werift 0.22.1 → 0.22.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (244) hide show
  1. package/lib/common/src/binary.d.ts +8 -7
  2. package/lib/common/src/binary.js +5 -2
  3. package/lib/common/src/binary.js.map +1 -1
  4. package/lib/common/src/event.d.ts +1 -0
  5. package/lib/common/src/event.js +5 -0
  6. package/lib/common/src/event.js.map +1 -1
  7. package/lib/common/src/log.d.ts +1 -2
  8. package/lib/common/src/transport.d.ts +4 -1
  9. package/lib/common/src/transport.js +35 -14
  10. package/lib/common/src/transport.js.map +1 -1
  11. package/lib/dtls/src/cipher/create.d.ts +2 -1
  12. package/lib/dtls/src/cipher/create.js.map +1 -1
  13. package/lib/dtls/src/cipher/prf.d.ts +12 -12
  14. package/lib/dtls/src/cipher/suites/abstract.d.ts +2 -1
  15. package/lib/dtls/src/cipher/suites/abstract.js.map +1 -1
  16. package/lib/dtls/src/cipher/suites/aead.d.ts +3 -2
  17. package/lib/dtls/src/cipher/suites/aead.js +34 -41
  18. package/lib/dtls/src/cipher/suites/aead.js.map +1 -1
  19. package/lib/dtls/src/context/cipher.d.ts +4 -4
  20. package/lib/dtls/src/context/cipher.js +25 -15
  21. package/lib/dtls/src/context/cipher.js.map +1 -1
  22. package/lib/dtls/src/context/srtp.d.ts +3 -3
  23. package/lib/dtls/src/context/srtp.js.map +1 -1
  24. package/lib/dtls/src/flight/client/flight5.js.map +1 -1
  25. package/lib/dtls/src/flight/server/flight2.js.map +1 -1
  26. package/lib/dtls/src/handshake/extensions/ellipticCurves.d.ts +1 -1
  27. package/lib/dtls/src/handshake/extensions/renegotiationIndication.d.ts +2 -2
  28. package/lib/dtls/src/handshake/extensions/signature.d.ts +2 -2
  29. package/lib/dtls/src/handshake/extensions/useSrtp.d.ts +1 -1
  30. package/lib/dtls/src/handshake/extensions/useSrtp.js +4 -7
  31. package/lib/dtls/src/handshake/extensions/useSrtp.js.map +1 -1
  32. package/lib/dtls/src/handshake/message/alert.d.ts +1 -1
  33. package/lib/dtls/src/handshake/message/certificate.d.ts +1 -1
  34. package/lib/dtls/src/handshake/message/changeCipherSpec.d.ts +1 -1
  35. package/lib/dtls/src/handshake/message/client/certificateVerify.d.ts +1 -1
  36. package/lib/dtls/src/handshake/message/client/hello.d.ts +1 -1
  37. package/lib/dtls/src/handshake/message/client/keyExchange.d.ts +1 -1
  38. package/lib/dtls/src/handshake/message/finished.d.ts +1 -1
  39. package/lib/dtls/src/handshake/message/server/certificateRequest.d.ts +1 -1
  40. package/lib/dtls/src/handshake/message/server/hello.d.ts +1 -1
  41. package/lib/dtls/src/handshake/message/server/helloDone.d.ts +1 -1
  42. package/lib/dtls/src/handshake/message/server/helloVerifyRequest.d.ts +1 -1
  43. package/lib/dtls/src/handshake/message/server/keyExchange.d.ts +1 -1
  44. package/lib/dtls/src/handshake/random.d.ts +3 -3
  45. package/lib/dtls/src/record/message/fragment.d.ts +1 -1
  46. package/lib/dtls/src/record/message/header.d.ts +2 -19
  47. package/lib/dtls/src/record/message/header.js +1 -60
  48. package/lib/dtls/src/record/message/header.js.map +1 -1
  49. package/lib/dtls/src/record/message/plaintext.d.ts +6 -27
  50. package/lib/dtls/src/record/message/plaintext.js +34 -16
  51. package/lib/dtls/src/record/message/plaintext.js.map +1 -1
  52. package/lib/dtls/src/socket.d.ts +4 -4
  53. package/lib/dtls/src/socket.js.map +1 -1
  54. package/lib/dtls/src/util/binary.d.ts +1 -1
  55. package/lib/ice/src/candidate.js +1 -5
  56. package/lib/ice/src/candidate.js.map +1 -1
  57. package/lib/ice/src/helper.d.ts +1 -1
  58. package/lib/ice/src/ice.d.ts +4 -3
  59. package/lib/ice/src/ice.js +93 -72
  60. package/lib/ice/src/ice.js.map +1 -1
  61. package/lib/ice/src/iceBase.d.ts +21 -2
  62. package/lib/ice/src/iceBase.js +47 -1
  63. package/lib/ice/src/iceBase.js.map +1 -1
  64. package/lib/ice/src/stun/attributes.d.ts +2 -2
  65. package/lib/ice/src/stun/attributes.js +48 -29
  66. package/lib/ice/src/stun/attributes.js.map +1 -1
  67. package/lib/ice/src/stun/message.d.ts +2 -2
  68. package/lib/ice/src/stun/message.js +22 -23
  69. package/lib/ice/src/stun/message.js.map +1 -1
  70. package/lib/ice/src/stun/protocol.d.ts +2 -2
  71. package/lib/ice/src/stun/protocol.js +6 -0
  72. package/lib/ice/src/stun/protocol.js.map +1 -1
  73. package/lib/ice/src/turn/protocol.d.ts +2 -2
  74. package/lib/ice/src/turn/protocol.js +3 -0
  75. package/lib/ice/src/turn/protocol.js.map +1 -1
  76. package/lib/index.mjs +2707 -1883
  77. package/lib/nonstandard/index.mjs +737 -698
  78. package/lib/rtp/src/codec/av1.d.ts +2 -2
  79. package/lib/rtp/src/codec/opus.d.ts +1 -1
  80. package/lib/rtp/src/extra/container/mp4/container.js +18 -8
  81. package/lib/rtp/src/extra/container/mp4/container.js.map +1 -1
  82. package/lib/rtp/src/extra/container/mp4/h264.d.ts +2 -2
  83. package/lib/rtp/src/extra/container/mp4/sps-parser.d.ts +1 -1
  84. package/lib/rtp/src/extra/container/ogg/parser.d.ts +1 -1
  85. package/lib/rtp/src/extra/container/webm/container.d.ts +9 -9
  86. package/lib/rtp/src/extra/container/webm/container.js +24 -12
  87. package/lib/rtp/src/extra/container/webm/container.js.map +1 -1
  88. package/lib/rtp/src/extra/container/webm/ebml/ebml.d.ts +35 -1
  89. package/lib/rtp/src/extra/container/webm/ebml/ebml.js +75 -1
  90. package/lib/rtp/src/extra/container/webm/ebml/ebml.js.map +1 -1
  91. package/lib/rtp/src/extra/container/webm/ebml/id.d.ts +222 -222
  92. package/lib/rtp/src/extra/container/webm/index.d.ts +1 -0
  93. package/lib/rtp/src/extra/container/webm/index.js +1 -0
  94. package/lib/rtp/src/extra/container/webm/index.js.map +1 -1
  95. package/lib/rtp/src/extra/container/webm/util.d.ts +8 -0
  96. package/lib/rtp/src/extra/container/webm/util.js +100 -0
  97. package/lib/rtp/src/extra/container/webm/util.js.map +1 -0
  98. package/lib/rtp/src/extra/processor/depacketizerCallback.d.ts +1 -1
  99. package/lib/rtp/src/extra/processor/depacketizerTransformer.d.ts +6 -1
  100. package/lib/rtp/src/extra/processor/dtx.d.ts +1 -1
  101. package/lib/rtp/src/extra/processor/dtx.js +1 -1
  102. package/lib/rtp/src/extra/processor/dtx.js.map +1 -1
  103. package/lib/rtp/src/extra/processor/dtxCallback.d.ts +1 -1
  104. package/lib/rtp/src/extra/processor/interface.d.ts +1 -1
  105. package/lib/rtp/src/extra/processor/jitterBufferCallback.d.ts +1 -1
  106. package/lib/rtp/src/extra/processor/lipsync.js +1 -1
  107. package/lib/rtp/src/extra/processor/lipsync.js.map +1 -1
  108. package/lib/rtp/src/extra/processor/mp4.js +3 -0
  109. package/lib/rtp/src/extra/processor/mp4.js.map +1 -1
  110. package/lib/rtp/src/extra/processor/mute.d.ts +1 -1
  111. package/lib/rtp/src/extra/processor/mute.js +1 -1
  112. package/lib/rtp/src/extra/processor/mute.js.map +1 -1
  113. package/lib/rtp/src/extra/processor/nackHandlerCallback.d.ts +1 -1
  114. package/lib/rtp/src/extra/processor/ntpTime.d.ts +1 -1
  115. package/lib/rtp/src/extra/processor/ntpTime.js +1 -1
  116. package/lib/rtp/src/extra/processor/ntpTime.js.map +1 -1
  117. package/lib/rtp/src/extra/processor/ntpTimeCallback.d.ts +1 -1
  118. package/lib/rtp/src/extra/processor/rtpTimeCallback.d.ts +1 -1
  119. package/lib/rtp/src/extra/processor/webm.d.ts +3 -3
  120. package/lib/rtp/src/extra/processor/webm.js.map +1 -1
  121. package/lib/rtp/src/extra/processor/webmStream.d.ts +2 -2
  122. package/lib/rtp/src/extra/processor/webmStream.js.map +1 -1
  123. package/lib/rtp/src/helper.d.ts +1 -1
  124. package/lib/rtp/src/rtcp/header.d.ts +2 -1
  125. package/lib/rtp/src/rtcp/header.js +10 -0
  126. package/lib/rtp/src/rtcp/header.js.map +1 -1
  127. package/lib/rtp/src/rtcp/psfb/fullIntraRequest.d.ts +1 -1
  128. package/lib/rtp/src/rtcp/psfb/index.d.ts +2 -2
  129. package/lib/rtp/src/rtcp/psfb/index.js +2 -2
  130. package/lib/rtp/src/rtcp/psfb/index.js.map +1 -1
  131. package/lib/rtp/src/rtcp/psfb/pictureLossIndication.d.ts +1 -1
  132. package/lib/rtp/src/rtcp/psfb/remb.d.ts +1 -1
  133. package/lib/rtp/src/rtcp/rr.d.ts +2 -2
  134. package/lib/rtp/src/rtcp/rr.js +2 -2
  135. package/lib/rtp/src/rtcp/rr.js.map +1 -1
  136. package/lib/rtp/src/rtcp/rtcp.d.ts +0 -1
  137. package/lib/rtp/src/rtcp/rtcp.js +0 -10
  138. package/lib/rtp/src/rtcp/rtcp.js.map +1 -1
  139. package/lib/rtp/src/rtcp/rtpfb/const.d.ts +1 -0
  140. package/lib/rtp/src/rtcp/rtpfb/const.js +5 -0
  141. package/lib/rtp/src/rtcp/rtpfb/const.js.map +1 -0
  142. package/lib/rtp/src/rtcp/rtpfb/index.d.ts +1 -1
  143. package/lib/rtp/src/rtcp/rtpfb/index.js +2 -1
  144. package/lib/rtp/src/rtcp/rtpfb/index.js.map +1 -1
  145. package/lib/rtp/src/rtcp/rtpfb/nack.d.ts +1 -1
  146. package/lib/rtp/src/rtcp/rtpfb/nack.js +2 -2
  147. package/lib/rtp/src/rtcp/rtpfb/nack.js.map +1 -1
  148. package/lib/rtp/src/rtcp/rtpfb/twcc.d.ts +4 -4
  149. package/lib/rtp/src/rtcp/sdes.d.ts +4 -4
  150. package/lib/rtp/src/rtcp/sdes.js +2 -2
  151. package/lib/rtp/src/rtcp/sdes.js.map +1 -1
  152. package/lib/rtp/src/rtcp/sr.d.ts +2 -2
  153. package/lib/rtp/src/rtcp/sr.js +2 -2
  154. package/lib/rtp/src/rtcp/sr.js.map +1 -1
  155. package/lib/rtp/src/rtp/headerExtension.d.ts +6 -6
  156. package/lib/rtp/src/rtp/red/packet.d.ts +2 -2
  157. package/lib/rtp/src/rtp/rtp.d.ts +2 -2
  158. package/lib/rtp/src/srtp/cipher/ctr.d.ts +4 -4
  159. package/lib/rtp/src/srtp/cipher/gcm.d.ts +4 -4
  160. package/lib/rtp/src/srtp/const.d.ts +3 -3
  161. package/lib/rtp/src/srtp/const.js.map +1 -1
  162. package/lib/rtp/src/srtp/context/context.d.ts +10 -10
  163. package/lib/rtp/src/srtp/context/context.js +10 -4
  164. package/lib/rtp/src/srtp/context/context.js.map +1 -1
  165. package/lib/rtp/src/srtp/context/srtcp.d.ts +3 -3
  166. package/lib/rtp/src/srtp/context/srtcp.js.map +1 -1
  167. package/lib/rtp/src/srtp/context/srtp.d.ts +3 -3
  168. package/lib/rtp/src/srtp/context/srtp.js.map +1 -1
  169. package/lib/rtp/src/srtp/srtcp.d.ts +2 -2
  170. package/lib/rtp/src/srtp/srtp.d.ts +2 -2
  171. package/lib/sctp/src/chunk.d.ts +12 -12
  172. package/lib/sctp/src/chunk.js +87 -66
  173. package/lib/sctp/src/chunk.js.map +1 -1
  174. package/lib/sctp/src/param.d.ts +3 -3
  175. package/lib/sctp/src/param.js +4 -5
  176. package/lib/sctp/src/param.js.map +1 -1
  177. package/lib/sctp/src/sctp.d.ts +3 -1
  178. package/lib/sctp/src/sctp.js +58 -15
  179. package/lib/sctp/src/sctp.js.map +1 -1
  180. package/lib/webrtc/src/dataChannel.d.ts +15 -4
  181. package/lib/webrtc/src/dataChannel.js +42 -7
  182. package/lib/webrtc/src/dataChannel.js.map +1 -1
  183. package/lib/webrtc/src/index.d.ts +1 -0
  184. package/lib/webrtc/src/index.js +1 -0
  185. package/lib/webrtc/src/index.js.map +1 -1
  186. package/lib/webrtc/src/media/index.d.ts +2 -0
  187. package/lib/webrtc/src/media/index.js +2 -0
  188. package/lib/webrtc/src/media/index.js.map +1 -1
  189. package/lib/webrtc/src/media/parameters.d.ts +2 -2
  190. package/lib/webrtc/src/media/parameters.js.map +1 -1
  191. package/lib/webrtc/src/media/receiver/nack.js +3 -7
  192. package/lib/webrtc/src/media/receiver/nack.js.map +1 -1
  193. package/lib/webrtc/src/media/receiver/receiverTwcc.d.ts +2 -2
  194. package/lib/webrtc/src/media/receiver/receiverTwcc.js +1 -1
  195. package/lib/webrtc/src/media/receiver/receiverTwcc.js.map +1 -1
  196. package/lib/webrtc/src/media/router.js +2 -1
  197. package/lib/webrtc/src/media/router.js.map +1 -1
  198. package/lib/webrtc/src/media/rtpReceiver.d.ts +3 -3
  199. package/lib/webrtc/src/media/rtpReceiver.js +53 -4
  200. package/lib/webrtc/src/media/rtpReceiver.js.map +1 -1
  201. package/lib/webrtc/src/media/rtpSender.d.ts +6 -0
  202. package/lib/webrtc/src/media/rtpSender.js +64 -26
  203. package/lib/webrtc/src/media/rtpSender.js.map +1 -1
  204. package/lib/webrtc/src/media/rtpTransceiver.d.ts +12 -9
  205. package/lib/webrtc/src/media/rtpTransceiver.js +30 -26
  206. package/lib/webrtc/src/media/rtpTransceiver.js.map +1 -1
  207. package/lib/webrtc/src/media/stats.d.ts +279 -0
  208. package/lib/webrtc/src/media/stats.js +35 -1
  209. package/lib/webrtc/src/media/stats.js.map +1 -1
  210. package/lib/webrtc/src/media/track.js +3 -3
  211. package/lib/webrtc/src/media/track.js.map +1 -1
  212. package/lib/webrtc/src/nonstandard/recorder/writer/webm.js.map +1 -1
  213. package/lib/webrtc/src/nonstandard/userMedia.js +2 -2
  214. package/lib/webrtc/src/nonstandard/userMedia.js.map +1 -1
  215. package/lib/webrtc/src/peerConnection.d.ts +35 -64
  216. package/lib/webrtc/src/peerConnection.js +337 -1034
  217. package/lib/webrtc/src/peerConnection.js.map +1 -1
  218. package/lib/webrtc/src/sctpManager.d.ts +27 -0
  219. package/lib/webrtc/src/sctpManager.js +147 -0
  220. package/lib/webrtc/src/sctpManager.js.map +1 -0
  221. package/lib/webrtc/src/sdp.d.ts +3 -2
  222. package/lib/webrtc/src/sdp.js +17 -7
  223. package/lib/webrtc/src/sdp.js.map +1 -1
  224. package/lib/webrtc/src/sdpManager.d.ts +78 -0
  225. package/lib/webrtc/src/sdpManager.js +391 -0
  226. package/lib/webrtc/src/sdpManager.js.map +1 -0
  227. package/lib/webrtc/src/secureTransportManager.d.ts +56 -0
  228. package/lib/webrtc/src/secureTransportManager.js +349 -0
  229. package/lib/webrtc/src/secureTransportManager.js.map +1 -0
  230. package/lib/webrtc/src/transceiverManager.d.ts +40 -0
  231. package/lib/webrtc/src/transceiverManager.js +355 -0
  232. package/lib/webrtc/src/transceiverManager.js.map +1 -0
  233. package/lib/webrtc/src/transport/dtls.d.ts +18 -6
  234. package/lib/webrtc/src/transport/dtls.js +128 -13
  235. package/lib/webrtc/src/transport/dtls.js.map +1 -1
  236. package/lib/webrtc/src/transport/ice.d.ts +24 -0
  237. package/lib/webrtc/src/transport/ice.js +88 -2
  238. package/lib/webrtc/src/transport/ice.js.map +1 -1
  239. package/lib/webrtc/src/transport/sctp.js +13 -26
  240. package/lib/webrtc/src/transport/sctp.js.map +1 -1
  241. package/lib/webrtc/src/utils.d.ts +9 -4
  242. package/lib/webrtc/src/utils.js +34 -13
  243. package/lib/webrtc/src/utils.js.map +1 -1
  244. package/package.json +12 -26
package/lib/dtls/src/cipher/suites/aead.js CHANGED
@@ -15,30 +15,29 @@ var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (
15
15
  }) : function(o, v) {
16
16
  o["default"] = v;
17
17
  });
18
- var __importStar = (this && this.__importStar) || function (mod) {
19
- if (mod && mod.__esModule) return mod;
20
- var result = {};
21
- if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
22
- __setModuleDefault(result, mod);
23
- return result;
24
- };
18
+ var __importStar = (this && this.__importStar) || (function () {
19
+ var ownKeys = function(o) {
20
+ ownKeys = Object.getOwnPropertyNames || function (o) {
21
+ var ar = [];
22
+ for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
23
+ return ar;
24
+ };
25
+ return ownKeys(o);
26
+ };
27
+ return function (mod) {
28
+ if (mod && mod.__esModule) return mod;
29
+ var result = {};
30
+ if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
31
+ __setModuleDefault(result, mod);
32
+ return result;
33
+ };
34
+ })();
25
35
  Object.defineProperty(exports, "__esModule", { value: true });
26
- const crypto = __importStar(require("crypto"));
27
- const binary_data_1 = require("@shinyoshiaki/binary-data");
36
+ const crypto_1 = require("crypto");
28
37
  const helper_1 = require("../../helper");
29
38
  const common_1 = require("../../imports/common");
30
39
  const prf_1 = require("../prf");
31
40
  const abstract_1 = __importStar(require("./abstract"));
32
- const { uint8, uint16be, uint48be } = binary_data_1.types;
33
- const ContentType = uint8;
34
- const ProtocolVersion = uint16be;
35
- const AEADAdditionalData = {
36
- epoch: uint16be,
37
- sequence: uint48be,
38
- type: ContentType,
39
- version: ProtocolVersion,
40
- length: uint16be,
41
- };
42
41
  const err = (0, common_1.debug)("werift-dtls : packages/dtls/src/cipher/suites/aead.ts : err");
43
42
  /**
44
43
  * This class implements AEAD cipher family.
@@ -129,15 +128,8 @@ class AEADCipher extends abstract_1.default {
129
128
  iv.writeUInt16BE(header.epoch, this.nonceImplicitLength);
130
129
  iv.writeUIntBE(header.sequenceNumber, this.nonceImplicitLength + 2, 6);
131
130
  const explicitNonce = iv.slice(this.nonceImplicitLength);
132
- const additionalData = {
133
- epoch: header.epoch,
134
- sequence: header.sequenceNumber,
135
- type: header.type,
136
- version: header.version,
137
- length: data.length,
138
- };
139
- const additionalBuffer = (0, binary_data_1.encode)(additionalData, AEADAdditionalData).slice();
140
- const cipher = crypto.createCipheriv(this.blockAlgorithm, writeKey, iv, {
131
+ const additionalBuffer = this.encodeAdditionalBuffer(header, data.length);
132
+ const cipher = (0, crypto_1.createCipheriv)(this.blockAlgorithm, writeKey, iv, {
141
133
  authTagLength: this.authTagLength,
142
134
  });
143
135
  cipher.setAAD(additionalBuffer, {
@@ -148,6 +140,15 @@ class AEADCipher extends abstract_1.default {
148
140
  const authTag = cipher.getAuthTag();
149
141
  return Buffer.concat([explicitNonce, headPart, finalPart, authTag]);
150
142
  }
143
+ encodeAdditionalBuffer(header, dataLength) {
144
+ const additionalBuffer = Buffer.alloc(13);
145
+ additionalBuffer.writeUInt16BE(header.epoch, 0);
146
+ additionalBuffer.writeUintBE(header.sequenceNumber, 2, 6);
147
+ additionalBuffer.writeUInt8(header.type, 8);
148
+ additionalBuffer.writeUInt16BE(header.version, 9);
149
+ additionalBuffer.writeUInt16BE(dataLength, 11);
150
+ return additionalBuffer;
151
+ }
151
152
  /**
152
153
  * Decrypt message.
153
154
  */
@@ -157,20 +158,12 @@ class AEADCipher extends abstract_1.default {
157
158
  const writeKey = isClient ? this.serverWriteKey : this.clientWriteKey;
158
159
  if (!iv || !writeKey)
159
160
  throw new Error();
160
- const final = (0, binary_data_1.createDecode)(data);
161
- const explicitNonce = final.readBuffer(this.nonceExplicitLength);
161
+ const explicitNonce = data.subarray(0, this.nonceExplicitLength);
162
162
  explicitNonce.copy(iv, this.nonceImplicitLength);
163
- const encrypted = final.readBuffer(final.length - this.authTagLength);
164
- const authTag = final.readBuffer(this.authTagLength);
165
- const additionalData = {
166
- epoch: header.epoch,
167
- sequence: header.sequenceNumber,
168
- type: header.type,
169
- version: header.version,
170
- length: encrypted.length,
171
- };
172
- const additionalBuffer = (0, binary_data_1.encode)(additionalData, AEADAdditionalData).slice();
173
- const decipher = crypto.createDecipheriv(this.blockAlgorithm, writeKey, iv, {
163
+ const encrypted = data.subarray(this.nonceExplicitLength, data.length - this.authTagLength);
164
+ const authTag = data.subarray(data.length - this.authTagLength);
165
+ const additionalBuffer = this.encodeAdditionalBuffer(header, encrypted.length);
166
+ const decipher = (0, crypto_1.createDecipheriv)(this.blockAlgorithm, writeKey, iv, {
174
167
  authTagLength: this.authTagLength,
175
168
  });
176
169
  decipher.setAuthTag(authTag);
package/lib/dtls/src/cipher/suites/aead.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"aead.js","sourceRoot":"","sources":["../../../../../../dtls/src/cipher/suites/aead.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;AAAA,+CAAiC;AAEjC,2DAAwE;AACxE,yCAA4D;AAC5D,iDAA6C;AAC7C,gCAA2C;AAC3C,uDAIoB;AAEpB,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,QAAQ,EAAE,GAAG,mBAAK,CAAC;AAE5C,MAAM,WAAW,GAAG,KAAK,CAAC;AAC1B,MAAM,eAAe,GAAG,QAAQ,CAAC;AAEjC,MAAM,kBAAkB,GAAG;IACzB,KAAK,EAAE,QAAQ;IACf,QAAQ,EAAE,QAAQ;IAClB,IAAI,EAAE,WAAW;IACjB,OAAO,EAAE,eAAe;IACxB,MAAM,EAAE,QAAQ;CACjB,CAAC;AAEF,MAAM,GAAG,GAAG,IAAA,cAAK,EACf,6DAA6D,CAC9D,CAAC;AAEF;;GAEG;AACH,MAAqB,UAAW,SAAQ,kBAAM;IAe5C;QACE,KAAK,EAAE,CAAC;QAfV;;;;mBAAY,CAAC;WAAC;QACd;;;;mBAAc,CAAC;WAAC;QAChB;;;;mBAAW,CAAC;WAAC;QACb;;;;mBAAgB,CAAC;WAAC;QAElB;;;;mBAAsB,CAAC;WAAC;QACxB;;;;mBAAsB,CAAC;WAAC;QAExB;;;;;WAAwB;QACxB;;;;;WAAwB;QAExB;;;;;WAAqB;QACrB;;;;;WAAqB;IAIrB,CAAC;IAED,IAAI,OAAO;QACT,OAAO,IAAA,yBAAgB,EAAC,IAAI,CAAC,CAAC;IAChC,CAAC;IAED,IAAI,CAAC,YAAoB,EAAE,YAAoB,EAAE,YAAoB;QACnE,MAAM,IAAI,GAAG,IAAA,uBAAiB,EAC5B,YAAY,EACZ,YAAY,EACZ,YAAY,EACZ,IAAI,CAAC,SAAS,EACd,IAAI,CAAC,QAAQ,EACb,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,aAAa,CACnB,CAAC;QAEF,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC,cAAc,CAAC;QAC1C,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC,cAAc,CAAC;QAC1C,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC,WAAW,CAAC;QACpC,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC,WAAW,CAAC;IACtC,CAAC;IAED;;OAEG;IACH,OAAO,CAAC,IAAkB,EAAE,IAAY,EAAE,MAAoB;QAC5D,MAAM,QAAQ,GAAG,IAAI,KAAK,sBAAW,CAAC,MAAM,CAAC;QAC7C,MAAM,EAAE,GAAG,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC;QAC1D,MAAM,QAAQ,GAAG,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC;QACtE,IAAI,CAAC,EAAE,IAAI,CAAC,QAAQ;YAAE,MAAM,IAAI,KAAK,EAAE,CAAC;QAExC,EAAE,CAAC,aAAa,CAAC,MAAM,CAAC,KAAK,EAAE,IAAI,CAAC,mBAAmB,CAAC,CAAC;QACzD,EAAE,CAAC,WAAW,CAAC,MAAM,CAAC,cAAc,EAAE,IAAI,CAAC,mBAAmB,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;QAEvE,MAAM,aAAa,GAAG,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;QAEzD,MAAM,cAAc,GAAG;YACrB,KAAK,EAAE,MAAM,CAAC,KAAK;YACnB,QAAQ,EAAE,MAAM,CAAC,cAAc;YAC/B,IAAI,EAAE,MAAM,CAAC,IAAI;YACjB,OAAO,EAAE,MAAM,CAAC,OAAO;YACvB,MAAM,EAAE,IAAI,CAAC,MAAM;SACpB,CAAC;QAEF,MAAM,gBAAgB,GAAG,IAAA,oBAAM,EAAC,cAAc,EAAE,kBAAkB,CAAC,CAAC,KAAK,EAAE,CAAC;QAE5E,MAAM,MAAM,GAAG,MAAM,CAAC,cAAc,CAClC,IAAI,CAAC,cAAuC,EAC5C,QAAQ,EACR,EAAE,EACF;YACE,aAAa,EAAE,IAAI,CAAC,aAAa;SAClC,CACF,CAAC;QAEF,MAAM,CAAC,MAAM,CAAC,gBAAgB,EAAE;YAC9B,eAAe,EAAE,IAAI,CAAC,MAAM;SAC7B,CAAC,CAAC;QAEH,MAAM,QAAQ,GAAG,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACrC,MAAM,SAAS,GAAG,MAAM,CAAC,KAAK,EAAE,CAAC;QACjC,MAAM,OAAO,GAAG,MAAM,CAAC,UAAU,EAAE,CAAC;QAEpC,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,aAAa,EAAE,QAAQ,EAAE,SAAS,EAAE,OAAO,CAAC,CAAC,CAAC;IACtE,CAAC;IAED;;OAEG;IACH,OAAO,CAAC,IAAkB,EAAE,IAAY,EAAE,MAAoB;QAC5D,MAAM,QAAQ,GAAG,IAAI,KAAK,sBAAW,CAAC,MAAM,CAAC;QAC7C,MAAM,EAAE,GAAG,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC;QAC1D,MAAM,QAAQ,GAAG,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC;QACtE,IAAI,CAAC,EAAE,IAAI,CAAC,QAAQ;YAAE,MAAM,IAAI,KAAK,EAAE,CAAC;QAExC,MAAM,KAAK,GAAG,IAAA,0BAAY,EAAC,IAAI,CAAC,CAAC;QAEjC,MAAM,aAAa,GAAG,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;QACjE,aAAa,CAAC,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,mBAAmB,CAAC,CAAC;QAEjD,MAAM,SAAS,GAAG,KAAK,CAAC,UAAU,CAAC,KAAK,CAAC,MAAM,GAAG,IAAI,CAAC,aAAa,CAAC,CAAC;QACtE,MAAM,OAAO,GAAG,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;QAErD,MAAM,cAAc,GAAG;YACrB,KAAK,EAAE,MAAM,CAAC,KAAK;YACnB,QAAQ,EAAE,MAAM,CAAC,cAAc;YAC/B,IAAI,EAAE,MAAM,CAAC,IAAI;YACjB,OAAO,EAAE,MAAM,CAAC,OAAO;YACvB,MAAM,EAAE,SAAS,CAAC,MAAM;SACzB,CAAC;QAEF,MAAM,gBAAgB,GAAG,IAAA,oBAAM,EAAC,cAAc,EAAE,kBAAkB,CAAC,CAAC,KAAK,EAAE,CAAC;QAE5E,MAAM,QAAQ,GAAG,MAAM,CAAC,gBAAgB,CACtC,IAAI,CAAC,cAAuC,EAC5C,QAAQ,EACR,EAAE,EACF;YACE,aAAa,EAAE,IAAI,CAAC,aAAa;SAClC,CACF,CAAC;QAEF,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;QAC7B,QAAQ,CAAC,MAAM,CAAC,gBAAgB,EAAE;YAChC,eAAe,EAAE,SAAS,CAAC,MAAM;SAClC,CAAC,CAAC;QAEH,MAAM,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QAC5C,IAAI,CAAC;YACH,MAAM,SAAS,GAAG,QAAQ,CAAC,KAAK,EAAE,CAAC;YACnC,OAAO,SAAS,CAAC,MAAM,GAAG,CAAC;gBACzB,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;gBACtC,CAAC,CAAC,QAAQ,CAAC;QACf,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,GAAG,CACD,gBAAgB,EAChB,KAAK,EACL,IAAI,EACJ,IAAA,mBAAU,EAAC,IAAI,CAAC,EAChB,MAAM,EACN,IAAI,CAAC,OAAO,CACb,CAAC;YACF,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;CACF;AA/ID,6BA+IC","sourcesContent":["import * as crypto from \"crypto\";\n\nimport { createDecode, encode, types } from \"@shinyoshiaki/binary-data\";\nimport { dumpBuffer, getObjectSummary } from \"../../helper\";\nimport { debug } from \"../../imports/common\";\nimport { prfEncryptionKeys } from \"../prf\";\nimport Cipher, {\n type CipherHeader,\n SessionType,\n type SessionTypes,\n} from \"./abstract\";\n\nconst { uint8, uint16be, uint48be } = types;\n\nconst ContentType = uint8;\nconst ProtocolVersion = uint16be;\n\nconst AEADAdditionalData = {\n epoch: uint16be,\n sequence: uint48be,\n type: ContentType,\n version: ProtocolVersion,\n length: uint16be,\n};\n\nconst err = debug(\n \"werift-dtls : packages/dtls/src/cipher/suites/aead.ts : err\",\n);\n\n/**\n * This class implements AEAD cipher family.\n */\nexport default class AEADCipher extends Cipher {\n keyLength = 0;\n nonceLength = 0;\n ivLength = 0;\n authTagLength = 0;\n\n nonceImplicitLength = 0;\n nonceExplicitLength = 0;\n\n clientWriteKey?: Buffer;\n serverWriteKey?: Buffer;\n\n clientNonce?: Buffer;\n serverNonce?: Buffer;\n\n constructor() {\n super();\n }\n\n get summary() {\n return getObjectSummary(this);\n }\n\n init(masterSecret: Buffer, serverRandom: Buffer, clientRandom: Buffer) {\n const keys = prfEncryptionKeys(\n masterSecret,\n clientRandom,\n serverRandom,\n this.keyLength,\n this.ivLength,\n this.nonceLength,\n this.hashAlgorithm,\n );\n\n this.clientWriteKey = keys.clientWriteKey;\n this.serverWriteKey = keys.serverWriteKey;\n this.clientNonce = keys.clientNonce;\n this.serverNonce = keys.serverNonce;\n }\n\n /**\n * Encrypt message.\n */\n encrypt(type: SessionTypes, data: Buffer, header: CipherHeader) {\n const isClient = type === SessionType.CLIENT;\n const iv = isClient ? this.clientNonce : this.serverNonce;\n const writeKey = isClient ? this.clientWriteKey : this.serverWriteKey;\n if (!iv || !writeKey) throw new Error();\n\n iv.writeUInt16BE(header.epoch, this.nonceImplicitLength);\n iv.writeUIntBE(header.sequenceNumber, this.nonceImplicitLength + 2, 6);\n\n const explicitNonce = iv.slice(this.nonceImplicitLength);\n\n const additionalData = {\n epoch: header.epoch,\n sequence: header.sequenceNumber,\n type: header.type,\n version: header.version,\n length: data.length,\n };\n\n const additionalBuffer = encode(additionalData, AEADAdditionalData).slice();\n\n const cipher = crypto.createCipheriv(\n this.blockAlgorithm as crypto.CipherCCMTypes,\n writeKey,\n iv,\n {\n authTagLength: this.authTagLength,\n },\n );\n\n cipher.setAAD(additionalBuffer, {\n plaintextLength: data.length,\n });\n\n const headPart = cipher.update(data);\n const finalPart = cipher.final();\n const authTag = cipher.getAuthTag();\n\n return Buffer.concat([explicitNonce, headPart, finalPart, authTag]);\n }\n\n /**\n * Decrypt message.\n */\n decrypt(type: SessionTypes, data: Buffer, header: CipherHeader) {\n const isClient = type === SessionType.CLIENT;\n const iv = isClient ? this.serverNonce : this.clientNonce;\n const writeKey = isClient ? this.serverWriteKey : this.clientWriteKey;\n if (!iv || !writeKey) throw new Error();\n\n const final = createDecode(data);\n\n const explicitNonce = final.readBuffer(this.nonceExplicitLength);\n explicitNonce.copy(iv, this.nonceImplicitLength);\n\n const encrypted = final.readBuffer(final.length - this.authTagLength);\n const authTag = final.readBuffer(this.authTagLength);\n\n const additionalData = {\n epoch: header.epoch,\n sequence: header.sequenceNumber,\n type: header.type,\n version: header.version,\n length: encrypted.length,\n };\n\n const additionalBuffer = encode(additionalData, AEADAdditionalData).slice();\n\n const decipher = crypto.createDecipheriv(\n this.blockAlgorithm as crypto.CipherCCMTypes,\n writeKey,\n iv,\n {\n authTagLength: this.authTagLength,\n },\n );\n\n decipher.setAuthTag(authTag);\n decipher.setAAD(additionalBuffer, {\n plaintextLength: encrypted.length,\n });\n\n const headPart = decipher.update(encrypted);\n try {\n const finalPart = decipher.final();\n return finalPart.length > 0\n ? Buffer.concat([headPart, finalPart])\n : headPart;\n } catch (error) {\n err(\n \"decrypt failed\",\n error,\n type,\n dumpBuffer(data),\n header,\n this.summary,\n );\n throw error;\n }\n }\n}\n"]}
1
+ {"version":3,"file":"aead.js","sourceRoot":"","sources":["../../../../../../dtls/src/cipher/suites/aead.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,mCAA0D;AAE1D,yCAA4D;AAC5D,iDAA6C;AAC7C,gCAA2C;AAC3C,uDAIoB;AAEpB,MAAM,GAAG,GAAG,IAAA,cAAK,EACf,6DAA6D,CAC9D,CAAC;AAEF;;GAEG;AACH,MAAqB,UAAW,SAAQ,kBAAM;IAe5C;QACE,KAAK,EAAE,CAAC;QAfV;;;;mBAAY,CAAC;WAAC;QACd;;;;mBAAc,CAAC;WAAC;QAChB;;;;mBAAW,CAAC;WAAC;QACb;;;;mBAAgB,CAAC;WAAC;QAElB;;;;mBAAsB,CAAC;WAAC;QACxB;;;;mBAAsB,CAAC;WAAC;QAExB;;;;;WAAwB;QACxB;;;;;WAAwB;QAExB;;;;;WAAqB;QACrB;;;;;WAAqB;IAIrB,CAAC;IAED,IAAI,OAAO;QACT,OAAO,IAAA,yBAAgB,EAAC,IAAI,CAAC,CAAC;IAChC,CAAC;IAED,IAAI,CAAC,YAAoB,EAAE,YAAoB,EAAE,YAAoB;QACnE,MAAM,IAAI,GAAG,IAAA,uBAAiB,EAC5B,YAAY,EACZ,YAAY,EACZ,YAAY,EACZ,IAAI,CAAC,SAAS,EACd,IAAI,CAAC,QAAQ,EACb,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,aAAa,CACnB,CAAC;QAEF,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC,cAAc,CAAC;QAC1C,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC,cAAc,CAAC;QAC1C,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC,WAAW,CAAC;QACpC,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC,WAAW,CAAC;IACtC,CAAC;IAED;;OAEG;IACH,OAAO,CAAC,IAAkB,EAAE,IAAY,EAAE,MAAoB;QAC5D,MAAM,QAAQ,GAAG,IAAI,KAAK,sBAAW,CAAC,MAAM,CAAC;QAC7C,MAAM,EAAE,GAAG,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC;QAC1D,MAAM,QAAQ,GAAG,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC;QACtE,IAAI,CAAC,EAAE,IAAI,CAAC,QAAQ;YAAE,MAAM,IAAI,KAAK,EAAE,CAAC;QAExC,EAAE,CAAC,aAAa,CAAC,MAAM,CAAC,KAAK,EAAE,IAAI,CAAC,mBAAmB,CAAC,CAAC;QACzD,EAAE,CAAC,WAAW,CAAC,MAAM,CAAC,cAAc,EAAE,IAAI,CAAC,mBAAmB,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;QAEvE,MAAM,aAAa,GAAG,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;QAEzD,MAAM,gBAAgB,GAAG,IAAI,CAAC,sBAAsB,CAAC,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC;QAE1E,MAAM,MAAM,GAAG,IAAA,uBAAc,EAAC,IAAI,CAAC,cAAe,EAAE,QAAQ,EAAE,EAAE,EAAE;YAChE,aAAa,EAAE,IAAI,CAAC,aAAa;SAClC,CAAC,CAAC;QAEH,MAAM,CAAC,MAAM,CAAC,gBAAgB,EAAE;YAC9B,eAAe,EAAE,IAAI,CAAC,MAAM;SAC7B,CAAC,CAAC;QAEH,MAAM,QAAQ,GAAG,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACrC,MAAM,SAAS,GAAG,MAAM,CAAC,KAAK,EAAE,CAAC;QACjC,MAAM,OAAO,GAAG,MAAM,CAAC,UAAU,EAAE,CAAC;QAEpC,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,aAAa,EAAE,QAAQ,EAAE,SAAS,EAAE,OAAO,CAAC,CAAC,CAAC;IACtE,CAAC;IAED,sBAAsB,CAAC,MAAoB,EAAE,UAAkB;QAC7D,MAAM,gBAAgB,GAAG,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;QAE1C,gBAAgB,CAAC,aAAa,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;QAChD,gBAAgB,CAAC,WAAW,CAAC,MAAM,CAAC,cAAc,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;QAC1D,gBAAgB,CAAC,UAAU,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;QAC5C,gBAAgB,CAAC,aAAa,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;QAClD,gBAAgB,CAAC,aAAa,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC;QAE/C,OAAO,gBAAgB,CAAC;IAC1B,CAAC;IAED;;OAEG;IACH,OAAO,CAAC,IAAkB,EAAE,IAAY,EAAE,MAAoB;QAC5D,MAAM,QAAQ,GAAG,IAAI,KAAK,sBAAW,CAAC,MAAM,CAAC;QAC7C,MAAM,EAAE,GAAG,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC;QAC1D,MAAM,QAAQ,GAAG,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC;QACtE,IAAI,CAAC,EAAE,IAAI,CAAC,QAAQ;YAAE,MAAM,IAAI,KAAK,EAAE,CAAC;QAExC,MAAM,aAAa,GAAG,IAAI,CAAC,QAAQ,CAAC,CAAC,EAAE,IAAI,CAAC,mBAAmB,CAAC,CAAC;QAEjE,aAAa,CAAC,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,mBAAmB,CAAC,CAAC;QAEjD,MAAM,SAAS,GAAG,IAAI,CAAC,QAAQ,CAC7B,IAAI,CAAC,mBAAmB,EACxB,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,aAAa,CACjC,CAAC;QACF,MAAM,OAAO,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,aAAa,CAAC,CAAC;QAEhE,MAAM,gBAAgB,GAAG,IAAI,CAAC,sBAAsB,CAClD,MAAM,EACN,SAAS,CAAC,MAAM,CACjB,CAAC;QAEF,MAAM,QAAQ,GAAG,IAAA,yBAAgB,EAAC,IAAI,CAAC,cAAe,EAAE,QAAQ,EAAE,EAAE,EAAE;YACpE,aAAa,EAAE,IAAI,CAAC,aAAa;SAClC,CAAC,CAAC;QAEH,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;QAC7B,QAAQ,CAAC,MAAM,CAAC,gBAAgB,EAAE;YAChC,eAAe,EAAE,SAAS,CAAC,MAAM;SAClC,CAAC,CAAC;QAEH,MAAM,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QAC5C,IAAI,CAAC;YACH,MAAM,SAAS,GAAG,QAAQ,CAAC,KAAK,EAAE,CAAC;YACnC,OAAO,SAAS,CAAC,MAAM,GAAG,CAAC;gBACzB,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;gBACtC,CAAC,CAAC,QAAQ,CAAC;QACf,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,GAAG,CACD,gBAAgB,EAChB,KAAK,EACL,IAAI,EACJ,IAAA,mBAAU,EAAC,IAAI,CAAC,EAChB,MAAM,EACN,IAAI,CAAC,OAAO,CACb,CAAC;YACF,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;CACF;AAtID,6BAsIC","sourcesContent":["import { createCipheriv, createDecipheriv } from \"crypto\";\n\nimport { dumpBuffer, getObjectSummary } from \"../../helper\";\nimport { debug } from \"../../imports/common\";\nimport { prfEncryptionKeys } from \"../prf\";\nimport Cipher, {\n type CipherHeader,\n SessionType,\n type SessionTypes,\n} from \"./abstract\";\n\nconst err = debug(\n \"werift-dtls : packages/dtls/src/cipher/suites/aead.ts : err\",\n);\n\n/**\n * This class implements AEAD cipher family.\n */\nexport default class AEADCipher extends Cipher {\n keyLength = 0;\n nonceLength = 0;\n ivLength = 0;\n authTagLength = 0;\n\n nonceImplicitLength = 0;\n nonceExplicitLength = 0;\n\n clientWriteKey?: Buffer;\n serverWriteKey?: Buffer;\n\n clientNonce?: Buffer;\n serverNonce?: Buffer;\n\n constructor() {\n super();\n }\n\n get summary() {\n return getObjectSummary(this);\n }\n\n init(masterSecret: Buffer, serverRandom: Buffer, clientRandom: Buffer) {\n const keys = prfEncryptionKeys(\n masterSecret,\n clientRandom,\n serverRandom,\n this.keyLength,\n this.ivLength,\n this.nonceLength,\n this.hashAlgorithm,\n );\n\n this.clientWriteKey = keys.clientWriteKey;\n this.serverWriteKey = keys.serverWriteKey;\n this.clientNonce = keys.clientNonce;\n this.serverNonce = keys.serverNonce;\n }\n\n /**\n * Encrypt message.\n */\n encrypt(type: SessionTypes, data: Buffer, header: CipherHeader) {\n const isClient = type === SessionType.CLIENT;\n const iv = isClient ? this.clientNonce : this.serverNonce;\n const writeKey = isClient ? this.clientWriteKey : this.serverWriteKey;\n if (!iv || !writeKey) throw new Error();\n\n iv.writeUInt16BE(header.epoch, this.nonceImplicitLength);\n iv.writeUIntBE(header.sequenceNumber, this.nonceImplicitLength + 2, 6);\n\n const explicitNonce = iv.slice(this.nonceImplicitLength);\n\n const additionalBuffer = this.encodeAdditionalBuffer(header, data.length);\n\n const cipher = createCipheriv(this.blockAlgorithm!, writeKey, iv, {\n authTagLength: this.authTagLength,\n });\n\n cipher.setAAD(additionalBuffer, {\n plaintextLength: data.length,\n });\n\n const headPart = cipher.update(data);\n const finalPart = cipher.final();\n const authTag = cipher.getAuthTag();\n\n return Buffer.concat([explicitNonce, headPart, finalPart, authTag]);\n }\n\n encodeAdditionalBuffer(header: CipherHeader, dataLength: number) {\n const additionalBuffer = Buffer.alloc(13);\n\n additionalBuffer.writeUInt16BE(header.epoch, 0);\n additionalBuffer.writeUintBE(header.sequenceNumber, 2, 6);\n additionalBuffer.writeUInt8(header.type, 8);\n additionalBuffer.writeUInt16BE(header.version, 9);\n additionalBuffer.writeUInt16BE(dataLength, 11);\n\n return additionalBuffer;\n }\n\n /**\n * Decrypt message.\n */\n decrypt(type: SessionTypes, data: Buffer, header: CipherHeader) {\n const isClient = type === SessionType.CLIENT;\n const iv = isClient ? this.serverNonce : this.clientNonce;\n const writeKey = isClient ? this.serverWriteKey : this.clientWriteKey;\n if (!iv || !writeKey) throw new Error();\n\n const explicitNonce = data.subarray(0, this.nonceExplicitLength);\n\n explicitNonce.copy(iv, this.nonceImplicitLength);\n\n const encrypted = data.subarray(\n this.nonceExplicitLength,\n data.length - this.authTagLength,\n );\n const authTag = data.subarray(data.length - this.authTagLength);\n\n const additionalBuffer = this.encodeAdditionalBuffer(\n header,\n encrypted.length,\n );\n\n const decipher = createDecipheriv(this.blockAlgorithm!, writeKey, iv, {\n authTagLength: this.authTagLength,\n });\n\n decipher.setAuthTag(authTag);\n decipher.setAAD(additionalBuffer, {\n plaintextLength: encrypted.length,\n });\n\n const headPart = decipher.update(encrypted);\n try {\n const finalPart = decipher.final();\n return finalPart.length > 0\n ? Buffer.concat([headPart, finalPart])\n : headPart;\n } catch (error) {\n err(\n \"decrypt failed\",\n error,\n type,\n dumpBuffer(data),\n header,\n this.summary,\n );\n throw error;\n }\n }\n}\n"]}
package/lib/dtls/src/context/cipher.d.ts CHANGED
@@ -33,10 +33,10 @@ export declare class CipherContext {
33
33
  signatureHash: SignatureHash;
34
34
  }>;
35
35
  encryptPacket(pkt: DtlsPlaintext): DtlsPlaintext;
36
- decryptPacket(pkt: DtlsPlaintext): Buffer;
37
- verifyData(buf: Buffer): Buffer;
38
- signatureData(data: Buffer, hash: string): Buffer;
39
- generateKeySignature(hashAlgorithm: string): Buffer;
36
+ decryptPacket(pkt: DtlsPlaintext): Buffer<ArrayBufferLike>;
37
+ verifyData(buf: Buffer): Buffer<ArrayBuffer>;
38
+ signatureData(data: Buffer, hash: string): Buffer<ArrayBufferLike>;
39
+ generateKeySignature(hashAlgorithm: string): Buffer<ArrayBufferLike>;
40
40
  parseX509(certPem: string, keyPem: string, signatureHash: SignatureHash): void;
41
41
  private valueKeySignature;
42
42
  }
package/lib/dtls/src/context/cipher.js CHANGED
@@ -15,26 +15,34 @@ var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (
15
15
  }) : function(o, v) {
16
16
  o["default"] = v;
17
17
  });
18
- var __importStar = (this && this.__importStar) || function (mod) {
19
- if (mod && mod.__esModule) return mod;
20
- var result = {};
21
- if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
22
- __setModuleDefault(result, mod);
23
- return result;
24
- };
18
+ var __importStar = (this && this.__importStar) || (function () {
19
+ var ownKeys = function(o) {
20
+ ownKeys = Object.getOwnPropertyNames || function (o) {
21
+ var ar = [];
22
+ for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
23
+ return ar;
24
+ };
25
+ return ownKeys(o);
26
+ };
27
+ return function (mod) {
28
+ if (mod && mod.__esModule) return mod;
29
+ var result = {};
30
+ if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
31
+ __setModuleDefault(result, mod);
32
+ return result;
33
+ };
34
+ })();
25
35
  var _a;
26
36
  Object.defineProperty(exports, "__esModule", { value: true });
27
37
  exports.CipherContext = void 0;
28
- const crypto_1 = __importStar(require("crypto"));
38
+ const crypto_1 = require("crypto");
29
39
  const x509_1 = require("@fidm/x509");
30
40
  const x509 = __importStar(require("@peculiar/x509"));
31
41
  const binary_data_1 = require("@shinyoshiaki/binary-data");
32
- const date_fns_1 = require("date-fns");
33
42
  const const_1 = require("../cipher/const");
34
43
  const prf_1 = require("../cipher/prf");
35
44
  const abstract_1 = require("../cipher/suites/abstract");
36
- const binary_1 = require("../handshake/binary");
37
- const crypto = crypto_1.default.webcrypto;
45
+ const crypto = crypto_1.webcrypto;
38
46
  x509.cryptoProvider.set(crypto);
39
47
  class CipherContext {
40
48
  constructor(sessionType, certPem, keyPem, signatureHashAlgorithm) {
@@ -134,9 +142,10 @@ class CipherContext {
134
142
  }
135
143
  encryptPacket(pkt) {
136
144
  const header = pkt.recordLayerHeader;
145
+ const version = (header.protocolVersion.major << 8) | header.protocolVersion.minor;
137
146
  const enc = this.cipher.encrypt(this.sessionType, pkt.fragment, {
138
147
  type: header.contentType,
139
- version: (0, binary_data_1.decode)(Buffer.from((0, binary_data_1.encode)(header.protocolVersion, binary_1.ProtocolVersion).slice()), { version: binary_data_1.types.uint16be }).version,
148
+ version,
140
149
  epoch: header.epoch,
141
150
  sequenceNumber: header.sequenceNumber,
142
151
  });
@@ -146,9 +155,10 @@ class CipherContext {
146
155
  }
147
156
  decryptPacket(pkt) {
148
157
  const header = pkt.recordLayerHeader;
158
+ const version = (header.protocolVersion.major << 8) | header.protocolVersion.minor;
149
159
  const dec = this.cipher.decrypt(this.sessionType, pkt.fragment, {
150
160
  type: header.contentType,
151
- version: (0, binary_data_1.decode)(Buffer.from((0, binary_data_1.encode)(header.protocolVersion, binary_1.ProtocolVersion).slice()), { version: binary_data_1.types.uint16be }).version,
161
+ version,
152
162
  epoch: header.epoch,
153
163
  sequenceNumber: header.sequenceNumber,
154
164
  });
@@ -255,10 +265,10 @@ Object.defineProperty(CipherContext, "createSelfSignedCertificateWithKey", {
255
265
  "verify",
256
266
  ]));
257
267
  const cert = await x509.X509CertificateGenerator.createSelfSigned({
258
- serialNumber: crypto_1.default.randomBytes(8).toString("hex"),
268
+ serialNumber: (0, crypto_1.randomBytes)(8).toString("hex"),
259
269
  name: "C=AU, ST=Some-State, O=Internet Widgits Pty Ltd",
260
270
  notBefore: new Date(),
261
- notAfter: (0, date_fns_1.addYears)(Date.now(), 10),
271
+ notAfter: new Date(Date.now() + 10 * 365 * 24 * 60 * 60 * 1000),
262
272
  signingAlgorithm: alg,
263
273
  keys,
264
274
  });
package/lib/dtls/src/context/cipher.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"cipher.js","sourceRoot":"","sources":["../../../../../dtls/src/context/cipher.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,iDAAgD;AAChD,qCAAqD;AACrD,qDAAuC;AACvC,2DAAkE;AAClE,uCAAoC;AAEpC,2CAQyB;AAEzB,uCAAyE;AACzE,wDAA2E;AAE3E,gDAAsD;AAItD,MAAM,MAAM,GAAG,gBAAU,CAAC,SAAS,CAAC;AACpC,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,MAAa,CAAC,CAAC;AAEvC,MAAa,aAAa;IAcxB,YACS,WAAyB,EACzB,OAAgB,EAChB,MAAe,EACtB,sBAAsC;QAHtC;;;;mBAAO,WAAW;WAAc;QAChC;;;;mBAAO,OAAO;WAAS;QACvB;;;;mBAAO,MAAM;WAAS;QAhBxB;;;;;WAAyB;QACzB;;;;;WAA0B;QAC1B;;;;;WAA2B;QAC3B;;;;;WAA2B;QAC3B;;;;;WAA2C;QAC3C;;;;;WAAiC;QACjC;;;;;WAAsB;QACtB;;;;;WAAoB;QACpB;;;;;WAAkC;QAClC;;;;;WAAuC;QACvC;;;;;WAAmB;QACnB;;;;;WAA6B;QAQ3B,IAAI,OAAO,IAAI,MAAM,IAAI,sBAAsB,EAAE,CAAC;YAChD,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,MAAM,EAAE,sBAAsB,CAAC,CAAC;QAC1D,CAAC;IACH,CAAC;IA8ED,aAAa,CAAC,GAAkB;QAC9B,MAAM,MAAM,GAAG,GAAG,CAAC,iBAAiB,CAAC;QACrC,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,WAAW,EAAE,GAAG,CAAC,QAAQ,EAAE;YAC9D,IAAI,EAAE,MAAM,CAAC,WAAW;YACxB,OAAO,EAAE,IAAA,oBAAM,EACb,MAAM,CAAC,IAAI,CAAC,IAAA,oBAAM,EAAC,MAAM,CAAC,eAAe,EAAE,wBAAe,CAAC,CAAC,KAAK,EAAE,CAAC,EACpE,EAAE,OAAO,EAAE,mBAAK,CAAC,QAAQ,EAAE,CAC5B,CAAC,OAAO;YACT,KAAK,EAAE,MAAM,CAAC,KAAK;YACnB,cAAc,EAAE,MAAM,CAAC,cAAc;SACtC,CAAC,CAAC;QACH,GAAG,CAAC,QAAQ,GAAG,GAAG,CAAC;QACnB,GAAG,CAAC,iBAAiB,CAAC,UAAU,GAAG,GAAG,CAAC,MAAM,CAAC;QAC9C,OAAO,GAAG,CAAC;IACb,CAAC;IAED,aAAa,CAAC,GAAkB;QAC9B,MAAM,MAAM,GAAG,GAAG,CAAC,iBAAiB,CAAC;QACrC,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,WAAW,EAAE,GAAG,CAAC,QAAQ,EAAE;YAC9D,IAAI,EAAE,MAAM,CAAC,WAAW;YACxB,OAAO,EAAE,IAAA,oBAAM,EACb,MAAM,CAAC,IAAI,CAAC,IAAA,oBAAM,EAAC,MAAM,CAAC,eAAe,EAAE,wBAAe,CAAC,CAAC,KAAK,EAAE,CAAC,EACpE,EAAE,OAAO,EAAE,mBAAK,CAAC,QAAQ,EAAE,CAC5B,CAAC,OAAO;YACT,KAAK,EAAE,MAAM,CAAC,KAAK;YACnB,cAAc,EAAE,MAAM,CAAC,cAAc;SACtC,CAAC,CAAC;QACH,OAAO,GAAG,CAAC;IACb,CAAC;IAED,UAAU,CAAC,GAAW;QACpB,IAAI,IAAI,CAAC,WAAW,KAAK,sBAAW,CAAC,MAAM;YACzC,OAAO,IAAA,yBAAmB,EAAC,IAAI,CAAC,YAAY,EAAE,GAAG,CAAC,CAAC;;YAChD,OAAO,IAAA,yBAAmB,EAAC,IAAI,CAAC,YAAY,EAAE,GAAG,CAAC,CAAC;IAC1D,CAAC;IAED,aAAa,CAAC,IAAY,EAAE,IAAY;QACtC,MAAM,SAAS,GAAG,IAAA,mBAAU,EAAC,IAAI,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QAChD,MAAM,GAAG,GAAG,IAAI,CAAC,eAAe,CAAC,KAAK,EAAE,CAAC,QAAQ,EAAE,CAAC;QACpD,MAAM,MAAM,GAAG,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACnC,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,oBAAoB,CAAC,aAAqB;QACxC,MAAM,YAAY,GAChB,IAAI,CAAC,WAAW,KAAK,sBAAW,CAAC,MAAM;YACrC,CAAC,CAAC,IAAI,CAAC,WAAW;YAClB,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC;QACxB,MAAM,YAAY,GAChB,IAAI,CAAC,WAAW,KAAK,sBAAW,CAAC,MAAM;YACrC,CAAC,CAAC,IAAI,CAAC,WAAW;YAClB,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC;QAExB,MAAM,GAAG,GAAG,IAAI,CAAC,iBAAiB,CAChC,YAAY,CAAC,SAAS,EAAE,EACxB,YAAY,CAAC,SAAS,EAAE,EACxB,IAAI,CAAC,YAAY,CAAC,SAAS,EAC3B,IAAI,CAAC,UAAU,CAChB,CAAC;QAEF,MAAM,GAAG,GAAG,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,GAAG,EAAE,aAAa,CAAC,CAAC;QAC1D,OAAO,GAAG,CAAC;IACb,CAAC;IAED,SAAS,CAAC,OAAe,EAAE,MAAc,EAAE,aAA4B;QACrE,MAAM,IAAI,GAAG,kBAAW,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;QACvD,MAAM,GAAG,GAAG,iBAAU,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC;QACpD,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC;QAC1B,IAAI,CAAC,eAAe,GAAG,GAAG,CAAC;QAC3B,IAAI,CAAC,sBAAsB,GAAG,aAAa,CAAC;IAC9C,CAAC;IAEO,iBAAiB,CACvB,YAAoB,EACpB,YAAoB,EACpB,SAAiB,EACjB,UAAkB;QAElB,MAAM,YAAY,GAAG,MAAM,CAAC,IAAI,CAC9B,IAAA,oBAAM,EACJ;YACE,IAAI,EAAE,iBAAS,CAAC,aAAa;YAC7B,KAAK,EAAE,UAAU;YACjB,GAAG,EAAE,SAAS,CAAC,MAAM;SACtB,EACD,EAAE,IAAI,EAAE,mBAAK,CAAC,KAAK,EAAE,KAAK,EAAE,mBAAK,CAAC,QAAQ,EAAE,GAAG,EAAE,mBAAK,CAAC,KAAK,EAAE,CAC/D,CAAC,KAAK,EAAE,CACV,CAAC;QACF,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,YAAY,EAAE,YAAY,EAAE,YAAY,EAAE,SAAS,CAAC,CAAC,CAAC;IAC9E,CAAC;;AA9LH,sCA+LC;;AAtKC;;;;GAIG;AACI;;;;WAAqC,KAAK,EAC/C,aAA4B,EAC5B,mBAA0C,EAC1C,EAAE;QACF,MAAM,sBAAsB,GAAG,CAAC,GAAG,EAAE;YACnC,QAAQ,aAAa,CAAC,SAAS,EAAE,CAAC;gBAChC,KAAK,0BAAkB,CAAC,KAAK;oBAC3B,OAAO,mBAAmB,CAAC;gBAC7B,KAAK,0BAAkB,CAAC,OAAO;oBAC7B,OAAO,OAAO,CAAC;YACnB,CAAC;QACH,CAAC,CAAC,EAAE,CAAC;QACL,MAAM,IAAI,GAAG,CAAC,GAAG,EAAE;YACjB,QAAQ,aAAa,CAAC,IAAI,EAAE,CAAC;gBAC3B,KAAK,qBAAa,CAAC,QAAQ;oBACzB,OAAO,SAAS,CAAC;YACrB,CAAC;QACH,CAAC,CAAC,EAAE,CAAC;QACL,MAAM,UAAU,GAAG,CAAC,GAAG,EAAE;YACvB,QAAQ,mBAAmB,EAAE,CAAC;gBAC5B,KAAK,2BAAmB,CAAC,YAAY;oBACnC,OAAO,OAAO,CAAC;gBACjB,KAAK,2BAAmB,CAAC,SAAS;oBAChC,6CAA6C;oBAC7C,IAAI,sBAAsB,KAAK,OAAO,EAAE,CAAC;wBACvC,OAAO,OAAO,CAAC;oBACjB,CAAC;oBACD,OAAO,QAAQ,CAAC;gBAClB,OAAO,CAAC,CAAC,CAAC;oBACR,IAAI,sBAAsB,KAAK,OAAO;wBAAE,OAAO,OAAO,CAAC;oBACvD,IAAI,sBAAsB,KAAK,mBAAmB;wBAAE,OAAO,QAAQ,CAAC;gBACtE,CAAC;YACH,CAAC;QACH,CAAC,CAAC,EAAE,CAAC;QACL,MAAM,GAAG,GAAG,CAAC,GAAG,EAAE;YAChB,QAAQ,sBAAsB,EAAE,CAAC;gBAC/B,KAAK,OAAO;oBACV,OAAO,EAAE,IAAI,EAAE,sBAAsB,EAAE,IAAI,EAAE,UAAU,EAAE,CAAC;gBAC5D,KAAK,mBAAmB;oBACtB,OAAO;wBACL,IAAI,EAAE,sBAAsB;wBAC5B,IAAI;wBACJ,cAAc,EAAE,IAAI,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;wBACzC,aAAa,EAAE,IAAI;qBACpB,CAAC;YACN,CAAC;QACH,CAAC,CAAC,EAAE,CAAC;QAEL,MAAM,IAAI,GAAG,CAAC,MAAM,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,GAAG,EAAE,IAAI,EAAE;YACvD,MAAM;YACN,QAAQ;SACT,CAAC,CAAuC,CAAC;QAE1C,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,wBAAwB,CAAC,gBAAgB,CAAC;YAChE,YAAY,EAAE,gBAAU,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC;YACvD,IAAI,EAAE,iDAAiD;YACvD,SAAS,EAAE,IAAI,IAAI,EAAE;YACrB,QAAQ,EAAE,IAAA,mBAAQ,EAAC,IAAI,CAAC,GAAG,EAAE,EAAE,EAAE,CAAC;YAClC,gBAAgB,EAAE,GAAG;YACrB,IAAI;SACL,CAAC,CAAC;QAEH,MAAM,OAAO,GAAG,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;QACrC,MAAM,MAAM,GAAG,IAAI,CAAC,YAAY,CAAC,MAAM,CACrC,MAAM,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,CAAC,UAAiB,CAAC,EAC9D,aAAa,CACd,CAAC;QAEF,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,aAAa,EAAE,CAAC;IAC5C,CAAC;EArEwC,CAqEvC","sourcesContent":["import nodeCrypto, { createSign } from \"crypto\";\nimport { Certificate, PrivateKey } from \"@fidm/x509\";\nimport * as x509 from \"@peculiar/x509\";\nimport { decode, encode, types } from \"@shinyoshiaki/binary-data\";\nimport { addYears } from \"date-fns\";\n\nimport {\n type CipherSuites,\n CurveType,\n HashAlgorithm,\n NamedCurveAlgorithm,\n type NamedCurveAlgorithms,\n SignatureAlgorithm,\n type SignatureHash,\n} from \"../cipher/const\";\nimport type { NamedCurveKeyPair } from \"../cipher/namedCurve\";\nimport { prfVerifyDataClient, prfVerifyDataServer } from \"../cipher/prf\";\nimport { SessionType, type SessionTypes } from \"../cipher/suites/abstract\";\nimport type AEADCipher from \"../cipher/suites/aead\";\nimport { ProtocolVersion } from \"../handshake/binary\";\nimport type { DtlsRandom } from \"../handshake/random\";\nimport type { DtlsPlaintext } from \"../record/message/plaintext\";\n\nconst crypto = nodeCrypto.webcrypto;\nx509.cryptoProvider.set(crypto as any);\n\nexport class CipherContext {\n localRandom!: DtlsRandom;\n remoteRandom!: DtlsRandom;\n cipherSuite!: CipherSuites;\n remoteCertificate?: Buffer;\n remoteKeyPair!: Partial<NamedCurveKeyPair>;\n localKeyPair!: NamedCurveKeyPair;\n masterSecret!: Buffer;\n cipher!: AEADCipher;\n namedCurve!: NamedCurveAlgorithms;\n signatureHashAlgorithm?: SignatureHash;\n localCert!: Buffer;\n localPrivateKey!: PrivateKey;\n\n constructor(\n public sessionType: SessionTypes,\n public certPem?: string,\n public keyPem?: string,\n signatureHashAlgorithm?: SignatureHash,\n ) {\n if (certPem && keyPem && signatureHashAlgorithm) {\n this.parseX509(certPem, keyPem, signatureHashAlgorithm);\n }\n }\n\n /**\n *\n * @param signatureHash\n * @param namedCurveAlgorithm necessary when use ecdsa\n */\n static createSelfSignedCertificateWithKey = async (\n signatureHash: SignatureHash,\n namedCurveAlgorithm?: NamedCurveAlgorithms,\n ) => {\n const signatureAlgorithmName = (() => {\n switch (signatureHash.signature) {\n case SignatureAlgorithm.rsa_1:\n return \"RSASSA-PKCS1-v1_5\";\n case SignatureAlgorithm.ecdsa_3:\n return \"ECDSA\";\n }\n })();\n const hash = (() => {\n switch (signatureHash.hash) {\n case HashAlgorithm.sha256_4:\n return \"SHA-256\";\n }\n })();\n const namedCurve = (() => {\n switch (namedCurveAlgorithm) {\n case NamedCurveAlgorithm.secp256r1_23:\n return \"P-256\";\n case NamedCurveAlgorithm.x25519_29:\n // todo fix (X25519 not supported with ECDSA)\n if (signatureAlgorithmName === \"ECDSA\") {\n return \"P-256\";\n }\n return \"X25519\";\n default: {\n if (signatureAlgorithmName === \"ECDSA\") return \"P-256\";\n if (signatureAlgorithmName === \"RSASSA-PKCS1-v1_5\") return \"X25519\";\n }\n }\n })();\n const alg = (() => {\n switch (signatureAlgorithmName) {\n case \"ECDSA\":\n return { name: signatureAlgorithmName, hash, namedCurve };\n case \"RSASSA-PKCS1-v1_5\":\n return {\n name: signatureAlgorithmName,\n hash,\n publicExponent: new Uint8Array([1, 0, 1]),\n modulusLength: 2048,\n };\n }\n })();\n\n const keys = (await crypto.subtle.generateKey(alg, true, [\n \"sign\",\n \"verify\",\n ])) as nodeCrypto.webcrypto.CryptoKeyPair;\n\n const cert = await x509.X509CertificateGenerator.createSelfSigned({\n serialNumber: nodeCrypto.randomBytes(8).toString(\"hex\"),\n name: \"C=AU, ST=Some-State, O=Internet Widgits Pty Ltd\",\n notBefore: new Date(),\n notAfter: addYears(Date.now(), 10),\n signingAlgorithm: alg,\n keys,\n });\n\n const certPem = cert.toString(\"pem\");\n const keyPem = x509.PemConverter.encode(\n await crypto.subtle.exportKey(\"pkcs8\", keys.privateKey as any),\n \"private key\",\n );\n\n return { certPem, keyPem, signatureHash };\n };\n\n encryptPacket(pkt: DtlsPlaintext) {\n const header = pkt.recordLayerHeader;\n const enc = this.cipher.encrypt(this.sessionType, pkt.fragment, {\n type: header.contentType,\n version: decode(\n Buffer.from(encode(header.protocolVersion, ProtocolVersion).slice()),\n { version: types.uint16be },\n ).version,\n epoch: header.epoch,\n sequenceNumber: header.sequenceNumber,\n });\n pkt.fragment = enc;\n pkt.recordLayerHeader.contentLen = enc.length;\n return pkt;\n }\n\n decryptPacket(pkt: DtlsPlaintext) {\n const header = pkt.recordLayerHeader;\n const dec = this.cipher.decrypt(this.sessionType, pkt.fragment, {\n type: header.contentType,\n version: decode(\n Buffer.from(encode(header.protocolVersion, ProtocolVersion).slice()),\n { version: types.uint16be },\n ).version,\n epoch: header.epoch,\n sequenceNumber: header.sequenceNumber,\n });\n return dec;\n }\n\n verifyData(buf: Buffer) {\n if (this.sessionType === SessionType.CLIENT)\n return prfVerifyDataClient(this.masterSecret, buf);\n else return prfVerifyDataServer(this.masterSecret, buf);\n }\n\n signatureData(data: Buffer, hash: string) {\n const signature = createSign(hash).update(data);\n const key = this.localPrivateKey.toPEM().toString();\n const signed = signature.sign(key);\n return signed;\n }\n\n generateKeySignature(hashAlgorithm: string) {\n const clientRandom =\n this.sessionType === SessionType.CLIENT\n ? this.localRandom\n : this.remoteRandom;\n const serverRandom =\n this.sessionType === SessionType.SERVER\n ? this.localRandom\n : this.remoteRandom;\n\n const sig = this.valueKeySignature(\n clientRandom.serialize(),\n serverRandom.serialize(),\n this.localKeyPair.publicKey,\n this.namedCurve,\n );\n\n const enc = this.localPrivateKey.sign(sig, hashAlgorithm);\n return enc;\n }\n\n parseX509(certPem: string, keyPem: string, signatureHash: SignatureHash) {\n const cert = Certificate.fromPEM(Buffer.from(certPem));\n const sec = PrivateKey.fromPEM(Buffer.from(keyPem));\n this.localCert = cert.raw;\n this.localPrivateKey = sec;\n this.signatureHashAlgorithm = signatureHash;\n }\n\n private valueKeySignature(\n clientRandom: Buffer,\n serverRandom: Buffer,\n publicKey: Buffer,\n namedCurve: number,\n ) {\n const serverParams = Buffer.from(\n encode(\n {\n type: CurveType.named_curve_3,\n curve: namedCurve,\n len: publicKey.length,\n },\n { type: types.uint8, curve: types.uint16be, len: types.uint8 },\n ).slice(),\n );\n return Buffer.concat([clientRandom, serverRandom, serverParams, publicKey]);\n }\n}\n"]}
1
+ {"version":3,"file":"cipher.js","sourceRoot":"","sources":["../../../../../dtls/src/context/cipher.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,mCAA4D;AAC5D,qCAAqD;AACrD,qDAAuC;AACvC,2DAA0D;AAE1D,2CAQyB;AAEzB,uCAAyE;AACzE,wDAA2E;AAK3E,MAAM,MAAM,GAAG,kBAAS,CAAC;AACzB,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,MAAa,CAAC,CAAC;AAEvC,MAAa,aAAa;IAcxB,YACS,WAAyB,EACzB,OAAgB,EAChB,MAAe,EACtB,sBAAsC;QAHtC;;;;mBAAO,WAAW;WAAc;QAChC;;;;mBAAO,OAAO;WAAS;QACvB;;;;mBAAO,MAAM;WAAS;QAhBxB;;;;;WAAyB;QACzB;;;;;WAA0B;QAC1B;;;;;WAA2B;QAC3B;;;;;WAA2B;QAC3B;;;;;WAA2C;QAC3C;;;;;WAAiC;QACjC;;;;;WAAsB;QACtB;;;;;WAAoB;QACpB;;;;;WAAkC;QAClC;;;;;WAAuC;QACvC;;;;;WAAmB;QACnB;;;;;WAA6B;QAQ3B,IAAI,OAAO,IAAI,MAAM,IAAI,sBAAsB,EAAE,CAAC;YAChD,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,MAAM,EAAE,sBAAsB,CAAC,CAAC;QAC1D,CAAC;IACH,CAAC;IA8ED,aAAa,CAAC,GAAkB;QAC9B,MAAM,MAAM,GAAG,GAAG,CAAC,iBAAiB,CAAC;QACrC,MAAM,OAAO,GACX,CAAC,MAAM,CAAC,eAAe,CAAC,KAAK,IAAI,CAAC,CAAC,GAAG,MAAM,CAAC,eAAe,CAAC,KAAK,CAAC;QACrE,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,WAAW,EAAE,GAAG,CAAC,QAAQ,EAAE;YAC9D,IAAI,EAAE,MAAM,CAAC,WAAW;YACxB,OAAO;YACP,KAAK,EAAE,MAAM,CAAC,KAAK;YACnB,cAAc,EAAE,MAAM,CAAC,cAAc;SACtC,CAAC,CAAC;QACH,GAAG,CAAC,QAAQ,GAAG,GAAG,CAAC;QACnB,GAAG,CAAC,iBAAiB,CAAC,UAAU,GAAG,GAAG,CAAC,MAAM,CAAC;QAC9C,OAAO,GAAG,CAAC;IACb,CAAC;IAED,aAAa,CAAC,GAAkB;QAC9B,MAAM,MAAM,GAAG,GAAG,CAAC,iBAAiB,CAAC;QACrC,MAAM,OAAO,GACX,CAAC,MAAM,CAAC,eAAe,CAAC,KAAK,IAAI,CAAC,CAAC,GAAG,MAAM,CAAC,eAAe,CAAC,KAAK,CAAC;QACrE,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,WAAW,EAAE,GAAG,CAAC,QAAQ,EAAE;YAC9D,IAAI,EAAE,MAAM,CAAC,WAAW;YACxB,OAAO;YACP,KAAK,EAAE,MAAM,CAAC,KAAK;YACnB,cAAc,EAAE,MAAM,CAAC,cAAc;SACtC,CAAC,CAAC;QACH,OAAO,GAAG,CAAC;IACb,CAAC;IAED,UAAU,CAAC,GAAW;QACpB,IAAI,IAAI,CAAC,WAAW,KAAK,sBAAW,CAAC,MAAM;YACzC,OAAO,IAAA,yBAAmB,EAAC,IAAI,CAAC,YAAY,EAAE,GAAG,CAAC,CAAC;;YAChD,OAAO,IAAA,yBAAmB,EAAC,IAAI,CAAC,YAAY,EAAE,GAAG,CAAC,CAAC;IAC1D,CAAC;IAED,aAAa,CAAC,IAAY,EAAE,IAAY;QACtC,MAAM,SAAS,GAAG,IAAA,mBAAU,EAAC,IAAI,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QAChD,MAAM,GAAG,GAAG,IAAI,CAAC,eAAe,CAAC,KAAK,EAAE,CAAC,QAAQ,EAAE,CAAC;QACpD,MAAM,MAAM,GAAG,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACnC,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,oBAAoB,CAAC,aAAqB;QACxC,MAAM,YAAY,GAChB,IAAI,CAAC,WAAW,KAAK,sBAAW,CAAC,MAAM;YACrC,CAAC,CAAC,IAAI,CAAC,WAAW;YAClB,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC;QACxB,MAAM,YAAY,GAChB,IAAI,CAAC,WAAW,KAAK,sBAAW,CAAC,MAAM;YACrC,CAAC,CAAC,IAAI,CAAC,WAAW;YAClB,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC;QAExB,MAAM,GAAG,GAAG,IAAI,CAAC,iBAAiB,CAChC,YAAY,CAAC,SAAS,EAAE,EACxB,YAAY,CAAC,SAAS,EAAE,EACxB,IAAI,CAAC,YAAY,CAAC,SAAS,EAC3B,IAAI,CAAC,UAAU,CAChB,CAAC;QAEF,MAAM,GAAG,GAAG,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,GAAG,EAAE,aAAa,CAAC,CAAC;QAC1D,OAAO,GAAG,CAAC;IACb,CAAC;IAED,SAAS,CAAC,OAAe,EAAE,MAAc,EAAE,aAA4B;QACrE,MAAM,IAAI,GAAG,kBAAW,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;QACvD,MAAM,GAAG,GAAG,iBAAU,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC;QACpD,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC;QAC1B,IAAI,CAAC,eAAe,GAAG,GAAG,CAAC;QAC3B,IAAI,CAAC,sBAAsB,GAAG,aAAa,CAAC;IAC9C,CAAC;IAEO,iBAAiB,CACvB,YAAoB,EACpB,YAAoB,EACpB,SAAiB,EACjB,UAAkB;QAElB,MAAM,YAAY,GAAG,MAAM,CAAC,IAAI,CAC9B,IAAA,oBAAM,EACJ;YACE,IAAI,EAAE,iBAAS,CAAC,aAAa;YAC7B,KAAK,EAAE,UAAU;YACjB,GAAG,EAAE,SAAS,CAAC,MAAM;SACtB,EACD,EAAE,IAAI,EAAE,mBAAK,CAAC,KAAK,EAAE,KAAK,EAAE,mBAAK,CAAC,QAAQ,EAAE,GAAG,EAAE,mBAAK,CAAC,KAAK,EAAE,CAC/D,CAAC,KAAK,EAAE,CACV,CAAC;QACF,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,YAAY,EAAE,YAAY,EAAE,YAAY,EAAE,SAAS,CAAC,CAAC,CAAC;IAC9E,CAAC;;AA5LH,sCA6LC;;AApKC;;;;GAIG;AACI;;;;WAAqC,KAAK,EAC/C,aAA4B,EAC5B,mBAA0C,EAC1C,EAAE;QACF,MAAM,sBAAsB,GAAG,CAAC,GAAG,EAAE;YACnC,QAAQ,aAAa,CAAC,SAAS,EAAE,CAAC;gBAChC,KAAK,0BAAkB,CAAC,KAAK;oBAC3B,OAAO,mBAAmB,CAAC;gBAC7B,KAAK,0BAAkB,CAAC,OAAO;oBAC7B,OAAO,OAAO,CAAC;YACnB,CAAC;QACH,CAAC,CAAC,EAAE,CAAC;QACL,MAAM,IAAI,GAAG,CAAC,GAAG,EAAE;YACjB,QAAQ,aAAa,CAAC,IAAI,EAAE,CAAC;gBAC3B,KAAK,qBAAa,CAAC,QAAQ;oBACzB,OAAO,SAAS,CAAC;YACrB,CAAC;QACH,CAAC,CAAC,EAAE,CAAC;QACL,MAAM,UAAU,GAAG,CAAC,GAAG,EAAE;YACvB,QAAQ,mBAAmB,EAAE,CAAC;gBAC5B,KAAK,2BAAmB,CAAC,YAAY;oBACnC,OAAO,OAAO,CAAC;gBACjB,KAAK,2BAAmB,CAAC,SAAS;oBAChC,6CAA6C;oBAC7C,IAAI,sBAAsB,KAAK,OAAO,EAAE,CAAC;wBACvC,OAAO,OAAO,CAAC;oBACjB,CAAC;oBACD,OAAO,QAAQ,CAAC;gBAClB,OAAO,CAAC,CAAC,CAAC;oBACR,IAAI,sBAAsB,KAAK,OAAO;wBAAE,OAAO,OAAO,CAAC;oBACvD,IAAI,sBAAsB,KAAK,mBAAmB;wBAAE,OAAO,QAAQ,CAAC;gBACtE,CAAC;YACH,CAAC;QACH,CAAC,CAAC,EAAE,CAAC;QACL,MAAM,GAAG,GAAG,CAAC,GAAG,EAAE;YAChB,QAAQ,sBAAsB,EAAE,CAAC;gBAC/B,KAAK,OAAO;oBACV,OAAO,EAAE,IAAI,EAAE,sBAAsB,EAAE,IAAI,EAAE,UAAU,EAAE,CAAC;gBAC5D,KAAK,mBAAmB;oBACtB,OAAO;wBACL,IAAI,EAAE,sBAAsB;wBAC5B,IAAI;wBACJ,cAAc,EAAE,IAAI,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;wBACzC,aAAa,EAAE,IAAI;qBACpB,CAAC;YACN,CAAC;QACH,CAAC,CAAC,EAAE,CAAC;QAEL,MAAM,IAAI,GAAG,CAAC,MAAM,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,GAAG,EAAE,IAAI,EAAE;YACvD,MAAM;YACN,QAAQ;SACT,CAAC,CAA4B,CAAC;QAE/B,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,wBAAwB,CAAC,gBAAgB,CAAC;YAChE,YAAY,EAAE,IAAA,oBAAW,EAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC;YAC5C,IAAI,EAAE,iDAAiD;YACvD,SAAS,EAAE,IAAI,IAAI,EAAE;YACrB,QAAQ,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;YAC/D,gBAAgB,EAAE,GAAG;YACrB,IAAI;SACL,CAAC,CAAC;QAEH,MAAM,OAAO,GAAG,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;QACrC,MAAM,MAAM,GAAG,IAAI,CAAC,YAAY,CAAC,MAAM,CACrC,MAAM,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,CAAC,UAAiB,CAAC,EAC9D,aAAa,CACd,CAAC;QAEF,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,aAAa,EAAE,CAAC;IAC5C,CAAC;EArEwC,CAqEvC","sourcesContent":["import { createSign, randomBytes, webcrypto } from \"crypto\";\nimport { Certificate, PrivateKey } from \"@fidm/x509\";\nimport * as x509 from \"@peculiar/x509\";\nimport { encode, types } from \"@shinyoshiaki/binary-data\";\n\nimport {\n type CipherSuites,\n CurveType,\n HashAlgorithm,\n NamedCurveAlgorithm,\n type NamedCurveAlgorithms,\n SignatureAlgorithm,\n type SignatureHash,\n} from \"../cipher/const\";\nimport type { NamedCurveKeyPair } from \"../cipher/namedCurve\";\nimport { prfVerifyDataClient, prfVerifyDataServer } from \"../cipher/prf\";\nimport { SessionType, type SessionTypes } from \"../cipher/suites/abstract\";\nimport type AEADCipher from \"../cipher/suites/aead\";\nimport type { DtlsRandom } from \"../handshake/random\";\nimport type { DtlsPlaintext } from \"../record/message/plaintext\";\n\nconst crypto = webcrypto;\nx509.cryptoProvider.set(crypto as any);\n\nexport class CipherContext {\n localRandom!: DtlsRandom;\n remoteRandom!: DtlsRandom;\n cipherSuite!: CipherSuites;\n remoteCertificate?: Buffer;\n remoteKeyPair!: Partial<NamedCurveKeyPair>;\n localKeyPair!: NamedCurveKeyPair;\n masterSecret!: Buffer;\n cipher!: AEADCipher;\n namedCurve!: NamedCurveAlgorithms;\n signatureHashAlgorithm?: SignatureHash;\n localCert!: Buffer;\n localPrivateKey!: PrivateKey;\n\n constructor(\n public sessionType: SessionTypes,\n public certPem?: string,\n public keyPem?: string,\n signatureHashAlgorithm?: SignatureHash,\n ) {\n if (certPem && keyPem && signatureHashAlgorithm) {\n this.parseX509(certPem, keyPem, signatureHashAlgorithm);\n }\n }\n\n /**\n *\n * @param signatureHash\n * @param namedCurveAlgorithm necessary when use ecdsa\n */\n static createSelfSignedCertificateWithKey = async (\n signatureHash: SignatureHash,\n namedCurveAlgorithm?: NamedCurveAlgorithms,\n ) => {\n const signatureAlgorithmName = (() => {\n switch (signatureHash.signature) {\n case SignatureAlgorithm.rsa_1:\n return \"RSASSA-PKCS1-v1_5\";\n case SignatureAlgorithm.ecdsa_3:\n return \"ECDSA\";\n }\n })();\n const hash = (() => {\n switch (signatureHash.hash) {\n case HashAlgorithm.sha256_4:\n return \"SHA-256\";\n }\n })();\n const namedCurve = (() => {\n switch (namedCurveAlgorithm) {\n case NamedCurveAlgorithm.secp256r1_23:\n return \"P-256\";\n case NamedCurveAlgorithm.x25519_29:\n // todo fix (X25519 not supported with ECDSA)\n if (signatureAlgorithmName === \"ECDSA\") {\n return \"P-256\";\n }\n return \"X25519\";\n default: {\n if (signatureAlgorithmName === \"ECDSA\") return \"P-256\";\n if (signatureAlgorithmName === \"RSASSA-PKCS1-v1_5\") return \"X25519\";\n }\n }\n })();\n const alg = (() => {\n switch (signatureAlgorithmName) {\n case \"ECDSA\":\n return { name: signatureAlgorithmName, hash, namedCurve };\n case \"RSASSA-PKCS1-v1_5\":\n return {\n name: signatureAlgorithmName,\n hash,\n publicExponent: new Uint8Array([1, 0, 1]),\n modulusLength: 2048,\n };\n }\n })();\n\n const keys = (await crypto.subtle.generateKey(alg, true, [\n \"sign\",\n \"verify\",\n ])) as webcrypto.CryptoKeyPair;\n\n const cert = await x509.X509CertificateGenerator.createSelfSigned({\n serialNumber: randomBytes(8).toString(\"hex\"),\n name: \"C=AU, ST=Some-State, O=Internet Widgits Pty Ltd\",\n notBefore: new Date(),\n notAfter: new Date(Date.now() + 10 * 365 * 24 * 60 * 60 * 1000),\n signingAlgorithm: alg,\n keys,\n });\n\n const certPem = cert.toString(\"pem\");\n const keyPem = x509.PemConverter.encode(\n await crypto.subtle.exportKey(\"pkcs8\", keys.privateKey as any),\n \"private key\",\n );\n\n return { certPem, keyPem, signatureHash };\n };\n\n encryptPacket(pkt: DtlsPlaintext) {\n const header = pkt.recordLayerHeader;\n const version =\n (header.protocolVersion.major << 8) | header.protocolVersion.minor;\n const enc = this.cipher.encrypt(this.sessionType, pkt.fragment, {\n type: header.contentType,\n version,\n epoch: header.epoch,\n sequenceNumber: header.sequenceNumber,\n });\n pkt.fragment = enc;\n pkt.recordLayerHeader.contentLen = enc.length;\n return pkt;\n }\n\n decryptPacket(pkt: DtlsPlaintext) {\n const header = pkt.recordLayerHeader;\n const version =\n (header.protocolVersion.major << 8) | header.protocolVersion.minor;\n const dec = this.cipher.decrypt(this.sessionType, pkt.fragment, {\n type: header.contentType,\n version,\n epoch: header.epoch,\n sequenceNumber: header.sequenceNumber,\n });\n return dec;\n }\n\n verifyData(buf: Buffer) {\n if (this.sessionType === SessionType.CLIENT)\n return prfVerifyDataClient(this.masterSecret, buf);\n else return prfVerifyDataServer(this.masterSecret, buf);\n }\n\n signatureData(data: Buffer, hash: string) {\n const signature = createSign(hash).update(data);\n const key = this.localPrivateKey.toPEM().toString();\n const signed = signature.sign(key);\n return signed;\n }\n\n generateKeySignature(hashAlgorithm: string) {\n const clientRandom =\n this.sessionType === SessionType.CLIENT\n ? this.localRandom\n : this.remoteRandom;\n const serverRandom =\n this.sessionType === SessionType.SERVER\n ? this.localRandom\n : this.remoteRandom;\n\n const sig = this.valueKeySignature(\n clientRandom.serialize(),\n serverRandom.serialize(),\n this.localKeyPair.publicKey,\n this.namedCurve,\n );\n\n const enc = this.localPrivateKey.sign(sig, hashAlgorithm);\n return enc;\n }\n\n parseX509(certPem: string, keyPem: string, signatureHash: SignatureHash) {\n const cert = Certificate.fromPEM(Buffer.from(certPem));\n const sec = PrivateKey.fromPEM(Buffer.from(keyPem));\n this.localCert = cert.raw;\n this.localPrivateKey = sec;\n this.signatureHashAlgorithm = signatureHash;\n }\n\n private valueKeySignature(\n clientRandom: Buffer,\n serverRandom: Buffer,\n publicKey: Buffer,\n namedCurve: number,\n ) {\n const serverParams = Buffer.from(\n encode(\n {\n type: CurveType.named_curve_3,\n curve: namedCurve,\n len: publicKey.length,\n },\n { type: types.uint8, curve: types.uint16be, len: types.uint8 },\n ).slice(),\n );\n return Buffer.concat([clientRandom, serverRandom, serverParams, publicKey]);\n }\n}\n"]}
package/lib/dtls/src/context/srtp.d.ts CHANGED
@@ -1,5 +1,5 @@
1
- import type { Profile } from "../imports/rtp";
1
+ import type { SrtpProfile } from "../imports/rtp";
2
2
  export declare class SrtpContext {
3
- srtpProfile?: Profile;
4
- static findMatchingSRTPProfile(remote: Profile[], local: Profile[]): 1 | 7 | undefined;
3
+ srtpProfile?: SrtpProfile;
4
+ static findMatchingSRTPProfile(remote: SrtpProfile[], local: SrtpProfile[]): 1 | 7 | undefined;
5
5
  }
package/lib/dtls/src/context/srtp.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"srtp.js","sourceRoot":"","sources":["../../../../../dtls/src/context/srtp.ts"],"names":[],"mappings":";;;AAEA,MAAa,WAAW;IAAxB;QACE;;;;;WAAsB;IAOxB,CAAC;IALC,MAAM,CAAC,uBAAuB,CAAC,MAAiB,EAAE,KAAgB;QAChE,KAAK,MAAM,CAAC,IAAI,KAAK,EAAE,CAAC;YACtB,IAAI,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC;gBAAE,OAAO,CAAC,CAAC;QACnC,CAAC;IACH,CAAC;CACF;AARD,kCAQC","sourcesContent":["import type { Profile } from \"../imports/rtp\";\n\nexport class SrtpContext {\n srtpProfile?: Profile;\n\n static findMatchingSRTPProfile(remote: Profile[], local: Profile[]) {\n for (const v of local) {\n if (remote.includes(v)) return v;\n }\n }\n}\n"]}
1
+ {"version":3,"file":"srtp.js","sourceRoot":"","sources":["../../../../../dtls/src/context/srtp.ts"],"names":[],"mappings":";;;AAEA,MAAa,WAAW;IAAxB;QACE;;;;;WAA0B;IAO5B,CAAC;IALC,MAAM,CAAC,uBAAuB,CAAC,MAAqB,EAAE,KAAoB;QACxE,KAAK,MAAM,CAAC,IAAI,KAAK,EAAE,CAAC;YACtB,IAAI,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC;gBAAE,OAAO,CAAC,CAAC;QACnC,CAAC;IACH,CAAC;CACF;AARD,kCAQC","sourcesContent":["import type { SrtpProfile } from \"../imports/rtp\";\n\nexport class SrtpContext {\n srtpProfile?: SrtpProfile;\n\n static findMatchingSRTPProfile(remote: SrtpProfile[], local: SrtpProfile[]) {\n for (const v of local) {\n if (remote.includes(v)) return v;\n }\n }\n}\n"]}
package/lib/dtls/src/flight/client/flight5.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"flight5.js","sourceRoot":"","sources":["../../../../../../dtls/src/flight/client/flight5.ts"],"names":[],"mappings":";;;AAAA,8CAAyE;AACzE,gDAAmD;AACnD,wDAA0D;AAC1D,0CAI0B;AAG1B,6CAAiD;AAEjD,iDAAsD;AACtD,0FAAuF;AACvF,gGAA6F;AAC7F,gEAA6D;AAC7D,qEAAkE;AAClE,+EAA4E;AAC5E,wFAAqF;AACrF,4EAA+E;AAC/E,+DAA4D;AAC5D,0FAA6F;AAC7F,gEAAmE;AACnE,wEAA2E;AAC3E,4EAA+E;AAC/E,mDAAoD;AACpD,2CAAwD;AACxD,kDAAuD;AACvD,8CAAiD;AAEjD,sCAAmC;AAEnC,MAAM,GAAG,GAAG,IAAA,WAAK,EACf,gEAAgE,CACjE,CAAC;AAEF,MAAa,OAAQ,SAAQ,eAAM;IACjC,YACE,GAAqB,EACrB,IAAiB,EACT,MAAqB,EACrB,IAAiB;QAEzB,KAAK,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;QAHvB;;;;mBAAQ,MAAM;WAAe;QAC7B;;;;mBAAQ,IAAI;WAAa;IAG3B,CAAC;IAED,eAAe,CAAC,SAA8B;QAC5C,IAAI,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC;QACtD,MAAM,OAAO,GAAG,CAAC,GAAG,EAAE;YACpB,QAAQ,SAAS,CAAC,QAAQ,EAAE,CAAC;gBAC3B,KAAK,qBAAa,CAAC,cAAc;oBAC/B,OAAO,mBAAW,CAAC,WAAW,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;gBACrD,KAAK,qBAAa,CAAC,cAAc;oBAC/B,OAAO,yBAAW,CAAC,WAAW,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;gBACrD,KAAK,qBAAa,CAAC,sBAAsB;oBACvC,OAAO,+BAAiB,CAAC,WAAW,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;gBAC3D,KAAK,qBAAa,CAAC,sBAAsB;oBACvC,OAAO,6CAAwB,CAAC,WAAW,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;gBAClE,KAAK,qBAAa,CAAC,oBAAoB;oBACrC,OAAO,2BAAe,CAAC,WAAW,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;YAC3D,CAAC;QACH,CAAC,CAAC,EAAE,CAAC;QAEL,IAAI,OAAO,EAAE,CAAC;YACZ,QAAQ,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;gBACxB,IAAI,EAAE,IAAI,CAAC,IAAI;gBACf,MAAM,EAAE,IAAI,CAAC,MAAM;gBACnB,IAAI,EAAE,IAAI,CAAC,IAAI;aAChB,CAAC,CAAC,OAAO,CAAC,CAAC;QACd,CAAC;IACH,CAAC;IAED,KAAK,CAAC,IAAI;QACR,IAAI,IAAI,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC3B,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,eAAe,CAAC,CAAC;YAC1C,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;YACjC,OAAO;QACT,CAAC;QACD,IAAI,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC;QAErB,MAAM,eAAe,GAAG,IAAI,CAAC,IAAI,CAAC,yBAAyB,CAAC,MAAM,GAAG,CAAC,CAAC;QACvE,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,cAAc,EAAE,eAAe,CAAC,CAAC;QAE1D,MAAM,QAAQ,GAAG;YACf,eAAe,IAAI,IAAI,CAAC,eAAe,EAAE;YACzC,IAAI,CAAC,qBAAqB,EAAE;YAC5B,eAAe,IAAI,IAAI,CAAC,qBAAqB,EAAE;YAC/C,IAAI,CAAC,oBAAoB,EAAE;YAC3B,IAAI,CAAC,YAAY,EAAE;SACpB,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAa,CAAC;QAE/B,IAAI,CAAC,IAAI,CAAC,WAAW,GAAG,QAAQ,CAAC;QACjC,MAAM,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IAChC,CAAC;IAEO,eAAe;QACrB,MAAM,WAAW,GAAG,IAAI,yBAAW,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;QAE1E,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC;QAEjD,MAAM,GAAG,GAAG,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC;QAC7D,OAAO,GAAG,CAAC;IACb,CAAC;IAEO,qBAAqB;QAC3B,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,YAAY;YAAE,MAAM,IAAI,KAAK,EAAE,CAAC;QAEjD,MAAM,iBAAiB,GAAG,IAAI,+BAAiB,CAC7C,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,SAAS,CACnC,CAAC;QACF,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,CAAC,CAAC,iBAAiB,CAAC,CAAC,CAAC;QACvD,MAAM,GAAG,GAAG,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC;QAE7D,MAAM,YAAY,GAAG,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC;QAC9C,MAAM,aAAa,GAAG,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC;QAEhD,IAAI,CAAC,aAAa,CAAC,SAAS;YAAE,MAAM,IAAI,KAAK,CAAC,WAAW,CAAC,CAAC;QAE3D,MAAM,eAAe,GAAG,IAAA,wBAAkB,EACxC,aAAa,CAAC,SAAS,EACvB,YAAY,CAAC,UAAU,EACvB,YAAY,CAAC,KAAK,CACnB,CAAC;QAEF,GAAG,CACD,IAAI,CAAC,IAAI,CAAC,SAAS,EACnB,sBAAsB,EACtB,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,oBAAoB,EACtC,IAAI,CAAC,IAAI,CAAC,0BAA0B,CACrC,CAAC;QAEF,MAAM,UAAU,GAAG,MAAM,CAAC,MAAM,CAC9B,IAAI,CAAC,IAAI,CAAC,oBAAoB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,EAAE,CAAC,CACzD,CAAC;QACF,IAAI,CAAC,MAAM,CAAC,YAAY;YACtB,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,oBAAoB;gBACtC,IAAI,CAAC,IAAI,CAAC,0BAA0B;gBAClC,CAAC,CAAC,IAAA,6BAAuB,EAAC,eAAe,EAAE,UAAU,CAAC;gBACtD,CAAC,CAAC,IAAA,qBAAe,EACb,eAAe,EACf,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,SAAS,EAAE,EACnC,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,SAAS,EAAE,CACrC,CAAC;QAER,IAAI,CAAC,MAAM,CAAC,MAAM,GAAG,IAAA,qBAAY,EAAC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;QAC3D,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CACrB,IAAI,CAAC,MAAM,CAAC,YAAY,EACxB,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,SAAS,EAAE,EACpC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,SAAS,EAAE,CACpC,CAAC;QACF,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QAE/D,OAAO,GAAG,CAAC;IACb,CAAC;IAEO,qBAAqB;QAC3B,MAAM,KAAK,GAAG,MAAM,CAAC,MAAM,CACzB,IAAI,CAAC,IAAI,CAAC,oBAAoB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,EAAE,CAAC,CACzD,CAAC;QACF,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC;QAC1D,MAAM,eAAe,GAAG,CAAC,GAAG,EAAE;YAC5B,QAAQ,IAAI,CAAC,MAAM,CAAC,sBAAsB,EAAE,SAAS,EAAE,CAAC;gBACtD,KAAK,0BAAkB,CAAC,OAAO;oBAC7B,OAAO,uBAAe,CAAC,sBAAsB,CAAC;gBAChD,KAAK,0BAAkB,CAAC,KAAK;oBAC3B,OAAO,uBAAe,CAAC,gBAAgB,CAAC;YAC5C,CAAC;QACH,CAAC,CAAC,EAAE,CAAC;QACL,IAAI,CAAC,eAAe;YAAE,MAAM,IAAI,KAAK,EAAE,CAAC;QACxC,GAAG,CACD,IAAI,CAAC,IAAI,CAAC,SAAS,EACnB,iBAAiB,EACjB,IAAI,CAAC,MAAM,CAAC,sBAAsB,EAAE,SAAS,EAC7C,eAAe,CAChB,CAAC;QAEF,MAAM,iBAAiB,GAAG,IAAI,qCAAiB,CAAC,eAAe,EAAE,MAAM,CAAC,CAAC;QACzE,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,CAAC,CAAC,iBAAiB,CAAC,CAAC,CAAC;QACvD,MAAM,GAAG,GAAG,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC;QAC7D,OAAO,GAAG,CAAC;IACb,CAAC;IAEO,oBAAoB;QAC1B,MAAM,gBAAgB,GAAG,mCAAgB,CAAC,WAAW,EAAE,CAAC,SAAS,EAAE,CAAC;QACpE,MAAM,OAAO,GAAG,IAAA,yBAAe,EAAC,IAAI,CAAC,IAAI,CAAC,CACxC,CAAC,EAAE,IAAI,EAAE,mBAAW,CAAC,gBAAgB,EAAE,QAAQ,EAAE,gBAAgB,EAAE,CAAC,EACpE,EAAE,IAAI,CAAC,IAAI,CAAC,oBAAoB,CACjC,CAAC;QACF,MAAM,GAAG,GAAG,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC;QAC7D,OAAO,GAAG,CAAC;IACb,CAAC;IAEO,YAAY;QAClB,MAAM,KAAK,GAAG,MAAM,CAAC,MAAM,CACzB,IAAI,CAAC,IAAI,CAAC,oBAAoB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,EAAE,CAAC,CACzD,CAAC;QACF,MAAM,eAAe,GAAG,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC;QAEtD,MAAM,MAAM,GAAG,IAAI,mBAAQ,CAAC,eAAe,CAAC,CAAC;QAC7C,IAAI,CAAC,IAAI,CAAC,KAAK,GAAG,CAAC,CAAC;QACpB,MAAM,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC,YAAY,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC;QAC7C,OAAO;QACP,yBAAyB;QACzB,yBAAyB;QACzB,oBAAoB;QACpB,0DAA0D;QAC1D,KAAK;QAEL,IAAI,CAAC,IAAI,CAAC,oBAAoB,GAAG,CAAC,CAAC;QAEnC,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,SAAS,EAAE,CAAC;QAC1D,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QACjE,OAAO,GAAG,CAAC;IACb,CAAC;CACF;AAlLD,0BAkLC;AAED,MAAM,QAAQ,GAMV,EAAE,CAAC;AAEP,QAAQ,CAAC,qBAAa,CAAC,cAAc,CAAC;IACpC,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,EAAE,EAAE,CAC3B,CAAC,OAAoB,EAAE,EAAE;QACvB,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE,aAAa,EAAE,OAAO,CAAC,WAAW,CAAC,CAAC;QACxD,MAAM,CAAC,YAAY,GAAG,mBAAU,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QACtD,MAAM,CAAC,WAAW,GAAG,OAAO,CAAC,WAAW,CAAC;QACzC,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE,sBAAsB,EAAE,MAAM,CAAC,WAAW,CAAC,CAAC;QAEhE,IAAI,OAAO,CAAC,UAAU,EAAE,CAAC;YACvB,OAAO,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,SAAS,EAAE,EAAE;gBACvC,QAAQ,SAAS,CAAC,IAAI,EAAE,CAAC;oBACvB,KAAK,iBAAO,CAAC,IAAI;wBACf,CAAC;4BACC,MAAM,OAAO,GAAG,iBAAO,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;4BACjD,MAAM,OAAO,GAAG,kBAAW,CAAC,uBAAuB,CACjD,OAAO,CAAC,QAAqB,EAC7B,IAAI,CAAC,OAAO,CAAC,YAAY,IAAI,EAAE,CAChC,CAAC;4BACF,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE,uBAAuB,EAAE,OAAO,CAAC,CAAC;4BACtD,IAAI,OAAO,IAAI,SAAS;gCAAE,OAAO;4BACjC,IAAI,CAAC,WAAW,GAAG,OAAO,CAAC;wBAC7B,CAAC;wBACD,MAAM;oBACR,KAAK,2CAAoB,CAAC,IAAI;wBAC5B,IAAI,CAAC,0BAA0B,GAAG,IAAI,CAAC;wBACvC,MAAM;oBACR,KAAK,iDAAuB,CAAC,IAAI;wBAC/B,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE,yBAAyB,CAAC,CAAC;wBAC/C,MAAM;gBACV,CAAC;YACH,CAAC,CAAC,CAAC;QACL,CAAC;IACH,CAAC,CAAC;AAEJ,QAAQ,CAAC,qBAAa,CAAC,cAAc,CAAC;IACpC,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,EAAE,EAAE,CACrB,CAAC,OAAoB,EAAE,EAAE;QACvB,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE,uBAAuB,EAAE,OAAO,CAAC,CAAC;QACtD,MAAM,CAAC,iBAAiB,GAAG,OAAO,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;IACxD,CAAC,CAAC;AAEJ,QAAQ,CAAC,qBAAa,CAAC,sBAAsB,CAAC;IAC5C,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,EAAE,EAAE,CACrB,CAAC,OAA0B,EAAE,EAAE;QAC7B,IAAI,CAAC,MAAM,CAAC,WAAW,IAAI,CAAC,MAAM,CAAC,YAAY;YAAE,MAAM,IAAI,KAAK,EAAE,CAAC;QACnE,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE,mBAAmB,EAAE,OAAO,CAAC,CAAC;QAElD,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE,gBAAgB,EAAE,OAAO,CAAC,UAAU,CAAC,CAAC;QAC1D,MAAM,CAAC,aAAa,GAAG;YACrB,KAAK,EAAE,OAAO,CAAC,UAAU;YACzB,SAAS,EAAE,OAAO,CAAC,SAAS;SAC7B,CAAC;QACF,MAAM,CAAC,YAAY,GAAG,IAAA,4BAAe,EAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IAC5D,CAAC,CAAC;AAEJ,QAAQ,CAAC,qBAAa,CAAC,sBAAsB,CAAC;IAC5C,CAAC,EAAE,IAAI,EAAE,EAAE,EAAE,CACb,CAAC,OAAiC,EAAE,EAAE;QACpC,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE,qBAAqB,EAAE,OAAO,CAAC,CAAC;QACpD,IAAI,CAAC,yBAAyB,GAAG,OAAO,CAAC,gBAAgB,CAAC;QAC1D,IAAI,CAAC,4BAA4B,GAAG,OAAO,CAAC,UAAU,CAAC;IACzD,CAAC,CAAC;AAEJ,QAAQ,CAAC,qBAAa,CAAC,oBAAoB,CAAC;IAC1C,CAAC,EAAE,IAAI,EAAE,EAAE,EAAE,CACb,CAAC,GAAG,EAAE,EAAE;QACN,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE,mBAAmB,EAAE,GAAG,CAAC,CAAC;IAChD,CAAC,CAAC","sourcesContent":["import { SignatureAlgorithm, SignatureScheme } from \"../../cipher/const\";\nimport { createCipher } from \"../../cipher/create\";\nimport { generateKeyPair } from \"../../cipher/namedCurve\";\nimport {\n prfExtendedMasterSecret,\n prfMasterSecret,\n prfPreMasterSecret,\n} from \"../../cipher/prf\";\nimport type { CipherContext } from \"../../context/cipher\";\nimport type { DtlsContext } from \"../../context/dtls\";\nimport { SrtpContext } from \"../../context/srtp\";\nimport type { TransportContext } from \"../../context/transport\";\nimport { HandshakeType } from \"../../handshake/const\";\nimport { ExtendedMasterSecret } from \"../../handshake/extensions/extendedMasterSecret\";\nimport { RenegotiationIndication } from \"../../handshake/extensions/renegotiationIndication\";\nimport { UseSRTP } from \"../../handshake/extensions/useSrtp\";\nimport { Certificate } from \"../../handshake/message/certificate\";\nimport { ChangeCipherSpec } from \"../../handshake/message/changeCipherSpec\";\nimport { CertificateVerify } from \"../../handshake/message/client/certificateVerify\";\nimport { ClientKeyExchange } from \"../../handshake/message/client/keyExchange\";\nimport { Finished } from \"../../handshake/message/finished\";\nimport { ServerCertificateRequest } from \"../../handshake/message/server/certificateRequest\";\nimport { ServerHello } from \"../../handshake/message/server/hello\";\nimport { ServerHelloDone } from \"../../handshake/message/server/helloDone\";\nimport { ServerKeyExchange } from \"../../handshake/message/server/keyExchange\";\nimport { DtlsRandom } from \"../../handshake/random\";\nimport { type Profile, debug } from \"../../imports/rtp\";\nimport { createPlaintext } from \"../../record/builder\";\nimport { ContentType } from \"../../record/const\";\nimport type { FragmentedHandshake } from \"../../record/message/fragment\";\nimport { Flight } from \"../flight\";\n\nconst log = debug(\n \"werift-dtls : packages/dtls/src/flight/client/flight5.ts : log\",\n);\n\nexport class Flight5 extends Flight {\n constructor(\n udp: TransportContext,\n dtls: DtlsContext,\n private cipher: CipherContext,\n private srtp: SrtpContext,\n ) {\n super(udp, dtls, 5, 7);\n }\n\n handleHandshake(handshake: FragmentedHandshake) {\n this.dtls.bufferHandshakeCache([handshake], false, 4);\n const message = (() => {\n switch (handshake.msg_type) {\n case HandshakeType.server_hello_2:\n return ServerHello.deSerialize(handshake.fragment);\n case HandshakeType.certificate_11:\n return Certificate.deSerialize(handshake.fragment);\n case HandshakeType.server_key_exchange_12:\n return ServerKeyExchange.deSerialize(handshake.fragment);\n case HandshakeType.certificate_request_13:\n return ServerCertificateRequest.deSerialize(handshake.fragment);\n case HandshakeType.server_hello_done_14:\n return ServerHelloDone.deSerialize(handshake.fragment);\n }\n })();\n\n if (message) {\n handlers[message.msgType]({\n dtls: this.dtls,\n cipher: this.cipher,\n srtp: this.srtp,\n })(message);\n }\n }\n\n async exec() {\n if (this.dtls.flight === 5) {\n log(this.dtls.sessionId, \"flight5 twice\");\n this.send(this.dtls.lastMessage);\n return;\n }\n this.dtls.flight = 5;\n\n const needCertificate = this.dtls.requestedCertificateTypes.length > 0;\n log(this.dtls.sessionId, \"send flight5\", needCertificate);\n\n const messages = [\n needCertificate && this.sendCertificate(),\n this.sendClientKeyExchange(),\n needCertificate && this.sendCertificateVerify(),\n this.sendChangeCipherSpec(),\n this.sendFinished(),\n ].filter((v) => v) as Buffer[];\n\n this.dtls.lastMessage = messages;\n await this.transmit(messages);\n }\n\n private sendCertificate() {\n const certificate = new Certificate([Buffer.from(this.cipher.localCert)]);\n\n const packets = this.createPacket([certificate]);\n\n const buf = Buffer.concat(packets.map((v) => v.serialize()));\n return buf;\n }\n\n private sendClientKeyExchange() {\n if (!this.cipher.localKeyPair) throw new Error();\n\n const clientKeyExchange = new ClientKeyExchange(\n this.cipher.localKeyPair.publicKey,\n );\n const packets = this.createPacket([clientKeyExchange]);\n const buf = Buffer.concat(packets.map((v) => v.serialize()));\n\n const localKeyPair = this.cipher.localKeyPair;\n const remoteKeyPair = this.cipher.remoteKeyPair;\n\n if (!remoteKeyPair.publicKey) throw new Error(\"not exist\");\n\n const preMasterSecret = prfPreMasterSecret(\n remoteKeyPair.publicKey,\n localKeyPair.privateKey,\n localKeyPair.curve,\n );\n\n log(\n this.dtls.sessionId,\n \"extendedMasterSecret\",\n this.dtls.options.extendedMasterSecret,\n this.dtls.remoteExtendedMasterSecret,\n );\n\n const handshakes = Buffer.concat(\n this.dtls.sortedHandshakeCache.map((v) => v.serialize()),\n );\n this.cipher.masterSecret =\n this.dtls.options.extendedMasterSecret &&\n this.dtls.remoteExtendedMasterSecret\n ? prfExtendedMasterSecret(preMasterSecret, handshakes)\n : prfMasterSecret(\n preMasterSecret,\n this.cipher.localRandom.serialize(),\n this.cipher.remoteRandom.serialize(),\n );\n\n this.cipher.cipher = createCipher(this.cipher.cipherSuite);\n this.cipher.cipher.init(\n this.cipher.masterSecret,\n this.cipher.remoteRandom.serialize(),\n this.cipher.localRandom.serialize(),\n );\n log(this.dtls.sessionId, \"cipher\", this.cipher.cipher.summary);\n\n return buf;\n }\n\n private sendCertificateVerify() {\n const cache = Buffer.concat(\n this.dtls.sortedHandshakeCache.map((v) => v.serialize()),\n );\n const signed = this.cipher.signatureData(cache, \"sha256\");\n const signatureScheme = (() => {\n switch (this.cipher.signatureHashAlgorithm?.signature) {\n case SignatureAlgorithm.ecdsa_3:\n return SignatureScheme.ecdsa_secp256r1_sha256;\n case SignatureAlgorithm.rsa_1:\n return SignatureScheme.rsa_pkcs1_sha256;\n }\n })();\n if (!signatureScheme) throw new Error();\n log(\n this.dtls.sessionId,\n \"signatureScheme\",\n this.cipher.signatureHashAlgorithm?.signature,\n signatureScheme,\n );\n\n const certificateVerify = new CertificateVerify(signatureScheme, signed);\n const packets = this.createPacket([certificateVerify]);\n const buf = Buffer.concat(packets.map((v) => v.serialize()));\n return buf;\n }\n\n private sendChangeCipherSpec() {\n const changeCipherSpec = ChangeCipherSpec.createEmpty().serialize();\n const packets = createPlaintext(this.dtls)(\n [{ type: ContentType.changeCipherSpec, fragment: changeCipherSpec }],\n ++this.dtls.recordSequenceNumber,\n );\n const buf = Buffer.concat(packets.map((v) => v.serialize()));\n return buf;\n }\n\n private sendFinished() {\n const cache = Buffer.concat(\n this.dtls.sortedHandshakeCache.map((v) => v.serialize()),\n );\n const localVerifyData = this.cipher.verifyData(cache);\n\n const finish = new Finished(localVerifyData);\n this.dtls.epoch = 1;\n const [packet] = this.createPacket([finish]);\n // log(\n // this.dtls.sessionId,\n // \"raw finish packet\",\n // packet.summary,\n // this.dtls.sortedHandshakeCache.map((h) => h.summary),\n // );\n\n this.dtls.recordSequenceNumber = 0;\n\n const buf = this.cipher.encryptPacket(packet).serialize();\n log(this.dtls.sessionId, \"finished\", this.cipher.cipher.summary);\n return buf;\n }\n}\n\nconst handlers: {\n [key: number]: (contexts: {\n dtls: DtlsContext;\n cipher: CipherContext;\n srtp: SrtpContext;\n }) => (message: any) => void;\n} = {};\n\nhandlers[HandshakeType.server_hello_2] =\n ({ cipher, srtp, dtls }) =>\n (message: ServerHello) => {\n log(dtls.sessionId, \"serverHello\", message.cipherSuite);\n cipher.remoteRandom = DtlsRandom.from(message.random);\n cipher.cipherSuite = message.cipherSuite;\n log(dtls.sessionId, \"selected cipherSuite\", cipher.cipherSuite);\n\n if (message.extensions) {\n message.extensions.forEach((extension) => {\n switch (extension.type) {\n case UseSRTP.type:\n {\n const useSrtp = UseSRTP.fromData(extension.data);\n const profile = SrtpContext.findMatchingSRTPProfile(\n useSrtp.profiles as Profile[],\n dtls.options.srtpProfiles || [],\n );\n log(dtls.sessionId, \"selected srtp profile\", profile);\n if (profile == undefined) return;\n srtp.srtpProfile = profile;\n }\n break;\n case ExtendedMasterSecret.type:\n dtls.remoteExtendedMasterSecret = true;\n break;\n case RenegotiationIndication.type:\n log(dtls.sessionId, \"RenegotiationIndication\");\n break;\n }\n });\n }\n };\n\nhandlers[HandshakeType.certificate_11] =\n ({ cipher, dtls }) =>\n (message: Certificate) => {\n log(dtls.sessionId, \"handshake certificate\", message);\n cipher.remoteCertificate = message.certificateList[0];\n };\n\nhandlers[HandshakeType.server_key_exchange_12] =\n ({ cipher, dtls }) =>\n (message: ServerKeyExchange) => {\n if (!cipher.localRandom || !cipher.remoteRandom) throw new Error();\n log(dtls.sessionId, \"ServerKeyExchange\", message);\n\n log(dtls.sessionId, \"selected curve\", message.namedCurve);\n cipher.remoteKeyPair = {\n curve: message.namedCurve,\n publicKey: message.publicKey,\n };\n cipher.localKeyPair = generateKeyPair(message.namedCurve);\n };\n\nhandlers[HandshakeType.certificate_request_13] =\n ({ dtls }) =>\n (message: ServerCertificateRequest) => {\n log(dtls.sessionId, \"certificate_request\", message);\n dtls.requestedCertificateTypes = message.certificateTypes;\n dtls.requestedSignatureAlgorithms = message.signatures;\n };\n\nhandlers[HandshakeType.server_hello_done_14] =\n ({ dtls }) =>\n (msg) => {\n log(dtls.sessionId, \"server_hello_done\", msg);\n };\n"]}
1
+ {"version":3,"file":"flight5.js","sourceRoot":"","sources":["../../../../../../dtls/src/flight/client/flight5.ts"],"names":[],"mappings":";;;AAAA,8CAAyE;AACzE,gDAAmD;AACnD,wDAA0D;AAC1D,0CAI0B;AAG1B,6CAAiD;AAEjD,iDAAsD;AACtD,0FAAuF;AACvF,gGAA6F;AAC7F,gEAA6D;AAC7D,qEAAkE;AAClE,+EAA4E;AAC5E,wFAAqF;AACrF,4EAA+E;AAC/E,+DAA4D;AAC5D,0FAA6F;AAC7F,gEAAmE;AACnE,wEAA2E;AAC3E,4EAA+E;AAC/E,mDAAoD;AACpD,2CAA4D;AAC5D,kDAAuD;AACvD,8CAAiD;AAEjD,sCAAmC;AAEnC,MAAM,GAAG,GAAG,IAAA,WAAK,EACf,gEAAgE,CACjE,CAAC;AAEF,MAAa,OAAQ,SAAQ,eAAM;IACjC,YACE,GAAqB,EACrB,IAAiB,EACT,MAAqB,EACrB,IAAiB;QAEzB,KAAK,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;QAHvB;;;;mBAAQ,MAAM;WAAe;QAC7B;;;;mBAAQ,IAAI;WAAa;IAG3B,CAAC;IAED,eAAe,CAAC,SAA8B;QAC5C,IAAI,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC;QACtD,MAAM,OAAO,GAAG,CAAC,GAAG,EAAE;YACpB,QAAQ,SAAS,CAAC,QAAQ,EAAE,CAAC;gBAC3B,KAAK,qBAAa,CAAC,cAAc;oBAC/B,OAAO,mBAAW,CAAC,WAAW,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;gBACrD,KAAK,qBAAa,CAAC,cAAc;oBAC/B,OAAO,yBAAW,CAAC,WAAW,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;gBACrD,KAAK,qBAAa,CAAC,sBAAsB;oBACvC,OAAO,+BAAiB,CAAC,WAAW,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;gBAC3D,KAAK,qBAAa,CAAC,sBAAsB;oBACvC,OAAO,6CAAwB,CAAC,WAAW,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;gBAClE,KAAK,qBAAa,CAAC,oBAAoB;oBACrC,OAAO,2BAAe,CAAC,WAAW,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;YAC3D,CAAC;QACH,CAAC,CAAC,EAAE,CAAC;QAEL,IAAI,OAAO,EAAE,CAAC;YACZ,QAAQ,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;gBACxB,IAAI,EAAE,IAAI,CAAC,IAAI;gBACf,MAAM,EAAE,IAAI,CAAC,MAAM;gBACnB,IAAI,EAAE,IAAI,CAAC,IAAI;aAChB,CAAC,CAAC,OAAO,CAAC,CAAC;QACd,CAAC;IACH,CAAC;IAED,KAAK,CAAC,IAAI;QACR,IAAI,IAAI,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC3B,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,eAAe,CAAC,CAAC;YAC1C,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;YACjC,OAAO;QACT,CAAC;QACD,IAAI,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC;QAErB,MAAM,eAAe,GAAG,IAAI,CAAC,IAAI,CAAC,yBAAyB,CAAC,MAAM,GAAG,CAAC,CAAC;QACvE,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,cAAc,EAAE,eAAe,CAAC,CAAC;QAE1D,MAAM,QAAQ,GAAG;YACf,eAAe,IAAI,IAAI,CAAC,eAAe,EAAE;YACzC,IAAI,CAAC,qBAAqB,EAAE;YAC5B,eAAe,IAAI,IAAI,CAAC,qBAAqB,EAAE;YAC/C,IAAI,CAAC,oBAAoB,EAAE;YAC3B,IAAI,CAAC,YAAY,EAAE;SACpB,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAa,CAAC;QAE/B,IAAI,CAAC,IAAI,CAAC,WAAW,GAAG,QAAQ,CAAC;QACjC,MAAM,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IAChC,CAAC;IAEO,eAAe;QACrB,MAAM,WAAW,GAAG,IAAI,yBAAW,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;QAE1E,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC;QAEjD,MAAM,GAAG,GAAG,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC;QAC7D,OAAO,GAAG,CAAC;IACb,CAAC;IAEO,qBAAqB;QAC3B,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,YAAY;YAAE,MAAM,IAAI,KAAK,EAAE,CAAC;QAEjD,MAAM,iBAAiB,GAAG,IAAI,+BAAiB,CAC7C,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,SAAS,CACnC,CAAC;QACF,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,CAAC,CAAC,iBAAiB,CAAC,CAAC,CAAC;QACvD,MAAM,GAAG,GAAG,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC;QAE7D,MAAM,YAAY,GAAG,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC;QAC9C,MAAM,aAAa,GAAG,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC;QAEhD,IAAI,CAAC,aAAa,CAAC,SAAS;YAAE,MAAM,IAAI,KAAK,CAAC,WAAW,CAAC,CAAC;QAE3D,MAAM,eAAe,GAAG,IAAA,wBAAkB,EACxC,aAAa,CAAC,SAAS,EACvB,YAAY,CAAC,UAAU,EACvB,YAAY,CAAC,KAAK,CACnB,CAAC;QAEF,GAAG,CACD,IAAI,CAAC,IAAI,CAAC,SAAS,EACnB,sBAAsB,EACtB,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,oBAAoB,EACtC,IAAI,CAAC,IAAI,CAAC,0BAA0B,CACrC,CAAC;QAEF,MAAM,UAAU,GAAG,MAAM,CAAC,MAAM,CAC9B,IAAI,CAAC,IAAI,CAAC,oBAAoB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,EAAE,CAAC,CACzD,CAAC;QACF,IAAI,CAAC,MAAM,CAAC,YAAY;YACtB,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,oBAAoB;gBACtC,IAAI,CAAC,IAAI,CAAC,0BAA0B;gBAClC,CAAC,CAAC,IAAA,6BAAuB,EAAC,eAAe,EAAE,UAAU,CAAC;gBACtD,CAAC,CAAC,IAAA,qBAAe,EACb,eAAe,EACf,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,SAAS,EAAE,EACnC,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,SAAS,EAAE,CACrC,CAAC;QAER,IAAI,CAAC,MAAM,CAAC,MAAM,GAAG,IAAA,qBAAY,EAAC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;QAC3D,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CACrB,IAAI,CAAC,MAAM,CAAC,YAAY,EACxB,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,SAAS,EAAE,EACpC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,SAAS,EAAE,CACpC,CAAC;QACF,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QAE/D,OAAO,GAAG,CAAC;IACb,CAAC;IAEO,qBAAqB;QAC3B,MAAM,KAAK,GAAG,MAAM,CAAC,MAAM,CACzB,IAAI,CAAC,IAAI,CAAC,oBAAoB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,EAAE,CAAC,CACzD,CAAC;QACF,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC;QAC1D,MAAM,eAAe,GAAG,CAAC,GAAG,EAAE;YAC5B,QAAQ,IAAI,CAAC,MAAM,CAAC,sBAAsB,EAAE,SAAS,EAAE,CAAC;gBACtD,KAAK,0BAAkB,CAAC,OAAO;oBAC7B,OAAO,uBAAe,CAAC,sBAAsB,CAAC;gBAChD,KAAK,0BAAkB,CAAC,KAAK;oBAC3B,OAAO,uBAAe,CAAC,gBAAgB,CAAC;YAC5C,CAAC;QACH,CAAC,CAAC,EAAE,CAAC;QACL,IAAI,CAAC,eAAe;YAAE,MAAM,IAAI,KAAK,EAAE,CAAC;QACxC,GAAG,CACD,IAAI,CAAC,IAAI,CAAC,SAAS,EACnB,iBAAiB,EACjB,IAAI,CAAC,MAAM,CAAC,sBAAsB,EAAE,SAAS,EAC7C,eAAe,CAChB,CAAC;QAEF,MAAM,iBAAiB,GAAG,IAAI,qCAAiB,CAAC,eAAe,EAAE,MAAM,CAAC,CAAC;QACzE,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,CAAC,CAAC,iBAAiB,CAAC,CAAC,CAAC;QACvD,MAAM,GAAG,GAAG,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC;QAC7D,OAAO,GAAG,CAAC;IACb,CAAC;IAEO,oBAAoB;QAC1B,MAAM,gBAAgB,GAAG,mCAAgB,CAAC,WAAW,EAAE,CAAC,SAAS,EAAE,CAAC;QACpE,MAAM,OAAO,GAAG,IAAA,yBAAe,EAAC,IAAI,CAAC,IAAI,CAAC,CACxC,CAAC,EAAE,IAAI,EAAE,mBAAW,CAAC,gBAAgB,EAAE,QAAQ,EAAE,gBAAgB,EAAE,CAAC,EACpE,EAAE,IAAI,CAAC,IAAI,CAAC,oBAAoB,CACjC,CAAC;QACF,MAAM,GAAG,GAAG,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC;QAC7D,OAAO,GAAG,CAAC;IACb,CAAC;IAEO,YAAY;QAClB,MAAM,KAAK,GAAG,MAAM,CAAC,MAAM,CACzB,IAAI,CAAC,IAAI,CAAC,oBAAoB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,EAAE,CAAC,CACzD,CAAC;QACF,MAAM,eAAe,GAAG,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC;QAEtD,MAAM,MAAM,GAAG,IAAI,mBAAQ,CAAC,eAAe,CAAC,CAAC;QAC7C,IAAI,CAAC,IAAI,CAAC,KAAK,GAAG,CAAC,CAAC;QACpB,MAAM,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC,YAAY,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC;QAC7C,OAAO;QACP,yBAAyB;QACzB,yBAAyB;QACzB,oBAAoB;QACpB,0DAA0D;QAC1D,KAAK;QAEL,IAAI,CAAC,IAAI,CAAC,oBAAoB,GAAG,CAAC,CAAC;QAEnC,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,SAAS,EAAE,CAAC;QAC1D,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QACjE,OAAO,GAAG,CAAC;IACb,CAAC;CACF;AAlLD,0BAkLC;AAED,MAAM,QAAQ,GAMV,EAAE,CAAC;AAEP,QAAQ,CAAC,qBAAa,CAAC,cAAc,CAAC;IACpC,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,EAAE,EAAE,CAC3B,CAAC,OAAoB,EAAE,EAAE;QACvB,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE,aAAa,EAAE,OAAO,CAAC,WAAW,CAAC,CAAC;QACxD,MAAM,CAAC,YAAY,GAAG,mBAAU,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QACtD,MAAM,CAAC,WAAW,GAAG,OAAO,CAAC,WAAW,CAAC;QACzC,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE,sBAAsB,EAAE,MAAM,CAAC,WAAW,CAAC,CAAC;QAEhE,IAAI,OAAO,CAAC,UAAU,EAAE,CAAC;YACvB,OAAO,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,SAAS,EAAE,EAAE;gBACvC,QAAQ,SAAS,CAAC,IAAI,EAAE,CAAC;oBACvB,KAAK,iBAAO,CAAC,IAAI;wBACf,CAAC;4BACC,MAAM,OAAO,GAAG,iBAAO,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;4BACjD,MAAM,OAAO,GAAG,kBAAW,CAAC,uBAAuB,CACjD,OAAO,CAAC,QAAyB,EACjC,IAAI,CAAC,OAAO,CAAC,YAAY,IAAI,EAAE,CAChC,CAAC;4BACF,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE,uBAAuB,EAAE,OAAO,CAAC,CAAC;4BACtD,IAAI,OAAO,IAAI,SAAS;gCAAE,OAAO;4BACjC,IAAI,CAAC,WAAW,GAAG,OAAO,CAAC;wBAC7B,CAAC;wBACD,MAAM;oBACR,KAAK,2CAAoB,CAAC,IAAI;wBAC5B,IAAI,CAAC,0BAA0B,GAAG,IAAI,CAAC;wBACvC,MAAM;oBACR,KAAK,iDAAuB,CAAC,IAAI;wBAC/B,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE,yBAAyB,CAAC,CAAC;wBAC/C,MAAM;gBACV,CAAC;YACH,CAAC,CAAC,CAAC;QACL,CAAC;IACH,CAAC,CAAC;AAEJ,QAAQ,CAAC,qBAAa,CAAC,cAAc,CAAC;IACpC,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,EAAE,EAAE,CACrB,CAAC,OAAoB,EAAE,EAAE;QACvB,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE,uBAAuB,EAAE,OAAO,CAAC,CAAC;QACtD,MAAM,CAAC,iBAAiB,GAAG,OAAO,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;IACxD,CAAC,CAAC;AAEJ,QAAQ,CAAC,qBAAa,CAAC,sBAAsB,CAAC;IAC5C,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,EAAE,EAAE,CACrB,CAAC,OAA0B,EAAE,EAAE;QAC7B,IAAI,CAAC,MAAM,CAAC,WAAW,IAAI,CAAC,MAAM,CAAC,YAAY;YAAE,MAAM,IAAI,KAAK,EAAE,CAAC;QACnE,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE,mBAAmB,EAAE,OAAO,CAAC,CAAC;QAElD,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE,gBAAgB,EAAE,OAAO,CAAC,UAAU,CAAC,CAAC;QAC1D,MAAM,CAAC,aAAa,GAAG;YACrB,KAAK,EAAE,OAAO,CAAC,UAAU;YACzB,SAAS,EAAE,OAAO,CAAC,SAAS;SAC7B,CAAC;QACF,MAAM,CAAC,YAAY,GAAG,IAAA,4BAAe,EAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IAC5D,CAAC,CAAC;AAEJ,QAAQ,CAAC,qBAAa,CAAC,sBAAsB,CAAC;IAC5C,CAAC,EAAE,IAAI,EAAE,EAAE,EAAE,CACb,CAAC,OAAiC,EAAE,EAAE;QACpC,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE,qBAAqB,EAAE,OAAO,CAAC,CAAC;QACpD,IAAI,CAAC,yBAAyB,GAAG,OAAO,CAAC,gBAAgB,CAAC;QAC1D,IAAI,CAAC,4BAA4B,GAAG,OAAO,CAAC,UAAU,CAAC;IACzD,CAAC,CAAC;AAEJ,QAAQ,CAAC,qBAAa,CAAC,oBAAoB,CAAC;IAC1C,CAAC,EAAE,IAAI,EAAE,EAAE,EAAE,CACb,CAAC,GAAG,EAAE,EAAE;QACN,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE,mBAAmB,EAAE,GAAG,CAAC,CAAC;IAChD,CAAC,CAAC","sourcesContent":["import { SignatureAlgorithm, SignatureScheme } from \"../../cipher/const\";\nimport { createCipher } from \"../../cipher/create\";\nimport { generateKeyPair } from \"../../cipher/namedCurve\";\nimport {\n prfExtendedMasterSecret,\n prfMasterSecret,\n prfPreMasterSecret,\n} from \"../../cipher/prf\";\nimport type { CipherContext } from \"../../context/cipher\";\nimport type { DtlsContext } from \"../../context/dtls\";\nimport { SrtpContext } from \"../../context/srtp\";\nimport type { TransportContext } from \"../../context/transport\";\nimport { HandshakeType } from \"../../handshake/const\";\nimport { ExtendedMasterSecret } from \"../../handshake/extensions/extendedMasterSecret\";\nimport { RenegotiationIndication } from \"../../handshake/extensions/renegotiationIndication\";\nimport { UseSRTP } from \"../../handshake/extensions/useSrtp\";\nimport { Certificate } from \"../../handshake/message/certificate\";\nimport { ChangeCipherSpec } from \"../../handshake/message/changeCipherSpec\";\nimport { CertificateVerify } from \"../../handshake/message/client/certificateVerify\";\nimport { ClientKeyExchange } from \"../../handshake/message/client/keyExchange\";\nimport { Finished } from \"../../handshake/message/finished\";\nimport { ServerCertificateRequest } from \"../../handshake/message/server/certificateRequest\";\nimport { ServerHello } from \"../../handshake/message/server/hello\";\nimport { ServerHelloDone } from \"../../handshake/message/server/helloDone\";\nimport { ServerKeyExchange } from \"../../handshake/message/server/keyExchange\";\nimport { DtlsRandom } from \"../../handshake/random\";\nimport { type SrtpProfile, debug } from \"../../imports/rtp\";\nimport { createPlaintext } from \"../../record/builder\";\nimport { ContentType } from \"../../record/const\";\nimport type { FragmentedHandshake } from \"../../record/message/fragment\";\nimport { Flight } from \"../flight\";\n\nconst log = debug(\n \"werift-dtls : packages/dtls/src/flight/client/flight5.ts : log\",\n);\n\nexport class Flight5 extends Flight {\n constructor(\n udp: TransportContext,\n dtls: DtlsContext,\n private cipher: CipherContext,\n private srtp: SrtpContext,\n ) {\n super(udp, dtls, 5, 7);\n }\n\n handleHandshake(handshake: FragmentedHandshake) {\n this.dtls.bufferHandshakeCache([handshake], false, 4);\n const message = (() => {\n switch (handshake.msg_type) {\n case HandshakeType.server_hello_2:\n return ServerHello.deSerialize(handshake.fragment);\n case HandshakeType.certificate_11:\n return Certificate.deSerialize(handshake.fragment);\n case HandshakeType.server_key_exchange_12:\n return ServerKeyExchange.deSerialize(handshake.fragment);\n case HandshakeType.certificate_request_13:\n return ServerCertificateRequest.deSerialize(handshake.fragment);\n case HandshakeType.server_hello_done_14:\n return ServerHelloDone.deSerialize(handshake.fragment);\n }\n })();\n\n if (message) {\n handlers[message.msgType]({\n dtls: this.dtls,\n cipher: this.cipher,\n srtp: this.srtp,\n })(message);\n }\n }\n\n async exec() {\n if (this.dtls.flight === 5) {\n log(this.dtls.sessionId, \"flight5 twice\");\n this.send(this.dtls.lastMessage);\n return;\n }\n this.dtls.flight = 5;\n\n const needCertificate = this.dtls.requestedCertificateTypes.length > 0;\n log(this.dtls.sessionId, \"send flight5\", needCertificate);\n\n const messages = [\n needCertificate && this.sendCertificate(),\n this.sendClientKeyExchange(),\n needCertificate && this.sendCertificateVerify(),\n this.sendChangeCipherSpec(),\n this.sendFinished(),\n ].filter((v) => v) as Buffer[];\n\n this.dtls.lastMessage = messages;\n await this.transmit(messages);\n }\n\n private sendCertificate() {\n const certificate = new Certificate([Buffer.from(this.cipher.localCert)]);\n\n const packets = this.createPacket([certificate]);\n\n const buf = Buffer.concat(packets.map((v) => v.serialize()));\n return buf;\n }\n\n private sendClientKeyExchange() {\n if (!this.cipher.localKeyPair) throw new Error();\n\n const clientKeyExchange = new ClientKeyExchange(\n this.cipher.localKeyPair.publicKey,\n );\n const packets = this.createPacket([clientKeyExchange]);\n const buf = Buffer.concat(packets.map((v) => v.serialize()));\n\n const localKeyPair = this.cipher.localKeyPair;\n const remoteKeyPair = this.cipher.remoteKeyPair;\n\n if (!remoteKeyPair.publicKey) throw new Error(\"not exist\");\n\n const preMasterSecret = prfPreMasterSecret(\n remoteKeyPair.publicKey,\n localKeyPair.privateKey,\n localKeyPair.curve,\n );\n\n log(\n this.dtls.sessionId,\n \"extendedMasterSecret\",\n this.dtls.options.extendedMasterSecret,\n this.dtls.remoteExtendedMasterSecret,\n );\n\n const handshakes = Buffer.concat(\n this.dtls.sortedHandshakeCache.map((v) => v.serialize()),\n );\n this.cipher.masterSecret =\n this.dtls.options.extendedMasterSecret &&\n this.dtls.remoteExtendedMasterSecret\n ? prfExtendedMasterSecret(preMasterSecret, handshakes)\n : prfMasterSecret(\n preMasterSecret,\n this.cipher.localRandom.serialize(),\n this.cipher.remoteRandom.serialize(),\n );\n\n this.cipher.cipher = createCipher(this.cipher.cipherSuite);\n this.cipher.cipher.init(\n this.cipher.masterSecret,\n this.cipher.remoteRandom.serialize(),\n this.cipher.localRandom.serialize(),\n );\n log(this.dtls.sessionId, \"cipher\", this.cipher.cipher.summary);\n\n return buf;\n }\n\n private sendCertificateVerify() {\n const cache = Buffer.concat(\n this.dtls.sortedHandshakeCache.map((v) => v.serialize()),\n );\n const signed = this.cipher.signatureData(cache, \"sha256\");\n const signatureScheme = (() => {\n switch (this.cipher.signatureHashAlgorithm?.signature) {\n case SignatureAlgorithm.ecdsa_3:\n return SignatureScheme.ecdsa_secp256r1_sha256;\n case SignatureAlgorithm.rsa_1:\n return SignatureScheme.rsa_pkcs1_sha256;\n }\n })();\n if (!signatureScheme) throw new Error();\n log(\n this.dtls.sessionId,\n \"signatureScheme\",\n this.cipher.signatureHashAlgorithm?.signature,\n signatureScheme,\n );\n\n const certificateVerify = new CertificateVerify(signatureScheme, signed);\n const packets = this.createPacket([certificateVerify]);\n const buf = Buffer.concat(packets.map((v) => v.serialize()));\n return buf;\n }\n\n private sendChangeCipherSpec() {\n const changeCipherSpec = ChangeCipherSpec.createEmpty().serialize();\n const packets = createPlaintext(this.dtls)(\n [{ type: ContentType.changeCipherSpec, fragment: changeCipherSpec }],\n ++this.dtls.recordSequenceNumber,\n );\n const buf = Buffer.concat(packets.map((v) => v.serialize()));\n return buf;\n }\n\n private sendFinished() {\n const cache = Buffer.concat(\n this.dtls.sortedHandshakeCache.map((v) => v.serialize()),\n );\n const localVerifyData = this.cipher.verifyData(cache);\n\n const finish = new Finished(localVerifyData);\n this.dtls.epoch = 1;\n const [packet] = this.createPacket([finish]);\n // log(\n // this.dtls.sessionId,\n // \"raw finish packet\",\n // packet.summary,\n // this.dtls.sortedHandshakeCache.map((h) => h.summary),\n // );\n\n this.dtls.recordSequenceNumber = 0;\n\n const buf = this.cipher.encryptPacket(packet).serialize();\n log(this.dtls.sessionId, \"finished\", this.cipher.cipher.summary);\n return buf;\n }\n}\n\nconst handlers: {\n [key: number]: (contexts: {\n dtls: DtlsContext;\n cipher: CipherContext;\n srtp: SrtpContext;\n }) => (message: any) => void;\n} = {};\n\nhandlers[HandshakeType.server_hello_2] =\n ({ cipher, srtp, dtls }) =>\n (message: ServerHello) => {\n log(dtls.sessionId, \"serverHello\", message.cipherSuite);\n cipher.remoteRandom = DtlsRandom.from(message.random);\n cipher.cipherSuite = message.cipherSuite;\n log(dtls.sessionId, \"selected cipherSuite\", cipher.cipherSuite);\n\n if (message.extensions) {\n message.extensions.forEach((extension) => {\n switch (extension.type) {\n case UseSRTP.type:\n {\n const useSrtp = UseSRTP.fromData(extension.data);\n const profile = SrtpContext.findMatchingSRTPProfile(\n useSrtp.profiles as SrtpProfile[],\n dtls.options.srtpProfiles || [],\n );\n log(dtls.sessionId, \"selected srtp profile\", profile);\n if (profile == undefined) return;\n srtp.srtpProfile = profile;\n }\n break;\n case ExtendedMasterSecret.type:\n dtls.remoteExtendedMasterSecret = true;\n break;\n case RenegotiationIndication.type:\n log(dtls.sessionId, \"RenegotiationIndication\");\n break;\n }\n });\n }\n };\n\nhandlers[HandshakeType.certificate_11] =\n ({ cipher, dtls }) =>\n (message: Certificate) => {\n log(dtls.sessionId, \"handshake certificate\", message);\n cipher.remoteCertificate = message.certificateList[0];\n };\n\nhandlers[HandshakeType.server_key_exchange_12] =\n ({ cipher, dtls }) =>\n (message: ServerKeyExchange) => {\n if (!cipher.localRandom || !cipher.remoteRandom) throw new Error();\n log(dtls.sessionId, \"ServerKeyExchange\", message);\n\n log(dtls.sessionId, \"selected curve\", message.namedCurve);\n cipher.remoteKeyPair = {\n curve: message.namedCurve,\n publicKey: message.publicKey,\n };\n cipher.localKeyPair = generateKeyPair(message.namedCurve);\n };\n\nhandlers[HandshakeType.certificate_request_13] =\n ({ dtls }) =>\n (message: ServerCertificateRequest) => {\n log(dtls.sessionId, \"certificate_request\", message);\n dtls.requestedCertificateTypes = message.certificateTypes;\n dtls.requestedSignatureAlgorithms = message.signatures;\n };\n\nhandlers[HandshakeType.server_hello_done_14] =\n ({ dtls }) =>\n (msg) => {\n log(dtls.sessionId, \"server_hello_done\", msg);\n };\n"]}
package/lib/dtls/src/flight/server/flight2.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"flight2.js","sourceRoot":"","sources":["../../../../../../dtls/src/flight/server/flight2.ts"],"names":[],"mappings":";;;AAAA,mCAAqC;AAErC,8CAK4B;AAC5B,wDAA0D;AAG1D,6CAAiD;AAEjD,8EAA2E;AAC3E,0FAAuF;AACvF,gGAA6F;AAC7F,oEAAiE;AACjE,gEAA6D;AAE7D,0FAA6F;AAC7F,mDAAoD;AACpD,2CAAwD;AACxD,kDAAwE;AACxE,8CAAiD;AAEjD,MAAM,GAAG,GAAG,IAAA,WAAK,EAAC,4DAA4D,CAAC,CAAC;AAEhF,uCAAuC;AAEhC,MAAM,OAAO,GAClB,CACE,GAAqB,EACrB,IAAiB,EACjB,MAAqB,EACrB,IAAiB,EACjB,EAAE,CACJ,CAAC,WAAwB,EAAE,EAAE;IAC3B,GAAG,CAAC,cAAc,EAAE,WAAW,CAAC,aAAa,CAAC,CAAC;IAE/C,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC;IAEhB,qFAAqF;IACrF,8DAA8D;IAC9D,qEAAqE;IACrE,gEAAgE;IAChE,uEAAuE;IACvE,4EAA4E;IAC5E,oEAAoE;IACpE,qDAAqD;IACrD,IAAI,CAAC,oBAAoB,GAAG,CAAC,CAAC;IAC9B,IAAI,CAAC,cAAc,GAAG,CAAC,CAAC;IAExB,WAAW,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,SAAS,EAAE,EAAE;QAC3C,QAAQ,SAAS,CAAC,IAAI,EAAE,CAAC;YACvB,KAAK,+BAAc,CAAC,IAAI;gBACtB,CAAC;oBACC,MAAM,MAAM,GAAG,+BAAc,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC;oBAC5D,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE,QAAQ,EAAE,MAAM,CAAC,CAAC;oBACtC,MAAM,KAAK,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE,CACpC,+BAAuB,CAAC,QAAQ,CAAC,KAAY,CAAC,CAC/C,CAAC,CAAC,CAAyB,CAAC;oBAC7B,MAAM,CAAC,UAAU,GAAG,KAAK,CAAC;oBAC1B,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE,gBAAgB,EAAE,MAAM,CAAC,UAAU,CAAC,CAAC;gBAC3D,CAAC;gBACD,MAAM;YACR,KAAK,qBAAS,CAAC,IAAI;gBACjB,CAAC;oBACC,IAAI,CAAC,MAAM,CAAC,sBAAsB;wBAChC,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;oBAE7C,MAAM,aAAa,GAAG,qBAAS,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC;oBAC9D,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE,gBAAgB,EAAE,aAAa,CAAC,CAAC;oBACrD,MAAM,SAAS,GAAG,aAAa,CAAC,IAAI,CAClC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,KAAK,MAAM,CAAC,sBAAsB,EAAE,SAAS,CAChE,EAAE,SAAS,CAAC;oBACb,MAAM,IAAI,GAAG,aAAa,CAAC,IAAI,CAC7B,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,MAAM,CAAC,sBAAsB,EAAE,IAAI,CACtD,EAAE,IAAI,CAAC;oBACR,IAAI,SAAS,IAAI,SAAS,IAAI,IAAI,IAAI,SAAS,EAAE,CAAC;wBAChD,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;oBAC3C,CAAC;gBACH,CAAC;gBACD,MAAM;YACR,KAAK,iBAAO,CAAC,IAAI;gBACf,CAAC;oBACC,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,YAAY;wBAAE,OAAO;oBACxC,IAAI,IAAI,CAAC,OAAO,CAAC,YAAY,CAAC,MAAM,KAAK,CAAC;wBAAE,OAAO;oBAEnD,MAAM,OAAO,GAAG,iBAAO,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;oBACjD,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE,eAAe,EAAE,OAAO,CAAC,QAAQ,CAAC,CAAC;oBACvD,MAAM,OAAO,GAAG,kBAAW,CAAC,uBAAuB,CACjD,OAAO,CAAC,QAAqB,EAC7B,IAAI,CAAC,OAAO,EAAE,YAAY,CAC3B,CAAC;oBACF,IAAI,CAAC,OAAO,EAAE,CAAC;wBACb,MAAM,IAAI,KAAK,EAAE,CAAC;oBACpB,CAAC;oBACD,IAAI,CAAC,WAAW,GAAG,OAAO,CAAC;oBAC3B,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE,uBAAuB,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC;gBACjE,CAAC;gBACD,MAAM;YACR,KAAK,2CAAoB,CAAC,IAAI;gBAC5B,CAAC;oBACC,IAAI,CAAC,0BAA0B,GAAG,IAAI,CAAC;gBACzC,CAAC;gBACD,MAAM;YACR,KAAK,iDAAuB,CAAC,IAAI;gBAC/B,CAAC;oBACC,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE,yBAAyB,EAAE,SAAS,CAAC,IAAI,CAAC,CAAC;gBACjE,CAAC;gBACD,MAAM;YACR,KAAK,EAAE;gBACL,CAAC;oBACC,eAAe;oBACf,MAAM,IAAI,GAAG,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;oBACxC,MAAM,QAAQ,GAAG,CAAC,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAC;oBACtD,GAAG,CAAC,wBAAwB,EAAE,QAAQ,CAAC,CAAC;gBAC1C,CAAC;gBACD,MAAM;QACV,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,MAAM,CAAC,WAAW,GAAG,IAAI,mBAAU,EAAE,CAAC;IACtC,MAAM,CAAC,YAAY,GAAG,mBAAU,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;IAE1D,MAAM,MAAM,GAAG,WAAW,CAAC,YAAY,CAAC;IACxC,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE,eAAe,EAAE,MAAM,CAAC,CAAC;IAC7C,MAAM,KAAK,GAAG,CAAC,GAAG,EAAE;QAClB,QAAQ,MAAM,CAAC,sBAAsB,EAAE,SAAS,EAAE,CAAC;YACjD,KAAK,0BAAkB,CAAC,OAAO;gBAC7B,OAAO,mBAAW,CAAC,6CAA6C,CAAC;YACnE,KAAK,0BAAkB,CAAC,KAAK;gBAC3B,OAAO,mBAAW,CAAC,2CAA2C,CAAC;QACnE,CAAC;IACH,CAAC,CAAC,EAAE,CAAC;IACL,IAAI,KAAK,KAAK,SAAS,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;QACnD,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;IAC1D,CAAC;IACD,MAAM,CAAC,WAAW,GAAG,KAAK,CAAC;IAC3B,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE,sBAAsB,EAAE,MAAM,CAAC,WAAW,CAAC,CAAC;IAEhE,MAAM,CAAC,YAAY,GAAG,IAAA,4BAAe,EAAC,MAAM,CAAC,UAAU,CAAC,CAAC;IAEzD,IAAI,CAAC,MAAM,KAAX,IAAI,CAAC,MAAM,GAAK,IAAA,oBAAW,EAAC,EAAE,CAAC,EAAC;IAChC,MAAM,cAAc,GAAG,IAAI,6CAAwB,CACjD;QACE,KAAK,EAAE,GAAG,GAAG,CAAC;QACd,KAAK,EAAE,GAAG,GAAG,CAAC;KACf,EACD,IAAI,CAAC,MAAM,CACZ,CAAC;IACF,MAAM,SAAS,GAAG,IAAA,yBAAe,EAAC,IAAI,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC;IAC1D,MAAM,OAAO,GAAG,IAAA,yBAAe,EAAC,IAAI,CAAC,CACnC,SAAS,CAAC,GAAG,CAAC,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;QAC3B,IAAI,EAAE,mBAAW,CAAC,SAAS;QAC3B,QAAQ,EAAE,QAAQ,CAAC,SAAS,EAAE;KAC/B,CAAC,CAAC,EACH,EAAE,IAAI,CAAC,oBAAoB,CAC5B,CAAC;IAEF,MAAM,KAAK,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,EAAE,CAAC,CAAC;IAChD,KAAK,MAAM,GAAG,IAAI,KAAK,EAAE,CAAC;QACxB,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAChB,CAAC;AACH,CAAC,CAAC;AAvIS,QAAA,OAAO,WAuIhB","sourcesContent":["import { randomBytes } from \"crypto\";\n\nimport {\n CipherSuite,\n NamedCurveAlgorithmList,\n type NamedCurveAlgorithms,\n SignatureAlgorithm,\n} from \"../../cipher/const\";\nimport { generateKeyPair } from \"../../cipher/namedCurve\";\nimport type { CipherContext } from \"../../context/cipher\";\nimport type { DtlsContext } from \"../../context/dtls\";\nimport { SrtpContext } from \"../../context/srtp\";\nimport type { TransportContext } from \"../../context/transport\";\nimport { EllipticCurves } from \"../../handshake/extensions/ellipticCurves\";\nimport { ExtendedMasterSecret } from \"../../handshake/extensions/extendedMasterSecret\";\nimport { RenegotiationIndication } from \"../../handshake/extensions/renegotiationIndication\";\nimport { Signature } from \"../../handshake/extensions/signature\";\nimport { UseSRTP } from \"../../handshake/extensions/useSrtp\";\nimport type { ClientHello } from \"../../handshake/message/client/hello\";\nimport { ServerHelloVerifyRequest } from \"../../handshake/message/server/helloVerifyRequest\";\nimport { DtlsRandom } from \"../../handshake/random\";\nimport { type Profile, debug } from \"../../imports/rtp\";\nimport { createFragments, createPlaintext } from \"../../record/builder\";\nimport { ContentType } from \"../../record/const\";\n\nconst log = debug(\"werift-dtls : packages/dtls/flight/server/flight2.ts : log\");\n\n// HelloVerifyRequest do not retransmit\n\nexport const flight2 =\n (\n udp: TransportContext,\n dtls: DtlsContext,\n cipher: CipherContext,\n srtp: SrtpContext,\n ) =>\n (clientHello: ClientHello) => {\n log(\"dtls version\", clientHello.clientVersion);\n\n dtls.flight = 2;\n\n // if flight 2 restarts due to packet loss, sequence numbers are reused from the top:\n // https://datatracker.ietf.org/doc/html/rfc6347#section-4.2.2\n // The first message each side transmits in each handshake always has\n // message_seq = 0. Whenever each new message is generated, the\n // message_seq value is incremented by one. Note that in the case of a\n // rehandshake, this implies that the HelloRequest will have message_seq = 0\n // and the ServerHello will have message_seq = 1. When a message is\n // retransmitted, the same message_seq value is used.\n dtls.recordSequenceNumber = 0;\n dtls.sequenceNumber = 0;\n\n clientHello.extensions.forEach((extension) => {\n switch (extension.type) {\n case EllipticCurves.type:\n {\n const curves = EllipticCurves.fromData(extension.data).data;\n log(dtls.sessionId, \"curves\", curves);\n const curve = curves.filter((curve) =>\n NamedCurveAlgorithmList.includes(curve as any),\n )[0] as NamedCurveAlgorithms;\n cipher.namedCurve = curve;\n log(dtls.sessionId, \"curve selected\", cipher.namedCurve);\n }\n break;\n case Signature.type:\n {\n if (!cipher.signatureHashAlgorithm)\n throw new Error(\"need to set certificate\");\n\n const signatureHash = Signature.fromData(extension.data).data;\n log(dtls.sessionId, \"hash,signature\", signatureHash);\n const signature = signatureHash.find(\n (v) => v.signature === cipher.signatureHashAlgorithm?.signature,\n )?.signature;\n const hash = signatureHash.find(\n (v) => v.hash === cipher.signatureHashAlgorithm?.hash,\n )?.hash;\n if (signature == undefined || hash == undefined) {\n throw new Error(\"invalid signatureHash\");\n }\n }\n break;\n case UseSRTP.type:\n {\n if (!dtls.options?.srtpProfiles) return;\n if (dtls.options.srtpProfiles.length === 0) return;\n\n const useSrtp = UseSRTP.fromData(extension.data);\n log(dtls.sessionId, \"srtp profiles\", useSrtp.profiles);\n const profile = SrtpContext.findMatchingSRTPProfile(\n useSrtp.profiles as Profile[],\n dtls.options?.srtpProfiles,\n );\n if (!profile) {\n throw new Error();\n }\n srtp.srtpProfile = profile;\n log(dtls.sessionId, \"srtp profile selected\", srtp.srtpProfile);\n }\n break;\n case ExtendedMasterSecret.type:\n {\n dtls.remoteExtendedMasterSecret = true;\n }\n break;\n case RenegotiationIndication.type:\n {\n log(dtls.sessionId, \"RenegotiationIndication\", extension.data);\n }\n break;\n case 43:\n {\n // todo dtls1.3\n const data = extension.data.subarray(1);\n const versions = [...data].map((v) => v.toString(10));\n log(\"dtls supported version\", versions);\n }\n break;\n }\n });\n\n cipher.localRandom = new DtlsRandom();\n cipher.remoteRandom = DtlsRandom.from(clientHello.random);\n\n const suites = clientHello.cipherSuites;\n log(dtls.sessionId, \"cipher suites\", suites);\n const suite = (() => {\n switch (cipher.signatureHashAlgorithm?.signature) {\n case SignatureAlgorithm.ecdsa_3:\n return CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256_49195;\n case SignatureAlgorithm.rsa_1:\n return CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256_49199;\n }\n })();\n if (suite === undefined || !suites.includes(suite)) {\n throw new Error(\"dtls cipher suite negotiation failed\");\n }\n cipher.cipherSuite = suite;\n log(dtls.sessionId, \"selected cipherSuite\", cipher.cipherSuite);\n\n cipher.localKeyPair = generateKeyPair(cipher.namedCurve);\n\n dtls.cookie ||= randomBytes(20);\n const helloVerifyReq = new ServerHelloVerifyRequest(\n {\n major: 255 - 1,\n minor: 255 - 2,\n },\n dtls.cookie,\n );\n const fragments = createFragments(dtls)([helloVerifyReq]);\n const packets = createPlaintext(dtls)(\n fragments.map((fragment) => ({\n type: ContentType.handshake,\n fragment: fragment.serialize(),\n })),\n ++dtls.recordSequenceNumber,\n );\n\n const chunk = packets.map((v) => v.serialize());\n for (const buf of chunk) {\n udp.send(buf);\n }\n };\n"]}
1
+ {"version":3,"file":"flight2.js","sourceRoot":"","sources":["../../../../../../dtls/src/flight/server/flight2.ts"],"names":[],"mappings":";;;AAAA,mCAAqC;AAErC,8CAK4B;AAC5B,wDAA0D;AAG1D,6CAAiD;AAEjD,8EAA2E;AAC3E,0FAAuF;AACvF,gGAA6F;AAC7F,oEAAiE;AACjE,gEAA6D;AAE7D,0FAA6F;AAC7F,mDAAoD;AACpD,2CAA4D;AAC5D,kDAAwE;AACxE,8CAAiD;AAEjD,MAAM,GAAG,GAAG,IAAA,WAAK,EAAC,4DAA4D,CAAC,CAAC;AAEhF,uCAAuC;AAEhC,MAAM,OAAO,GAClB,CACE,GAAqB,EACrB,IAAiB,EACjB,MAAqB,EACrB,IAAiB,EACjB,EAAE,CACJ,CAAC,WAAwB,EAAE,EAAE;IAC3B,GAAG,CAAC,cAAc,EAAE,WAAW,CAAC,aAAa,CAAC,CAAC;IAE/C,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC;IAEhB,qFAAqF;IACrF,8DAA8D;IAC9D,qEAAqE;IACrE,gEAAgE;IAChE,uEAAuE;IACvE,4EAA4E;IAC5E,oEAAoE;IACpE,qDAAqD;IACrD,IAAI,CAAC,oBAAoB,GAAG,CAAC,CAAC;IAC9B,IAAI,CAAC,cAAc,GAAG,CAAC,CAAC;IAExB,WAAW,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,SAAS,EAAE,EAAE;QAC3C,QAAQ,SAAS,CAAC,IAAI,EAAE,CAAC;YACvB,KAAK,+BAAc,CAAC,IAAI;gBACtB,CAAC;oBACC,MAAM,MAAM,GAAG,+BAAc,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC;oBAC5D,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE,QAAQ,EAAE,MAAM,CAAC,CAAC;oBACtC,MAAM,KAAK,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE,CACpC,+BAAuB,CAAC,QAAQ,CAAC,KAAY,CAAC,CAC/C,CAAC,CAAC,CAAyB,CAAC;oBAC7B,MAAM,CAAC,UAAU,GAAG,KAAK,CAAC;oBAC1B,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE,gBAAgB,EAAE,MAAM,CAAC,UAAU,CAAC,CAAC;gBAC3D,CAAC;gBACD,MAAM;YACR,KAAK,qBAAS,CAAC,IAAI;gBACjB,CAAC;oBACC,IAAI,CAAC,MAAM,CAAC,sBAAsB;wBAChC,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;oBAE7C,MAAM,aAAa,GAAG,qBAAS,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC;oBAC9D,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE,gBAAgB,EAAE,aAAa,CAAC,CAAC;oBACrD,MAAM,SAAS,GAAG,aAAa,CAAC,IAAI,CAClC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,KAAK,MAAM,CAAC,sBAAsB,EAAE,SAAS,CAChE,EAAE,SAAS,CAAC;oBACb,MAAM,IAAI,GAAG,aAAa,CAAC,IAAI,CAC7B,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,MAAM,CAAC,sBAAsB,EAAE,IAAI,CACtD,EAAE,IAAI,CAAC;oBACR,IAAI,SAAS,IAAI,SAAS,IAAI,IAAI,IAAI,SAAS,EAAE,CAAC;wBAChD,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;oBAC3C,CAAC;gBACH,CAAC;gBACD,MAAM;YACR,KAAK,iBAAO,CAAC,IAAI;gBACf,CAAC;oBACC,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,YAAY;wBAAE,OAAO;oBACxC,IAAI,IAAI,CAAC,OAAO,CAAC,YAAY,CAAC,MAAM,KAAK,CAAC;wBAAE,OAAO;oBAEnD,MAAM,OAAO,GAAG,iBAAO,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;oBACjD,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE,eAAe,EAAE,OAAO,CAAC,QAAQ,CAAC,CAAC;oBACvD,MAAM,OAAO,GAAG,kBAAW,CAAC,uBAAuB,CACjD,OAAO,CAAC,QAAyB,EACjC,IAAI,CAAC,OAAO,EAAE,YAAY,CAC3B,CAAC;oBACF,IAAI,CAAC,OAAO,EAAE,CAAC;wBACb,MAAM,IAAI,KAAK,EAAE,CAAC;oBACpB,CAAC;oBACD,IAAI,CAAC,WAAW,GAAG,OAAO,CAAC;oBAC3B,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE,uBAAuB,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC;gBACjE,CAAC;gBACD,MAAM;YACR,KAAK,2CAAoB,CAAC,IAAI;gBAC5B,CAAC;oBACC,IAAI,CAAC,0BAA0B,GAAG,IAAI,CAAC;gBACzC,CAAC;gBACD,MAAM;YACR,KAAK,iDAAuB,CAAC,IAAI;gBAC/B,CAAC;oBACC,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE,yBAAyB,EAAE,SAAS,CAAC,IAAI,CAAC,CAAC;gBACjE,CAAC;gBACD,MAAM;YACR,KAAK,EAAE;gBACL,CAAC;oBACC,eAAe;oBACf,MAAM,IAAI,GAAG,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;oBACxC,MAAM,QAAQ,GAAG,CAAC,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAC;oBACtD,GAAG,CAAC,wBAAwB,EAAE,QAAQ,CAAC,CAAC;gBAC1C,CAAC;gBACD,MAAM;QACV,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,MAAM,CAAC,WAAW,GAAG,IAAI,mBAAU,EAAE,CAAC;IACtC,MAAM,CAAC,YAAY,GAAG,mBAAU,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;IAE1D,MAAM,MAAM,GAAG,WAAW,CAAC,YAAY,CAAC;IACxC,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE,eAAe,EAAE,MAAM,CAAC,CAAC;IAC7C,MAAM,KAAK,GAAG,CAAC,GAAG,EAAE;QAClB,QAAQ,MAAM,CAAC,sBAAsB,EAAE,SAAS,EAAE,CAAC;YACjD,KAAK,0BAAkB,CAAC,OAAO;gBAC7B,OAAO,mBAAW,CAAC,6CAA6C,CAAC;YACnE,KAAK,0BAAkB,CAAC,KAAK;gBAC3B,OAAO,mBAAW,CAAC,2CAA2C,CAAC;QACnE,CAAC;IACH,CAAC,CAAC,EAAE,CAAC;IACL,IAAI,KAAK,KAAK,SAAS,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;QACnD,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;IAC1D,CAAC;IACD,MAAM,CAAC,WAAW,GAAG,KAAK,CAAC;IAC3B,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE,sBAAsB,EAAE,MAAM,CAAC,WAAW,CAAC,CAAC;IAEhE,MAAM,CAAC,YAAY,GAAG,IAAA,4BAAe,EAAC,MAAM,CAAC,UAAU,CAAC,CAAC;IAEzD,IAAI,CAAC,MAAM,KAAX,IAAI,CAAC,MAAM,GAAK,IAAA,oBAAW,EAAC,EAAE,CAAC,EAAC;IAChC,MAAM,cAAc,GAAG,IAAI,6CAAwB,CACjD;QACE,KAAK,EAAE,GAAG,GAAG,CAAC;QACd,KAAK,EAAE,GAAG,GAAG,CAAC;KACf,EACD,IAAI,CAAC,MAAM,CACZ,CAAC;IACF,MAAM,SAAS,GAAG,IAAA,yBAAe,EAAC,IAAI,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC;IAC1D,MAAM,OAAO,GAAG,IAAA,yBAAe,EAAC,IAAI,CAAC,CACnC,SAAS,CAAC,GAAG,CAAC,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;QAC3B,IAAI,EAAE,mBAAW,CAAC,SAAS;QAC3B,QAAQ,EAAE,QAAQ,CAAC,SAAS,EAAE;KAC/B,CAAC,CAAC,EACH,EAAE,IAAI,CAAC,oBAAoB,CAC5B,CAAC;IAEF,MAAM,KAAK,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,EAAE,CAAC,CAAC;IAChD,KAAK,MAAM,GAAG,IAAI,KAAK,EAAE,CAAC;QACxB,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAChB,CAAC;AACH,CAAC,CAAC;AAvIS,QAAA,OAAO,WAuIhB","sourcesContent":["import { randomBytes } from \"crypto\";\n\nimport {\n CipherSuite,\n NamedCurveAlgorithmList,\n type NamedCurveAlgorithms,\n SignatureAlgorithm,\n} from \"../../cipher/const\";\nimport { generateKeyPair } from \"../../cipher/namedCurve\";\nimport type { CipherContext } from \"../../context/cipher\";\nimport type { DtlsContext } from \"../../context/dtls\";\nimport { SrtpContext } from \"../../context/srtp\";\nimport type { TransportContext } from \"../../context/transport\";\nimport { EllipticCurves } from \"../../handshake/extensions/ellipticCurves\";\nimport { ExtendedMasterSecret } from \"../../handshake/extensions/extendedMasterSecret\";\nimport { RenegotiationIndication } from \"../../handshake/extensions/renegotiationIndication\";\nimport { Signature } from \"../../handshake/extensions/signature\";\nimport { UseSRTP } from \"../../handshake/extensions/useSrtp\";\nimport type { ClientHello } from \"../../handshake/message/client/hello\";\nimport { ServerHelloVerifyRequest } from \"../../handshake/message/server/helloVerifyRequest\";\nimport { DtlsRandom } from \"../../handshake/random\";\nimport { type SrtpProfile, debug } from \"../../imports/rtp\";\nimport { createFragments, createPlaintext } from \"../../record/builder\";\nimport { ContentType } from \"../../record/const\";\n\nconst log = debug(\"werift-dtls : packages/dtls/flight/server/flight2.ts : log\");\n\n// HelloVerifyRequest do not retransmit\n\nexport const flight2 =\n (\n udp: TransportContext,\n dtls: DtlsContext,\n cipher: CipherContext,\n srtp: SrtpContext,\n ) =>\n (clientHello: ClientHello) => {\n log(\"dtls version\", clientHello.clientVersion);\n\n dtls.flight = 2;\n\n // if flight 2 restarts due to packet loss, sequence numbers are reused from the top:\n // https://datatracker.ietf.org/doc/html/rfc6347#section-4.2.2\n // The first message each side transmits in each handshake always has\n // message_seq = 0. Whenever each new message is generated, the\n // message_seq value is incremented by one. Note that in the case of a\n // rehandshake, this implies that the HelloRequest will have message_seq = 0\n // and the ServerHello will have message_seq = 1. When a message is\n // retransmitted, the same message_seq value is used.\n dtls.recordSequenceNumber = 0;\n dtls.sequenceNumber = 0;\n\n clientHello.extensions.forEach((extension) => {\n switch (extension.type) {\n case EllipticCurves.type:\n {\n const curves = EllipticCurves.fromData(extension.data).data;\n log(dtls.sessionId, \"curves\", curves);\n const curve = curves.filter((curve) =>\n NamedCurveAlgorithmList.includes(curve as any),\n )[0] as NamedCurveAlgorithms;\n cipher.namedCurve = curve;\n log(dtls.sessionId, \"curve selected\", cipher.namedCurve);\n }\n break;\n case Signature.type:\n {\n if (!cipher.signatureHashAlgorithm)\n throw new Error(\"need to set certificate\");\n\n const signatureHash = Signature.fromData(extension.data).data;\n log(dtls.sessionId, \"hash,signature\", signatureHash);\n const signature = signatureHash.find(\n (v) => v.signature === cipher.signatureHashAlgorithm?.signature,\n )?.signature;\n const hash = signatureHash.find(\n (v) => v.hash === cipher.signatureHashAlgorithm?.hash,\n )?.hash;\n if (signature == undefined || hash == undefined) {\n throw new Error(\"invalid signatureHash\");\n }\n }\n break;\n case UseSRTP.type:\n {\n if (!dtls.options?.srtpProfiles) return;\n if (dtls.options.srtpProfiles.length === 0) return;\n\n const useSrtp = UseSRTP.fromData(extension.data);\n log(dtls.sessionId, \"srtp profiles\", useSrtp.profiles);\n const profile = SrtpContext.findMatchingSRTPProfile(\n useSrtp.profiles as SrtpProfile[],\n dtls.options?.srtpProfiles,\n );\n if (!profile) {\n throw new Error();\n }\n srtp.srtpProfile = profile;\n log(dtls.sessionId, \"srtp profile selected\", srtp.srtpProfile);\n }\n break;\n case ExtendedMasterSecret.type:\n {\n dtls.remoteExtendedMasterSecret = true;\n }\n break;\n case RenegotiationIndication.type:\n {\n log(dtls.sessionId, \"RenegotiationIndication\", extension.data);\n }\n break;\n case 43:\n {\n // todo dtls1.3\n const data = extension.data.subarray(1);\n const versions = [...data].map((v) => v.toString(10));\n log(\"dtls supported version\", versions);\n }\n break;\n }\n });\n\n cipher.localRandom = new DtlsRandom();\n cipher.remoteRandom = DtlsRandom.from(clientHello.random);\n\n const suites = clientHello.cipherSuites;\n log(dtls.sessionId, \"cipher suites\", suites);\n const suite = (() => {\n switch (cipher.signatureHashAlgorithm?.signature) {\n case SignatureAlgorithm.ecdsa_3:\n return CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256_49195;\n case SignatureAlgorithm.rsa_1:\n return CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256_49199;\n }\n })();\n if (suite === undefined || !suites.includes(suite)) {\n throw new Error(\"dtls cipher suite negotiation failed\");\n }\n cipher.cipherSuite = suite;\n log(dtls.sessionId, \"selected cipherSuite\", cipher.cipherSuite);\n\n cipher.localKeyPair = generateKeyPair(cipher.namedCurve);\n\n dtls.cookie ||= randomBytes(20);\n const helloVerifyReq = new ServerHelloVerifyRequest(\n {\n major: 255 - 1,\n minor: 255 - 2,\n },\n dtls.cookie,\n );\n const fragments = createFragments(dtls)([helloVerifyReq]);\n const packets = createPlaintext(dtls)(\n fragments.map((fragment) => ({\n type: ContentType.handshake,\n fragment: fragment.serialize(),\n })),\n ++dtls.recordSequenceNumber,\n );\n\n const chunk = packets.map((v) => v.serialize());\n for (const buf of chunk) {\n udp.send(buf);\n }\n };\n"]}
package/lib/dtls/src/handshake/extensions/ellipticCurves.d.ts CHANGED
@@ -11,6 +11,6 @@ export declare class EllipticCurves {
11
11
  static createEmpty(): EllipticCurves;
12
12
  static fromData(buf: Buffer): EllipticCurves;
13
13
  static deSerialize(buf: Buffer): EllipticCurves;
14
- serialize(): Buffer;
14
+ serialize(): Buffer<ArrayBuffer>;
15
15
  get extension(): Extension;
16
16
  }
package/lib/dtls/src/handshake/extensions/renegotiationIndication.d.ts CHANGED
@@ -9,9 +9,9 @@ export declare class RenegotiationIndication {
9
9
  constructor(props?: Partial<RenegotiationIndication>);
10
10
  static createEmpty(): RenegotiationIndication;
11
11
  static deSerialize(buf: Buffer): RenegotiationIndication;
12
- serialize(): Buffer;
12
+ serialize(): Buffer<ArrayBuffer>;
13
13
  get extension(): {
14
14
  type: number;
15
- data: Buffer;
15
+ data: Buffer<ArrayBuffer>;
16
16
  };
17
17
  }
package/lib/dtls/src/handshake/extensions/signature.d.ts CHANGED
@@ -13,10 +13,10 @@ export declare class Signature {
13
13
  constructor(props?: Partial<Signature>);
14
14
  static createEmpty(): Signature;
15
15
  static deSerialize(buf: Buffer): Signature;
16
- serialize(): Buffer;
16
+ serialize(): Buffer<ArrayBuffer>;
17
17
  static fromData(buf: Buffer): Signature;
18
18
  get extension(): {
19
19
  type: number;
20
- data: Buffer;
20
+ data: Buffer<ArrayBuffer>;
21
21
  };
22
22
  }
package/lib/dtls/src/handshake/extensions/useSrtp.d.ts CHANGED
@@ -12,7 +12,7 @@ export declare class UseSRTP {
12
12
  constructor(props?: Partial<UseSRTP>);
13
13
  static create(profiles: number[], mki: Buffer): UseSRTP;
14
14
  static deSerialize(buf: Buffer): UseSRTP;
15
- serialize(): Buffer;
15
+ serialize(): Buffer<ArrayBuffer>;
16
16
  static fromData(buf: Buffer): UseSRTP;
17
17
  get extension(): Extension;
18
18
  }
package/lib/dtls/src/handshake/extensions/useSrtp.js CHANGED
@@ -1,11 +1,7 @@
1
1
  "use strict";
2
- var __importDefault = (this && this.__importDefault) || function (mod) {
3
- return (mod && mod.__esModule) ? mod : { "default": mod };
4
- };
5
2
  Object.defineProperty(exports, "__esModule", { value: true });
6
3
  exports.UseSRTP = void 0;
7
4
  const binary_data_1 = require("@shinyoshiaki/binary-data");
8
- const times_js_1 = __importDefault(require("lodash/times.js"));
9
5
  class UseSRTP {
10
6
  constructor(props = {}) {
11
7
  Object.defineProperty(this, "type", {
@@ -44,9 +40,10 @@ class UseSRTP {
44
40
  static deSerialize(buf) {
45
41
  const useSrtp = new UseSRTP((0, binary_data_1.decode)(buf, UseSRTP.spec));
46
42
  const profileLength = useSrtp.data.readUInt16BE();
47
- const profiles = (0, times_js_1.default)(profileLength / 2).map((i) => {
48
- return useSrtp.data.readUInt16BE(i * 2 + 2);
49
- });
43
+ const profiles = new Array(profileLength / 2);
44
+ for (let i = 0; i < profiles.length; i++) {
45
+ profiles[i] = useSrtp.data.readUInt16BE(i * 2 + 2);
46
+ }
50
47
  useSrtp.profiles = profiles;
51
48
  useSrtp.mki = useSrtp.data.slice(profileLength + 2);
52
49
  return useSrtp;
package/lib/dtls/src/handshake/extensions/useSrtp.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"useSrtp.js","sourceRoot":"","sources":["../../../../../../dtls/src/handshake/extensions/useSrtp.ts"],"names":[],"mappings":";;;;;;AAAA,2DAAkE;AAClE,+DAAoC;AAIpC,MAAa,OAAO;IAYlB,YAAY,QAA0B,EAAE;QALxC;;;;mBAAe,OAAO,CAAC,IAAI;WAAC;QAC5B;;;;mBAAe,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;WAAC;QAC/B;;;;mBAAqB,EAAE;WAAC;QACxB;;;;mBAAc,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC;WAAC;QAGhC,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;IAC7B,CAAC;IAED,MAAM,CAAC,MAAM,CAAC,QAAkB,EAAE,GAAW;QAC3C,MAAM,CAAC,GAAG,IAAI,OAAO,CAAC;YACpB,QAAQ;YACR,GAAG;SACJ,CAAC,CAAC;QACH,OAAO,CAAC,CAAC;IACX,CAAC;IAED,MAAM,CAAC,WAAW,CAAC,GAAW;QAC5B,MAAM,OAAO,GAAG,IAAI,OAAO,CAAC,IAAA,oBAAM,EAAC,GAAG,EAAE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC;QACvD,MAAM,aAAa,GAAG,OAAO,CAAC,IAAI,CAAC,YAAY,EAAE,CAAC;QAClD,MAAM,QAAQ,GAAG,IAAA,kBAAK,EAAC,aAAa,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;YAClD,OAAO,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;QAC9C,CAAC,CAAC,CAAC;QACH,OAAO,CAAC,QAAQ,GAAG,QAAQ,CAAC;QAC5B,OAAO,CAAC,GAAG,GAAG,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,aAAa,GAAG,CAAC,CAAC,CAAC;QACpD,OAAO,OAAO,CAAC;IACjB,CAAC;IAED,SAAS;QACP,MAAM,aAAa,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QACtC,aAAa,CAAC,aAAa,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;QACtD,MAAM,IAAI,GAAG,MAAM,CAAC,MAAM,CAAC;YACzB,aAAa;YACb,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE;gBAC/B,MAAM,GAAG,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;gBAC5B,GAAG,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC;gBAC3B,OAAO,GAAG,CAAC;YACb,CAAC,CAAC;YACF,IAAI,CAAC,GAAG;SACT,CAAC,CAAC;QACH,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,MAAM,GAAG,GAAG,IAAA,oBAAM,EAAC,IAAI,EAAE,OAAO,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,CAAC;QAC/C,OAAO,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAC1B,CAAC;IAED,MAAM,CAAC,QAAQ,CAAC,GAAW;QACzB,MAAM,IAAI,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QAC7B,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QACjC,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;QAClC,OAAO,OAAO,CAAC,WAAW,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;IACzD,CAAC;IAED,IAAI,SAAS;QACX,OAAO;YACL,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,IAAI,EAAE,IAAI,CAAC,SAAS,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC;SAChC,CAAC;IACJ,CAAC;;AAhEH,0BAiEC;AAhEQ;;;;WAAO,EAAE;EAAL,CAAM,CAAC,0BAA0B;AAC5B;;;;WAAO;QACrB,IAAI,EAAE,mBAAK,CAAC,QAAQ;QACpB,IAAI,EAAE,mBAAK,CAAC,MAAM,CAAC,mBAAK,CAAC,QAAQ,CAAC;KACnC;EAHmB,CAGlB","sourcesContent":["import { decode, encode, types } from \"@shinyoshiaki/binary-data\";\nimport times from \"lodash/times.js\";\n\nimport type { Extension } from \"../../typings/domain\";\n\nexport class UseSRTP {\n static type = 14; // 9. IANA Considerations\n static readonly spec = {\n type: types.uint16be,\n data: types.buffer(types.uint16be),\n };\n\n type: number = UseSRTP.type;\n data: Buffer = Buffer.from([]);\n profiles: number[] = [];\n mki: Buffer = Buffer.from([0x00]);\n\n constructor(props: Partial<UseSRTP> = {}) {\n Object.assign(this, props);\n }\n\n static create(profiles: number[], mki: Buffer) {\n const v = new UseSRTP({\n profiles,\n mki,\n });\n return v;\n }\n\n static deSerialize(buf: Buffer) {\n const useSrtp = new UseSRTP(decode(buf, UseSRTP.spec));\n const profileLength = useSrtp.data.readUInt16BE();\n const profiles = times(profileLength / 2).map((i) => {\n return useSrtp.data.readUInt16BE(i * 2 + 2);\n });\n useSrtp.profiles = profiles;\n useSrtp.mki = useSrtp.data.slice(profileLength + 2);\n return useSrtp;\n }\n\n serialize() {\n const profileLength = Buffer.alloc(2);\n profileLength.writeUInt16BE(this.profiles.length * 2);\n const data = Buffer.concat([\n profileLength,\n ...this.profiles.map((profile) => {\n const buf = Buffer.alloc(2);\n buf.writeUInt16BE(profile);\n return buf;\n }),\n this.mki,\n ]);\n this.data = data;\n const res = encode(this, UseSRTP.spec).slice();\n return Buffer.from(res);\n }\n\n static fromData(buf: Buffer) {\n const head = Buffer.alloc(4);\n head.writeUInt16BE(UseSRTP.type);\n head.writeUInt16BE(buf.length, 2);\n return UseSRTP.deSerialize(Buffer.concat([head, buf]));\n }\n\n get extension(): Extension {\n return {\n type: this.type,\n data: this.serialize().slice(4),\n };\n }\n}\n"]}
1
+ {"version":3,"file":"useSrtp.js","sourceRoot":"","sources":["../../../../../../dtls/src/handshake/extensions/useSrtp.ts"],"names":[],"mappings":";;;AAAA,2DAAkE;AAIlE,MAAa,OAAO;IAYlB,YAAY,QAA0B,EAAE;QALxC;;;;mBAAe,OAAO,CAAC,IAAI;WAAC;QAC5B;;;;mBAAe,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;WAAC;QAC/B;;;;mBAAqB,EAAE;WAAC;QACxB;;;;mBAAc,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC;WAAC;QAGhC,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;IAC7B,CAAC;IAED,MAAM,CAAC,MAAM,CAAC,QAAkB,EAAE,GAAW;QAC3C,MAAM,CAAC,GAAG,IAAI,OAAO,CAAC;YACpB,QAAQ;YACR,GAAG;SACJ,CAAC,CAAC;QACH,OAAO,CAAC,CAAC;IACX,CAAC;IAED,MAAM,CAAC,WAAW,CAAC,GAAW;QAC5B,MAAM,OAAO,GAAG,IAAI,OAAO,CAAC,IAAA,oBAAM,EAAC,GAAG,EAAE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC;QACvD,MAAM,aAAa,GAAG,OAAO,CAAC,IAAI,CAAC,YAAY,EAAE,CAAC;QAElD,MAAM,QAAQ,GAAG,IAAI,KAAK,CAAC,aAAa,GAAG,CAAC,CAAC,CAAC;QAC9C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACzC,QAAQ,CAAC,CAAC,CAAC,GAAG,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;QACrD,CAAC;QACD,OAAO,CAAC,QAAQ,GAAG,QAAQ,CAAC;QAC5B,OAAO,CAAC,GAAG,GAAG,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,aAAa,GAAG,CAAC,CAAC,CAAC;QACpD,OAAO,OAAO,CAAC;IACjB,CAAC;IAED,SAAS;QACP,MAAM,aAAa,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QACtC,aAAa,CAAC,aAAa,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;QACtD,MAAM,IAAI,GAAG,MAAM,CAAC,MAAM,CAAC;YACzB,aAAa;YACb,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE;gBAC/B,MAAM,GAAG,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;gBAC5B,GAAG,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC;gBAC3B,OAAO,GAAG,CAAC;YACb,CAAC,CAAC;YACF,IAAI,CAAC,GAAG;SACT,CAAC,CAAC;QACH,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,MAAM,GAAG,GAAG,IAAA,oBAAM,EAAC,IAAI,EAAE,OAAO,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,CAAC;QAC/C,OAAO,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAC1B,CAAC;IAED,MAAM,CAAC,QAAQ,CAAC,GAAW;QACzB,MAAM,IAAI,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QAC7B,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QACjC,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;QAClC,OAAO,OAAO,CAAC,WAAW,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;IACzD,CAAC;IAED,IAAI,SAAS;QACX,OAAO;YACL,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,IAAI,EAAE,IAAI,CAAC,SAAS,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC;SAChC,CAAC;IACJ,CAAC;;AAlEH,0BAmEC;AAlEQ;;;;WAAO,EAAE;EAAL,CAAM,CAAC,0BAA0B;AAC5B;;;;WAAO;QACrB,IAAI,EAAE,mBAAK,CAAC,QAAQ;QACpB,IAAI,EAAE,mBAAK,CAAC,MAAM,CAAC,mBAAK,CAAC,QAAQ,CAAC;KACnC;EAHmB,CAGlB","sourcesContent":["import { decode, encode, types } from \"@shinyoshiaki/binary-data\";\n\nimport type { Extension } from \"../../typings/domain\";\n\nexport class UseSRTP {\n static type = 14; // 9. IANA Considerations\n static readonly spec = {\n type: types.uint16be,\n data: types.buffer(types.uint16be),\n };\n\n type: number = UseSRTP.type;\n data: Buffer = Buffer.from([]);\n profiles: number[] = [];\n mki: Buffer = Buffer.from([0x00]);\n\n constructor(props: Partial<UseSRTP> = {}) {\n Object.assign(this, props);\n }\n\n static create(profiles: number[], mki: Buffer) {\n const v = new UseSRTP({\n profiles,\n mki,\n });\n return v;\n }\n\n static deSerialize(buf: Buffer) {\n const useSrtp = new UseSRTP(decode(buf, UseSRTP.spec));\n const profileLength = useSrtp.data.readUInt16BE();\n\n const profiles = new Array(profileLength / 2);\n for (let i = 0; i < profiles.length; i++) {\n profiles[i] = useSrtp.data.readUInt16BE(i * 2 + 2);\n }\n useSrtp.profiles = profiles;\n useSrtp.mki = useSrtp.data.slice(profileLength + 2);\n return useSrtp;\n }\n\n serialize() {\n const profileLength = Buffer.alloc(2);\n profileLength.writeUInt16BE(this.profiles.length * 2);\n const data = Buffer.concat([\n profileLength,\n ...this.profiles.map((profile) => {\n const buf = Buffer.alloc(2);\n buf.writeUInt16BE(profile);\n return buf;\n }),\n this.mki,\n ]);\n this.data = data;\n const res = encode(this, UseSRTP.spec).slice();\n return Buffer.from(res);\n }\n\n static fromData(buf: Buffer) {\n const head = Buffer.alloc(4);\n head.writeUInt16BE(UseSRTP.type);\n head.writeUInt16BE(buf.length, 2);\n return UseSRTP.deSerialize(Buffer.concat([head, buf]));\n }\n\n get extension(): Extension {\n return {\n type: this.type,\n data: this.serialize().slice(4),\n };\n }\n}\n"]}
package/lib/dtls/src/handshake/message/alert.d.ts CHANGED
@@ -7,5 +7,5 @@ export declare class Alert {
7
7
  };
8
8
  constructor(level: number, description: number);
9
9
  static deSerialize(buf: Buffer): Alert;
10
- serialize(): Buffer;
10
+ serialize(): Buffer<ArrayBuffer>;
11
11
  }
package/lib/dtls/src/handshake/message/certificate.d.ts CHANGED
@@ -11,6 +11,6 @@ export declare class Certificate implements Handshake {
11
11
  constructor(certificateList: Buffer[]);
12
12
  static createEmpty(): Certificate;
13
13
  static deSerialize(buf: Buffer): Certificate;
14
- serialize(): Buffer;
14
+ serialize(): Buffer<ArrayBuffer>;
15
15
  toFragment(): FragmentedHandshake;
16
16
  }