mtproto 0.0.4 → 0.0.6

data/lib/mtproto/crypto/rsa_pad.rb

@@ -0,0 +1,59 @@
+# frozen_string_literal: true
+
+require 'securerandom'
+require 'digest'
+require 'openssl'
+
+module MTProto
+  module Crypto
+    module RSA_PAD
+      module_function
+
+      def encrypt(data, rsa_key)
+        raise ArgumentError, 'Data too large' if data.bytesize > 144
+
+        loop do
+          result = perform_encryption(data)
+          result_bn = OpenSSL::BN.new(result, 2)
+
+          return rsa_key.key.public_encrypt(result, OpenSSL::PKey::RSA::NO_PADDING) if result_bn < rsa_key.key.n
+
+          # If result >= modulus, retry with new random data
+        end
+      end
+
+      def perform_encryption(data)
+        data_with_padding = pad_to_192(data)
+        data_reversed = data_with_padding.reverse
+        temp_key = SecureRandom.random_bytes(32)
+        data_hash = Digest::SHA256.digest(temp_key + data_with_padding)
+        to_encrypt = data_reversed + data_hash
+
+        aes_key = temp_key
+        aes_iv = "\x00" * 32
+        encrypted = AES_IGE.encrypt_ige(to_encrypt, aes_key, aes_iv)
+
+        encrypted_hash = Digest::SHA256.digest(encrypted)
+        temp_key_xor = xor_bytes(temp_key, encrypted_hash)
+
+        temp_key_xor + encrypted
+      end
+
+      def pad_to_192(data)
+        padding_length = 192 - data.bytesize
+        raise ArgumentError, 'Data too large for RSA_PAD' if padding_length < 0
+
+        data + SecureRandom.random_bytes(padding_length)
+      end
+
+      def xor_bytes(bytes1, bytes2)
+        length = [bytes1.bytesize, bytes2.bytesize].min
+        result = String.new(capacity: length)
+        length.times do |i|
+          result << (bytes1.getbyte(i) ^ bytes2.getbyte(i))
+        end
+        result
+      end
+    end
+  end
+end

data/lib/mtproto/encrypted_message.rb

@@ -0,0 +1,86 @@
+# frozen_string_literal: true
+
+require 'digest'
+require 'securerandom'
+
+module MTProto
+  class EncryptedMessage
+    attr_reader :auth_key_id, :msg_key, :encrypted_data
+
+    def initialize(auth_key_id:, msg_key:, encrypted_data:)
+      @auth_key_id = auth_key_id
+      @msg_key = msg_key
+      @encrypted_data = encrypted_data
+    end
+
+    def self.encrypt(auth_key:, server_salt:, session_id:, msg_id:, seq_no:, body:)
+      salt_bytes = [server_salt].pack('Q<')
+      session_id_bytes = [session_id].pack('Q<')
+      msg_id_bytes = [msg_id].pack('Q<')
+      seq_no_bytes = [seq_no].pack('L<')
+      body_length_bytes = [body.bytesize].pack('L<')
+
+      plaintext = salt_bytes + session_id_bytes + msg_id_bytes + seq_no_bytes + body_length_bytes + body
+
+      padding_length = (16 - (plaintext.bytesize % 16)) % 16
+      padding_length += 16 if padding_length < 12
+      plaintext += SecureRandom.random_bytes(padding_length)
+
+      msg_key = Crypto::MessageKey.generate_msg_key(auth_key, plaintext, sender: :client)
+
+      keys = Crypto::MessageKey.derive_aes_key_iv(auth_key, msg_key, sender: :client)
+
+      encrypted_data = Crypto::AES_IGE.encrypt_ige(plaintext, keys[:aes_key], keys[:aes_iv])
+
+      auth_key_id = Digest::SHA1.digest(auth_key)[-8..].unpack1('Q<')
+
+      new(auth_key_id: auth_key_id, msg_key: msg_key, encrypted_data: encrypted_data)
+    end
+
+    def self.decrypt(auth_key:, encrypted_message_data:, sender: :server)
+      auth_key_id = encrypted_message_data[0, 8].unpack1('Q<')
+      msg_key = encrypted_message_data[8, 16]
+      encrypted_data = encrypted_message_data[24..]
+
+      keys = Crypto::MessageKey.derive_aes_key_iv(auth_key, msg_key, sender: sender)
+
+      plaintext = Crypto::AES_IGE.decrypt_ige(encrypted_data, keys[:aes_key], keys[:aes_iv])
+
+      expected_msg_key = Crypto::MessageKey.generate_msg_key(auth_key, plaintext, sender: sender)
+      raise 'msg_key mismatch!' unless msg_key == expected_msg_key
+
+      offset = 0
+      server_salt = plaintext[offset, 8].unpack1('Q<')
+      offset += 8
+
+      session_id = plaintext[offset, 8].unpack1('Q<')
+      offset += 8
+
+      msg_id = plaintext[offset, 8].unpack1('Q<')
+      offset += 8
+
+      seq_no = plaintext[offset, 4].unpack1('L<')
+      offset += 4
+
+      body_length = plaintext[offset, 4].unpack1('L<')
+      offset += 4
+
+      body = plaintext[offset, body_length]
+
+      {
+        auth_key_id: auth_key_id,
+        msg_key: msg_key,
+        server_salt: server_salt,
+        session_id: session_id,
+        msg_id: msg_id,
+        seq_no: seq_no,
+        body: body
+      }
+    end
+
+    def serialize
+      auth_key_id_bytes = [@auth_key_id].pack('Q<')
+      auth_key_id_bytes + @msg_key + @encrypted_data
+    end
+  end
+end

data/lib/mtproto/errors.rb

@@ -0,0 +1,33 @@
+# frozen_string_literal: true
+
+module MTProto
+  class Error < StandardError; end
+
+  class NotConnectedError < Error
+    def initialize(msg = 'Not connected. Call connect first.')
+      super
+    end
+  end
+
+  class PingMismatchError < Error
+    def initialize(msg = 'Ping ID mismatch')
+      super
+    end
+  end
+
+  class RpcError < Error
+    attr_reader :error_code, :error_message
+
+    def initialize(error_code, error_message)
+      @error_code = error_code
+      @error_message = error_message
+      super("RPC Error #{error_code}: #{error_message}")
+    end
+  end
+
+  class UnexpectedConstructorError < Error
+    def initialize(constructor)
+      super("Unexpected constructor: 0x#{constructor.to_s(16)}")
+    end
+  end
+end

data/lib/mtproto/session.rb

@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+
+require 'securerandom'
+
+module MTProto
+  class Session
+    attr_reader :session_id, :seq_no
+
+    def initialize
+      @session_id = SecureRandom.random_bytes(8).unpack1('Q<')
+      @seq_no = 0
+    end
+
+    def next_seq_no(content_related: true)
+      current = @seq_no
+      @seq_no += content_related ? 1 : 0
+      current * 2 + (content_related ? 1 : 0)
+    end
+  end
+end

data/lib/mtproto/tl/bad_msg_notification.rb

@@ -0,0 +1,46 @@
+# frozen_string_literal: true
+
+module MTProto
+  module TL
+    class BadMsgNotification
+      CONSTRUCTOR = 0xa7eff811
+
+      attr_reader :bad_msg_id, :bad_msg_seqno, :error_code
+
+      def self.deserialize(data)
+        offset = 4
+        bad_msg_id = data[offset, 8].unpack1('Q<')
+        offset += 8
+
+        bad_msg_seqno = data[offset, 4].unpack1('L<')
+        offset += 4
+
+        error_code = data[offset, 4].unpack1('L<')
+
+        new(bad_msg_id: bad_msg_id, bad_msg_seqno: bad_msg_seqno, error_code: error_code)
+      end
+
+      def initialize(bad_msg_id:, bad_msg_seqno:, error_code:)
+        @bad_msg_id = bad_msg_id
+        @bad_msg_seqno = bad_msg_seqno
+        @error_code = error_code
+      end
+
+      def error_message
+        case @error_code
+        when 16 then "msg_id too low (client time is wrong)"
+        when 17 then "msg_id too high (client time needs sync)"
+        when 18 then "incorrect two lower order msg_id bits (must be divisible by 4)"
+        when 19 then "container msg_id is the same as previously received"
+        when 20 then "message too old"
+        when 32 then "msg_seqno too low"
+        when 33 then "msg_seqno too high"
+        when 34 then "even msg_seqno expected but odd received"
+        when 35 then "odd msg_seqno expected but even received"
+        when 48 then "incorrect server salt"
+        else "unknown error code #{@error_code}"
+        end
+      end
+    end
+  end
+end

data/lib/mtproto/tl/client_dh_inner_data.rb

@@ -0,0 +1,29 @@
+# frozen_string_literal: true
+
+require_relative 'serializer'
+
+module MTProto
+  module TL
+    class ClientDHInnerData
+      CONSTRUCTOR = 0x6643b654
+
+      attr_reader :nonce, :server_nonce, :retry_id, :g_b
+
+      def initialize(nonce:, server_nonce:, retry_id:, g_b:)
+        @nonce = nonce
+        @server_nonce = server_nonce
+        @retry_id = retry_id
+        @g_b = g_b
+      end
+
+      def serialize
+        data = Serializer.serialize_int(CONSTRUCTOR)
+        data += @nonce
+        data += @server_nonce
+        data += Serializer.serialize_long(@retry_id)
+        data += Serializer.serialize_bytes(@g_b)
+        data
+      end
+    end
+  end
+end

data/lib/mtproto/tl/code_settings.rb

@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+
+module MTProto
+  module TL
+    class CodeSettings
+      CONSTRUCTOR = 0xad253d78
+
+      def self.serialize(settings = {})
+        body = Serializer.serialize_int(CONSTRUCTOR)
+
+        flags = 0
+        flags |= (1 << 0) if settings[:allow_flashcall]
+        flags |= (1 << 1) if settings[:current_number]
+        flags |= (1 << 4) if settings[:allow_app_hash]
+        flags |= (1 << 5) if settings[:allow_missed_call]
+        flags |= (1 << 7) if settings[:allow_firebase]
+        flags |= (1 << 9) if settings[:unknown_number]
+
+        body += Serializer.serialize_int(flags)
+
+        body
+      end
+    end
+  end
+end

data/lib/mtproto/tl/config.rb

@@ -0,0 +1,124 @@
+# frozen_string_literal: true
+
+module MTProto
+  module TL
+    class Config
+      CONSTRUCTOR = 0xcc1a241e
+      CONSTRUCTOR_ALT = 0x3072cfa1
+
+      attr_reader :flags, :date, :expires, :test_mode, :this_dc, :dc_options
+
+      def self.deserialize(data)
+        offset = 4
+
+        flags = data[offset, 4].unpack1('L<')
+        offset += 4
+
+        date = data[offset, 4].unpack1('L<')
+        offset += 4
+
+        expires = data[offset, 4].unpack1('L<')
+        offset += 4
+
+        test_mode = (data[offset, 4].unpack1('L<') == 0x997275b5)
+        offset += 4
+
+        this_dc = data[offset, 4].unpack1('L<')
+        offset += 4
+
+        dc_options_constructor = data[offset, 4].unpack1('L<')
+        offset += 4
+
+        raise "Expected vector constructor 0x1cb5c415, got 0x#{dc_options_constructor.to_s(16)}" unless dc_options_constructor == 0x1cb5c415
+
+        dc_options_count = data[offset, 4].unpack1('L<')
+        offset += 4
+
+        dc_options = []
+        dc_options_count.times do
+          dc_option, bytes_read = DcOption.deserialize_from(data[offset..])
+          dc_options << dc_option
+          offset += bytes_read
+        end
+
+        new(
+          flags: flags,
+          date: date,
+          expires: expires,
+          test_mode: test_mode,
+          this_dc: this_dc,
+          dc_options: dc_options
+        )
+      end
+
+      def initialize(flags:, date:, expires:, test_mode:, this_dc:, dc_options:)
+        @flags = flags
+        @date = date
+        @expires = expires
+        @test_mode = test_mode
+        @this_dc = this_dc
+        @dc_options = dc_options
+      end
+    end
+
+    class DcOption
+      attr_reader :id, :ip_address, :port, :flags
+
+      def self.deserialize_from(data)
+        offset = 0
+
+        constructor = data[offset, 4].unpack1('L<')
+        offset += 4
+
+        raise "Expected dcOption constructor 0x18b7a10d, got 0x#{constructor.to_s(16)}" unless constructor == 0x18b7a10d
+
+        flags = data[offset, 4].unpack1('L<')
+        offset += 4
+
+        id = data[offset, 4].unpack1('L<')
+        offset += 4
+
+        ip_length = data[offset].ord
+        offset += 1
+
+        ip_address = data[offset, ip_length]
+        offset += ip_length
+
+        padding = (4 - ((ip_length + 1) % 4)) % 4
+        offset += padding
+
+        port = data[offset, 4].unpack1('L<')
+        offset += 4
+
+        [new(id: id, ip_address: ip_address, port: port, flags: flags), offset]
+      end
+
+      def initialize(id:, ip_address:, port:, flags:)
+        @id = id
+        @ip_address = ip_address
+        @port = port
+        @flags = flags
+      end
+
+      def ipv6?
+        (@flags & 1) != 0
+      end
+
+      def media_only?
+        (@flags & 2) != 0
+      end
+
+      def tcpo_only?
+        (@flags & 4) != 0
+      end
+
+      def cdn?
+        (@flags & 8) != 0
+      end
+
+      def static?
+        (@flags & 16) != 0
+      end
+    end
+  end
+end

data/lib/mtproto/tl/gzip_packed.rb

@@ -0,0 +1,41 @@
+# frozen_string_literal: true
+
+require 'zlib'
+require 'stringio'
+
+module MTProto
+  module TL
+    module GzipPacked
+      CONSTRUCTOR = 0x3072cfa1
+
+      module_function
+
+      def unpack(data)
+        offset = 4
+
+        length_byte = data[offset].ord
+        offset += 1
+        puts "    [GZIP] Length byte: #{length_byte} (0x#{length_byte.to_s(16)})" if $DEBUG
+
+        if length_byte == 254
+          length_bytes = data[offset, 3]
+          length = (length_bytes + "\x00").unpack1('L<')
+          offset += 3
+          puts "    [GZIP] Extended length: #{length} bytes" if $DEBUG
+        elsif length_byte == 255
+          raise "Invalid TL string length: 255"
+        else
+          length = length_byte
+          puts "    [GZIP] Short length: #{length} bytes" if $DEBUG
+        end
+
+        raise "Invalid length: #{length.inspect}" unless length.is_a?(Integer) && length > 0
+
+        compressed_data = data[offset, length]
+        raise "Not enough data: expected #{length}, got #{compressed_data&.bytesize}" if compressed_data.nil? || compressed_data.bytesize < length
+
+        Zlib::GzipReader.new(StringIO.new(compressed_data)).read.force_encoding(Encoding::BINARY)
+      end
+    end
+  end
+end

data/lib/mtproto/tl/message.rb

@@ -1,10 +1,22 @@
 # frozen_string_literal: true
 
+require_relative 'serializer'
+
 module MTProto
   module TL
     class Message
       CONSTRUCTOR_REQ_PQ_MULTI = 0xbe7e8ef1
       CONSTRUCTOR_RES_PQ = 0x05162463
+      CONSTRUCTOR_REQ_DH_PARAMS = 0xd712e4be
+      CONSTRUCTOR_SERVER_DH_PARAMS_OK = 0xd0e8075c
+      CONSTRUCTOR_SET_CLIENT_DH_PARAMS = 0xf5045f1f
+      CONSTRUCTOR_DH_GEN_OK = 0x3bcbf734
+      CONSTRUCTOR_DH_GEN_RETRY = 0x46dc1fb9
+      CONSTRUCTOR_DH_GEN_FAIL = 0xa69dae02
+      CONSTRUCTOR_PING = 0x7abe77ec
+      CONSTRUCTOR_PONG = 0x347773c5
+      CONSTRUCTOR_BAD_MSG_NOTIFICATION = 0xa7eff811
+      CONSTRUCTOR_MSG_CONTAINER = 0x73f1f8dc
 
       attr_reader :auth_key_id, :msg_id, :body
 
@@ -31,7 +43,43 @@ module MTProto
         new(auth_key_id: 0, body: body)
       end
 
+      def self.req_DH_params(nonce:, server_nonce:, p:, q:, public_key_fingerprint:, encrypted_data:)
+        raise ArgumentError, 'Nonce must be 16 bytes' unless nonce.bytesize == 16
+        raise ArgumentError, 'Server nonce must be 16 bytes' unless server_nonce.bytesize == 16
+
+        p_bytes = Serializer.integer_to_bytes(p)
+        q_bytes = Serializer.integer_to_bytes(q)
+
+        body = Serializer.serialize_int(CONSTRUCTOR_REQ_DH_PARAMS)
+        body += nonce
+        body += server_nonce
+        body += Serializer.serialize_bytes(p_bytes)
+        body += Serializer.serialize_bytes(q_bytes)
+        body += Serializer.serialize_long(public_key_fingerprint)
+        body += Serializer.serialize_bytes(encrypted_data)
+
+        new(auth_key_id: 0, body: body)
+      end
+
+      def self.set_client_DH_params(nonce:, server_nonce:, encrypted_data:)
+        raise ArgumentError, 'Nonce must be 16 bytes' unless nonce.bytesize == 16
+        raise ArgumentError, 'Server nonce must be 16 bytes' unless server_nonce.bytesize == 16
+
+        body = Serializer.serialize_int(CONSTRUCTOR_SET_CLIENT_DH_PARAMS)
+        body += nonce
+        body += server_nonce
+        body += Serializer.serialize_bytes(encrypted_data)
+
+        new(auth_key_id: 0, body: body)
+      end
+
       def self.deserialize(data)
+        if data.bytesize < 20
+          raise(ArgumentError,
+            "Invalid MTProto message: expected at least 20 bytes, got #{data.bytesize} bytes (hex: #{data.unpack1('H*')})",
+          )
+        end
+
         auth_key_id = data[0, 8].unpack1('Q<')
         msg_id = data[8, 8].unpack1('Q<')
         body_length = data[16, 4].unpack1('L<')
@@ -87,11 +135,109 @@ module MTProto
         }
       end
 
+      def parse_server_DH_params_ok
+        constructor = @body[0, 4].unpack1('L<')
+        raise "Unexpected constructor: 0x#{constructor.to_s(16)}" unless constructor == CONSTRUCTOR_SERVER_DH_PARAMS_OK
+
+        offset = 4
+
+        nonce = @body[offset, 16]
+        offset += 16
+
+        server_nonce = @body[offset, 16]
+        offset += 16
+
+        length_byte = @body[offset].ord
+        offset += 1
+
+        if length_byte == 254
+          length_bytes = @body[offset, 3].bytes
+          encrypted_answer_length = length_bytes[0] | (length_bytes[1] << 8) | (length_bytes[2] << 16)
+          offset += 3
+        else
+          encrypted_answer_length = length_byte
+        end
+
+        encrypted_answer = @body[offset, encrypted_answer_length]
+
+        {
+          nonce: nonce,
+          server_nonce: server_nonce,
+          encrypted_answer: encrypted_answer
+        }
+      end
+
+      def parse_dh_gen_response
+        constructor = @body[0, 4].unpack1('L<')
+
+        offset = 4
+        nonce = @body[offset, 16]
+        offset += 16
+
+        server_nonce = @body[offset, 16]
+        offset += 16
+
+        new_nonce_hash = @body[offset, 16]
+
+        case constructor
+        when CONSTRUCTOR_DH_GEN_OK
+          { status: :ok, nonce: nonce, server_nonce: server_nonce, new_nonce_hash: new_nonce_hash }
+        when CONSTRUCTOR_DH_GEN_RETRY
+          { status: :retry, nonce: nonce, server_nonce: server_nonce, new_nonce_hash: new_nonce_hash }
+        when CONSTRUCTOR_DH_GEN_FAIL
+          { status: :fail, nonce: nonce, server_nonce: server_nonce, new_nonce_hash: new_nonce_hash }
+        else
+          raise "Unexpected constructor: 0x#{constructor.to_s(16)}"
+        end
+      end
+
+      def self.ping(ping_id)
+        body = Serializer.serialize_int(CONSTRUCTOR_PING)
+        body += [ping_id].pack('Q<')
+
+        body
+      end
+
+      def parse_pong
+        constructor = @body[0, 4].unpack1('L<')
+
+        if constructor == CONSTRUCTOR_BAD_MSG_NOTIFICATION
+          bad_msg = TL::BadMsgNotification.deserialize(@body)
+          raise "Bad message notification: #{bad_msg.error_message} (code: #{bad_msg.error_code}, msg_id: #{bad_msg.bad_msg_id}, seqno: #{bad_msg.bad_msg_seqno})"
+        end
+
+        if constructor == CONSTRUCTOR_MSG_CONTAINER
+          container = TL::MsgContainer.deserialize(@body)
+          pong_message = container.messages.find do |msg|
+            msg[:body][0, 4].unpack1('L<') == CONSTRUCTOR_PONG
+          end
+
+          raise 'No pong message found in container' unless pong_message
+
+          offset = 4
+          msg_id = pong_message[:body][offset, 8].unpack1('Q<')
+          offset += 8
+          ping_id = pong_message[:body][offset, 8].unpack1('Q<')
+
+          return { msg_id: msg_id, ping_id: ping_id }
+        end
+
+        raise "Unexpected constructor: 0x#{constructor.to_s(16)}" unless constructor == CONSTRUCTOR_PONG
+
+        offset = 4
+        msg_id = @body[offset, 8].unpack1('Q<')
+        offset += 8
+        ping_id = @body[offset, 8].unpack1('Q<')
+
+        { msg_id: msg_id, ping_id: ping_id }
+      end
+
       private
 
       def generate_msg_id
-        time_ns = (Time.now.to_f * 1_000_000_000).to_i
-        (time_ns / 4) * 4
+        time = Time.now.to_f
+        msg_id = (time * (2**32)).to_i
+        (msg_id / 4) * 4
       end
 
       def padding_length(length)

data/lib/mtproto/tl/msg_container.rb

@@ -0,0 +1,40 @@
+# frozen_string_literal: true
+
+module MTProto
+  module TL
+    class MsgContainer
+      CONSTRUCTOR = 0x73f1f8dc
+
+      attr_reader :messages
+
+      def self.deserialize(data)
+        offset = 4
+        message_count = data[offset, 4].unpack1('L<')
+        offset += 4
+
+        messages = []
+        message_count.times do
+          msg_id = data[offset, 8].unpack1('Q<')
+          offset += 8
+
+          seqno = data[offset, 4].unpack1('L<')
+          offset += 4
+
+          bytes = data[offset, 4].unpack1('L<')
+          offset += 4
+
+          body = data[offset, bytes]
+          offset += bytes
+
+          messages << { msg_id: msg_id, seqno: seqno, body: body }
+        end
+
+        new(messages: messages)
+      end
+
+      def initialize(messages:)
+        @messages = messages
+      end
+    end
+  end
+end