Certificate Patch

Remove Dead Files

udsp/client/index.js

@@ -102,11 +102,9 @@ export class Client {
 		};
 		const {
 			publicKey,
-			secretKey: privateKey,
+			privateKey,
 		} = thisClient.keypair;
 		clientSession(receiveKey, transmitKey, publicKey, privateKey, destinationPublicKey);
-		// Can be used to encrypt-authenticate the profile with the server
-		// clientSession(ephemeralProfileReceiveKey, ephemeralProfileTransmitKey, profile.ephemeral.publicKey, profile.ephemeral.secretKey, destinationPublicKey);
 		configure(`Shared Keys Created`);
 		console.log(receiveKey, transmitKey);
 		const serviceKey = toBase64(destinationSignature);
@@ -123,10 +121,10 @@ export class Client {
 		const thisClient = this;
 		const {
 			publicKey,
-			secretKey
+			privateKey
 		} = thisClient.keypair;
 		thisClient.destination.publicKey = targetPublicKey;
-		const newSessionKeys = sessionKeys(publicKey, secretKey, targetPublicKey);
+		const newSessionKeys = sessionKeys(publicKey, privateKey, targetPublicKey);
 		thisClient.ephemeralKeypair = thisClient.reKey;
 		thisClient.transmitKey = newSessionKeys.transmitKey;
 		thisClient.receiveKey = newSessionKeys.receiveKey;

udsp/decodePacket.js

@@ -17,7 +17,7 @@ export function decodePacketHeaders(config) {
 		server,
 		source,
 		state,
-		connectionIdkeypair,
+		connectionIdKeypair,
 		keypair,
 	} = config;
 	const client = config.client;
@@ -45,8 +45,7 @@ export function decodePacketHeaders(config) {
 	info(`headers.id: ${toBase64(headers.id)}`);
 	if (headers.id.length > 24) {
 		success('Server Connection ID Decrypted');
-		const connectionIdkeypair = (connectionIdkeypair);
-		const headerId = boxUnseal(headers.key, connectionIdkeypair || serverPublicKey, connectionIdPrivateKey || serverPrivateKey);
+		const headerId = boxUnseal(headers.key, connectionIdKeypair.publicKey, connectionIdKeypair.privateKey);
 		if (!headers.id) {
 			return failed(headers.id, 'Packet ID Decrypt Failed');
 		}

udsp/server/clients/reKey.js

@@ -5,9 +5,9 @@ import { sessionKeys } from '#crypto';
 export async function reKey(client, certificate, server) {
 	const {
 		publicKey,
-		secretKey
+		privateKey
 	} = client.reKey;
-	const newSessionKeys = sessionKeys(publicKey, secretKey, certificate.key);
+	const newSessionKeys = sessionKeys(publicKey, privateKey, certificate.key);
 	client.ephemeralKeypair = client.reKey;
 	client.transmitKey = newSessionKeys.transmitKey;
 	client.receiveKey = newSessionKeys.receiveKey;

udsp/server/index.js

@@ -26,7 +26,7 @@ import { onPacket } from './onPacket.js';
 import { sendPacket } from '#udsp/sendPacket';
 import { actions } from './actions/index.js';
 import { getCertificate } from '#certificate';
-import { createConnectionIdKey, randomBuffer } from '#crypto';
+import { randomConnectionId } from '#crypto';
 const { seal } = Object;
 /*
   * socket ID: SID
@@ -36,7 +36,6 @@ export class Server {
 		return this.initialize(serverConfiguration);
 	}
 	description = 'Server';
-	connectionIdKey = createConnectionIdKey();
 	defaultExtension = 'js';
 	port = 80;
 	ip = '::1';
@@ -93,18 +92,24 @@ export class Server {
 		thisServer.bindActions(actions);
 		if (configuration.certificate) {
 			thisServer.certificate = await getCertificate(configuration.certificate);
-			thisServer.keypair = thisServer.certificate.ephemeral;
+			thisServer.keypair = {
+				publicKey: thisServer.certificate.publicKey || thisServer.certificate.ephemeral.publicKey,
+				privateKey: thisServer.certificate.privateKey || thisServer.certificate.ephemeral.privateKey,
+			};
 		}
 		if (configuration.connectionIdCertificate) {
 			thisServer.connectionIdCertificate = await getCertificate(configuration.connectionIdCertificate);
-			thisServer.connectionIdKeypair = thisServer.connectionIdCertificate.ephemeral;
 		} else if (configuration.encryptConnectionId) {
-			thisServer.connectionIdKeypair = thisServer.keypair;
+			thisServer.connectionIdKeypair = thisServer.certificate;
 		}
-		if (configuration.randomId) {
-			thisServer.id = randomBuffer(4);
-		} else if (!thisServer.id) {
-			thisServer.id = randomBuffer(4);
+		if (thisServer.connectionIdKeypair) {
+			thisServer.connectionIdKeypair = {
+				publicKey: thisServer.connectionIdKeypair.publicKey || thisServer.connectionIdKeypair.ephemeral.publicKey,
+				privateKey: thisServer.connectionIdKeypair.privateKey || thisServer.connectionIdKeypair.ephemeral.privateKey,
+			};
+		}
+		if (configuration.randomId || !thisServer.id) {
+			thisServer.id = randomConnectionId(4);
 		}
 		if (isFunction(thisServer.id)) {
 			thisServer.id = await thisServer.id();

utilities/certificate/create.js

@@ -1,7 +1,7 @@
 import { logCert, imported } from '#logs';
 import { read, write } from '#file';
 import { signKeypair, signDetached } from '#crypto';
-import { saveCertificate } from './save.js';
+import { saveCertificate, saveProfile } from './save.js';
 import { assign, merge, clone } from 'Acid';
 import { encode } from 'msgpackr';
 imported('Certificate Creation');
@@ -27,6 +27,7 @@ function certificateFactory(config, options = {}) {
 		} = signKeypair();
 		certificate.publicKey = publicKey;
 		certificateWrapper.privateKey = privateKey;
+		certificateWrapper.publicKey = publicKey;
 	}
 	if (options.master) {
 		certificate.masterSignature = signDetached(certificate.publicKey, options.master.privateKey);
@@ -44,7 +45,9 @@ export async function createProfile(config) {
 		template: {
 			ephemeral: ephemeralTemplate,
 			master: masterTemplate
-		}
+		},
+		savePath,
+		certificateName
 	} = config;
 	const master = certificateFactory(masterTemplate);
 	const ephemeral = certificateFactory(ephemeralTemplate, {
@@ -57,15 +60,27 @@ export async function createProfile(config) {
 	console.log(`ephemeral: ${ephemeral.certificate.length}bytes`);
 	console.log(`master: ${master.certificate.length}bytes`);
 	if (config.savePath) {
-		await saveCertificate(profile, config.savePath, config.certificateName);
+		await saveProfile({
+			profile,
+			savePath,
+			certificateName
+		});
 	}
 	console.log('CERTIFICATE BUILT');
 	return profile;
 }
 export async function createCertificate(config, options) {
 	const certificate = certificateFactory(config.template, options);
+	const {
+		savePath,
+		certificateName
+	} = config;
 	if (config.savePath) {
-		await saveCertificate(certificate, config.savePath, config.certificateName);
+		await saveCertificate({
+			certificate,
+			savePath,
+			certificateName
+		});
 	}
 	return certificate;
 }

utilities/certificate/save.js

@@ -1,9 +1,41 @@
 import { write } from '#file';
 import { encode } from 'msgpackr';
-import { resolve } from 'path';
-export async function saveCertificate(certificate, directory, certificateName = 'profile') {
-	const savePath = resolve(`${directory}/${certificateName}.cert`);
+import { resolve, normalize } from 'path';
+export async function saveCertificate(config) {
+	const {
+		certificate,
+		savePath,
+		certificateName
+	} = config;
+	const savePathRoot = `${resolve(`${savePath}`)}/${certificateName}`;
+	const publicCertificate = certificate.certificate;
 	const encodedCertificate = encode(certificate);
-	await write(savePath, encodedCertificate);
-	console.log(savePath, `${encodedCertificate.length} bytes`);
+	await write(`${savePathRoot}-Public.cert`, publicCertificate);
+	await write(`${savePathRoot}.cert`, encodedCertificate);
+}
+export async function saveProfile(config) {
+	const {
+		savePath,
+		certificateName,
+		profile,
+		profile: {
+			ephemeral: ephemeralCertificate,
+			master: masterCertificate
+		}
+	} = config;
+	console.log(config);
+	const ephemeral = {
+		certificate: ephemeralCertificate,
+		savePath,
+		certificateName: `${certificateName}Ephemeral`
+	};
+	await saveCertificate(ephemeral);
+	const master = {
+		certificate: masterCertificate,
+		savePath,
+		certificateName: `${certificateName}Master`
+	};
+	await saveCertificate(master);
+	const savePathRoot = `${resolve(`${savePath}`)}/${certificateName}-Profile.cert`;
+	await write(savePathRoot, encode(profile));
 }