Nodejs v10 doesn't support chacha20-poly1305 cipher, but crypto.getCiphers() lied.

See also nodejs/node#27335

Hi, I'm trying to bind the process to a specific port however, the port is ignored when creating a new socket.

(Truncated) sample code

const dtls = require('@nodertc/dtls');
const dgram = require('dgram');
const udp = dgram.createSocket('udp4');

const socket = dtls.connect({
  socket: udp,
  remotePort: 4445,
  remoteAddress: '127.0.0.1',
});

udp.on('listening', () => {
  const address = udp.address();
  console.log(`UDP server listening at ${address.address}:${address.port}`);
});

Running the code above (code is truncated) outputs this in the console: UDP server listening at 0.0.0.0:59102. In other words, a random port is used. To verify, I used $ netstat -plun and it shows a random port is used.

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
udp        0      0 0.0.0.0:59102           0.0.0.0:*                           24098/node /var/www

Looking at the dgram documentation, the following is written:
When address and port are not passed to socket.bind() the method will bind the socket to the "all interfaces" address on a random port (it does the right thing for both udp4 and udp6 sockets)"

This made me try the following, binding a port on the udp object like so

udp.bind(41234);

Doing so generates the following error:

0|index  | AssertionError [ERR_ASSERTION]: Forbidden transition from 5633 to 5633
0|index  |     at Protocol12ReaderClient.next (/var/www/ws/node_modules/@nodertc/dtls/src/node_modules/fsm/protocol.js:175:7)
0|index  |     at Protocol12ReaderClient._write (/var/www/ws/node_modules/@nodertc/dtls/src/node_modules/fsm/protocol.js:208:12)
0|index  |     at doWrite (/var/www/ws/node_modules/readable-stream/lib/_stream_writable.js:429:139)
0|index  |     at writeOrBuffer (/var/www/ws/node_modules/readable-stream/lib/_stream_writable.js:418:5)
0|index  |     at Protocol12ReaderClient.Writable.write (/var/www/ws/node_modules/readable-stream/lib/_stream_writable.js:327:11)
0|index  |     at Defragmentation.ondata (/var/www/ws/node_modules/readable-stream/lib/_stream_readable.js:635:20)
0|index  |     at Defragmentation.emit (events.js:182:13)
0|index  |     at Defragmentation.EventEmitter.emit (domain.js:442:20)
0|index  |     at addChunk (/var/www/ws/node_modules/readable-stream/lib/_stream_readable.js:301:12)
0|index  |     at readableAddChunk (/var/www/ws/node_modules/readable-stream/lib/_stream_readable.js:283:11)

I had a look at the example.js file you provided, but that doesn't seem to work for me as well.

const socket = dtls.connect({
  type: 'udp4',
  remotePort: 4444,
  remoteAddress: '127.0.0.1',
});

Running this piece of code also assigns a random port.

Node version: v10.13.0

OS Version:
Distributor ID: Ubuntu
Description: Ubuntu 18.04.1 LTS
Release: 18.04
Codename: bionic

I have tested client with docker and it seems to work, but when trying to connect openssl server it fails.

Following openssl client can connec to server.
openssl s_client -dtls -cert client.crt.pem -key client.key.pem -connect localhost:4445

SSL-Session: Protocol : DTLSv1.2 Cipher : ECDHE-ECDSA-AES256-GCM-SHA384

But in clien code, follwong is not working.
const socket = dtls.connect({
type: 'udp4',
remotePort: 4445,
remoteAddress: '127.0.0.1',
maxHandshakeRetransmissions: 4,
cipherSuites: 'TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384',
certificatePrivateKey: readFileSync(join(__dirname, 'client.key.pem')),
certificate: readFileSync(join(__dirname, 'client.crt.pem')),
});

Server end is reporting following error
Error: error:1417A0C1:SSL routines:tls_post_process_client_hello:no shared cipher

Can I connect to openssl based DTLS server?
Is my format incorrect for socket or what might be the issue?

It not woking for. Im using in the ionic 3 app. Please give me the solution.

error : Module not found: Error: Can't resolve 'dgram'

Thank you.

RFC's:

• https://tools.ietf.org/search/rfc4492
• https://tools.ietf.org/html/rfc5289
• https://tools.ietf.org/html/draft-ietf-tls-rfc4492bis-17
• https://tools.ietf.org/html/rfc7748

Ciphers:

• TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
• TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

Packages:

• https://github.com/indutny/elliptic (need comparison with webassembly)
• http://www.lysator.liu.se/~nisse/nettle/nettle.html

• export / import session parameters
• session storage api?

ignore fixtures, .vscode and other dotfiles.

https://tools.ietf.org/html/rfc7250

This feature is use for coap in iot devices.

Please add support for the cipher suite TLS_RSA_WITH_AES_128_CBC_SHA (x002f) .. if yes please do let me know the steps to add

Each DistinguishedName item should be a length-prefixed string.

It need to create an intermediate buffer for outgoing handshakes.

• https://tools.ietf.org/html/rfc8442 - ECDHE_PSK with AES-GCM and AES-CCM Cipher Suites
• https://tools.ietf.org/html/rfc4279 - Pre-Shared Key Ciphersuites for Transport Layer Security (TLS)
• https://tools.ietf.org/html/rfc5489 - ECDHE_PSK Cipher Suites for Transport Layer Security (TLS)
• https://tools.ietf.org/html/rfc7905 - ChaCha20-Poly1305 Cipher Suites for Transport Layer Security (TLS)

required #1

Also add tests due to hard to reproduce.

• In handshake stage listen for timeout events from retransmit state machine
• In regular connection create classic Timeout instance (setTimeout).

Hey there,

I cant make the example working.

I am getting this error:

TypeError: dtls.createServer is not a function

Am I missing something?

I saw that there is no server implementation. So how do you test the code is working in the first place..

I would have bought you 10 coffees for real but it just doesnt work

It is AEAD too.

required #1

It’s need to simplify currently implementation to simplify maintenance.

It would be super cool if the Socket class would include:

• Ability to negotiate SRTP keys.
• An API to send SRTP packets (and events for receiving them).

Of course, a Node RTP parser/factory library would aso be needed. I've found this one (which seems to be unmaintained). SRTP encryption/decryption capabilities would also be needed obviously (and that would be a hard work).

Hello,

I see some code to createServer in the master branch, but was not able to get the example server creation working. I was wondering how to create the DTLS server properly, so that DTLS clients could communicate with it.

-Thanks!

Application-Layer Protocol Negotiation Extension https://tools.ietf.org/html/rfc7301

Registry: https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml#alpn-protocol-ids

• send alerts on error
• corrent close connection on alert

https://tools.ietf.org/html/rfc7627

Ciphers

• TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 {0xC0,0x2B}
• TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 {0xC0,0x2C}
• TLS_ECDHE_ECDSA_WITH_AES_128_CCM {0xC0,0xAC}
• TLS_ECDHE_ECDSA_WITH_AES_256_CCM {0xC0,0xAD}

see also #11

wait for [email protected]

Changelog affects to the quality metric from npm search.

Extended Master Secret should not include CertificateVerify message, RFC7627, sec.3:

When a full TLS handshake takes place, we define

      session_hash = Hash(handshake_messages)

where "handshake_messages" refers to all handshake messages sent or
received, starting at the ClientHello up to and including the
ClientKeyExchange message, including the type and length fields of
the handshake messages.

Is it possible to add TLS_PSK_WITH_AES_128_GCM_SHA256 to the cipher suite?

• RFC4279 Pre-Shared Key Ciphersuites for Transport Layer Security (TLS)
• RFC5487 Pre-Shared Key Cipher Suites for TLS with SHA-256/384 and AES Galois Counter Mode
• https://tools.ietf.org/html/draft-ietf-tls-sharedkeys-02

There is not a reasons to hardcode unicast. It may only used as wrapper for dgram socket.

• TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
• TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256

if #16 will resolved before:

• TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256

NodeJSv10 only.

The advantage is that no per-record, explicit nonce need be transmitted,
which saves eight bytes per record and prevents implementations from
mistakenly using a random nonce.

• https://tools.ietf.org/html/rfc7905 - ChaCha20-Poly1305 Cipher Suites for Transport Layer Security (TLS)
• https://tools.ietf.org/html/rfc7539 - ChaCha20 and Poly1305 for IETF Protocols

When trying to connect to a peer using an IPv6 address like so

dtls.connect({
    type: 'udp6',
    remotePort: 5684,
    remoteAddress: 'fe80::260a:c4ff:feea:20f0'
});

I get the following error:

node:events:356
      throw er; // Unhandled 'error' event
      ^

Error: bind EINVAL 0.0.0.0
    at node:dgram:341:20
    at processTicksAndRejections (node:internal/process/task_queues:82:21)
Emitted 'error' event on Socket instance at:
    at node:dgram:343:14
    at processTicksAndRejections (node:internal/process/task_queues:82:21) {
  errno: -4071,
  code: 'EINVAL',
  syscall: 'bind',
  address: '0.0.0.0'
}

It seems to me as if the library does not bind to :: in the IPv6 case but uses IPv4's 0.0.0.0 instead.