Skip to content

Commit

Permalink
Merge pull request #359 from koush:remove-elliptic
Browse files Browse the repository at this point in the history 
remove elliptic, run lint
  • Loading branch information
@shinyoshiaki
shinyoshiaki authored Dec 18, 2023
2 parents 210aec8 + 5d46268 commit 028e0c2
Show file tree
Hide file tree
Showing 9 changed files with 64 additions and 248 deletions.
204 changes: 28 additions & 176 deletions package-lock.json
View file

Large diffs are not rendered by default.

2 changes: 0 additions & 2 deletions packages/dtls/package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,14 +33,12 @@
"@peculiar/x509": "^1.9.2",
"binary-data": "^0.6.0",
"date-fns": "^2.29.3",
"elliptic": "^6.5.4",
"@noble/curves": "^1.3.0",
"lodash": "^4.17.21",
"rx.mini": "^1.2.2",
"tweetnacl": "^1.0.3"
},
"devDependencies": {
"@types/elliptic": "^6.4.14",
"@types/lodash": "^4.14.191"
},
"engines": {
Expand Down
32 changes: 0 additions & 32 deletions packages/dtls/src/cipher/ec.ts
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,3 @@
import { ec } from "elliptic";
import { p256 } from "@noble/curves/p256";

export const p256Keypair = (): { privateKey: Buffer; publicKey: Buffer } => {
Expand All @@ -13,21 +12,6 @@ export const p256Keypair = (): { privateKey: Buffer; publicKey: Buffer } => {
};
};

export const old_p256Keypair = (): {
privateKey: Buffer;
publicKey: Buffer;
} => {
const elliptic = new ec("p256");
const key = elliptic.genKeyPair();
const privateKey = key.getPrivate().toBuffer("be");
const publicKey = Buffer.from(key.getPublic().encode("array", false));

return {
privateKey,
publicKey,
};
};

export const p256PreMasterSecret = ({
publicKey,
privateKey,
Expand All @@ -40,19 +24,3 @@ export const p256PreMasterSecret = ({

return secret;
};

export const old_p256PreMasterSecret = ({
publicKey,
privateKey,
}: {
publicKey: Buffer;
privateKey: Buffer;
}): Buffer => {
const elliptic = new ec("p256"); // aka secp256r1
const pub = elliptic.keyFromPublic(publicKey).getPublic();
const priv = elliptic.keyFromPrivate(privateKey).getPrivate();
const res = pub.mul(priv);
const secret = Buffer.from(res.encode("array", false)).subarray(1, 33);

return secret;
};
2 changes: 1 addition & 1 deletion packages/dtls/src/cipher/namedCurve.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ export interface NamedCurveKeyPair {
}

export function generateKeyPair(
namedCurve: NamedCurveAlgorithms
namedCurve: NamedCurveAlgorithms,
): NamedCurveKeyPair {
switch (namedCurve) {
case NamedCurveAlgorithm.secp256r1_23: {
Expand Down
20 changes: 10 additions & 10 deletions packages/dtls/src/cipher/prf.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ import { p256PreMasterSecret } from "./ec";
export function prfPreMasterSecret(
publicKey: Buffer,
privateKey: Buffer,
curve: NamedCurveAlgorithms
curve: NamedCurveAlgorithms,
) {
switch (curve) {
case NamedCurveAlgorithm.secp256r1_23:
Expand All @@ -30,7 +30,7 @@ export function prfPHash(
secret: Buffer,
seed: Buffer,
requestedLegth: number,
algorithm = "sha256"
algorithm = "sha256",
) {
const totalLength = requestedLegth;
const bufs: Buffer[] = [];
Expand All @@ -50,7 +50,7 @@ export function prfPHash(
export function prfMasterSecret(
preMasterSecret: Buffer,
clientRandom: Buffer,
serverRandom: Buffer
serverRandom: Buffer,
) {
const seed = Buffer.concat([
Buffer.from("master secret"),
Expand All @@ -62,14 +62,14 @@ export function prfMasterSecret(

export function prfExtendedMasterSecret(
preMasterSecret: Buffer,
handshakes: Buffer
handshakes: Buffer,
) {
const sessionHash = hash("sha256", handshakes);
const label = "extended master secret";
return prfPHash(
preMasterSecret,
Buffer.concat([Buffer.from(label), sessionHash]),
48
48,
);
}

Expand All @@ -79,7 +79,7 @@ export function exportKeyingMaterial(
masterSecret: Buffer,
localRandom: Buffer,
remoteRandom: Buffer,
isClient: boolean
isClient: boolean,
) {
const clientRandom = isClient ? localRandom : remoteRandom;
const serverRandom = isClient ? remoteRandom : localRandom;
Expand All @@ -95,13 +95,13 @@ export function prfVerifyData(
masterSecret: Buffer,
handshakes: Buffer,
label: string,
size = 12
size = 12,
) {
const bytes = hash("sha256", handshakes);
return prfPHash(
masterSecret,
Buffer.concat([Buffer.from(label), bytes]),
size
size,
);
}

Expand All @@ -120,7 +120,7 @@ export function prfEncryptionKeys(
prfKeyLen: number,
prfIvLen: number,
prfNonceLen: number,
algorithm = "sha256"
algorithm = "sha256",
) {
const size = prfKeyLen * 2 + prfIvLen * 2;
const secret = masterSecret;
Expand All @@ -129,7 +129,7 @@ export function prfEncryptionKeys(
secret,
Buffer.concat([Buffer.from("key expansion"), seed]),
size,
algorithm
algorithm,
);
const stream = createDecode(keyBlock);

Expand Down
14 changes: 7 additions & 7 deletions packages/dtls/src/flight/server/flight2.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ export const flight2 =
udp: TransportContext,
dtls: DtlsContext,
cipher: CipherContext,
srtp: SrtpContext
srtp: SrtpContext,
) =>
(clientHello: ClientHello) => {
dtls.flight = 2;
Expand All @@ -55,7 +55,7 @@ export const flight2 =
const curves = EllipticCurves.fromData(extension.data).data;
log(dtls.sessionId, "curves", curves);
const curve = curves.filter((curve) =>
NamedCurveAlgorithmList.includes(curve as any)
NamedCurveAlgorithmList.includes(curve as any),
)[0] as NamedCurveAlgorithms;
cipher.namedCurve = curve;
log(dtls.sessionId, "curve selected", cipher.namedCurve);
Expand All @@ -69,10 +69,10 @@ export const flight2 =
const signatureHash = Signature.fromData(extension.data).data;
log(dtls.sessionId, "hash,signature", signatureHash);
const signature = signatureHash.find(
(v) => v.signature === cipher.signatureHashAlgorithm?.signature
(v) => v.signature === cipher.signatureHashAlgorithm?.signature,
)?.signature;
const hash = signatureHash.find(
(v) => v.hash === cipher.signatureHashAlgorithm?.hash
(v) => v.hash === cipher.signatureHashAlgorithm?.hash,
)?.hash;
if (signature == undefined || hash == undefined) {
throw new Error("invalid signatureHash");
Expand All @@ -88,7 +88,7 @@ export const flight2 =
log(dtls.sessionId, "srtp profiles", useSrtp.profiles);
const profile = SrtpContext.findMatchingSRTPProfile(
useSrtp.profiles as Profile[],
dtls.options?.srtpProfiles
dtls.options?.srtpProfiles,
);
if (!profile) {
throw new Error();
Expand Down Expand Up @@ -137,15 +137,15 @@ export const flight2 =
major: 255 - 1,
minor: 255 - 2,
},
dtls.cookie
dtls.cookie,
);
const fragments = createFragments(dtls)([helloVerifyReq]);
const packets = createPlaintext(dtls)(
fragments.map((fragment) => ({
type: ContentType.handshake,
fragment: fragment.serialize(),
})),
++dtls.recordSequenceNumber
++dtls.recordSequenceNumber,
);

const chunk = packets.map((v) => v.serialize());
Expand Down
14 changes: 7 additions & 7 deletions packages/dtls/src/flight/server/flight4.ts
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
import debug from "debug";

import { CurveType, certificateTypes, signatures } from "../../cipher/const";
import { certificateTypes, CurveType, signatures } from "../../cipher/const";
import { CipherContext } from "../../context/cipher";
import { DtlsContext } from "../../context/dtls";
import { SrtpContext } from "../../context/srtp";
Expand All @@ -24,14 +24,14 @@ export class Flight4 extends Flight {
udp: TransportContext,
dtls: DtlsContext,
private cipher: CipherContext,
private srtp: SrtpContext
private srtp: SrtpContext,
) {
super(udp, dtls, 4, 6);
}

async exec(
clientHello: FragmentedHandshake,
certificateRequest: boolean = false
certificateRequest: boolean = false,
) {
if (this.dtls.flight === 4) {
log(this.dtls.sessionId, "flight4 twice");
Expand Down Expand Up @@ -59,7 +59,7 @@ export class Flight4 extends Flight {
const extensions: Extension[] = [];
if (this.srtp.srtpProfile) {
extensions.push(
UseSRTP.create([this.srtp.srtpProfile], Buffer.from([0x00])).extension
UseSRTP.create([this.srtp.srtpProfile], Buffer.from([0x00])).extension,
);
}
if (this.dtls.options.extendedMasterSecret) {
Expand All @@ -77,7 +77,7 @@ export class Flight4 extends Flight {
Buffer.from([0x00]),
this.cipher.cipherSuite,
0, // do not compression
extensions
extensions,
);
const packets = this.createPacket([serverHello]);
return Buffer.concat(packets.map((v) => v.serialize()));
Expand All @@ -103,7 +103,7 @@ export class Flight4 extends Flight {
this.cipher.signatureHashAlgorithm.hash,
this.cipher.signatureHashAlgorithm.signature,
signature.length,
signature
signature,
);

const packets = this.createPacket([keyExchange]);
Expand All @@ -115,7 +115,7 @@ export class Flight4 extends Flight {
const handshake = new ServerCertificateRequest(
certificateTypes,
signatures,
[]
[],
);
log(this.dtls.sessionId, "sendCertificateRequest", handshake);
const packets = this.createPacket([handshake]);
Expand Down
22 changes: 11 additions & 11 deletions packages/dtls/src/socket.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,14 +47,14 @@ export class DtlsSocket {

constructor(
public options: Options,
public sessionType: SessionTypes
public sessionType: SessionTypes,
) {
this.dtls = new DtlsContext(this.options, this.sessionType);
this.cipher = new CipherContext(
this.sessionType,
this.options.cert,
this.options.key,
this.options.signatureHash
this.options.signatureHash,
);
this.transport = new TransportContext(this.options.transport);
this.setupExtensions();
Expand All @@ -68,7 +68,7 @@ export class DtlsSocket {
this.sessionType,
this.options.cert,
this.options.key,
this.options.signatureHash
this.options.signatureHash,
);
this.dtls = new DtlsContext(this.options, this.sessionType);
this.srtp = new SrtpContext();
Expand All @@ -94,8 +94,8 @@ export class DtlsSocket {
acc[cur.msg_type].push(cur);
return acc;
},
{}
)
{},
),
)
.map((v) => FragmentedHandshake.assemble(v))
.sort((a, b) => a.msg_type - b.msg_type);
Expand Down Expand Up @@ -126,12 +126,12 @@ export class DtlsSocket {
log(
this.dtls.sessionId,
"support srtpProfiles",
this.options.srtpProfiles
this.options.srtpProfiles,
);
if (this.options.srtpProfiles && this.options.srtpProfiles.length > 0) {
const useSrtp = UseSRTP.create(
this.options.srtpProfiles,
Buffer.from([0x00])
Buffer.from([0x00]),
);
this.extensions.push(useSrtp.extension);
}
Expand Down Expand Up @@ -204,7 +204,7 @@ export class DtlsSocket {
send = async (buf: Buffer) => {
const pkt = createPlaintext(this.dtls)(
[{ type: ContentType.applicationData, fragment: buf }],
++this.dtls.recordSequenceNumber
++this.dtls.recordSequenceNumber,
)[0];
await this.transport.send(this.cipher.encryptPacket(pkt).serialize());
};
Expand All @@ -216,7 +216,7 @@ export class DtlsSocket {
extractSessionKeys(keyLength: number, saltLength: number) {
const keyingMaterial = this.exportKeyingMaterial(
"EXTRACTOR-dtls_srtp",
keyLength * 2 + saltLength * 2
keyLength * 2 + saltLength * 2,
);

const { clientKey, serverKey, clientSalt, serverSalt } = decode(
Expand All @@ -226,7 +226,7 @@ export class DtlsSocket {
serverKey: types.buffer(keyLength),
clientSalt: types.buffer(saltLength),
serverSalt: types.buffer(saltLength),
}
},
);

if (this.sessionType === SessionType.CLIENT) {
Expand All @@ -253,7 +253,7 @@ export class DtlsSocket {
this.cipher.masterSecret,
this.cipher.localRandom.serialize(),
this.cipher.remoteRandom.serialize(),
this.sessionType === SessionType.CLIENT
this.sessionType === SessionType.CLIENT,
);
}
}
Expand Down
2 changes: 0 additions & 2 deletions packages/webrtc/package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,6 @@
"buffer-crc32": "^0.2.13",
"date-fns": "^2.29.3",
"debug": "^4.3.4",
"elliptic": "^6.5.4",
"int64-buffer": "^1.0.1",
"ip": "^1.1.8",
"jspack": "^0.0.4",
Expand All @@ -63,7 +62,6 @@
"@types/aes-js": "^3.1.1",
"@types/buffer-crc32": "^0.2.2",
"@types/debug": "^4.1.7",
"@types/elliptic": "^6.4.14",
"@types/ip": "^1.1.0",
"@types/jest": "^29.2.4",
"@types/lodash": "^4.14.191",
Expand Down

0 comments on commit 028e0c2

Please sign in to comment.