New Certificates

Server & Client Convert in progress

jsconfig.json

@@ -53,12 +53,6 @@
 			"#logs": [
 				"./utilities/logs.js"
 			],
-			"#buildPacketSize": [
-				"./utilities/buildPacketSize.js"
-			],
-			"#buildStringSize": [
-				"./utilities/buildStringSize.js"
-			],
 			"#cleanPath": [
 				"./utilities/cleanPath.js"
 			],
@@ -99,4 +93,4 @@
 		"**/target/*",
 		"node_modules"
 	]
-}
+}

package.json

@@ -83,8 +83,6 @@
 		"#crypto": "./utilities/crypto.js",
 		"#watch": "./utilities/watch.js",
 		"#logs": "./utilities/logs.js",
-		"#buildPacketSize": "./utilities/buildPacketSize.js",
-		"#buildStringSize": "./utilities/buildStringSize.js",
 		"#cleanPath": "./utilities/cleanPath.js",
 		"#file": "./utilities/file.js",
 		"#propertyAccess": "./utilities/propertyAccess.js",
@@ -121,4 +119,4 @@
 	"devDependencies": {
 		"@electron-forge/cli": "^6.0.5"
 	}
-}
+}

scripts/certificates.js

@@ -1,145 +1,41 @@
-import { createState } from 'state/index.js';
-const state = await createState('certificates');
-const {
-	certificates: {
-		createDomainCertificate,
-		createIdentityCertificate,
-		createRootCertificate,
-		createEphemeralCertificate,
-		createMasterCertificate
-	},
-	certificate: { save }
-} = state;
-const domainCert = await createDomainCertificate({
+import { createProfile } from '#certificate';
+import { currentPath } from '#directory';
+const dirname = currentPath(import.meta);
+const domainCert = await createProfile({
 	template: {
-		  ephemeral: {
-			version: 1,
-			ip: '127.0.0.1',
-			port: 443,
-			host: 'universal.web',
-			locality: {
-				state: 'NJ',
-				country: 'US'
-			},
-			start: Date.now(),
-			end: 99999999990,
-		  },
-		  master: {
-			version: 1,
-			algo: 'default',
-			hostname: 'universal.web',
-			organization: {
-				name: 'UW',
-			},
-			locality: {
-				state: 'NJ',
-				country: 'US'
-			},
-			start: Date.now(),
-			end: 99999999990,
-		  }
-	}
-});
-console.log('DOMAIN CERTIFICATE', domainCert);
-const disCert = await createDomainCertificate({
-	template: {
-		  ephemeral: {
-			version: 1,
-			ip: '127.0.0.1',
-			port: 443,
-			host: 'main.dis',
-			locality: {
-				state: 'NJ',
-				country: 'US'
-			},
-			start: Date.now(),
-			end: 99999999990,
-		  },
-		  master: {
+		ephemeral: {
 			version: 1,
+			ip: '::1',
 			algo: 'default',
-			hostname: 'main.dis',
-			organization: {
-				name: 'UW',
+			port: 8888,
+			host: 'universal.web',
+			entity: {
+				name: 'Universal Web',
 			},
 			locality: {
-				state: 'NJ',
+				state: 'FL',
 				country: 'US'
 			},
-			start: Date.now(),
-			end: 99999999990,
-		  }
-	}
-});
-console.log('DIS CERTIFICATE', disCert);
-const identityCert = await createIdentityCertificate({
-	template: {
-		  ephemeral: {
-			version: 1,
-			algo: 'default',
-			start: Date.now(),
-			end: 99999999990,
-		  },
-		  master: {
-			version: 1,
-			algo: 'default',
-			start: Date.now(),
-			end: 99999999990,
-		  }
-	}
+			encryptConnectionId: true,
+			compression: true,
+			headerCompression: true,
+		},
+		master: {},
+	},
+	savePath: `${dirname}/../services`,
+	certificateName: 'universal.web'
 });
-console.log('IDENTITY CERTIFICATE', identityCert);
-const rootCert = await createRootCertificate({
+console.log('DOMAIN CERTIFICATE CREATED');
+const identityCert = await createProfile({
 	template: {
 		ephemeral: {
-			id: '1',
-			parent: '0',
 			version: 1,
-			host: 'us.east.dis',
-			ip: '192.168.1.1',
-			port: 80,
-			pad: 900,
-			issuer: 'Sentivate',
-			issuerID: '0',
-			algo: 'default',
-			start: Date.now(),
-			end: 99999999990,
-			master: '0'
 		},
 		master: {
 			version: 1,
-			algo: 'default',
-			id: '0',
-			type: 'root',
-			issuer: 'Sentivate',
-			issuerID: '0',
-			country: 'US',
-			contact: 'issuer',
-			start: Date.now(),
-			end: 99999999990,
 		}
-	}
-});
-console.log('ROOT CERTIFICATE', rootCert);
-const masterCert = await createMasterCertificate({
-	template: {
-		version: 1,
-		algo: 'default',
-		start: Date.now(),
-		end: 99999999990,
-	}
-});
-console.log('MASTER CERTIFICATE', masterCert);
-const ephemeralCert = await createEphemeralCertificate({
-	template: {
-		version: 1,
-		algo: 'default',
-		start: Date.now(),
-		end: 99999999990,
 	},
-	master: masterCert
+	savePath: `${dirname}/../profiles`,
+	certificateName: 'default'
 });
-console.log('EPHEMERAL CERTIFICATE', ephemeralCert);
-save(identityCert, `${__dirname}/../profiles`, 'default');
-save(domainCert, `${__dirname}/../services`, 'universal.web');
-save(disCert, `${__dirname}/../services`, 'main.dis');
+console.log('IDENTITY CERTIFICATE CREATED');

scripts/tempCodeRunnerFile.js

@@ -0,0 +1,2 @@
+
+				state: 'FL',

serverApp/index.js

@@ -5,13 +5,15 @@ import { createServer } from '#udsp';
 import { info } from '#logs';
 import { currentPath } from '#directory';
 const appServer = await createServer({
+	encryptConnectionId: true,
+	randomId: true,
 	// realtime mode - to keep the connection alive for bidirectional communication
 	realtime: false,
 	gracePeriod: 30000,
 	// Source Verification to ensure that data coming from a client is coming from that source
 	sourceVerification: true,
 	// Max packet retries for a singular request before restarting the request
-	maxPacketRetries: 3,
+	maxPacketRetries: 5,
 	// Max retries for a singular request before giving up
 	maxRequestRetries: 3,
 	// Max retries for a singular request before giving up
@@ -29,15 +31,15 @@ const appServer = await createServer({
 	// default file extension default is .js but WWW default is www
 	defaultExtension: 'html',
 	// Domain certificate to be loaded used for connection encryption
-	profile: `${currentPath(import.meta)}../services/universal.web.cert`,
+	certificate: `${currentPath(import.meta)}../services/universal.web.cert`,
 	// Where to load app resources from
 	resourceDirectory: `${currentPath(import.meta)}resources/`,
 	// Server ID used for load balancing and attaching to the end of connection IDs
 	// id: Buffer.from('alpha'),
 	// on connect message to respond with when a connection is established
 	onConnectMessage: `Welcome to the Universal Web.`,
 	// Port to listen on for connections
-	port: 8888,
-	ip: '::1'
+	// port: 8888,
+	// ip: '::1'
 });
 info('App Server Status', appServer);

udsp/client/index.js

@@ -37,6 +37,7 @@ import { onMessage } from './onPacket.js';
 import { connect } from './connect.js';
 import { onListening } from './listening.js';
 import { currentPath } from '#directory';
+import { encrypt } from '../../utilities/crypto';
 // UNIVERSAL WEB Client Class
 export class Client {
 	constructor(configuration) {
@@ -47,7 +48,8 @@ export class Client {
 			service,
 			profile,
 			ip: configIP,
-			port: configPort
+			port: configPort,
+			encryptConnectionId
 		} = configuration;
 		const {
 			ip,
@@ -80,6 +82,10 @@ export class Client {
 		const ephemeralProfileReceiveKey = thisClient.ephemeralProfileReceiveKey = createSessionKey();
 		success(`Creating Connection Keypair`);
 		thisClient.keypair = keypair();
+		if (encryptConnectionId) {
+			thisClient.connectionIdKeypair = thisClient.keypair;
+		}
+		thisClient.keypair = keypair();
 		thisClient.ephemeralPublic = omit(profile.ephemeral, ['private']);
 		if (profile.master) {
 			thisClient.masterPublic = omit(profile.master, ['private']);
@@ -130,7 +136,6 @@ export class Client {
 	type = 'client';
 	description = `The Universal Web's UDSP client module to initiate connections to a UDSP Server.`;
 	descriptor = 'UDSP_CLIENT';
-	connectionIdKey = createConnectionIdKey();
 	nonce = emptyNonce();
 	maxMTU = 1000;
 	encoding = 'binary';
@@ -142,15 +147,15 @@ export class Client {
 	close() {
 		console.log(this, 'client closed down.');
 		this.server.close();
-		Client.connections.delete(this.connectionKey);
+		Client.connections.delete(this.id);
 	}
 	packetIdGenerator = construct(UniqID);
 }
 export function getClient(configuration) {
 	const serviceKey = configuration.service.ephemeral.signature.toString('base64');
 	const profileKey = configuration.profile.ephemeral.signature.toString('base64');
-	const connectionKey = `${serviceKey}${profileKey}`;
-	const clientFound = Client.connections.get(connectionKey);
+	const connectionId = `${serviceKey}${profileKey}`;
+	const clientFound = Client.connections.get(connectionId);
 	if (clientFound) {
 		return clientFound;
 	}

udsp/client/onPacket.js

@@ -12,7 +12,6 @@ export async function onMessage(packetEncoded) {
 		receiveKey,
 		nonce,
 		keypair,
-		connectionIdKey
 	} = this;
 	msgReceived('Message Received');
 	const config = {
@@ -21,7 +20,7 @@ export async function onMessage(packetEncoded) {
 		nonce,
 		packetEncoded,
 		isClient: true,
-		connectionIdKey
+		keypair
 	};
 	const headers = decodePacketHeaders(config);
 	const packet = await decodePacket(config);

udsp/decodePacket.js

@@ -4,7 +4,7 @@ import {
 import { decode, } from 'msgpackr';
 import { assign, } from 'Acid';
 import {
-	encrypt, nonceBox, toBase64, hashSign, decrypt, boxUnseal, sessionKeys, getConnectionIdData
+	encrypt, nonceBox, toBase64, hashSign, decrypt, boxUnseal, sessionKeys
 } from '#crypto';
 import { createClient } from './server/clients/index.js';
 export function decodePacketHeaders(config) {
@@ -17,7 +17,8 @@ export function decodePacketHeaders(config) {
 		server,
 		source,
 		state,
-		connectionIdKey
+		connectionIdkeypair,
+		keypair,
 	} = config;
 	const client = config.client;
 	info(`Packet Encoded Size ${packetEncoded.length}`);
@@ -33,16 +34,27 @@ export function decodePacketHeaders(config) {
 	info(`clientId: ${toBase64(headers.id)}`);
 	if (headers.key) {
 		success(`Public Key is given -> Processing as create client`);
+		const publicKey = boxUnseal(headers.key, keypair.publicKey, keypair.privateKey);
+		if (!publicKey) {
+			return failed(publicKey, 'Client Key Decrypt Failed');
+		}
+		headers.key = publicKey;
 	} else {
 		success(`No Public Key is given -> Processing as a message`);
-		headers.id = getConnectionIdData(headers.id, connectionIdKey);
-		if (headers.id) {
-			success('Server Connection ID Decrypted');
-		} else {
-			return failed(`No ID -> Invalid Packet`);
+	}
+	info(`headers.id: ${toBase64(headers.id)}`);
+	if (headers.id.length > 24) {
+		success('Server Connection ID Decrypted');
+		const connectionIdkeypair = (connectionIdkeypair);
+		const headerId = boxUnseal(headers.key, connectionIdkeypair || serverPublicKey, connectionIdPrivateKey || serverPrivateKey);
+		if (!headers.id) {
+			return failed(headers.id, 'Packet ID Decrypt Failed');
 		}
-		console.log(headers);
+		headers.id = headerId;
+	} else if (!headers.id) {
+		return failed(`No ID -> Invalid Packet`);
 	}
+	console.log(headers);
 	config.headers = headers;
 	config.packet = packet;
 	return headers;