discordrb 3.6.0 → 3.7.0

data/lib/discordrb/gateway.rb

@@ -298,9 +298,7 @@ module Discordrb
       send_identify(@token, {
                       os: RUBY_PLATFORM,
                       browser: 'discordrb',
-                      device: 'discordrb',
-                      referrer: '',
-                      referring_domain: ''
+                      device: 'discordrb'
                     }, compress, LARGE_THRESHOLD, @shard_key, @intents)
     end
 
@@ -677,9 +675,8 @@ module Discordrb
       LOGGER.log_exception(e)
     end
 
-    # rubocop:disable Lint/UselessConstantScoping
     ZLIB_SUFFIX = "\x00\x00\xFF\xFF".b.freeze
-    # rubocop:enable Lint/UselessConstantScoping
+    private_constant :ZLIB_SUFFIX
 
     def handle_message(msg)
       case @compress_mode

data/lib/discordrb/id_object.rb

@@ -10,7 +10,7 @@ module Discordrb
 
     # ID based comparison
     def ==(other)
-      Discordrb.id_compare(@id, other)
+      Discordrb.id_compare?(@id, other)
     end
 
     alias_method :eql?, :==

data/lib/discordrb/permissions.rb

@@ -145,9 +145,8 @@ module Discordrb
 
     # Comparison based on permission bits
     def ==(other)
-      # rubocop:disable Lint/Void
-      false unless other.is_a? Discordrb::Permissions
-      # rubocop:enable Lint/Void
+      return false unless other.is_a?(Discordrb::Permissions)
+
       bits == other.bits
     end
   end

data/lib/discordrb/version.rb

@@ -3,5 +3,5 @@
 # Discordrb and all its functionality, in this case only the version.
 module Discordrb
   # The current version of discordrb.
-  VERSION = '3.6.0'
+  VERSION = '3.7.0'
 end

data/lib/discordrb/voice/network.rb

@@ -5,6 +5,7 @@ require 'socket'
 require 'json'
 
 require 'discordrb/websocket'
+require 'discordrb/voice/opcodes'
 
 begin
   LIBSODIUM_AVAILABLE = if ENV['DISCORDRB_NONACL']
@@ -22,14 +23,14 @@ module Discordrb::Voice
   # Signifies to Discord that encryption should be used
   # @deprecated Discord now supports multiple encryption options.
   # TODO: Resolve replacement for this constant.
-  ENCRYPTED_MODE = 'xsalsa20_poly1305'
+  ENCRYPTED_MODE = 'aead_xchacha20_poly1305_rtpsize'
 
   # Signifies to Discord that no encryption should be used
   # @deprecated Discord no longer supports unencrypted voice communication.
   PLAIN_MODE = 'plain'
 
   # Encryption modes supported by Discord
-  ENCRYPTION_MODES = %w[xsalsa20_poly1305_lite xsalsa20_poly1305_suffix xsalsa20_poly1305].freeze
+  ENCRYPTION_MODES = %w[aead_xchacha20_poly1305_rtpsize].freeze
 
   # Represents a UDP connection to a voice server. This connection is used to send the actual audio data.
   class VoiceUDP
@@ -82,15 +83,11 @@ module Discordrb::Voice
     #   sequence number multiplied by 960)
     def send_audio(buf, sequence, time)
       # Header of the audio packet
-      header = [0x80, 0x78, sequence, time, @ssrc].pack('CCnNN')
+      header = generate_header(sequence, time)
 
-      nonce = generate_nonce(header)
-      buf = encrypt_audio(buf, nonce)
-
-      data = header + buf
-
-      # xsalsa20_poly1305 does not require an appended nonce
-      data += nonce unless @mode == 'xsalsa20_poly1305'
+      nonce = generate_nonce
+      buf = encrypt_audio(buf, header, nonce)
+      data = header + buf + nonce.byteslice(0, 4)
 
       send_packet(data)
     end
@@ -120,46 +117,44 @@ module Discordrb::Voice
 
     # Encrypts audio data using libsodium
     # @param buf [String] The encoded audio data to be encrypted
+    # @param header [String] The RTP header of the packet, used as associated data
     # @param nonce [String] The nonce to be used to encrypt the data
     # @return [String] the audio data, encrypted
-    def encrypt_audio(buf, nonce)
+    def encrypt_audio(buf, header, nonce)
       raise 'No secret key found, despite encryption being enabled!' unless @secret_key
 
-      secret_box = Discordrb::Voice::SecretBox.new(@secret_key)
-
-      # Nonces must be 24 bytes in length. We right pad with null bytes for poly1305 and poly1305_lite
-      secret_box.box(nonce.ljust(24, "\0"), buf)
+      case @mode
+      when 'aead_xchacha20_poly1305_rtpsize'
+        Discordrb::Voice::XChaCha20AEAD.encrypt(buf, header, nonce, @secret_key)
+      else
+        raise "`#{@mode}' is not a supported encryption mode"
+      end
     end
 
     def send_packet(packet)
       @socket.send(packet, 0, @ip, @port)
     end
 
-    # @param header [String] The header of the packet, to be used as the nonce
     # @return [String]
-    # @note
-    #   The nonce generated depends on the encryption mode.
-    #   In xsalsa20_poly1305 the nonce is the header plus twelve null bytes for padding.
-    #   In xsalsa20_poly1305_suffix, the nonce is 24 random bytes
-    #   In xsalsa20_poly1305_lite, the nonce is an incremental 4 byte int.
-    def generate_nonce(header)
+    def generate_nonce
       case @mode
-      when 'xsalsa20_poly1305'
-        header
-      when 'xsalsa20_poly1305_suffix'
-        Random.urandom(24)
-      when 'xsalsa20_poly1305_lite'
-        case @lite_nonce
+      when 'aead_xchacha20_poly1305_rtpsize'
+        case @incremental_nonce
         when nil, 0xff_ff_ff_ff
-          @lite_nonce = 0
+          @incremental_nonce = 0
         else
-          @lite_nonce += 1
+          @incremental_nonce += 1
         end
-        [@lite_nonce].pack('N')
+        [@incremental_nonce].pack('N').ljust(24, "\0")
       else
         raise "`#{@mode}' is not a supported encryption mode"
       end
     end
+
+    # @return [String]
+    def generate_header(sequence, time)
+      [0x80, 0x78, sequence, time, @ssrc].pack('CCnNN')
+    end
   end
 
   # Represents a websocket client connection to the voice server. The websocket connection (sometimes called vWS) is
@@ -167,7 +162,7 @@ module Discordrb::Voice
   # circle around users on Discord, and obtaining UDP connection info.
   class VoiceWS
     # The version of the voice gateway that's supposed to be used.
-    VOICE_GATEWAY_VERSION = 4
+    VOICE_GATEWAY_VERSION = 8
 
     # @return [VoiceUDP] the UDP voice connection over which the actual audio data is sent.
     attr_reader :udp
@@ -186,7 +181,7 @@ module Discordrb::Voice
       @token = token
       @session = session
 
-      @endpoint = endpoint.split(':').first
+      @endpoint = endpoint
 
       @udp = VoiceUDP.new
     end
@@ -197,15 +192,15 @@ module Discordrb::Voice
     # @param session_id [String] The voice session ID
     # @param token [String] The Discord authentication token
     def send_init(server_id, bot_user_id, session_id, token)
-      @client.send({
-        op: 0,
-        d: {
+      send_opcode(
+        Opcodes::IDENTIFY,
+        {
           server_id: server_id,
           user_id: bot_user_id,
           session_id: session_id,
           token: token
         }
-      }.to_json)
+      )
     end
 
     # Sends the UDP connection packet (op 1)
@@ -213,9 +208,9 @@ module Discordrb::Voice
     # @param port [Integer] The port to bind UDP to
     # @param mode [Object] Which mode to use for the voice connection
     def send_udp_connection(ip, port, mode)
-      @client.send({
-        op: 1,
-        d: {
+      send_opcode(
+        Opcodes::SELECT_PROTOCOL,
+        {
           protocol: 'udp',
           data: {
             address: ip,
@@ -223,7 +218,7 @@ module Discordrb::Voice
             mode: mode
           }
         }
-      }.to_json)
+      )
     end
 
     # Send a heartbeat (op 3), has to be done every @heartbeat_interval seconds or the connection will terminate
@@ -231,22 +226,33 @@ module Discordrb::Voice
       millis = Time.now.strftime('%s%L').to_i
       @bot.debug("Sending voice heartbeat at #{millis}")
 
-      @client.send({
-        op: 3,
-        d: millis
-      }.to_json)
+      send_opcode(
+        Opcodes::HEARTBEAT,
+        {
+          t: millis,
+          seq_ack: @seq
+        }
+      )
     end
 
     # Send a speaking packet (op 5). This determines the green circle around the avatar in the voice channel
     # @param value [true, false, Integer] Whether or not the bot should be speaking, can also be a bitmask denoting audio type.
     def send_speaking(value)
       @bot.debug("Speaking: #{value}")
-      @client.send({
-        op: 5,
-        d: {
+      send_opcode(
+        Opcodes::SPEAKING,
+        {
           speaking: value,
           delay: 0
         }
+      )
+    end
+
+    def send_opcode(opcode, data)
+      @bot.debug("Sending voice opcode #{opcode} with data: #{data}")
+      @client.send({
+        op: opcode,
+        d: data
       }.to_json)
     end
 
@@ -265,8 +271,10 @@ module Discordrb::Voice
       @bot.debug("Received VWS message! #{msg}")
       packet = JSON.parse(msg)
 
+      @seq = packet['seq'] if packet['seq']
+
       case packet['op']
-      when 2
+      when Discordrb::Voice::Opcodes::READY
         # Opcode 2 contains data to initialize the UDP connection
         @ws_data = packet['d']
 
@@ -277,16 +285,20 @@ module Discordrb::Voice
 
         @udp.connect(@ws_data['ip'], @port, @ssrc)
         @udp.send_discovery
-      when 4
+      when Discordrb::Voice::Opcodes::SESSION_DESCRIPTION
         # Opcode 4 sends the secret key used for encryption
         @ws_data = packet['d']
 
+        # Reset the sequence when starting a new session
+        @seq = 0
+
         @ready = true
         @udp.secret_key = @ws_data['secret_key'].pack('C*')
         @udp.mode = @ws_data['mode']
-      when 8
+      when Discordrb::Voice::Opcodes::HELLO
         # Opcode 8 contains the heartbeat interval.
         @heartbeat_interval = packet['d']['heartbeat_interval']
+        send_heartbeat
       end
     end
 
@@ -347,7 +359,7 @@ module Discordrb::Voice
     end
 
     def init_ws
-      host = "wss://#{@endpoint}:443/?v=#{VOICE_GATEWAY_VERSION}"
+      host = "wss://#{@endpoint}/?v=#{VOICE_GATEWAY_VERSION}"
       @bot.debug("Connecting VWS to host: #{host}")
 
       # Connect the WS

data/lib/discordrb/voice/opcodes.rb

@@ -0,0 +1,29 @@
+# frozen_string_literal: true
+
+# Voice websocket opcodes
+# @!visibility private
+module Discordrb::Voice::Opcodes
+  IDENTIFY = 0
+  SELECT_PROTOCOL = 1
+  READY = 2
+  HEARTBEAT = 3
+  SESSION_DESCRIPTION = 4
+  SPEAKING = 5
+  HEARTBEAT_ACK = 6
+  RESUME = 7
+  HELLO = 8
+  RESUMED = 9
+  CLIENT_CONNECT = 10
+  CLIENT_DISCONNECT = 11
+  DAVE_PREPARE_TRANSITION = 21
+  DAVE_EXECUTE_TRANSITION = 22
+  DAVE_TRANSITION_READY = 23
+  DAVE_PREPARE_EPOCH = 24
+  DAVE_MLS_EXTERNAL_SENDER = 25
+  DAVE_MLS_KEY_PACKAGE = 26
+  DAVE_MLS_PROPOSALS = 27
+  DAVE_MLS_COMMIT_WELCOME = 28
+  DAVE_MLS_ANNOUNCE_COMMIT_TRANSITION = 29
+  DAVE_MLS_WELCOME = 30
+  DAVE_MLS_INVALID_COMMIT_WELCOME = 31
+end

data/lib/discordrb/voice/sodium.rb

@@ -1,98 +1,157 @@
 # frozen_string_literal: true
 
 require 'ffi'
+require 'securerandom'
 
+# :nodoc:
 module Discordrb::Voice
   # @!visibility private
   module Sodium
-    extend ::FFI::Library
-
-    ffi_lib(['sodium', 'libsodium.so.18', 'libsodium.so.23'])
-
-    # Encryption & decryption
-    attach_function(:crypto_secretbox_xsalsa20poly1305, %i[pointer pointer ulong_long pointer pointer], :int)
-    attach_function(:crypto_secretbox_xsalsa20poly1305_open, %i[pointer pointer ulong_long pointer pointer], :int)
-
-    # Constants
-    attach_function(:crypto_secretbox_xsalsa20poly1305_keybytes, [], :size_t)
-    attach_function(:crypto_secretbox_xsalsa20poly1305_noncebytes, [], :size_t)
-    attach_function(:crypto_secretbox_xsalsa20poly1305_zerobytes, [], :size_t)
-    attach_function(:crypto_secretbox_xsalsa20poly1305_boxzerobytes, [], :size_t)
+    extend FFI::Library
+    ffi_lib 'sodium'
+
+    # @!group Constants
+
+    # Initializes libsodium
+    # @return [Integer] 0 on success
+    attach_function :sodium_init, [], :int
+
+    # Returns the key size (in bytes)
+    # @return [Integer]
+    attach_function :crypto_aead_xchacha20poly1305_ietf_keybytes, [], :size_t
+
+    # Returns the nonce size (in bytes)
+    # @return [Integer]
+    attach_function :crypto_aead_xchacha20poly1305_ietf_npubbytes, [], :size_t
+
+    # Returns the authentication tag size (in bytes)
+    # @return [Integer]
+    attach_function :crypto_aead_xchacha20poly1305_ietf_abytes, [], :size_t
+
+    # @!endgroup
+
+    # @!group AEAD Encrypt/Decrypt
+
+    # Performs authenticated encryption using XChaCha20-Poly1305
+    #
+    # @!macro [attach] crypto_aead_xchacha20poly1305_ietf_encrypt
+    # @param c [FFI::Pointer] output buffer for ciphertext
+    # @param clen_p [FFI::Pointer] output pointer for ciphertext length
+    # @param m [FFI::Pointer] input message pointer
+    # @param mlen [Integer] length of the message
+    # @param ad [FFI::Pointer] pointer to associated data
+    # @param adlen [Integer] length of associated data
+    # @param nsec [FFI::Pointer, nil] (not used, must be nil)
+    # @param npub [FFI::Pointer] nonce pointer
+    # @param k [FFI::Pointer] key pointer
+    # @return [Integer] 0 on success
+    attach_function :crypto_aead_xchacha20poly1305_ietf_encrypt, %i[
+      pointer pointer pointer ulong_long
+      pointer ulong_long
+      pointer pointer pointer
+    ], :int
+
+    # Decrypts XChaCha20-Poly1305 AEAD-encrypted data
+    # @!macro [attach] crypto_aead_xchacha20poly1305_ietf_decrypt
+    # @param m [FFI::Pointer] output buffer for decrypted message
+    # @param mlen_p [FFI::Pointer] output pointer for decrypted length
+    # @param nsec [FFI::Pointer, nil] (not used, must be nil)
+    # @param c [FFI::Pointer] ciphertext pointer
+    # @param clen [Integer] length of ciphertext
+    # @param ad [FFI::Pointer] pointer to associated data
+    # @param adlen [Integer] length of associated data
+    # @param npub [FFI::Pointer] nonce pointer
+    # @param k [FFI::Pointer] key pointer
+    # @return [Integer] 0 on success
+    attach_function :crypto_aead_xchacha20poly1305_ietf_decrypt, %i[
+      pointer pointer pointer pointer ulong_long
+      pointer ulong_long pointer pointer
+    ], :int
+
+    # @!endgroup
   end
 
-  # Utility class for interacting with required `xsalsa20poly1305` functions for voice transmission
-  # @!visibility private
-  class SecretBox
-    # Exception raised when a key or nonce with invalid length is used
-    class LengthError < RuntimeError
-    end
-
-    # Exception raised when encryption or decryption fails
-    class CryptoError < RuntimeError
-    end
-
-    # Required key length
-    KEY_LENGTH = Sodium.crypto_secretbox_xsalsa20poly1305_keybytes
-
-    # Required nonce length
-    NONCE_BYTES = Sodium.crypto_secretbox_xsalsa20poly1305_noncebytes
-
-    # Zero byte padding for encryption
-    ZERO_BYTES = Sodium.crypto_secretbox_xsalsa20poly1305_zerobytes
-
-    # Zero byte padding for decryption
-    BOX_ZERO_BYTES = Sodium.crypto_secretbox_xsalsa20poly1305_boxzerobytes
+  Sodium.sodium_init
 
-    # @param key [String] Crypto key of length {KEY_LENGTH}
-    def initialize(key)
-      raise(LengthError, 'Key length') if key.bytesize != KEY_LENGTH
+  # High-level wrapper class
+  class XChaCha20AEAD
+    KEY_BYTES = Sodium.crypto_aead_xchacha20poly1305_ietf_keybytes
+    NONCE_BYTES = Sodium.crypto_aead_xchacha20poly1305_ietf_npubbytes
+    TAG_BYTES = Sodium.crypto_aead_xchacha20poly1305_ietf_abytes
 
-      @key = key
+    # Generates a random key
+    # @return [String] binary key
+    def self.generate_key
+      SecureRandom.random_bytes(KEY_BYTES)
     end
 
-    # Encrypts a message using this box's key
-    # @param nonce [String] encryption nonce for this message
-    # @param message [String] message to be encrypted
-    def box(nonce, message)
-      raise(LengthError, 'Nonce length') if nonce.bytesize != NONCE_BYTES
-
-      message_padded = prepend_zeroes(ZERO_BYTES, message)
-      buffer = zero_string(message_padded.bytesize)
-
-      success = Sodium.crypto_secretbox_xsalsa20poly1305(buffer, message_padded, message_padded.bytesize, nonce, @key)
-      raise(CryptoError, "Encryption failed (#{success})") unless success.zero?
-
-      remove_zeroes(BOX_ZERO_BYTES, buffer)
-    end
-
-    # Decrypts the given ciphertext using this box's key
-    # @param nonce [String] encryption nonce for this ciphertext
-    # @param ciphertext [String] ciphertext to decrypt
-    def open(nonce, ciphertext)
-      raise(LengthError, 'Nonce length') if nonce.bytesize != NONCE_BYTES
-
-      ct_padded = prepend_zeroes(BOX_ZERO_BYTES, ciphertext)
-      buffer = zero_string(ct_padded.bytesize)
-
-      success = Sodium.crypto_secretbox_xsalsa20poly1305_open(buffer, ct_padded, ct_padded.bytesize, nonce, @key)
-      raise(CryptoError, "Decryption failed (#{success})") unless success.zero?
-
-      remove_zeroes(ZERO_BYTES, buffer)
-    end
-
-    private
-
-    def zero_string(size)
-      str = "\0" * size
-      str.force_encoding('ASCII-8BIT') if str.respond_to?(:force_encoding)
+    # Generates a random nonce
+    # @return [String] binary nonce
+    def self.generate_nonce
+      SecureRandom.random_bytes(NONCE_BYTES)
     end
 
-    def prepend_zeroes(size, string)
-      zero_string(size) + string
+    # Encrypts a message using XChaCha20-Poly1305
+    #
+    # @param message [String] plaintext to encrypt
+    # @param key [String] 32-byte encryption key
+    # @param nonce [String] 24-byte nonce
+    # @param add [String] optional associated data
+    # @return [String] ciphertext (includes the auth tag)
+    def self.encrypt(message, add, nonce, key)
+      raise ArgumentError, 'Invalid key size' unless key.bytesize == KEY_BYTES
+      raise ArgumentError, 'Invalid nonce size' unless nonce.bytesize == NONCE_BYTES
+
+      message_ptr = FFI::MemoryPointer.from_string(message)
+      ad_ptr = FFI::MemoryPointer.from_string(add)
+
+      c_len = message.bytesize + TAG_BYTES
+      ciphertext = FFI::MemoryPointer.new(:uchar, c_len)
+      clen_p = FFI::MemoryPointer.new(:ulong_long)
+
+      result = Sodium.crypto_aead_xchacha20poly1305_ietf_encrypt(
+        ciphertext, clen_p,
+        message_ptr, message.bytesize,
+        ad_ptr, add.bytesize,
+        nil,
+        FFI::MemoryPointer.from_string(nonce),
+        FFI::MemoryPointer.from_string(key)
+      )
+
+      raise 'Encryption failed' unless result.zero?
+
+      ciphertext.read_string(clen_p.read_ulong_long)
     end
 
-    def remove_zeroes(size, string)
-      string.slice!(size, string.bytesize - size)
+    # Decrypts a ciphertext using XChaCha20-Poly1305
+    #
+    # @param ciphertext [String] the encrypted data (with tag)
+    # @param key [String] 32-byte decryption key
+    # @param nonce [String] 24-byte nonce
+    # @param add [String] optional associated data
+    # @return [String] decrypted plaintext
+    def self.decrypt(ciphertext, add, nonce, key)
+      raise ArgumentError, 'Invalid key size' unless key.bytesize == KEY_BYTES
+      raise ArgumentError, 'Invalid nonce size' unless nonce.bytesize == NONCE_BYTES
+
+      c_ptr = FFI::MemoryPointer.from_string(ciphertext)
+      ad_ptr = FFI::MemoryPointer.from_string(add)
+
+      m_ptr = FFI::MemoryPointer.new(:uchar, ciphertext.bytesize - TAG_BYTES)
+      mlen_p = FFI::MemoryPointer.new(:ulong_long)
+
+      result = Sodium.crypto_aead_xchacha20poly1305_ietf_decrypt(
+        m_ptr, mlen_p,
+        nil,
+        c_ptr, ciphertext.bytesize,
+        ad_ptr, add.bytesize,
+        FFI::MemoryPointer.from_string(nonce),
+        FFI::MemoryPointer.from_string(key)
+      )
+
+      raise 'Decryption failed' unless result.zero?
+
+      m_ptr.read_string(mlen_p.read_ulong_long)
     end
   end
 end

data/lib/discordrb/voice/timer.rb

@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+
+if RUBY_PLATFORM.match?(/mswin|mingw|windows/)
+
+  # @!visibility private
+  module Discordrb::Voice::WinTimer
+    extend FFI::Library
+
+    ffi_lib 'winmm'
+
+    attach_function :time_begin_period, :timeBeginPeriod, [:uint], :uint
+
+    attach_function :time_end_period, :timeEndPeriod, [:uint], :uint
+  end
+
+  Discordrb::Voice::WinTimer.time_begin_period(1)
+
+  at_exit { Discordrb::Voice::WinTimer.time_end_period(1) }
+end