@freesignal/protocol 0.11.0

package/dist/session.js

@@ -0,0 +1,296 @@
+/**
+ * FreeSignal Protocol
+ *
+ * Copyright (C) 2025  Christian Braghette
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ */
+var __classPrivateFieldSet = (this && this.__classPrivateFieldSet) || function (receiver, state, value, kind, f) {
+    if (kind === "m") throw new TypeError("Private method is not writable");
+    if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a setter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot write private member to an object whose class did not declare it");
+    return (kind === "a" ? f.call(receiver, value) : f ? f.value = value : state.set(receiver, value)), value;
+};
+var __classPrivateFieldGet = (this && this.__classPrivateFieldGet) || function (receiver, state, kind, f) {
+    if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a getter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot read private member from an object whose class did not declare it");
+    return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
+};
+var _SessionConstructor_keyPair, _SessionConstructor_rootKey, _SessionConstructor_headerKey, _SessionConstructor_nextHeaderKey, _SessionConstructor_sendingChain, _SessionConstructor_receivingChain, _SessionConstructor_headerKeys, _SessionConstructor_previousKeys, _KeyChain_chainKey;
+import { useConstructors } from "./constructors.js";
+export class SessionManagerConstructor {
+    constructor(keyStore, crypto) {
+        this.keyStore = keyStore;
+        this.crypto = crypto;
+    }
+    async createSession(initialState) {
+        const session = new SessionConstructor(initialState, this.keyStore, this.crypto);
+        await session.save();
+        return session;
+    }
+    async getUserSession(userId) {
+        const state = await this.keyStore.loadUserSession(userId.toString());
+        if (!state)
+            throw new Error("Session not found for sessionTag: " + userId.toString());
+        return new SessionConstructor(state, this.keyStore, this.crypto);
+    }
+    async getSession(sessionTag) {
+        const state = await this.keyStore.loadSession(sessionTag);
+        if (!state)
+            throw new Error("Session not found for sessionTag: " + sessionTag);
+        return new SessionConstructor(state, this.keyStore, this.crypto);
+    }
+    async encrypt(userId, plaintext) {
+        const session = await this.getUserSession(userId);
+        const ciphertext = session.encrypt(plaintext);
+        await this.keyStore.setSessionTag(ciphertext.hashkey, session.sessionTag);
+        await session.save();
+        return ciphertext;
+    }
+    async decrypt(ciphertext) {
+        const { CiphertextConstructor, UserIdConstructor } = useConstructors(this.crypto);
+        ciphertext = CiphertextConstructor.from(ciphertext);
+        const sessionTag = await this.keyStore.getSessionTag(ciphertext.hashkey);
+        if (!sessionTag)
+            throw new Error("Headerkey not found: " + this.crypto.Utils.decodeBase64(ciphertext.hashkey));
+        const session = await this.getSession(sessionTag);
+        const cleartext = session.decrypt(ciphertext);
+        await session.save();
+        return {
+            userId: UserIdConstructor.from(session.userId),
+            data: this.crypto.Utils.decodeData(cleartext)
+        };
+    }
+}
+export class SessionConstructor {
+    constructor(init, keyStore, crypto) {
+        this.keyStore = keyStore;
+        this.crypto = crypto;
+        _SessionConstructor_keyPair.set(this, void 0);
+        _SessionConstructor_rootKey.set(this, void 0);
+        _SessionConstructor_headerKey.set(this, void 0);
+        _SessionConstructor_nextHeaderKey.set(this, void 0);
+        _SessionConstructor_sendingChain.set(this, void 0);
+        _SessionConstructor_receivingChain.set(this, void 0);
+        _SessionConstructor_headerKeys.set(this, void 0);
+        _SessionConstructor_previousKeys.set(this, new KeyMap());
+        if (!(init instanceof SessionConstructor)) {
+            const { remoteKey, userId, sessionTag, secretKey, rootKey, sendingChain, receivingChain, headerKey, nextHeaderKey, headerKeys, previousKeys } = init;
+            this.userId = userId;
+            this.sessionTag = sessionTag !== null && sessionTag !== void 0 ? sessionTag : this.crypto.Utils.decodeBase64(this.crypto.hkdf(this.crypto.Utils.encodeBase64(rootKey), new Uint8Array(32).fill(0), "/freesignal/session-authtag", 32));
+            __classPrivateFieldSet(this, _SessionConstructor_keyPair, this.crypto.ECDH.keyPair(secretKey ? this.crypto.Utils.encodeBase64(secretKey) : undefined), "f");
+            __classPrivateFieldSet(this, _SessionConstructor_rootKey, this.crypto.Utils.encodeBase64(rootKey), "f");
+            __classPrivateFieldSet(this, _SessionConstructor_sendingChain, sendingChain ? new KeyChain(sendingChain, this.crypto) : undefined, "f");
+            __classPrivateFieldSet(this, _SessionConstructor_receivingChain, receivingChain ? new KeyChain(receivingChain, this.crypto) : undefined, "f");
+            __classPrivateFieldSet(this, _SessionConstructor_headerKeys, new Map(headerKeys === null || headerKeys === void 0 ? void 0 : headerKeys.map(([key, value]) => [key, this.crypto.Utils.encodeBase64(value)])), "f");
+            __classPrivateFieldSet(this, _SessionConstructor_previousKeys, new Map(previousKeys === null || previousKeys === void 0 ? void 0 : previousKeys.map(([key, value]) => [key, this.crypto.Utils.encodeBase64(value)])), "f");
+            if (headerKey)
+                __classPrivateFieldSet(this, _SessionConstructor_headerKey, this.crypto.Utils.encodeBase64(headerKey), "f");
+            if (nextHeaderKey) {
+                __classPrivateFieldSet(this, _SessionConstructor_nextHeaderKey, this.crypto.Utils.encodeBase64(nextHeaderKey), "f");
+                __classPrivateFieldGet(this, _SessionConstructor_headerKeys, "f").set(this.crypto.Utils.decodeBase64(this.crypto.hash(this.crypto.Utils.encodeBase64(nextHeaderKey))), this.crypto.Utils.encodeBase64(nextHeaderKey));
+            }
+            if (remoteKey) {
+                __classPrivateFieldSet(this, _SessionConstructor_sendingChain, this.getChain(remoteKey, __classPrivateFieldGet(this, _SessionConstructor_headerKey, "f")), "f");
+                __classPrivateFieldSet(this, _SessionConstructor_headerKey, undefined, "f");
+            }
+        }
+        else {
+            this.userId = init.userId;
+            __classPrivateFieldSet(this, _SessionConstructor_keyPair, __classPrivateFieldGet(init, _SessionConstructor_keyPair, "f"), "f");
+            __classPrivateFieldSet(this, _SessionConstructor_rootKey, __classPrivateFieldGet(init, _SessionConstructor_rootKey, "f"), "f");
+            __classPrivateFieldSet(this, _SessionConstructor_headerKey, __classPrivateFieldGet(init, _SessionConstructor_headerKey, "f"), "f");
+            __classPrivateFieldSet(this, _SessionConstructor_nextHeaderKey, __classPrivateFieldGet(init, _SessionConstructor_nextHeaderKey, "f"), "f");
+            __classPrivateFieldSet(this, _SessionConstructor_previousKeys, __classPrivateFieldGet(init, _SessionConstructor_previousKeys, "f"), "f");
+            __classPrivateFieldSet(this, _SessionConstructor_sendingChain, __classPrivateFieldGet(init, _SessionConstructor_sendingChain, "f"), "f");
+            __classPrivateFieldSet(this, _SessionConstructor_receivingChain, __classPrivateFieldGet(init, _SessionConstructor_receivingChain, "f"), "f");
+            this.sessionTag = init.sessionTag;
+            __classPrivateFieldSet(this, _SessionConstructor_headerKeys, __classPrivateFieldGet(init, _SessionConstructor_headerKeys, "f"), "f");
+        }
+    }
+    //public get publicKey(): Uint8Array { return this.#keyPair.publicKey; }
+    getChain(remoteKey, headerKey, previousCount) {
+        const sharedKey = this.crypto.ECDH.scalarMult(__classPrivateFieldGet(this, _SessionConstructor_keyPair, "f").secretKey, remoteKey);
+        if (!__classPrivateFieldGet(this, _SessionConstructor_rootKey, "f"))
+            __classPrivateFieldSet(this, _SessionConstructor_rootKey, this.crypto.hash(sharedKey), "f");
+        const hashkey = this.crypto.hkdf(sharedKey, __classPrivateFieldGet(this, _SessionConstructor_rootKey, "f"), SessionConstructor.info, SessionConstructor.keyLength * 3);
+        __classPrivateFieldSet(this, _SessionConstructor_rootKey, hashkey.subarray(0, SessionConstructor.keyLength), "f");
+        return new KeyChain({
+            publicKey: this.crypto.Utils.decodeBase64(__classPrivateFieldGet(this, _SessionConstructor_keyPair, "f").publicKey),
+            remoteKey: this.crypto.Utils.decodeBase64(remoteKey),
+            chainKey: this.crypto.Utils.decodeBase64(hashkey.subarray(SessionConstructor.keyLength, SessionConstructor.keyLength * 2)),
+            nextHeaderKey: this.crypto.Utils.decodeBase64(hashkey.subarray(SessionConstructor.keyLength * 2)),
+            headerKey: headerKey ? this.crypto.Utils.decodeBase64(headerKey) : headerKey,
+            count: 0,
+            previousCount: previousCount !== null && previousCount !== void 0 ? previousCount : 0
+        }, this.crypto);
+    }
+    getHeaderKey(hash) {
+        var _a, _b;
+        if (!hash)
+            return (_a = __classPrivateFieldGet(this, _SessionConstructor_headerKey, "f")) !== null && _a !== void 0 ? _a : (_b = __classPrivateFieldGet(this, _SessionConstructor_sendingChain, "f")) === null || _b === void 0 ? void 0 : _b.headerKey;
+        return __classPrivateFieldGet(this, _SessionConstructor_headerKeys, "f").get(hash);
+    }
+    getSendingKey() {
+        if (!__classPrivateFieldGet(this, _SessionConstructor_sendingChain, "f"))
+            return;
+        const secretKey = __classPrivateFieldGet(this, _SessionConstructor_sendingChain, "f").getKey();
+        return {
+            count: __classPrivateFieldGet(this, _SessionConstructor_sendingChain, "f").count,
+            previous: __classPrivateFieldGet(this, _SessionConstructor_sendingChain, "f").previousCount,
+            publicKey: __classPrivateFieldGet(this, _SessionConstructor_sendingChain, "f").publicKey,
+            secretKey
+        };
+    }
+    getReceivingKey(encryptionKeys) {
+        var _a, _b, _c, _d, _e, _f, _g, _h;
+        if (!__classPrivateFieldGet(this, _SessionConstructor_previousKeys, "f").has(this.crypto.Utils.decodeBase64(encryptionKeys.publicKey) + encryptionKeys.count.toString())) {
+            if (!this.crypto.Utils.compareBytes(encryptionKeys.publicKey, (_b = (_a = __classPrivateFieldGet(this, _SessionConstructor_receivingChain, "f")) === null || _a === void 0 ? void 0 : _a.remoteKey) !== null && _b !== void 0 ? _b : new Uint8Array())) {
+                while (__classPrivateFieldGet(this, _SessionConstructor_receivingChain, "f") && __classPrivateFieldGet(this, _SessionConstructor_receivingChain, "f").count < encryptionKeys.previous) {
+                    const key = __classPrivateFieldGet(this, _SessionConstructor_receivingChain, "f").getKey();
+                    __classPrivateFieldGet(this, _SessionConstructor_previousKeys, "f").set(this.crypto.Utils.decodeBase64(__classPrivateFieldGet(this, _SessionConstructor_receivingChain, "f").remoteKey) + __classPrivateFieldGet(this, _SessionConstructor_receivingChain, "f").count.toString(), key);
+                }
+                __classPrivateFieldSet(this, _SessionConstructor_receivingChain, this.getChain(encryptionKeys.publicKey, (_c = __classPrivateFieldGet(this, _SessionConstructor_nextHeaderKey, "f")) !== null && _c !== void 0 ? _c : (_d = __classPrivateFieldGet(this, _SessionConstructor_receivingChain, "f")) === null || _d === void 0 ? void 0 : _d.nextHeaderKey, (_e = __classPrivateFieldGet(this, _SessionConstructor_receivingChain, "f")) === null || _e === void 0 ? void 0 : _e.count), "f");
+                __classPrivateFieldGet(this, _SessionConstructor_headerKeys, "f").set(this.crypto.Utils.decodeBase64(this.crypto.hash(__classPrivateFieldGet(this, _SessionConstructor_receivingChain, "f").nextHeaderKey)), __classPrivateFieldGet(this, _SessionConstructor_receivingChain, "f").nextHeaderKey);
+                if (__classPrivateFieldGet(this, _SessionConstructor_nextHeaderKey, "f"))
+                    __classPrivateFieldSet(this, _SessionConstructor_nextHeaderKey, undefined, "f");
+                __classPrivateFieldSet(this, _SessionConstructor_keyPair, this.crypto.ECDH.keyPair(), "f");
+                __classPrivateFieldSet(this, _SessionConstructor_sendingChain, this.getChain(encryptionKeys.publicKey, (_f = __classPrivateFieldGet(this, _SessionConstructor_headerKey, "f")) !== null && _f !== void 0 ? _f : (_g = __classPrivateFieldGet(this, _SessionConstructor_sendingChain, "f")) === null || _g === void 0 ? void 0 : _g.nextHeaderKey, (_h = __classPrivateFieldGet(this, _SessionConstructor_sendingChain, "f")) === null || _h === void 0 ? void 0 : _h.count), "f");
+                if (__classPrivateFieldGet(this, _SessionConstructor_headerKey, "f"))
+                    __classPrivateFieldSet(this, _SessionConstructor_headerKey, undefined, "f");
+            }
+            if (!__classPrivateFieldGet(this, _SessionConstructor_receivingChain, "f"))
+                throw new Error("Error initializing receivingChain");
+            while (__classPrivateFieldGet(this, _SessionConstructor_receivingChain, "f").count < encryptionKeys.count) {
+                const key = __classPrivateFieldGet(this, _SessionConstructor_receivingChain, "f").getKey();
+                __classPrivateFieldGet(this, _SessionConstructor_previousKeys, "f").set(this.crypto.Utils.decodeBase64(__classPrivateFieldGet(this, _SessionConstructor_receivingChain, "f").remoteKey) + __classPrivateFieldGet(this, _SessionConstructor_receivingChain, "f").count.toString(), key);
+            }
+        }
+        return __classPrivateFieldGet(this, _SessionConstructor_previousKeys, "f").get(this.crypto.Utils.decodeBase64(encryptionKeys.publicKey) + encryptionKeys.count.toString());
+    }
+    encrypt(data) {
+        const { CiphertextHeaderConstructor, CiphertextConstructor } = useConstructors(this.crypto);
+        const key = this.getSendingKey();
+        if (!key)
+            throw new Error("Error generating key");
+        const nonce = this.crypto.randomBytes(CiphertextHeaderConstructor.nonceLength);
+        const payload = this.crypto.Box.encrypt(data, nonce, key.secretKey);
+        let header = new CiphertextHeaderConstructor(key.count, key.previous, key.publicKey, nonce).bytes;
+        const headerKey = this.getHeaderKey();
+        if (!headerKey)
+            return new CiphertextConstructor({ header, payload });
+        const headerNonce = this.crypto.randomBytes(CiphertextHeaderConstructor.nonceLength);
+        if (headerKey)
+            header = this.crypto.Box.encrypt(header, headerNonce, headerKey);
+        return new CiphertextConstructor({ hashkey: this.crypto.hash(headerKey !== null && headerKey !== void 0 ? headerKey : new Uint8Array(32).fill(0)), header, nonce: headerNonce, payload });
+    }
+    decrypt(ciphertext) {
+        const { CiphertextHeaderConstructor, CiphertextConstructor } = useConstructors(this.crypto);
+        const encrypted = CiphertextConstructor.from(ciphertext);
+        let headerData = encrypted.header;
+        if (encrypted.hashkey && encrypted.nonce) {
+            const headerKey = this.getHeaderKey(this.crypto.Utils.decodeBase64(encrypted.hashkey));
+            if (!headerKey)
+                throw new Error("Error calculating headerKey");
+            const data = this.crypto.Box.decrypt(headerData, encrypted.nonce, headerKey);
+            if (!data)
+                throw new Error("Error decrypting header");
+            headerData = data;
+        }
+        const header = CiphertextHeaderConstructor.from(headerData);
+        const key = this.getReceivingKey(header);
+        if (!key)
+            throw new Error("Error calculating key");
+        const decrypted = this.crypto.Box.decrypt(encrypted.payload, header.nonce, key);
+        if (!decrypted)
+            throw new Error("Error decrypting data");
+        return decrypted;
+    }
+    hasSkippedKeys() {
+        return __classPrivateFieldGet(this, _SessionConstructor_previousKeys, "f").size > 0;
+    }
+    async save() {
+        var _a, _b, _c, _d;
+        if (__classPrivateFieldGet(this, _SessionConstructor_nextHeaderKey, "f"))
+            await this.keyStore.setSessionTag(this.crypto.hash(__classPrivateFieldGet(this, _SessionConstructor_nextHeaderKey, "f")), this.sessionTag);
+        if ((_a = __classPrivateFieldGet(this, _SessionConstructor_receivingChain, "f")) === null || _a === void 0 ? void 0 : _a.headerKey)
+            await this.keyStore.setSessionTag(this.crypto.hash(__classPrivateFieldGet(this, _SessionConstructor_receivingChain, "f").headerKey), this.sessionTag);
+        if ((_b = __classPrivateFieldGet(this, _SessionConstructor_receivingChain, "f")) === null || _b === void 0 ? void 0 : _b.nextHeaderKey)
+            await this.keyStore.setSessionTag(this.crypto.hash(__classPrivateFieldGet(this, _SessionConstructor_receivingChain, "f").nextHeaderKey), this.sessionTag);
+        return this.keyStore.storeSession({
+            userId: this.userId,
+            sessionTag: this.sessionTag,
+            secretKey: this.crypto.Utils.decodeBase64(__classPrivateFieldGet(this, _SessionConstructor_keyPair, "f").secretKey),
+            rootKey: this.crypto.Utils.decodeBase64(__classPrivateFieldGet(this, _SessionConstructor_rootKey, "f")),
+            sendingChain: (_c = __classPrivateFieldGet(this, _SessionConstructor_sendingChain, "f")) === null || _c === void 0 ? void 0 : _c.toJSON(),
+            receivingChain: (_d = __classPrivateFieldGet(this, _SessionConstructor_receivingChain, "f")) === null || _d === void 0 ? void 0 : _d.toJSON(),
+            headerKey: __classPrivateFieldGet(this, _SessionConstructor_headerKey, "f") ? this.crypto.Utils.decodeBase64(__classPrivateFieldGet(this, _SessionConstructor_headerKey, "f")) : undefined,
+            nextHeaderKey: __classPrivateFieldGet(this, _SessionConstructor_nextHeaderKey, "f") ? this.crypto.Utils.decodeBase64(__classPrivateFieldGet(this, _SessionConstructor_nextHeaderKey, "f")) : undefined,
+            headerKeys: Array.from(__classPrivateFieldGet(this, _SessionConstructor_headerKeys, "f").entries()).map(([key, value]) => [key, this.crypto.Utils.decodeBase64(value)]),
+            previousKeys: Array.from(__classPrivateFieldGet(this, _SessionConstructor_previousKeys, "f").entries()).map(([key, value]) => [key, this.crypto.Utils.decodeBase64(value)]),
+        });
+    }
+}
+_SessionConstructor_keyPair = new WeakMap(), _SessionConstructor_rootKey = new WeakMap(), _SessionConstructor_headerKey = new WeakMap(), _SessionConstructor_nextHeaderKey = new WeakMap(), _SessionConstructor_sendingChain = new WeakMap(), _SessionConstructor_receivingChain = new WeakMap(), _SessionConstructor_headerKeys = new WeakMap(), _SessionConstructor_previousKeys = new WeakMap();
+SessionConstructor.keyLength = 32;
+SessionConstructor.version = 1;
+SessionConstructor.info = "/freesignal/double-ratchet/v0." + SessionConstructor.version;
+SessionConstructor.maxCount = 65536;
+class KeyChain {
+    constructor({ publicKey, remoteKey, nextHeaderKey, chainKey, headerKey, count, previousCount }, crypto) {
+        this.crypto = crypto;
+        _KeyChain_chainKey.set(this, void 0);
+        this._count = 0;
+        __classPrivateFieldSet(this, _KeyChain_chainKey, this.crypto.Utils.encodeBase64(chainKey), "f");
+        this.publicKey = this.crypto.Utils.encodeBase64(publicKey);
+        this.remoteKey = this.crypto.Utils.encodeBase64(remoteKey);
+        this.nextHeaderKey = this.crypto.Utils.encodeBase64(nextHeaderKey);
+        this.headerKey = headerKey ? this.crypto.Utils.encodeBase64(headerKey) : undefined;
+        this._count = count;
+        this.previousCount = previousCount !== null && previousCount !== void 0 ? previousCount : 0;
+    }
+    get count() {
+        return this._count;
+    }
+    getKey() {
+        if (++this._count >= SessionConstructor.maxCount)
+            throw new Error("SendingChain count too big");
+        const hash = this.crypto.hkdf(__classPrivateFieldGet(this, _KeyChain_chainKey, "f"), new Uint8Array(SessionConstructor.keyLength).fill(0), SessionConstructor.info, SessionConstructor.keyLength * 2);
+        __classPrivateFieldSet(this, _KeyChain_chainKey, hash.subarray(0, SessionConstructor.keyLength), "f");
+        return hash.subarray(SessionConstructor.keyLength);
+    }
+    toString() {
+        return "[object KeyChain]";
+    }
+    toJSON() {
+        return {
+            publicKey: this.crypto.Utils.decodeBase64(this.publicKey),
+            remoteKey: this.crypto.Utils.decodeBase64(this.remoteKey),
+            headerKey: this.headerKey ? this.crypto.Utils.decodeBase64(this.headerKey) : undefined,
+            nextHeaderKey: this.crypto.Utils.decodeBase64(this.nextHeaderKey),
+            chainKey: this.crypto.Utils.decodeBase64(__classPrivateFieldGet(this, _KeyChain_chainKey, "f")),
+            count: this.count,
+            previousCount: this.previousCount
+        };
+    }
+}
+_KeyChain_chainKey = new WeakMap();
+class KeyMap extends Map {
+    get(key) {
+        const out = super.get(key);
+        if (out && !super.delete(key))
+            throw new Error();
+        return out;
+    }
+}

package/dist/user.d.ts

@@ -0,0 +1,39 @@
+/**
+ * FreeSignal Protocol
+ *
+ * Copyright (C) 2025  Christian Braghette
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ */
+import type { KeyStore, PreKeyBundle, PublicIdentity, User, UserFactory, Crypto, Bytes, Ciphertext, UserId, KeyStoreFactory, PreKeyMessage, DecryptResult } from "./interfaces.ts";
+export declare class UserFactoryConstructor implements UserFactory {
+    #private;
+    private readonly keyStoreFactory;
+    private readonly crypto;
+    constructor(keyStoreFactory: KeyStoreFactory, crypto: Crypto);
+    create(seed?: Bytes): Promise<User>;
+    destroy(user: User): boolean;
+}
+export declare class UserConstructor implements User {
+    #private;
+    readonly publicIdentity: PublicIdentity;
+    private readonly crypto;
+    constructor(publicIdentity: PublicIdentity, keyStore: KeyStore, crypto: Crypto);
+    get id(): UserId;
+    encrypt<T>(to: UserId | string, plaintext: T): Promise<Ciphertext>;
+    decrypt<T>(ciphertext: Ciphertext | Bytes): Promise<DecryptResult<T>>;
+    generatePreKeyBundle(): Promise<PreKeyBundle>;
+    handleIncomingPreKeyBundle(bundle: PreKeyBundle, associatedData?: Bytes): Promise<PreKeyMessage>;
+    handleIncomingPreKeyMessage(message: PreKeyMessage): Promise<Bytes | undefined>;
+}

package/dist/user.js

@@ -0,0 +1,85 @@
+/**
+ * FreeSignal Protocol
+ *
+ * Copyright (C) 2025  Christian Braghette
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>
+ */
+var __classPrivateFieldGet = (this && this.__classPrivateFieldGet) || function (receiver, state, kind, f) {
+    if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a getter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot read private member from an object whose class did not declare it");
+    return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
+};
+var __classPrivateFieldSet = (this && this.__classPrivateFieldSet) || function (receiver, state, value, kind, f) {
+    if (kind === "m") throw new TypeError("Private method is not writable");
+    if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a setter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot write private member to an object whose class did not declare it");
+    return (kind === "a" ? f.call(receiver, value) : f ? f.value = value : state.set(receiver, value)), value;
+};
+var _UserFactoryConstructor_objestStore, _UserConstructor_sessionManager, _UserConstructor_keyExchangeManager;
+import { KeyExchangeManagerConstructor } from "./keyexchange.js";
+import { SessionManagerConstructor } from "./session.js";
+import { useConstructors } from "./constructors.js";
+export class UserFactoryConstructor {
+    constructor(keyStoreFactory, crypto) {
+        this.keyStoreFactory = keyStoreFactory;
+        this.crypto = crypto;
+        _UserFactoryConstructor_objestStore.set(this, new WeakSet());
+    }
+    async create(seed) {
+        const { IdentityConstructor } = useConstructors(this.crypto);
+        const identity = IdentityConstructor.from((seed ? this.crypto.EdDSA.keyPairFromSeed(seed) : this.crypto.EdDSA.keyPair()).secretKey);
+        const user = new UserConstructor(identity, await this.keyStoreFactory.createStore(identity), this.crypto);
+        __classPrivateFieldGet(this, _UserFactoryConstructor_objestStore, "f").add(user);
+        return user;
+    }
+    ;
+    destroy(user) {
+        return __classPrivateFieldGet(this, _UserFactoryConstructor_objestStore, "f").delete(user);
+    }
+}
+_UserFactoryConstructor_objestStore = new WeakMap();
+export class UserConstructor {
+    constructor(publicIdentity, keyStore, crypto) {
+        this.publicIdentity = publicIdentity;
+        this.crypto = crypto;
+        _UserConstructor_sessionManager.set(this, void 0);
+        _UserConstructor_keyExchangeManager.set(this, void 0);
+        __classPrivateFieldSet(this, _UserConstructor_sessionManager, new SessionManagerConstructor(keyStore, crypto), "f");
+        __classPrivateFieldSet(this, _UserConstructor_keyExchangeManager, new KeyExchangeManagerConstructor(publicIdentity, keyStore, crypto), "f");
+    }
+    get id() {
+        return this.publicIdentity.userId;
+    }
+    encrypt(to, plaintext) {
+        return __classPrivateFieldGet(this, _UserConstructor_sessionManager, "f").encrypt(to, this.crypto.Utils.encodeData(plaintext));
+    }
+    async decrypt(ciphertext) {
+        return await __classPrivateFieldGet(this, _UserConstructor_sessionManager, "f").decrypt(ciphertext);
+    }
+    generatePreKeyBundle() {
+        return __classPrivateFieldGet(this, _UserConstructor_keyExchangeManager, "f").createPreKeyBundle();
+    }
+    async handleIncomingPreKeyBundle(bundle, associatedData) {
+        const { session, message } = await __classPrivateFieldGet(this, _UserConstructor_keyExchangeManager, "f").processPreKeyBundle(bundle, associatedData);
+        await __classPrivateFieldGet(this, _UserConstructor_sessionManager, "f").createSession(session);
+        return message;
+    }
+    async handleIncomingPreKeyMessage(message) {
+        const { session, associatedData } = await __classPrivateFieldGet(this, _UserConstructor_keyExchangeManager, "f").processPreKeyMessage(message);
+        await __classPrivateFieldGet(this, _UserConstructor_sessionManager, "f").createSession(session);
+        return associatedData;
+    }
+}
+_UserConstructor_sessionManager = new WeakMap(), _UserConstructor_keyExchangeManager = new WeakMap();

package/package.json

@@ -0,0 +1,40 @@
+{
+  "name": "@freesignal/protocol",
+  "version": "0.11.0",
+  "description": "Signal Protocol implementation in TypeScript",
+  "homepage": "https://github.com/christianbraghette/freesignal#readme",
+  "bugs": {
+    "url": "https://github.com/christianbraghette/freesignal/issues"
+  },
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/christianbraghette/freesignal.git"
+  },
+  "license": "GPL-3.0-or-later",
+  "author": "Christian Braghette",
+  "type": "module",
+  "exports": {
+    ".": {
+      "import": "./dist/index.js",
+      "types": "./dist/index.d.ts"
+    },
+    "./interfaces": {
+      "types": "./dist/interfaces.d.ts"
+    }
+  },
+  "main": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "scripts": {
+    "build": "cpx \"./src/*.d.ts\" \"./dist\" && tsc",
+    "pretest": "npm run build",
+    "test": "node ./dist/test.js",
+    "prepare": "npm run build"
+  },
+  "peerDependencies": {
+    "@freesignal/crypto": "^0.11.0"
+  },
+  "devDependencies": {
+    "@types/node": "^24.2.1",
+    "cpx2": "^8.0.0"
+  }
+}