GAAG,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC,IAAI;YACnC,GAAG,QAAQ;SACZ,CAAC;IACJ,CAAC;CACF;AApED,kCAoEC","sourcesContent":["import { debug } from \"debug\";\n\nimport { HashAlgorithms, SignatureAlgorithms } from \"../cipher/const\";\nimport { SessionTypes } from \"../cipher/suites/abstract\";\nimport { FragmentedHandshake } from \"../record/message/fragment\";\nimport { Options } from \"../socket\";\nimport { Handshake } from \"../typings/domain\";\n\nconst log = debug(\"werift-dtls : packages/dtls/src/context/dtls.ts : log\");\n\nexport class DtlsContext {\n version = { major: 255 - 1, minor: 255 - 2 };\n\n lastFlight: Handshake[] = [];\n lastMessage: Buffer[] = [];\n recordSequenceNumber = 0;\n sequenceNumber = 0;\n epoch = 0;\n flight = 0;\n handshakeCache: {\n [flight: number]: {\n isLocal: boolean;\n data: FragmentedHandshake[];\n flight: number;\n };\n } = {};\n cookie?: Buffer;\n requestedCertificateTypes: number[] = [];\n requestedSignatureAlgorithms: {\n hash: HashAlgorithms;\n signature: SignatureAlgorithms;\n }[] = [];\n remoteExtendedMasterSecret = false;\n\n constructor(public options: Options, public sessionType: SessionTypes) {}\n\n get sessionId() {\n return this.cookie ? this.cookie.toString(\"hex\").slice(0, 10) : \"\";\n }\n\n get sortedHandshakeCache() {\n return Object.entries(this.handshakeCache)\n .sort(([a], [b]) => Number(a) - Number(b))\n .map(([, { data }]) => data.sort((a, b) => a.message_seq - b.message_seq))\n .flatMap((v) => v);\n }\n\n checkHandshakesExist = (handshakes: number[]) =>\n !handshakes.find(\n (type) =>\n this.sortedHandshakeCache.find((h) => h.msg_type === type) == undefined\n );\n\n bufferHandshakeCache(\n handshakes: FragmentedHandshake[],\n isLocal: boolean,\n flight: number\n ) {\n if (!this.handshakeCache[flight]) {\n this.handshakeCache[flight] = { data: [], isLocal, flight };\n }\n\n const filtered = handshakes.filter((h) => {\n const exist = this.handshakeCache[flight].data.find(\n (t) => t.msg_type === h.msg_type\n );\n if (exist) {\n log(this.sessionId, \"exist\", exist.summary, isLocal, flight);\n return false;\n }\n return true;\n });\n\n this.handshakeCache[flight].data = [\n ...this.handshakeCache[flight].data,\n ...filtered,\n ];\n }\n}\n"]}
|
|
@@ -5,4 +5,4 @@ export declare class SrtpContext {
|
|
|
5
5
|
export declare const ProtectionProfileAes128CmHmacSha1_80: 1;
|
|
6
6
|
export declare const ProtectionProfileAeadAes128Gcm: 7;
|
|
7
7
|
export declare const Profiles: readonly [1, 7];
|
|
8
|
-
export
|
|
8
|
+
export type Profile = typeof Profiles[number];
|