Dual-mode: JSPI or NO_JSPI

package.json

@@ -4,7 +4,7 @@
   "type": "module",
   "description": "Core componentry for the Ziti browZer ecosystem (used internally by ziti-browzer-runtime and ziti-sdk-browzer)",
   "scripts": {
-    "rollup": "rimraf dist/esm/ziti-browzer-core-*.js && rollup -c ./rollup.config.js",
+    "rollup": "rimraf dist/esm/*.js && rollup -c ./rollup.config.js",
     "build": "yarn rollup && yarn gulp",
     "gulp": "gulp clean build",
     "test": "karma start karma.conf.cjs",
@@ -57,7 +57,7 @@
     "typescript": "^5.2.2"
   },
   "dependencies": {
-    "@openziti/libcrypto-js": "^0.16.1",
+    "@openziti/libcrypto-js": "^0.18.2",
     "@openziti/ziti-browzer-edge-client": "^0.6.2",
     "asn1js": "^2.4.0",
     "assert": "^2.0.0",
@@ -66,6 +66,7 @@
     "buffer": "^6.0.3",
     "bufferutil": "^4.0.6",
     "chnl": "^1.2.0",
+    "es6-object-assign": "^1.1.0",
     "events": "^3.3.0",
     "fast-memoize": "^2.5.2",
     "format-message": "^6.2.4",

src/channel/wasm-tls-connection.js

@@ -123,7 +123,7 @@ import {Mutex, withTimeout, Semaphore} from 'async-mutex';
    */
   async create() {
 
-    this._wasmInstance = await this._zitiContext.getInstance_OuterWASM();
+    this._wasmInstance = await this._zitiContext.getWASMInstance();
 
     this._sslContext = await this._zitiContext.ssl_CTX_new( this._wasmInstance );
 

src/context/context.js

@@ -167,23 +167,24 @@ class ZitiContext extends EventEmitter {
 
     if (options.loadWASM) {
 
-      this.logger.trace(`libCrypto.initialize_OuterWASM starting`);
-
       let _real_Date_now = Date.now;  // work around an Emscripten issue
 
-      await this._libCrypto.initialize_OuterWASM();
+      if (!options.jspi) {
+        this.logger.trace(`libCrypto.initialize_NO_JSPI starting`);
+        await this._libCrypto.initialize_NO_JSPI();
+        this.logger.trace(`libCrypto.initialize_NO_JSPI completed; WASM is now available`);
+      }
+      else {
+        this.logger.trace(`libCrypto.initialize_JSPI starting`);
+        await this._libCrypto.initialize_JSPI();
+        this.logger.trace(`libCrypto.initialize_JSPI completed; WASM is now available`);
+      }
 
       Date.now = _real_Date_now;      // work around an Emscripten issue
 
-      this.logger.trace(`libCrypto.initialize_OuterWASM completed; outer WASM is now available`);
-
-      if (isEqual(options.target.scheme, 'https')) {
-        this.initialize_InnerWASM();
-      }
-
     } else {
 
-      this.logger.trace(`libCrypto.initialize_OuterWASM bypassed (options.loadWASM is false)`);
+      this.logger.trace(`libCrypto.initialize() bypassed (options.loadWASM is false)`);
 
     }
 
@@ -196,49 +197,18 @@ class ZitiContext extends EventEmitter {
 
   }
 
-  /**
-   * 
-   */
-  async initialize_InnerWASM() {
-
-    if (this._initializedInnerWASM) throw Error("Already initialized; Cannot call .initialize_InnerWASM() twice on instance.");
-
-    this.logger.trace(`libCrypto.initialize_InnerWASM starting`);
-
-    let _real_Date_now = Date.now;  // work around an Emscripten issue
-
-    await this._libCrypto.initialize_InnerWASM();
-
-    Date.now = _real_Date_now;      // work around an Emscripten issue
-
-    this.logger.trace(`libCrypto.initialize_InnerWASM completed; Inner WASM is now available`);
-
-    this._initializedInnerWASM = true;    
-
-  }
 
   /**
    * 
    */
-  async getInstance_OuterWASM() {
+  async getWASMInstance() {
 
-    let instance_outerWASM = await this._libCrypto.getInstance_OuterWASM();
+    let WASMInstance = await this._libCrypto.getWASMInstance();
 
-    return instance_outerWASM;
+    return WASMInstance;
 
   }
 
-  /**
-   * 
-   */
-   async getInstance_InnerWASM() {
-
-    let instance_innerWASM = await this._libCrypto.getInstance_InnerWASM();
-
-    return instance_innerWASM;
-
-  }
-
   /**
    * 
    */
@@ -282,7 +252,7 @@ class ZitiContext extends EventEmitter {
 
     if (!this._initialized) throw Error("Not initialized; Must call .initialize() on instance.");
 
-    this._pkey = this._libCrypto.generateKey( await this.getInstance_OuterWASM() );
+    this._pkey = this._libCrypto.generateKey( await this.getWASMInstance() );
 
     this.logger.trace('ZitiContext.generateRSAKey() exiting');
 
@@ -298,7 +268,7 @@ class ZitiContext extends EventEmitter {
 
     if (!this._initialized) throw Error("Not initialized; Must call .initialize() on instance.");
 
-    let wasmInstance = await this.getInstance_OuterWASM();
+    let wasmInstance = await this.getWASMInstance();
 
     this._pkey = this._libCrypto.generateECKey( wasmInstance );
 
@@ -314,7 +284,7 @@ class ZitiContext extends EventEmitter {
 
     if (!this._initialized) throw Error("Not initialized; Must call .initialize() on instance.");
 
-    this._privateKeyPEM = this._libCrypto.getPrivateKeyPEM(await this.getInstance_OuterWASM(), pkey);
+    this._privateKeyPEM = this._libCrypto.getPrivateKeyPEM(await this.getWASMInstance(), pkey);
 
     return this._privateKeyPEM;
   }
@@ -326,7 +296,7 @@ class ZitiContext extends EventEmitter {
 
     if (!this._initialized) throw Error("Not initialized; Must call .initialize() on instance.");
 
-    this._publicKeyPEM = this._libCrypto.getPublicKeyPEM(await this.getInstance_OuterWASM(), pkey);
+    this._publicKeyPEM = this._libCrypto.getPublicKeyPEM(await this.getWASMInstance(), pkey);
 
     return this._publicKeyPEM;
   }
@@ -509,7 +479,7 @@ class ZitiContext extends EventEmitter {
 
     await this.ssl_CTX_add_certificate(wasmInstance, sslContext);
     await this.ssl_CTX_add_private_key(wasmInstance, sslContext);
-    this.ssl_CTX_verify_certificate_and_key(wasmInstance, sslContext);
+    // this.ssl_CTX_verify_certificate_and_key(wasmInstance, sslContext);
 
     this.logger.trace('ZitiContext.ssl_CTX_new() exiting');
 
@@ -605,40 +575,6 @@ class ZitiContext extends EventEmitter {
     return ssl;
   }
 
-  /**
-   * 
-   */
-  // bio_do_connect() {
-
-  //   this.logger.trace('ZitiContext.bio_do_connect() entered');
-
-  //   if (!this._sslContext) throw Error("No SSL Context exists; Must call .ssl_CTX_new() on instance.");
-  //   if (!this._SSL_BIO) throw Error("No SSL_BIO exists; Must call .bio_new_ssl_connect() on instance.");
-
-  //   let result = this._libCrypto.bio_do_connect(this._SSL_BIO);
-
-  //   this.logger.trace('ZitiContext.bio_do_connect() exiting');
-
-  //   return result;
-  // }
-
-  /**
-   * 
-   */
-  // bio_set_conn_hostname(hostname) {
-
-  //   this.logger.trace('ZitiContext.bio_set_conn_hostname() entered');
-
-  //   if (!this._sslContext) throw Error("No SSL Context exists; Must call .ssl_CTX_new() on instance.");
-  //   if (!this._SSL_BIO) throw Error("No SSL_BIO exists; Must call .bio_new_ssl_connect() on instance.");
-
-  //   let result = this._libCrypto.bio_set_conn_hostname(this._SSL_BIO, hostname);
-
-  //   this.logger.trace('ZitiContext.bio_set_conn_hostname() exiting');
-
-  //   return result;
-  // }
-
   /**
    * 
    */
@@ -659,23 +595,6 @@ class ZitiContext extends EventEmitter {
 
   }
 
-  /**
-   * 
-   * @returns 
-   */
-  // ssl_new(sslContext) {
-
-  //   this.logger.trace('ZitiContext.ssl_new() entered');
-
-  //   let ssl = this._libCrypto.ssl_new(sslContext);
-
-  //   if (isNull(ssl)) throw Error("SSL create failure.");
-
-  //   this.logger.trace('ZitiContext.ssl_new() exiting');
-
-  //   return ssl;
-  // }
-
   /**
    * 
    * @returns 
@@ -693,36 +612,6 @@ class ZitiContext extends EventEmitter {
     return result;
   }
 
-  /**
-   * 
-   * @returns 
-   */
-  // ssl_connect(ssl) {
-
-  //   this.logger.trace('ZitiContext.ssl_connect() entered');
-
-  //   let result = this._libCrypto.ssl_connect(ssl);
-
-  //   this.logger.trace('ZitiContext.ssl_connect() exiting');
-
-  //   return result;
-  // }
-
-  /**
-   * 
-   */
-  // ssl_get_verify_result(ssl) {
-
-  //   this.logger.trace('ZitiContext.ssl_get_verify_result() entered');
-
-  //   let result = this._libCrypto.ssl_get_verify_result(ssl);
-
-  //   this.logger.trace('ZitiContext.ssl_get_verify_result() exiting with: ', result);
-
-  //   return result;
-
-  // }
-
   /**
    * 
    */
@@ -1553,11 +1442,11 @@ class ZitiContext extends EventEmitter {
     // Select a Channel that is currently NOT in use (has no active Connections on it)
     let freeChannel;
     find(channelsArray, function(ch) {
-      let activeConnectionCount = ch._connections._items.size;
-      if (isEqual( activeConnectionCount, 0 )) {
+      // let activeConnectionCount = ch._connections._items.size;
+      // if (isEqual( activeConnectionCount, 0 )) {
         freeChannel = ch;
         return true;
-      }
+      // }
     });
 
 

src/enroll/enroller.js

@@ -71,7 +71,7 @@ import { isUndefined, isNull } from 'lodash-es';
       return false;
     }
 
-    await this.generateCSR( await this._zitiContext.getInstance_OuterWASM() );
+    await this.generateCSR( await this._zitiContext.getWASMInstance() );
 
     let result = await this.createEphemeralCert();
 

src/http/ziti-inner-tls-socket.js

@@ -198,7 +198,7 @@ class ZitiInnerTLSSocket extends EventEmitter {
      */
     async create() {
 
-        this._wasmInstance = await this._zitiContext.getInstance_InnerWASM();
+        this._wasmInstance = await this._zitiContext.getWASMInstance();
 
         this._sslContext = await this._zitiContext.ssl_CTX_new( this._wasmInstance );
 
@@ -290,9 +290,9 @@ class ZitiInnerTLSSocket extends EventEmitter {
                 // If SSL indicates handshake has completed, let's delay a smidge, and allow the WASM mTLS ciphersuite-exchange to complete, 
                 // before we turn loose any writes to the connection
                 if (_connected) {
-                    this._zitiContext.logger.trace(`ZitiInnerTLSSocket.isConnected() fd[%d] pausing...`, this.wasmFD);
-                    await this._zitiContext.delay(500);
-                    this._zitiContext.logger.trace(`ZitiInnerTLSSocket.isConnected() fd[%d] ...resuming`, this.wasmFD);
+                    // this._zitiContext.logger.trace(`ZitiInnerTLSSocket.isConnected() fd[%d] pausing...`, this.wasmFD);
+                    // await this._zitiContext.delay(500);
+                    // this._zitiContext.logger.trace(`ZitiInnerTLSSocket.isConnected() fd[%d] ...resuming`, this.wasmFD);
                     this._connected = true;
                 }
             }

src/http/ziti-websocket-wrapper.js

@@ -564,7 +564,7 @@ async function initAsClient(websocket, address, protocols, options) {
 
             newUrl.protocol = websocket._zitiConfig.browzer.bootstrapper.target.scheme + ":";
             opts.href = newUrl.protocol + '//' + configHostAndPort.host.toLowerCase() + newUrl.pathname + newUrl.search;
-            opts.origin = websocket._zitiConfig.browzer.bootstrapper.target.scheme + "://" + configHostAndPort.host.toLowerCase(); // + ":" + configHostAndPort.port;
+            opts.origin = websocket._zitiConfig.browzer.bootstrapper.target.scheme + "://" + configHostAndPort.host.toLowerCase() + ":" + configHostAndPort.port;
             opts.host = serviceName;
         }
 
@@ -822,9 +822,8 @@ function zitiConnect(options) {
  */
 function abortHandshake(websocket, stream, message) {
   websocket._zitiContext.logger.error(
-      'abortHandshake() entered: message: %o, stream: %o',
-      message,
-      stream
+      'abortHandshake() entered: message: %o',
+      message
     );
 
     websocket.readyState = ZitiWebSocketWrapper.CLOSING;

yarn.lock

@@ -1080,10 +1080,10 @@
     portfinder "^1.0.21"
     request "^2.88.0"
 
-"@openziti/libcrypto-js@^0.16.1":
-  version "0.16.1"
-  resolved "https://registry.yarnpkg.com/@openziti/libcrypto-js/-/libcrypto-js-0.16.1.tgz#8e4e63ad9e594b145448abb45a79e280150b70a0"
-  integrity sha512-xawZ2E8bc+z0s1T1rXu8/KDy4MGwesPdNbtfaftWkuJ1gbDtKyTwpT/+gm6JnZJUzqlnNfx5T0M7NJW2Y3WTKw==
+"@openziti/libcrypto-js@^0.18.2":
+  version "0.18.2"
+  resolved "https://registry.yarnpkg.com/@openziti/libcrypto-js/-/libcrypto-js-0.18.2.tgz#25036edb7cda3a1baad98772d23e12082e4c85b1"
+  integrity sha512-BhrcMLthScoC58T9v9aHpUtnM5tJjySC9Ftzikp2MfQl1IIZyPxSqXiQSeiV+D/L2OP/Mh628LOKgzFkMobo8w==
   dependencies:
     "@types/emscripten" "^1.39.6"
     "@wasmer/wasi" "^1.0.2"
@@ -3103,6 +3103,11 @@ es6-iterator@^2.0.1, es6-iterator@^2.0.3:
     es5-ext "^0.10.35"
     es6-symbol "^3.1.1"
 
+es6-object-assign@^1.1.0:
+  version "1.1.0"
+  resolved "https://registry.yarnpkg.com/es6-object-assign/-/es6-object-assign-1.1.0.tgz#c2c3582656247c39ea107cb1e6652b6f9f24523c"
+  integrity sha512-MEl9uirslVwqQU369iHNWZXsI8yaZYGg/D65aOgZkeyFJwHYSxilf7rQzXKI7DdDuBPrBXbfk3sl9hJhmd5AUw==
+
 es6-symbol@^3.1.1, es6-symbol@^3.1.3:
   version "3.1.3"
   resolved "https://registry.yarnpkg.com/es6-symbol/-/es6-symbol-3.1.3.tgz#bad5d3c1bcdac28269f4cb331e431c78ac705d18"