openziti
diff --git a/‎package-lock.json‎
Lines changed: 12 additions & 8 deletions b/‎package-lock.json‎
Lines changed: 12 additions & 8 deletions
diff --git a/‎package.json‎
Lines changed: 4 additions & 3 deletions b/‎package.json‎
Lines changed: 4 additions & 3 deletions
diff --git a/‎src/channel/channel.js‎
Lines changed: 8 additions & 3 deletions b/‎src/channel/channel.js‎
Lines changed: 8 additions & 3 deletions
diff --git a/‎src/channel/tls-connection.js‎
Lines changed: 41 additions & 13 deletions b/‎src/channel/tls-connection.js‎
Lines changed: 41 additions & 13 deletions
@@ -118,7 +118,7 @@
     "lodash.tonumber": "^4.0.3",
     "micromodal": "^0.4.6",
     "multistream": "^4.1.0",
-    "node-forge": "^0.10.0",
+    "node-forge": "github:githoniel/forge",
     "pkijs": "^2.1.90",
     "promise-controller": "^1.0.0",
     "promise.prototype.finally": "^3.1.2",
@@ -129,6 +129,7 @@
     "stream-browserify": "^3.0.0",
     "typedarray-to-buffer": "^4.0.0",
     "url": "^0.11.0",
-    "utf-8-validate": "^5.0.4"
+    "utf-8-validate": "^5.0.4",
+    "uuid": "^8.3.2"
   }
-}
+}
@@ -189,8 +189,13 @@ module.exports = class ZitiChannel {
         ws: this._zws,
         ch: this,
         datacb: this._recvFromWireAfterDecrypt
-
       });
+      this._ctx.logger.debug('starting  ZitiTLSConnection.pullKeyPair for: [%o]', this._tlsConn.getUUID());
+      await this._tlsConn.pullKeyPair().catch((e) => {
+        this._ctx.logger.error(e);
+        throw new Error(e);
+      });
+      this._ctx.logger.debug('completed ZitiTLSConnection.pullKeyPair for: [%o]', this._tlsConn.getUUID());
 
       this._tlsConn.create();
 
@@ -827,7 +832,7 @@ module.exports = class ZitiChannel {
    */
   async _recvFromWire(data) {
     let buffer = await data.arrayBuffer();
-    this._ctx.logger.trace("_recvFromWire <- data len[%o]", buffer.byteLength);
+    this._ctx.logger.debug("_recvFromWire <- data len[%o]", buffer.byteLength);
     let tlsBinaryString = Buffer.from(buffer).toString('binary');
     this._tlsConn.process(tlsBinaryString);
   }
@@ -892,7 +897,7 @@ module.exports = class ZitiChannel {
     let contentType = contentTypeView[0];
 
     let sequenceView = new Int32Array(buffer, 8, 1);
-    this._ctx.logger.trace("recv <- contentType[%o] seq[%o]", contentType, sequenceView[0]);
+    this._ctx.logger.debug("recv <- contentType[%o] seq[%o]", contentType, sequenceView[0]);
 
     let responseSequence = sequenceView[0];
 
 
@@ -26,13 +26,12 @@ const utils           = require('../utils/utils');
 const zitiConstants   = require('../constants');
 const forge           = require('node-forge');
 const ab2str          = require('arraybuffer-to-string');
-forge.options.usePureJavaScript = true;
+const isUndefined     = require('lodash.isundefined');
+const isNull          = require('lodash.isnull');
+const { v4: uuidv4 }  = require('uuid');
 
+forge.options.usePureJavaScript = true;
 
-async function pullKeyPair(self) {
-  self._clientCertPEM       = await ls.getWithExpiry(zitiConstants.get().ZITI_IDENTITY_CERT);
-  self._clientPrivateKeyPEM = await ls.getWithExpiry(zitiConstants.get().ZITI_IDENTITY_PRIVATE_KEY);
-}
 
 /**
  * @typicalname connection
@@ -58,17 +57,41 @@ module.exports = class ZitiTLSConnection {
 
     this._connected = false;
 
+    this._uuid = uuidv4();
+
+  }
+ 
+
+  /**
+   * Populate this TLS Connection object with the keypair from local storage
+   */
+  async pullKeyPair() {
 
-    // Pull CA
-    // this._caStore = forge.pki.createCaStore([ ls.getWithExpiry(zitiConstants.get().ZITI_IDENTITY_CA) ]);
-    
-    // Pull keypair
-    pullKeyPair(this);
-    // this._clientCertPEM       = ls.getWithExpiry(zitiConstants.get().ZITI_IDENTITY_CERT);
-    // this._clientPrivateKeyPEM = ls.getWithExpiry(zitiConstants.get().ZITI_IDENTITY_PRIVATE_KEY);
+    const self = this;
+
+    return new Promise( async (resolve, reject) => {
+
+      this._clientCertPEM       = await ls.getWithExpiry(zitiConstants.get().ZITI_IDENTITY_CERT);
+      this._clientPrivateKeyPEM = await ls.getWithExpiry(zitiConstants.get().ZITI_IDENTITY_PRIVATE_KEY);
+
+      if (
+        isUndefined(this._clientCertPEM) ||
+        isUndefined(this._clientPrivateKeyPEM) ||
+        isNull(this._clientCertPEM) ||
+        isNull(this._clientPrivateKeyPEM)
+      ) {
+        return reject( new Error('keypair nor present in local storage') );
+      }
+
+      return resolve();
+
+    });
 
-    let self = this;      
+  }  
+ 
 
+  getUUID() {
+    return this._uuid;
   }
 
 
@@ -89,6 +112,8 @@ module.exports = class ZitiTLSConnection {
 
       // These are the cipher suites we support (in order of preference)
       cipherSuites: [
+        forge.tls.CipherSuites.TLS_RSA_WITH_AES_128_CBC_SHA256,
+        // forge.tls.CipherSuites.TLS_RSA_WITH_AES_256_CBC_SHA256,
         forge.tls.CipherSuites.TLS_RSA_WITH_AES_128_CBC_SHA,
         forge.tls.CipherSuites.TLS_RSA_WITH_AES_256_CBC_SHA
       ],
@@ -127,11 +152,13 @@ module.exports = class ZitiTLSConnection {
 
       // client-side cert
       getCertificate: function(connection, hint) {
+        self._ctx.logger.debug('getCertificate(): for: %o, [%o]', self._uuid, self._clientCertPEM );
         return self._clientCertPEM;
       },
 
       // client-side private key
       getPrivateKey: function(connection, cert) {
+        self._ctx.logger.debug('getPrivateKey(): for: %o, [%o]', self._uuid, self._clientPrivateKeyPEM );
         return self._clientPrivateKeyPEM;
       },
 
@@ -168,6 +195,7 @@ module.exports = class ZitiTLSConnection {
 
       error: function(connection, error) {
           self._ctx.logger.error('uh oh', error);
+          throw error;
       }
     });
   }