reformat

Author: Srabutdotcom

.gitignore

@@ -1 +1,2 @@
-/.vscode
+/.vscode
+/play

deno.json

@@ -1,6 +1,6 @@
 {
   "name": "@tls/keyexchange",
-  "version": "0.2.5",
+  "version": "0.2.6",
   "exports": "./src/mod.ts",
   "publish": {
     "exclude": ["dist/"]
@@ -18,6 +18,6 @@
     "@tls/extension": "jsr:@tls/extension@^0.3.0",
     "@tls/handshake": "jsr:@tls/handshake@^0.0.5",
     "@tls/record": "jsr:@tls/record@^0.1.3",
-    "@tls/struct": "jsr:@tls/struct@^0.3.7"
+    "@tls/struct": "jsr:@tls/struct@^0.3.8"
   }
 }

deno.lock

@@ -1,146 +1,131 @@
 //@ts-self-types = "../type/clienthello.d.ts"
-import {
-   Uint8, Uint16, Uint24, Version, Constrained, Cipher, Struct,
-   Extension, ExtensionType,
-   NamedGroupList, NamedGroup, RecordSizeLimit,
-   KeyShareClientHello, SupportedVersions, ServerNameList, PskKeyExchangeModes,
-   Cookie, Supported_signature_algorithms,
-   HandshakeType,
-   OfferedPsks,
-   EarlyDataIndication,
-   Padding,
-   safeuint8array,
-   Handshake,
-} from "./dep.ts"
+import { Cipher, Constrained, ContentType, Cookie, EarlyDataIndication, Extension, ExtensionType, HandshakeType, KeyShareClientHello, NamedGroupList, OfferedPsks, Padding, parseItems, PskKeyExchangeModes, RecordSizeLimit, safeuint8array, ServerNameList, Supported_signature_algorithms, SupportedVersions, Uint16, Uint24, Version } from "./dep.ts";
 
-export class ClientHello extends Struct {
-   legacy_version;
-   random; // offset 2, length 32
-   legacy_session;// offset = 32, length = 1;
-   cipher_suites; // offset = 33;
-   legacy_compression_methods; // offset = 33 + cipher_suites.length
-   extensions;
-   ext = new Map;
-   static fromHandShake(handshake) {
-      const copy = Uint8Array.from(handshake);
-      let offset = 0;
-      const _type = HandshakeType.from(copy); offset += 1;
-      const lengthOf = Uint24.from(copy.subarray(offset)).value; offset += 3;
-      return ClientHello.from(copy.subarray(offset, offset + lengthOf));
+export class ClientHello extends Uint8Array {
+   #version
+   #random
+   #legacy_session_id
+   #ciphers
+   #legacy_compression_methods
+   #extensions
+   static create(...args){
+      return new ClientHello(...args)
    }
-   static fromHandshake = ClientHello.fromHandShake
-   static from(array) {
-      const copy = Uint8Array.from(array);
-      let offset = 0
-      const legacy_version = Version.from(copy.subarray(offset)); offset += 2;
-      const random = copy.subarray(offset, offset + 32); offset += 32;
-      const legacy_session = Legacy_session_id.from(copy.subarray(offset)); offset += legacy_session.length;
-      const cipher_suites = Cipher_suites.from(copy.subarray(offset)); offset += cipher_suites.length;
-      const _legacy_compression_methods = Legacy_compression_methods.from(copy.subarray(offset)); offset += _legacy_compression_methods.length;
-      const extensions = Extensions.from(copy.subarray(offset));
-      return new ClientHello(legacy_version, random, legacy_session, cipher_suites, ...extensions.extensions)
+   static from = ClientHello.create
+   constructor(...args) {
+      args = (args.at(0) instanceof Uint8Array)? sanitize(...args): args
+      super(...args)
    }
-   constructor(
-      legacy_version = Version.legacy.protocolVersion(),
-      random = crypto.getRandomValues(new Uint8Array(32)),
-      legacy_session = new Legacy_session_id,
-      cipher_suites = new Cipher_suites(Cipher.AES_128_GCM_SHA256, Cipher.AES_256_GCM_SHA384),
-      ...extensions
-   ) {
-
-      const legacy_compression_methods = new Legacy_compression_methods;
-
-      super(
-         legacy_version instanceof Uint8Array ? legacy_version : legacy_version.Uint16,
-         random,
-         legacy_session,
-         cipher_suites,
-         legacy_compression_methods,
-         Extensions.fromExtension(...extensions)
-      )
-      this.legacy_version = legacy_version;
-      this.random = random;
-      this.legacy_session = legacy_session;
-      this.cipher_suites = cipher_suites;
-      this.legacy_compression_methods = legacy_compression_methods
-      let offset = legacy_version.length + random.length + legacy_session.length
-         + cipher_suites.length + legacy_compression_methods.length;
-      this.extensions = extensions;
-      for (const ex of extensions) {
-         this.ext.set(ex.extension_type?.name, { pos: offset + 2, data: ex.extension_data });
-         offset += ex.length;
+   get version() {
+      this.#version ||= Version.from(this.subarray(0, 2))
+      return this.#version
+   }
+   get random() {
+      this.#random ||= this.subarray(2, 34);
+      return this.#random;
+   }
+   get legacy_session_id() {
+      if (this.#legacy_session_id) return this.#legacy_session_id
+      const lengthOf = this.at(34);
+      if (lengthOf == 0) {
+         this.#legacy_session_id = this.subarray(34, 35);
+      } else {
+         this.#legacy_session_id = this.subarray(35, 35 + lengthOf)
       }
+      return this.#legacy_session_id
    }
-   static fromServerName(serverName) {
-      return new ClientHello(undefined, undefined, undefined, undefined,
-         Uint8Array.of(
-            0, 10, 0, 12, 0, 10, 0, 29, 0, 23, 0, 24, 0, 30, 0, 25, // ExtensionType.SUPPORTED_GROUPS.extension(NamedGroupList.default());
-            0, 13, 0, 18, 0, 16, 8, 6, 8, 5, 8, 4, 8, 7, 8, 8, 6, 3, 5, 3, 4, 3, // ExtensionType.SIGNATURE_ALGORITHMS.extension(Supported_signature_algorithms.default());
-            0, 43, 0, 3, 2, 3, 4, // ExtensionType.SUPPORTED_VERSIONS.extension(SupportedVersions.forClient_hello())
-            0, 45, 0, 2, 1, 1 // ExtensionType.PSK_KEY_EXCHANGE_MODES.extension(PskKeyExchangeModes.default())
-         ),
-         ExtensionType.SERVER_NAME.extension(ServerNameList.fromName(serverName)),
-         ExtensionType.KEY_SHARE.extension(KeyShareClientHello.fromKeyShareEntries(
-            NamedGroup.X25519.keyShareEntry(),
-            NamedGroup.SECP256R1.keyShareEntry()
-         ))
-      )
+   get ciphers() {
+      this.#ciphers ||= Cipher_suites.from(this.subarray(35 + this.at(34)));
+      return this.#ciphers;
+   }
+   /**
+    * For every TLS 1.3 ClientHello, this vector
+      MUST contain exactly one byte, set to zero, which corresponds to
+      the "null" compression method in prior versions of TLS.  If a
+      TLS 1.3 ClientHello is received with any other value in this
+      field, the server MUST abort the handshake with an
+      "illegal_parameter" alert.
+    */
+   get legacy_compression_methods() {
+      if (this.#legacy_compression_methods) return this.#legacy_compression_methods
+      const offset = 34 + this.legacy_session_id.length + this.ciphers.length;
+      this.#legacy_compression_methods ||= this.subarray(offset, offset + 2);
+      return this.#legacy_compression_methods
+   }
+   get extensions() {
+      if (this.#extensions) return this.#extensions;
+      const copy = this.subarray(34 + this.legacy_session_id.length + this.ciphers.length + 2)
+      const lengthOf = Uint16.from(copy).value;
+      if (lengthOf < 8) throw TypeError(`Length min. 8 bytes`)
+      if (lengthOf > 2 ** 16 - 2) throw TypeError(`Length max: ${2 ** 16 - 2}`)
+      const output = new Map;
+      let offset = 2;
+      while (true) {
+         const extension = Extension.from(copy.subarray(offset)); offset += extension.length
+         parseExtension(extension);
+         extension.extension_data.pos = offset + 2;
+         output.set(extension.extension_type, extension.extension_data)
+         if (offset >= lengthOf) break;
+         if (offset >= copy.length) break;
+      }
+      this.#extensions ||= output;
+      return this.#extensions;
    }
-
-   get handshake() { return new Handshake(HandshakeType.CLIENT_HELLO, this) }
-   get record() { return this.handshake.record }
-
    addBinders(binders) {
-      const psk = this.ext.get('PRE_SHARED_KEY');
-      const lengthOf = psk.data.length + binders.length;
+      const psk = this.extensions.get(ExtensionType.PRE_SHARED_KEY);
+      const lengthOf = psk.length + binders.length;
       const uint16 = Uint16.fromValue(lengthOf)
       const array = safeuint8array(this, binders);
       array.set(uint16, psk.pos + 2);
-      return ClientHello.from(array)
+      return new ClientHello(array)
    }
    binderPos() {
-      const psk = this.ext.get('PRE_SHARED_KEY');
-      return psk.pos + 4 + psk.data.identities.length
+      const psk = this.extensions.get(ExtensionType.PRE_SHARED_KEY);
+      return psk.pos + 4 + psk.identities.length
    }
 }
 
-export class Cipher_suites extends Constrained {
-   static from(array) {
-      const copy = Uint8Array.from(array);
-      const lengthOf = Uint16.from(copy).value;
-      const ciphers = [];
-      for (let offset = 2; offset < lengthOf + 2; offset += 2) {
-         const cipher = Cipher.from(copy.subarray(offset));
-         ciphers.push(cipher)
+function sanitize(...args) {
+   try {
+      if(Version.from(...args) instanceof Version) return args
+      throw Error
+   } catch (_error) {
+      try {
+         if(HandshakeType.from(args[0]) == HandshakeType.CLIENT_HELLO){
+            const lengthOf = Uint24.from(args[0].subarray(1)).value;
+            return [args[0].subarray(4, 4 + lengthOf)]
+         }
+         throw Error
+      } catch (_error) {
+         try {
+            const contentType = ContentType.from(args[0]);
+            const handshakeType = HandshakeType.from(args[0].subarray(5));
+            const lengthOf = Uint24.from(args[0].subarray(6)).value;
+            const conditions = [
+               contentType == ContentType.HANDSHAKE,
+               handshakeType == HandshakeType.CLIENT_HELLO
+            ]
+            if(conditions.every(e=>e==true))return [args[0].subarray(9, 9 + lengthOf)]
+            throw Error;
+         } catch (error) {
+            throw error;
+         }
       }
-      return new Cipher_suites(...ciphers)
-   }
-   constructor(...ciphers) {
-      super(2, 2 ** 16 - 2, ...ciphers.map(e => e.Uint16))
-      this.ciphers = new Set(ciphers);
    }
 }
 
-class Extensions extends Constrained {
-   static fromExtension(...extensions) { return new Extensions(...extensions) }
+//const test_0 = new ClientHello(HandshakeType.CLIENT_HELLO.Uint8)
+
+export class Cipher_suites extends Constrained {
    static from(array) {
       const copy = Uint8Array.from(array);
       const lengthOf = Uint16.from(copy).value;
-      const extensions = [];
-      let offset = 2;
-      //for (let offset = 2; offset < lengthOf + 2;) {
-      while (true) {
-         const extension = Extension.from(copy.subarray(offset)); offset += extension.length
-         parseExtension(extension);
-         extensions.push(extension)
-         if (offset >= lengthOf) break;
-         if (offset >= copy.length) break;
-      }
-      return new Extensions(...extensions)
+      const ciphers = parseItems(copy, 2, lengthOf, Cipher);
+      return new Cipher_suites(...ciphers)
    }
-   constructor(...extensions) {
-      super(8, 2 ** 16 - 1, ...extensions)
-      this.extensions = extensions
+   constructor(...ciphers) {
+      super(2, 2 ** 16 - 2, ...ciphers.map(e => e.Uint16))
+      this.ciphers = ciphers;
    }
 }
 
@@ -185,28 +170,3 @@ function parseExtension(extension) {
    }
 }
 
-class Legacy_session_id extends Constrained {
-   static from(array) {
-      const copy = Uint8Array.from(array);
-      const lengthOf = Uint8.from(copy).value;
-      if (lengthOf == 0) return new Legacy_session_id;
-      return new Legacy_session_id(copy.subarray(1, 1 + lengthOf))
-   }
-   constructor(opaque = new Uint8Array) {
-      super(0, 32, opaque)
-      this.opaque = opaque
-   }
-}
-
-class Legacy_compression_methods extends Constrained {
-   static from(array) {
-      const copy = Uint8Array.from(array);
-      const lengthOf = Uint8.from(copy).value;
-      return new Legacy_compression_methods(copy.subarray(1, 1 + lengthOf))
-   }
-   constructor(opaque = Uint8Array.of(0)) {
-      super(0, 2 ** 8 - 1, opaque)
-      this.opaque = opaque
-   }
-}
-

src/clienthello.js

@@ -1,5 +1,3 @@
 export * from "@tls/struct";
 export * from "@tls/enum";
 export * from "@tls/extension";
-export * from "@tls/handshake";
-export * from "@tls/record";

src/dep.ts

@@ -1,2 +1,2 @@
-export { Cipher_suites, ClientHello } from "./clienthello.js";
-export { ServerHello } from "./serverhello.js";
+export * from "./clienthello.js";
+export * from "./serverhello.js";