tls

Provides socket encryption layer and some other things.

Usage:

Using RSA:

var privateKey = "-----BEGIN RSA PRIVATE KEY-----\n\
MIIEowIBAAKCAQEAy8Dbv8prpJ/0kKhlGeJYozo2t60EG8L0561g13R29LvMR5hy\n\
vGZlGJpmn65+A4xHXInJYiPuKzrKUnApeLZ+vw1HocOAZtWK0z3r26uA8kQYOKX9\n\
Qt/DbCdvsF9wF8gRK0ptx9M6R13NvBxvVQApfc9jB9nTzphOgM4JiEYvlV8FLhg9\n\
yZovMYd6Wwf3aoXK891VQxTr/kQYoq1Yp+68i6T4nNq7NWC+UNVjQHxNQMQMzU6l\n\
WCX8zyg3yH88OAQkUXIXKfQ+NkvYQ1cxaMoVPpY72+eVthKzpMeyHkBn7ciumk5q\n\
gLTEJAfWZpe4f4eFZj/Rc8Y8Jj2IS5kVPjUywQIDAQABAoIBADhg1u1Mv1hAAlX8\n\
omz1Gn2f4AAW2aos2cM5UDCNw1SYmj+9SRIkaxjRsE/C4o9sw1oxrg1/z6kajV0e\n\
N/t008FdlVKHXAIYWF93JMoVvIpMmT8jft6AN/y3NMpivgt2inmmEJZYNioFJKZG\n\
X+/vKYvsVISZm2fw8NfnKvAQK55yu+GRWBZGOeS9K+LbYvOwcrjKhHz66m4bedKd\n\
gVAix6NE5iwmjNXktSQlJMCjbtdNXg/xo1/G4kG2p/MO1HLcKfe1N5FgBiXj3Qjl\n\
vgvjJZkh1as2KTgaPOBqZaP03738VnYg23ISyvfT/teArVGtxrmFP7939EvJFKpF\n\
1wTxuDkCgYEA7t0DR37zt+dEJy+5vm7zSmN97VenwQJFWMiulkHGa0yU3lLasxxu\n\
m0oUtndIjenIvSx6t3Y+agK2F3EPbb0AZ5wZ1p1IXs4vktgeQwSSBdqcM8LZFDvZ\n\
uPboQnJoRdIkd62XnP5ekIEIBAfOp8v2wFpSfE7nNH2u4CpAXNSF9HsCgYEA2l8D\n\
JrDE5m9Kkn+J4l+AdGfeBL1igPF3DnuPoV67BpgiaAgI4h25UJzXiDKKoa706S0D\n\
4XB74zOLX11MaGPMIdhlG+SgeQfNoC5lE4ZWXNyESJH1SVgRGT9nBC2vtL6bxCVV\n\
WBkTeC5D6c/QXcai6yw6OYyNNdp0uznKURe1xvMCgYBVYYcEjWqMuAvyferFGV+5\n\
nWqr5gM+yJMFM2bEqupD/HHSLoeiMm2O8KIKvwSeRYzNohKTdZ7FwgZYxr8fGMoG\n\
PxQ1VK9DxCvZL4tRpVaU5Rmknud9hg9DQG6xIbgIDR+f79sb8QjYWmcFGc1SyWOA\n\
SkjlykZ2yt4xnqi3BfiD9QKBgGqLgRYXmXp1QoVIBRaWUi55nzHg1XbkWZqPXvz1\n\
I3uMLv1jLjJlHk3euKqTPmC05HoApKwSHeA0/gOBmg404xyAYJTDcCidTg6hlF96\n\
ZBja3xApZuxqM62F6dV4FQqzFX0WWhWp5n301N33r0qR6FumMKJzmVJ1TA8tmzEF\n\
yINRAoGBAJqioYs8rK6eXzA8ywYLjqTLu/yQSLBn/4ta36K8DyCoLNlNxSuox+A5\n\
w6z2vEfRVQDq4Hm4vBzjdi3QfYLNkTiTqLcvgWZ+eX44ogXtdTDO7c+GeMKWz4XX\n\
uJSUVL5+CVjKLjZEJ6Qc2WZLl94xSwL71E41H4YciVnSCQxVc4Jw\n\
-----END RSA PRIVATE KEY-----\n\0";

var publicKey = "-----BEGIN PUBLIC KEY-----\n\
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy8Dbv8prpJ/0kKhlGeJY\n\
ozo2t60EG8L0561g13R29LvMR5hyvGZlGJpmn65+A4xHXInJYiPuKzrKUnApeLZ+\n\
vw1HocOAZtWK0z3r26uA8kQYOKX9Qt/DbCdvsF9wF8gRK0ptx9M6R13NvBxvVQAp\n\
fc9jB9nTzphOgM4JiEYvlV8FLhg9yZovMYd6Wwf3aoXK891VQxTr/kQYoq1Yp+68\n\
i6T4nNq7NWC+UNVjQHxNQMQMzU6lWCX8zyg3yH88OAQkUXIXKfQ+NkvYQ1cxaMoV\n\
PpY72+eVthKzpMeyHkBn7ciumk5qgLTEJAfWZpe4f4eFZj/Rc8Y8Jj2IS5kVPjUy\n\
wQIDAQAB\n\
-----END PUBLIC KEY-----\n";

var assert = require("assert");
var TLS = require("tls").TLS;
var Buffer = require("binary").Buffer;

var plainText = "Testing message.";

try {
    var sign = TLS.RSASign(new Buffer(privateKey, "utf-8"), new Buffer(plainText, "utf-8"));
    // system.stdout.writeLine(sign);
    var result = TLS.RSAVerifySignature(new Buffer(publicKey, "utf-8"), new Buffer(sign, "utf-8"), new Buffer(plainText, "utf-8"));
    assert.equal(result, true, "rsa with correct keys");
} catch(e) {
    system.stdout.writeLine(e);
}

Using HMAC:

var assert = require("assert");
var TLS = require("tls").TLS;
var Buffer = require("binary").Buffer;

var plainText = "Testing message.";
var secret = "secret";

try {
    // Using ByteStorages as arguments
    var result = TLS.HashHmac(new Buffer("sha1", "utf-8"), new Buffer(plainText, "utf-8"), new Buffer(secret, "utf-8"));
    assert.equal(result.toString("utf-8", 0, result.length),
    "f9bb6c561e49e17a479bd5746411e43efef798e0", "sha1 with 'Testing message.'");
} catch(e) {
    system.stdout.writeLine(e);
}


try {
    // Using Strings as arguments
    var result = TLS.HashHmac('sha1', plainText, secret);
    assert.equal(result.toString("utf-8", 0, result.length),
    "f9bb6c561e49e17a479bd5746411e43efef798e0", "sha1 with 'Testing message.'");
} catch(e) {
    system.stdout.writeLine(e);
}

Using TLS:

var TLS = require("tls").TLS;
hiddenSocket = socket;
socket = new TLS(socket);
if (this.SNI == null) {
    this.SNI = host;
}
if (this.SNI != "") {
    socket.setSNI(this.SNI);
}
socket.setCertificateCheck(this.certificateCheck);
socket.setTLSMethod(this.TLSMethod);
socket.connect();
socket.send(data);
try {
    received = socket.receive_strict(0);
    if (hiddenSocket) { /* unwrap and close TLS connection */
        socket.close();
        socket = socket.getSocket();
    }

    socket.close();
} catch (e) {
    system.stdout.writeLine(e);
}

List of static TLS methods

Name	Arguments	Returns	Description
RSASign	ByteStorage privateKey, ByteStorage message	ByteStorage encodedMessage	Encodes message with given private key
RSAVerifySignature	ByteStorage publicKey, ByteStorage hash, ByteStorage message	bool	Verifies given hash with given publick key and message.
HashHmac	ByteStorage or String algorithm, ByteStorage or String message, ByteStorage or String key	ByteStorage	Returns hash of given message, using chosen algorithm from list below: md4, md5, sha1, sha224, sha256, sha384, sha512/224, sha512/256, sha512, sha3-224, sha3-256, sha3-384, sha3-512, ripemd160, whirlpool

Name

Arguments

Returns

Description

RSASign

ByteStorage privateKey, ByteStorage message

ByteStorage encodedMessage

Encodes message with given private key

RSAVerifySignature

ByteStorage publicKey, ByteStorage hash, ByteStorage message

bool

Verifies given hash with given publick key and message.

HashHmac

ByteStorage or String algorithm,

ByteStorage or String message,

ByteStorage or String key

ByteStorage

Returns hash of given message, using chosen algorithm from list below:

md4,

md5,

sha1,

sha224,

sha256,

sha384,

sha512/224,

sha512/256,

sha512,

sha3-224,

sha3-256,

sha3-384,

sha3-512,

ripemd160,

whirlpool

List of TLS methods

Name	Arguments	Returns	Description
new	Socket	TLS	Creates an object of TLS class, with given socket.
getSocket		Socket	Returns socket instance.
verifyCertificate		Int	Returns result of peer certificate verification. See docs for this function in C.
useCertificate	String	Int	Uses SSL_use_certificate_file with given filepath and SSL_FILETYPE_PEM type. See docs for this function in C.
usePrivateKey	String	Int	Uses SSL_use_PrivateKey_file with given filepath and SSL_FILETYPE_PEM type. See docs for this function in C.
accept		args.This() or False(bool), if failed	Uses SSL_accept and returns TLS or False (or throws an error), depending on the result. See docs for this function in C.
connect		args.This()	Uses SSL_connect and returns TLS (or throws an error), depending on the result. See docs for this function in C.
receive	Int	ByteStorage or False(bool), if failed	Uses SSL_read and returns ByteStorage or False (or throws an error), depending on the result. See docs for this function in C.
receive_strict	Int	ByteStorage or False(bool), if failed	Uses SSL_read and returns ByteStorage or False (or throws an error), depending on the result. See docs for this function in C.
send	ByteStorage	args.This() or False(bool), if failed	Uses SSL_write and returns TLS or False (or throws an error), depending on the result. See docs for this function in C
close		args.This()	Closes ssl with SSL_shutdown. See docs for this function in C.
setTLSMethod	Int		Sets min version for TLS method. See docs for this function in C.
setCertificateCheck	Boolean		Sets the need for certificate validation.
setSNI	String		Sets SNI (Server Name Indication). See docs for this function in C.