@freesignal/protocol 0.11.0

package/dist/interfaces.d.ts

@@ -0,0 +1,274 @@
+/**
+ * FreeSignal Protocol
+ * 
+ * Copyright (C) 2025  Christian Braghette
+ * 
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ * 
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ */
+
+/** */
+export type Bytes = Uint8Array;
+
+export interface Encodable {
+    /**
+     * Serializes the payload into a Bytes for transport.
+     */
+    readonly bytes: Bytes;
+}
+
+interface UUIDv4 extends Encodable {
+    toString(): string;
+    toJSON(): string;
+}
+
+export interface Crypto {
+    hash(message: Bytes, algorithm?: Crypto.HashAlgorithms): Bytes;
+    pwhash(keyLength: number, password: string | Bytes, salt: Bytes, opsLimit: number, memLimit: number): Bytes;
+    hmac(key: Bytes, message: Bytes, length?: number, algorithm?: Crypto.HmacAlgorithms): Bytes;
+    hkdf(key: Bytes, salt: Bytes, info?: Bytes | string, length?: number): Bytes;
+
+    readonly Box: {
+        readonly keyLength: number;
+        readonly nonceLength: number;
+
+        encrypt(message: Bytes, nonce: Bytes, key: Bytes): Bytes;
+        decrypt(message: Bytes, nonce: Bytes, key: Bytes): Bytes | undefined;
+    };
+
+    readonly ECDH: {
+        readonly publicKeyLength: number;
+        readonly secretKeyLength: number;
+
+        keyPair(secretKey?: Bytes): Crypto.KeyPair;
+        scalarMult(secretKey: Bytes, publicKey: Bytes): Bytes;
+    };
+
+    readonly EdDSA: {
+        readonly publicKeyLength: number;
+        readonly secretKeyLength: number;
+        readonly signatureLength: number;
+
+        keyPair(secretKey?: Bytes): Crypto.KeyPair;
+        keyPairFromSeed(seed: Bytes): Crypto.KeyPair;
+        sign(message: Bytes, secretKey: Bytes): Bytes;
+        verify(signature: Bytes, message: Bytes, publicKey: Bytes): boolean;
+
+        toSecretECDHKey(secretKey: Bytes): Bytes;
+        toPublicECDHKey(publicKey: Bytes): Bytes;
+    };
+
+    readonly UUID: {
+        generate(): UUIDv4;
+        stringify(arr: Bytes, offset?: number): string;
+        parse(uuid: string): Bytes;
+    };
+
+    readonly Utils: {
+        decodeUTF8(array: Bytes): string;
+        encodeUTF8(string: string): Bytes;
+        decodeBase64(array: Bytes): string;
+        encodeBase64(string: string): Bytes;
+        decodeBase64URL(array: Bytes): string;
+        encodeBase64URL(string: string): Bytes;
+        decodeHex(array: Bytes): string;
+        encodeHex(string: string): Bytes;
+        bytesToNumber(array: Bytes, endian?: "big" | "little"): number;
+        numberToBytes(number: number, length?: number, endian?: "big" | "little"): Bytes;
+        compareBytes(a: Bytes, b: Bytes, ...c: Bytes[]): boolean;
+        concatBytes(...arrays: Bytes[]): Bytes;
+        encodeData(obj: any): Bytes;
+        decodeData<T>(array: Bytes): T;
+    }
+
+    randomBytes(n: number): Bytes;
+}
+export namespace Crypto {
+    export type HashAlgorithms = string;
+    export type HmacAlgorithms = string;
+
+    export type KeyPair = {
+        readonly publicKey: Bytes;
+        readonly secretKey: Bytes;
+    }
+
+    export type Box = Crypto['Box'];
+    export type ECDH = Crypto['ECDH'];
+    export type EdDSA = Crypto['EdDSA'];
+    export type UUID = Crypto['UUID'];
+    export type Utils = Crypto['Utils'];
+}
+
+export interface UserId extends Encodable {
+    toString(): string;
+    toUrl(): string;
+    toJSON(): string;
+}
+
+export interface PublicIdentity extends Encodable {
+    readonly userId: UserId
+    readonly publicKey: Bytes
+
+    toPublicECDHKey(): Bytes;
+
+    toString(): string;
+    toJSON(): string;
+}
+
+type IdentityKeyPair = Crypto.KeyPair;
+
+export interface Identity extends IdentityKeyPair, PublicIdentity {
+    toSecretECDHKey(): Bytes;
+};
+
+export interface CiphertextHeader extends Encodable {
+    readonly count: number;
+    readonly previous: number;
+    readonly publicKey: Bytes;
+    readonly nonce: Bytes;
+
+    toJSON(): {
+        count: number;
+        previous: number;
+        publicKey: string;
+    }
+}
+
+export interface Ciphertext extends Encodable {
+    readonly version: number;
+    readonly hashkey: Bytes;
+    readonly header: Bytes;
+    readonly nonce: Bytes;
+    readonly payload: Bytes;
+    readonly length: number;
+
+    toJSON(): {
+        version: number;
+        header: string;
+        hashkey: string;
+        nonce: string;
+        payload: string;
+    };
+}
+
+export interface Session {
+    readonly userId: string;
+    readonly sessionTag: string;
+
+    encrypt(plaintext: Bytes): Ciphertext;
+    decrypt(ciphertext: Ciphertext | Bytes): Bytes;
+
+    hasSkippedKeys(): boolean;
+    save(): Promise<void>;
+}
+
+export type DecryptResult<T> = { userId: UserId, data: T }
+
+export interface SessionManager {
+    createSession(initialState: InitialSessionState | Session): Promise<Session>
+
+    encrypt(userId: UserId | string, plaintext: Bytes): Promise<Ciphertext>
+    decrypt<T>(ciphertext: Ciphertext | Bytes): Promise<DecryptResult<T>>
+}
+
+export interface PreKeyBundle {
+    readonly version: number;
+    readonly identityKey: string;
+    readonly signedPreKey: string;
+    readonly signature: string;
+    readonly onetimePreKeys: string[];
+}
+
+export interface PreKeyMessage {
+    readonly version: number;
+    readonly identityKey: string;
+    readonly ephemeralKey: string;
+    readonly signedPreKeyHash: string;
+    readonly onetimePreKeyHash: string;
+    readonly associatedData: string;
+}
+
+export type PreKeyId = string;
+export type PreKey = Crypto.KeyPair;
+
+export interface KeyExchangeManager {
+    createPreKeyBundle(): Promise<PreKeyBundle>;
+    processPreKeyBundle(bundle: PreKeyBundle, associatedData?: Bytes): Promise<{ session: Session, message: PreKeyMessage }>;
+    processPreKeyMessage(message: PreKeyMessage): Promise<{ session: Session, associatedData?: Bytes }>;
+}
+
+export interface SessionState {
+    userId: string;
+    sessionTag: string;
+    secretKey: string;
+    rootKey: string;
+    sendingChain?: KeyChainState;
+    receivingChain?: KeyChainState;
+    headerKeys: [string, string][];
+    headerKey?: string;
+    nextHeaderKey?: string;
+    previousKeys: [string, string][];
+}
+
+export type InitialSessionState = { userId: string, rootKey: string, remoteKey?: Bytes } & Partial<SessionState>;
+
+export interface KeyChainState {
+    publicKey: string;
+    remoteKey: string;
+    chainKey: string;
+    headerKey?: string;
+    nextHeaderKey: string;
+    count: number;
+    previousCount: number
+}
+
+export interface KeyStore {
+    getIdentity(): Promise<Identity>;
+
+    setIdentityKey(identity: PublicIdentity | string): Promise<void>
+    getIdentityKey(userId: UserId | string): Promise<string | null>
+
+    setSessionTag(hashkey: Bytes | string, sessionTag: string): Promise<void>
+    getSessionTag(hashkey: Bytes | string): Promise<string | null>
+
+    loadUserSession(userId: UserId | string): Promise<SessionState | null>
+    loadSession(sessionTag: string): Promise<SessionState | null>
+    storeSession(session: SessionState): Promise<void>
+
+    storePreKey(id: PreKeyId, value: PreKey): Promise<void>
+    loadPreKey(id: PreKeyId): Promise<PreKey | null>
+    removePreKey(id: PreKeyId): Promise<void>
+}
+
+export interface KeyStoreFactory {
+    createStore(identity: Identity): Promise<KeyStore>;
+    getStore(identity: PublicIdentity | string): Promise<KeyStore | null>;
+    deleteStore(identity: PublicIdentity | string): Promise<void>;
+}
+
+export interface User {
+    readonly id: UserId;
+    readonly publicIdentity: PublicIdentity;
+
+    encrypt<T>(to: UserId | string, plaintext: T): Promise<Ciphertext>
+    decrypt<T>(ciphertext: Ciphertext | Bytes): Promise<DecryptResult<T>>
+
+    generatePreKeyBundle(): Promise<PreKeyBundle>
+    handleIncomingPreKeyBundle(bundle: PreKeyBundle, associatedData?: Bytes): Promise<PreKeyMessage>
+    handleIncomingPreKeyMessage(message: PreKeyMessage): Promise<Bytes | undefined>
+}
+
+export interface UserFactory {
+    create(): Promise<User>;
+    destroy(user: User): boolean;
+}

package/dist/keyexchange.d.ts

@@ -0,0 +1,39 @@
+/**
+ * FreeSignal Protocol
+ *
+ * Copyright (C) 2025  Christian Braghette
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ */
+import type { KeyExchangeManager, KeyStore, PreKeyBundle, PreKeyMessage, PublicIdentity, Session, Crypto, Bytes } from "./interfaces.ts";
+export declare class KeyExchangeManagerConstructor implements KeyExchangeManager {
+    readonly publicIdentity: PublicIdentity;
+    private readonly keyStore;
+    private readonly crypto;
+    static readonly version = 1;
+    private static readonly hkdfInfo;
+    private static readonly maxOPK;
+    constructor(publicIdentity: PublicIdentity, keyStore: KeyStore, crypto: Crypto);
+    private generateSPK;
+    private generateOPK;
+    createPreKeyBundle(): Promise<PreKeyBundle>;
+    processPreKeyBundle(bundle: PreKeyBundle, associatedData?: Bytes): Promise<{
+        session: Session;
+        message: PreKeyMessage;
+    }>;
+    processPreKeyMessage(message: PreKeyMessage): Promise<{
+        session: Session;
+        associatedData?: Bytes;
+    }>;
+}

package/dist/keyexchange.js

@@ -0,0 +1,127 @@
+/**
+ * FreeSignal Protocol
+ *
+ * Copyright (C) 2025  Christian Braghette
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ */
+import { SessionConstructor } from "./session.js";
+import { useConstructors } from "./constructors.js";
+export class KeyExchangeManagerConstructor {
+    constructor(publicIdentity, keyStore, crypto) {
+        this.publicIdentity = publicIdentity;
+        this.keyStore = keyStore;
+        this.crypto = crypto;
+    }
+    generateSPK() {
+        const signedPreKey = this.crypto.ECDH.keyPair();
+        const signedPreKeyHash = this.crypto.hash(signedPreKey.publicKey);
+        this.keyStore.storePreKey(this.crypto.Utils.decodeBase64(signedPreKeyHash), signedPreKey);
+        return { signedPreKey, signedPreKeyHash };
+    }
+    generateOPK(spkHash) {
+        const onetimePreKey = this.crypto.ECDH.keyPair();
+        const onetimePreKeyHash = this.crypto.hash(onetimePreKey.publicKey);
+        this.keyStore.storePreKey(this.crypto.Utils.decodeBase64(spkHash).concat(this.crypto.Utils.decodeBase64(onetimePreKeyHash)), onetimePreKey);
+        return { onetimePreKey, onetimePreKeyHash };
+    }
+    async createPreKeyBundle() {
+        const { signedPreKey, signedPreKeyHash } = this.generateSPK();
+        const onetimePreKey = new Array(KeyExchangeManagerConstructor.maxOPK).fill(0).map(() => this.generateOPK(signedPreKeyHash).onetimePreKey);
+        return {
+            version: KeyExchangeManagerConstructor.version,
+            identityKey: this.publicIdentity.toString(),
+            signedPreKey: this.crypto.Utils.decodeBase64(signedPreKey.publicKey),
+            signature: this.crypto.Utils.decodeBase64(this.crypto.EdDSA.sign(signedPreKeyHash, (await this.keyStore.getIdentity()).secretKey)),
+            onetimePreKeys: onetimePreKey.map(opk => this.crypto.Utils.decodeBase64(opk.publicKey))
+        };
+    }
+    async processPreKeyBundle(bundle, associatedData) {
+        const { PublicIdentityConstructor, UserIdConstructor } = useConstructors(this.crypto);
+        const ephemeralKey = this.crypto.ECDH.keyPair();
+        const signedPreKey = this.crypto.Utils.encodeBase64(bundle.signedPreKey);
+        const identityKey = PublicIdentityConstructor.from(bundle.identityKey);
+        if (!this.crypto.EdDSA.verify(this.crypto.Utils.encodeBase64(bundle.signature), this.crypto.hash(signedPreKey), identityKey.publicKey))
+            throw new Error("Signature verification failed");
+        const shiftKey = bundle.onetimePreKeys.shift();
+        const onetimePreKey = shiftKey ? this.crypto.Utils.encodeBase64(shiftKey) : undefined;
+        const signedPreKeyHash = this.crypto.hash(signedPreKey);
+        const onetimePreKeyHash = onetimePreKey ? this.crypto.hash(onetimePreKey) : new Uint8Array();
+        const derivedKey = this.crypto.hkdf(new Uint8Array([
+            ...this.crypto.ECDH.scalarMult(this.crypto.EdDSA.toSecretECDHKey((await this.keyStore.getIdentity()).secretKey), signedPreKey),
+            ...this.crypto.ECDH.scalarMult(ephemeralKey.secretKey, identityKey.toPublicECDHKey()),
+            ...this.crypto.ECDH.scalarMult(ephemeralKey.secretKey, signedPreKey),
+            ...onetimePreKey ? this.crypto.ECDH.scalarMult(ephemeralKey.secretKey, onetimePreKey) : new Uint8Array()
+        ]), new Uint8Array(SessionConstructor.keyLength).fill(0), KeyExchangeManagerConstructor.hkdfInfo, SessionConstructor.keyLength * 3);
+        const session = new SessionConstructor({
+            userId: UserIdConstructor.fromKey(identityKey).toString(),
+            remoteKey: identityKey.toPublicECDHKey(),
+            rootKey: this.crypto.Utils.decodeBase64(derivedKey.subarray(0, SessionConstructor.keyLength)),
+            headerKey: this.crypto.Utils.decodeBase64(derivedKey.subarray(SessionConstructor.keyLength, SessionConstructor.keyLength * 2)),
+            nextHeaderKey: this.crypto.Utils.decodeBase64(derivedKey.subarray(SessionConstructor.keyLength * 2))
+        }, this.keyStore, this.crypto);
+        const encrypted = session.encrypt(this.crypto.Utils.concatBytes(this.crypto.hash(this.publicIdentity.bytes), this.crypto.hash(identityKey.bytes), associatedData !== null && associatedData !== void 0 ? associatedData : new Uint8Array()));
+        if (!encrypted)
+            throw new Error("Encryption error");
+        await this.keyStore.setIdentityKey(identityKey);
+        return {
+            session,
+            message: {
+                version: KeyExchangeManagerConstructor.version,
+                identityKey: this.publicIdentity.toString(),
+                ephemeralKey: this.crypto.Utils.decodeBase64(ephemeralKey.publicKey),
+                signedPreKeyHash: this.crypto.Utils.decodeBase64(signedPreKeyHash),
+                onetimePreKeyHash: this.crypto.Utils.decodeBase64(onetimePreKeyHash),
+                associatedData: this.crypto.Utils.decodeBase64(encrypted.bytes)
+            }
+        };
+    }
+    async processPreKeyMessage(message) {
+        const { PublicIdentityConstructor, UserIdConstructor } = useConstructors(this.crypto);
+        const signedPreKey = await this.keyStore.loadPreKey(message.signedPreKeyHash);
+        const hash = message.signedPreKeyHash.concat(message.onetimePreKeyHash);
+        const onetimePreKey = await this.keyStore.loadPreKey(hash);
+        const identityKey = PublicIdentityConstructor.from(message.identityKey);
+        if (!signedPreKey || !onetimePreKey || !message.identityKey || !message.ephemeralKey)
+            throw new Error("ACK message malformed");
+        await this.keyStore.removePreKey(hash);
+        const ephemeralKey = this.crypto.Utils.encodeBase64(message.ephemeralKey);
+        const secretKey = this.crypto.EdDSA.toSecretECDHKey((await this.keyStore.getIdentity()).secretKey);
+        const derivedKey = this.crypto.hkdf(new Uint8Array([
+            ...this.crypto.ECDH.scalarMult(signedPreKey.secretKey, identityKey.toPublicECDHKey()),
+            ...this.crypto.ECDH.scalarMult(secretKey, ephemeralKey),
+            ...this.crypto.ECDH.scalarMult(signedPreKey.secretKey, ephemeralKey),
+            ...onetimePreKey ? this.crypto.ECDH.scalarMult(onetimePreKey.secretKey, ephemeralKey) : new Uint8Array()
+        ]), new Uint8Array(SessionConstructor.keyLength).fill(0), KeyExchangeManagerConstructor.hkdfInfo, SessionConstructor.keyLength * 3);
+        const session = new SessionConstructor({
+            userId: UserIdConstructor.fromKey(identityKey).toString(),
+            secretKey: this.crypto.Utils.decodeBase64(secretKey),
+            rootKey: this.crypto.Utils.decodeBase64(derivedKey.subarray(0, SessionConstructor.keyLength)),
+            nextHeaderKey: this.crypto.Utils.decodeBase64(derivedKey.subarray(SessionConstructor.keyLength, SessionConstructor.keyLength * 2)),
+            headerKey: this.crypto.Utils.decodeBase64(derivedKey.subarray(SessionConstructor.keyLength * 2))
+        }, this.keyStore, this.crypto);
+        const data = session.decrypt(this.crypto.Utils.encodeBase64(message.associatedData));
+        if (!this.crypto.Utils.compareBytes(data.subarray(0, 64), this.crypto.Utils.concatBytes(this.crypto.hash(identityKey.bytes), this.crypto.hash(this.publicIdentity.bytes))))
+            throw new Error("Error verifing Associated Data");
+        await this.keyStore.setIdentityKey(identityKey);
+        const associatedData = data.subarray(64);
+        return {
+            session,
+            associatedData: associatedData.length > 0 ? associatedData : undefined
+        };
+    }
+}
+KeyExchangeManagerConstructor.version = 1;
+KeyExchangeManagerConstructor.hkdfInfo = "freesignal/x3dh/v." + KeyExchangeManagerConstructor.version;
+KeyExchangeManagerConstructor.maxOPK = 10;

package/dist/keystore.d.ts

@@ -0,0 +1,25 @@
+import type { Identity, KeyStore, PreKey, PreKeyId, SessionState, KeyStoreFactory, PublicIdentity, Bytes, UserId, Crypto } from "./interfaces.ts";
+export declare class InMemoryKeystoreFactory implements KeyStoreFactory {
+    #private;
+    private readonly crypto;
+    constructor(crypto: Crypto);
+    createStore(identity: Identity): Promise<KeyStore>;
+    getStore(identity: PublicIdentity | string): Promise<KeyStore | null>;
+    deleteStore(identity: PublicIdentity | string): Promise<void>;
+}
+export declare class InMemoryKeystore implements KeyStore {
+    #private;
+    private readonly crypto;
+    constructor(identity: Identity, crypto: Crypto);
+    setIdentityKey(identity: PublicIdentity | string): Promise<void>;
+    getIdentityKey(userId: UserId | string): Promise<string | null>;
+    getIdentity(): Promise<Identity>;
+    setSessionTag(hashkey: Bytes | string, sessionTag: string): Promise<void>;
+    getSessionTag(hashkey: Bytes | string): Promise<string | null>;
+    loadUserSession(userId: UserId | string): Promise<SessionState | null>;
+    loadSession(sessionTag: string): Promise<SessionState | null>;
+    storeSession(session: SessionState): Promise<void>;
+    storePreKey(id: PreKeyId, value: PreKey): Promise<void>;
+    loadPreKey(id: PreKeyId): Promise<PreKey | null>;
+    removePreKey(id: PreKeyId): Promise<void>;
+}

package/dist/keystore.js

@@ -0,0 +1,90 @@
+var __classPrivateFieldGet = (this && this.__classPrivateFieldGet) || function (receiver, state, kind, f) {
+    if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a getter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot read private member from an object whose class did not declare it");
+    return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
+};
+var __classPrivateFieldSet = (this && this.__classPrivateFieldSet) || function (receiver, state, value, kind, f) {
+    if (kind === "m") throw new TypeError("Private method is not writable");
+    if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a setter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot write private member to an object whose class did not declare it");
+    return (kind === "a" ? f.call(receiver, value) : f ? f.value = value : state.set(receiver, value)), value;
+};
+var _InMemoryKeystoreFactory_stores, _InMemoryKeystore_identity, _InMemoryKeystore_sessions, _InMemoryKeystore_preKeys, _InMemoryKeystore_users, _InMemoryKeystore_hashkeys, _InMemoryKeystore_identityKeys;
+import { decodeBase64 } from "@freesignal/crypto/utils";
+import { useConstructors } from "./constructors.js";
+export class InMemoryKeystoreFactory {
+    constructor(crypto) {
+        this.crypto = crypto;
+        _InMemoryKeystoreFactory_stores.set(this, new Map());
+    }
+    async createStore(identity) {
+        __classPrivateFieldGet(this, _InMemoryKeystoreFactory_stores, "f").set(identity.toString(), new InMemoryKeystore(identity, this.crypto));
+        const store = await this.getStore(identity.toString());
+        if (!store)
+            throw new Error("Error creting keyStore");
+        return store;
+    }
+    async getStore(identity) {
+        var _a;
+        return (_a = __classPrivateFieldGet(this, _InMemoryKeystoreFactory_stores, "f").get(identity.toString())) !== null && _a !== void 0 ? _a : null;
+    }
+    async deleteStore(identity) {
+        __classPrivateFieldGet(this, _InMemoryKeystoreFactory_stores, "f").delete(identity.toString());
+    }
+}
+_InMemoryKeystoreFactory_stores = new WeakMap();
+export class InMemoryKeystore {
+    constructor(identity, crypto) {
+        this.crypto = crypto;
+        _InMemoryKeystore_identity.set(this, void 0);
+        _InMemoryKeystore_sessions.set(this, new Map());
+        _InMemoryKeystore_preKeys.set(this, new Map());
+        _InMemoryKeystore_users.set(this, new Map());
+        _InMemoryKeystore_hashkeys.set(this, new Map());
+        _InMemoryKeystore_identityKeys.set(this, new Map());
+        __classPrivateFieldSet(this, _InMemoryKeystore_identity, identity, "f");
+    }
+    async setIdentityKey(identity) {
+        identity = useConstructors(this.crypto).PublicIdentityConstructor.from(identity);
+        __classPrivateFieldGet(this, _InMemoryKeystore_identityKeys, "f").set(identity.userId.toString(), identity.toString());
+    }
+    async getIdentityKey(userId) {
+        var _a;
+        return (_a = __classPrivateFieldGet(this, _InMemoryKeystore_identityKeys, "f").get(userId.toString())) !== null && _a !== void 0 ? _a : null;
+    }
+    async getIdentity() {
+        return __classPrivateFieldGet(this, _InMemoryKeystore_identity, "f");
+    }
+    async setSessionTag(hashkey, sessionTag) {
+        __classPrivateFieldGet(this, _InMemoryKeystore_hashkeys, "f").set(typeof hashkey === 'string' ? hashkey : decodeBase64(hashkey), sessionTag);
+    }
+    async getSessionTag(hashkey) {
+        var _a;
+        return (_a = __classPrivateFieldGet(this, _InMemoryKeystore_hashkeys, "f").get(typeof hashkey === 'string' ? hashkey : decodeBase64(hashkey))) !== null && _a !== void 0 ? _a : null;
+    }
+    async loadUserSession(userId) {
+        const sessionTag = __classPrivateFieldGet(this, _InMemoryKeystore_users, "f").get(userId.toString());
+        if (!sessionTag)
+            return null;
+        return this.loadSession(sessionTag);
+    }
+    async loadSession(sessionTag) {
+        var _a;
+        return (_a = __classPrivateFieldGet(this, _InMemoryKeystore_sessions, "f").get(sessionTag)) !== null && _a !== void 0 ? _a : null;
+    }
+    async storeSession(session) {
+        __classPrivateFieldGet(this, _InMemoryKeystore_users, "f").set(session.userId, session.sessionTag);
+        __classPrivateFieldGet(this, _InMemoryKeystore_sessions, "f").set(session.sessionTag, session);
+    }
+    async storePreKey(id, value) {
+        __classPrivateFieldGet(this, _InMemoryKeystore_preKeys, "f").set(id, value);
+    }
+    async loadPreKey(id) {
+        var _a;
+        return (_a = __classPrivateFieldGet(this, _InMemoryKeystore_preKeys, "f").get(id)) !== null && _a !== void 0 ? _a : null;
+    }
+    async removePreKey(id) {
+        __classPrivateFieldGet(this, _InMemoryKeystore_preKeys, "f").delete(id);
+    }
+}
+_InMemoryKeystore_identity = new WeakMap(), _InMemoryKeystore_sessions = new WeakMap(), _InMemoryKeystore_preKeys = new WeakMap(), _InMemoryKeystore_users = new WeakMap(), _InMemoryKeystore_hashkeys = new WeakMap(), _InMemoryKeystore_identityKeys = new WeakMap();

package/dist/session.d.ts

@@ -0,0 +1,49 @@
+/**
+ * FreeSignal Protocol
+ *
+ * Copyright (C) 2025  Christian Braghette
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ */
+import type { Crypto, Bytes, InitialSessionState, KeyStore, Session, SessionManager, Ciphertext, UserId, DecryptResult } from "./interfaces.ts";
+export declare class SessionManagerConstructor implements SessionManager {
+    private readonly keyStore;
+    private readonly crypto;
+    constructor(keyStore: KeyStore, crypto: Crypto);
+    createSession(initialState: InitialSessionState | Session): Promise<Session>;
+    private getUserSession;
+    private getSession;
+    encrypt(userId: UserId | string, plaintext: Bytes): Promise<Ciphertext>;
+    decrypt<T>(ciphertext: Ciphertext | Bytes): Promise<DecryptResult<T>>;
+}
+export declare class SessionConstructor implements Session {
+    #private;
+    private readonly keyStore;
+    private readonly crypto;
+    static readonly keyLength = 32;
+    static readonly version = 1;
+    static readonly info: string;
+    static readonly maxCount = 65536;
+    readonly userId: string;
+    readonly sessionTag: string;
+    constructor(init: InitialSessionState | Session, keyStore: KeyStore, crypto: Crypto);
+    private getChain;
+    private getHeaderKey;
+    private getSendingKey;
+    private getReceivingKey;
+    encrypt(data: Bytes): Ciphertext;
+    decrypt(ciphertext: Ciphertext | Bytes): Bytes;
+    hasSkippedKeys(): boolean;
+    save(): Promise<void>;
+}