0.11.1 • Published 3 months ago

@robertsvendsen/wspack v0.11.1

Weekly downloads
-
License
ISC
Repository
-
Last release
3 months ago

wspack

Events (payload.e)

Handshake

  • hello
  • auth
  • renegotiate

  • auth-failed

TODO:

  • On handshake initiate, client needs to verify that the server is indeed the server, if the server should be known to the client.

Security

  • Encryption is only available when auth is enabled (using keys).
  • Encryption does only encrypt payload.data content.

  • Encryption handshake:

    • Server -> Client (not encrypted): This is your pub key, use it as salt to authorize.
    • Client -> Server (not encrypted): My authKey is "authKey + pubKey + timestamp" and my timestamp is "timestamp".
    • Server -> Client (IF VALID) (encrypted): OK. Use this pubKey from now on.

    If having problems with handshake, it might be a latency problem if your latency is fluctuating. Server validates authKey by checking the timestamp first.

    Server side the pubKey is stored on the websocket client (session).

@robertsvendsen/eventbus@robertsvendsen/fail2banbufferutilcrypto-random-stringrequirejsws
@infinitebrahmanuniverse/nolb-_rob@everything-registry/sub-chunk-786@robertsvendsen/graphnet@zalastax/nolb-_rob
0.11.1

3 months ago

0.10.2

1 year ago

0.10.1

2 years ago

0.10.0

2 years ago

0.9.31

2 years ago