UNPKG

@reclaimprotocol/tls

Version:

WebCrypto Based Cross Platform TLS

github.com/reclaimprotocol/tls/

75 lines (74 loc) 3.77 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
import type { ProcessPacket, TLSClientOptions, TLSHandshakeOptions, TLSKeyType, TLSSessionTicket } from './types/index.ts'; export declare function makeTLSClient({ host, verifyServerCertificate, rootCAs, logger: _logger, cipherSuites, namedCurves, supportedProtocolVersions, signatureAlgorithms, applicationLayerProtocols, write, onRead, onApplicationData, onSessionTicket, onTlsEnd, onHandshake, onRecvCertificates }: TLSClientOptions): { getMetadata(): { cipherSuite: "TLS_CHACHA20_POLY1305_SHA256" | "TLS_AES_256_GCM_SHA384" | "TLS_AES_128_GCM_SHA256" | "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256" | "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256" | "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256" | "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256" | "TLS_RSA_WITH_AES_128_GCM_SHA256" | "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384" | "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384" | "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA" | "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA" | undefined; keyType: TLSKeyType | undefined; version: "TLS1_3" | "TLS1_2" | undefined; selectedAlpn: string | undefined; }; hasEnded(): boolean; /** * Get the current traffic keys */ getKeys(): { recordSendCount: number; recordRecvCount: number; type: "TLS1_3"; masterSecret: Uint8Array<ArrayBufferLike>; clientSecret: Uint8Array<ArrayBuffer>; serverSecret: Uint8Array<ArrayBuffer>; clientEncKey: unknown; serverEncKey: unknown; clientIv: Uint8Array<ArrayBuffer>; serverIv: Uint8Array<ArrayBuffer>; } | { recordSendCount: number; recordRecvCount: number; type: "TLS1_2"; masterSecret: Uint8Array<ArrayBuffer>; clientMacKey: unknown; serverMacKey: unknown; clientEncKey: unknown; serverEncKey: unknown; clientIv: Uint8Array<ArrayBuffer>; serverIv: Uint8Array<ArrayBuffer>; serverSecret: Uint8Array<ArrayBuffer>; clientSecret: Uint8Array<ArrayBuffer>; } | undefined; /** * Session ID used to connect to the server */ getSessionId(): Uint8Array<ArrayBufferLike>; isHandshakeDone(): boolean; getPskFromTicket(ticket: TLSSessionTicket): Promise<{ identity: Uint8Array<ArrayBufferLike>; ticketAge: number; finishKey: unknown; resumeMasterSecret: Uint8Array<ArrayBuffer>; earlySecret: Uint8Array<ArrayBufferLike>; cipherSuite: "TLS_CHACHA20_POLY1305_SHA256" | "TLS_AES_256_GCM_SHA384" | "TLS_AES_128_GCM_SHA256" | "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256" | "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256" | "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256" | "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256" | "TLS_RSA_WITH_AES_128_GCM_SHA256" | "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384" | "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384" | "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA" | "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA"; }>; /** * Start the handshake with the server */ startHandshake(opts?: TLSHandshakeOptions): Promise<void>; /** * Handle bytes received from the server. * Could be a complete or partial TLS packet */ handleReceivedBytes(data: Uint8Array): Promise<void>; /** * Handle a complete TLS packet received * from the server */ handleReceivedPacket: ProcessPacket; /** * Utilise the KeyUpdate handshake message to update * the traffic keys. Available only in TLS 1.3 * @param requestUpdateFromServer should the server be requested to * update its keys as well */ updateTrafficKeys(requestUpdateFromServer?: boolean): Promise<void>; write(data: Uint8Array): Promise<void>; end: (error?: Error) => Promise<void>; };