@gara31/void-baileys 7.0.0-rc.10

package/lib/Signal/Group/sender-key-state.js

@@ -0,0 +1,105 @@
+import { SenderChainKey } from "./sender-chain-key.js";
+import { SenderMessageKey } from "./sender-message-key.js";
+export class SenderKeyState {
+  constructor(
+    id,
+    iteration,
+    chainKey,
+    signatureKeyPair,
+    signatureKeyPublic,
+    signatureKeyPrivate,
+    senderKeyStateStructure,
+  ) {
+    this.MAX_MESSAGE_KEYS = 2000;
+    if (senderKeyStateStructure) {
+      this.senderKeyStateStructure = {
+        ...senderKeyStateStructure,
+        senderMessageKeys: Array.isArray(
+          senderKeyStateStructure.senderMessageKeys,
+        )
+          ? senderKeyStateStructure.senderMessageKeys
+          : [],
+      };
+    } else {
+      if (signatureKeyPair) {
+        signatureKeyPublic = signatureKeyPair.public;
+        signatureKeyPrivate = signatureKeyPair.private;
+      }
+      this.senderKeyStateStructure = {
+        senderKeyId: id || 0,
+        senderChainKey: {
+          iteration: iteration || 0,
+          seed: Buffer.from(chainKey || []),
+        },
+        senderSigningKey: {
+          public: Buffer.from(signatureKeyPublic || []),
+          private: Buffer.from(signatureKeyPrivate || []),
+        },
+        senderMessageKeys: [],
+      };
+    }
+  }
+  getKeyId() {
+    return this.senderKeyStateStructure.senderKeyId;
+  }
+  getSenderChainKey() {
+    return new SenderChainKey(
+      this.senderKeyStateStructure.senderChainKey.iteration,
+      this.senderKeyStateStructure.senderChainKey.seed,
+    );
+  }
+  setSenderChainKey(chainKey) {
+    this.senderKeyStateStructure.senderChainKey = {
+      iteration: chainKey.getIteration(),
+      seed: chainKey.getSeed(),
+    };
+  }
+  getSigningKeyPublic() {
+    const publicKey = Buffer.from(
+      this.senderKeyStateStructure.senderSigningKey.public,
+    );
+    if (publicKey.length === 32) {
+      const fixed = Buffer.alloc(33);
+      fixed[0] = 0x05;
+      publicKey.copy(fixed, 1);
+      return fixed;
+    }
+    return publicKey;
+  }
+  getSigningKeyPrivate() {
+    const privateKey = this.senderKeyStateStructure.senderSigningKey.private;
+    return Buffer.from(privateKey || []);
+  }
+  hasSenderMessageKey(iteration) {
+    return this.senderKeyStateStructure.senderMessageKeys.some(
+      (key) => key.iteration === iteration,
+    );
+  }
+  addSenderMessageKey(senderMessageKey) {
+    this.senderKeyStateStructure.senderMessageKeys.push({
+      iteration: senderMessageKey.getIteration(),
+      seed: senderMessageKey.getSeed(),
+    });
+    if (
+      this.senderKeyStateStructure.senderMessageKeys.length >
+      this.MAX_MESSAGE_KEYS
+    ) {
+      this.senderKeyStateStructure.senderMessageKeys.shift();
+    }
+  }
+  removeSenderMessageKey(iteration) {
+    const index = this.senderKeyStateStructure.senderMessageKeys.findIndex(
+      (key) => key.iteration === iteration,
+    );
+    if (index !== -1) {
+      const messageKey = this.senderKeyStateStructure.senderMessageKeys[index];
+      this.senderKeyStateStructure.senderMessageKeys.splice(index, 1);
+      return new SenderMessageKey(messageKey.iteration, messageKey.seed);
+    }
+    return null;
+  }
+  getStructure() {
+    return this.senderKeyStateStructure;
+  }
+}
+//# sourceMappingURL=sender-key-state.js.map

package/lib/Signal/Group/sender-message-key.js

@@ -0,0 +1,30 @@
+import { deriveSecrets } from "libsignal/src/crypto.js";
+export class SenderMessageKey {
+  constructor(iteration, seed) {
+    const derivative = deriveSecrets(
+      seed,
+      Buffer.alloc(32),
+      Buffer.from("WhisperGroup"),
+    );
+    const keys = new Uint8Array(32);
+    keys.set(new Uint8Array(derivative[0].slice(16)));
+    keys.set(new Uint8Array(derivative[1].slice(0, 16)), 16);
+    this.iv = Buffer.from(derivative[0].slice(0, 16));
+    this.cipherKey = Buffer.from(keys.buffer);
+    this.iteration = iteration;
+    this.seed = seed;
+  }
+  getIteration() {
+    return this.iteration;
+  }
+  getIv() {
+    return this.iv;
+  }
+  getCipherKey() {
+    return this.cipherKey;
+  }
+  getSeed() {
+    return this.seed;
+  }
+}
+//# sourceMappingURL=sender-message-key.js.map

package/lib/Signal/libsignal.js

@@ -0,0 +1,416 @@
+/* @ts-ignore */
+import * as libsignal from "libsignal";
+import { LRUCache } from "lru-cache";
+import { generateSignalPubKey } from "../Utils/index.js";
+import {
+  isHostedLidUser,
+  isHostedPnUser,
+  isLidUser,
+  isPnUser,
+  jidDecode,
+  transferDevice,
+  WAJIDDomains,
+} from "../WABinary/index.js";
+import { SenderKeyName } from "./Group/sender-key-name.js";
+import { SenderKeyRecord } from "./Group/sender-key-record.js";
+import {
+  GroupCipher,
+  GroupSessionBuilder,
+  SenderKeyDistributionMessage,
+} from "./Group/index.js";
+import { LIDMappingStore } from "./lid-mapping.js";
+export function makeLibSignalRepository(auth, logger, pnToLIDFunc) {
+  const lidMapping = new LIDMappingStore(auth.keys, logger, pnToLIDFunc);
+  const storage = signalStorage(auth, lidMapping);
+  const parsedKeys = auth.keys;
+  const migratedSessionCache = new LRUCache({
+    ttl: 3 * 24 * 60 * 60 * 1000, // 7 days
+    ttlAutopurge: true,
+    updateAgeOnGet: true,
+  });
+  const repository = {
+    decryptGroupMessage({ group, authorJid, msg }) {
+      const senderName = jidToSignalSenderKeyName(group, authorJid);
+      const cipher = new GroupCipher(storage, senderName);
+      // Use transaction to ensure atomicity
+      return parsedKeys.transaction(async () => {
+        return cipher.decrypt(msg);
+      }, group);
+    },
+    async processSenderKeyDistributionMessage({ item, authorJid }) {
+      const builder = new GroupSessionBuilder(storage);
+      if (!item.groupId) {
+        throw new Error(
+          "Group ID is required for sender key distribution message",
+        );
+      }
+      const senderName = jidToSignalSenderKeyName(item.groupId, authorJid);
+      const senderMsg = new SenderKeyDistributionMessage(
+        null,
+        null,
+        null,
+        null,
+        item.axolotlSenderKeyDistributionMessage,
+      );
+      const senderNameStr = senderName.toString();
+      const { [senderNameStr]: senderKey } = await auth.keys.get("sender-key", [
+        senderNameStr,
+      ]);
+      if (!senderKey) {
+        await storage.storeSenderKey(senderName, new SenderKeyRecord());
+      }
+      return parsedKeys.transaction(async () => {
+        const { [senderNameStr]: senderKey } = await auth.keys.get(
+          "sender-key",
+          [senderNameStr],
+        );
+        if (!senderKey) {
+          await storage.storeSenderKey(senderName, new SenderKeyRecord());
+        }
+        await builder.process(senderName, senderMsg);
+      }, item.groupId);
+    },
+    async decryptMessage({ jid, type, ciphertext }) {
+      const addr = jidToSignalProtocolAddress(jid);
+      const session = new libsignal.SessionCipher(storage, addr);
+      async function doDecrypt() {
+        let result;
+        switch (type) {
+          case "pkmsg":
+            result = await session.decryptPreKeyWhisperMessage(ciphertext);
+            break;
+          case "msg":
+            result = await session.decryptWhisperMessage(ciphertext);
+            break;
+        }
+        return result;
+      }
+      // If it's not a sync message, we need to ensure atomicity
+      // For regular messages, we use a transaction to ensure atomicity
+      return parsedKeys.transaction(async () => {
+        return await doDecrypt();
+      }, jid);
+    },
+    async encryptMessage({ jid, data }) {
+      const addr = jidToSignalProtocolAddress(jid);
+      const cipher = new libsignal.SessionCipher(storage, addr);
+      // Use transaction to ensure atomicity
+      return parsedKeys.transaction(async () => {
+        const { type: sigType, body } = await cipher.encrypt(data);
+        const type = sigType === 3 ? "pkmsg" : "msg";
+        return { type, ciphertext: Buffer.from(body, "binary") };
+      }, jid);
+    },
+    async encryptGroupMessage({ group, meId, data }) {
+      const senderName = jidToSignalSenderKeyName(group, meId);
+      const builder = new GroupSessionBuilder(storage);
+      const senderNameStr = senderName.toString();
+      return parsedKeys.transaction(async () => {
+        const { [senderNameStr]: senderKey } = await auth.keys.get(
+          "sender-key",
+          [senderNameStr],
+        );
+        if (!senderKey) {
+          await storage.storeSenderKey(senderName, new SenderKeyRecord());
+        }
+        const senderKeyDistributionMessage = await builder.create(senderName);
+        const session = new GroupCipher(storage, senderName);
+        const ciphertext = await session.encrypt(data);
+        return {
+          ciphertext,
+          senderKeyDistributionMessage:
+            senderKeyDistributionMessage.serialize(),
+        };
+      }, group);
+    },
+    async injectE2ESession({ jid, session }) {
+      logger.trace({ jid }, "injecting E2EE session");
+      const cipher = new libsignal.SessionBuilder(
+        storage,
+        jidToSignalProtocolAddress(jid),
+      );
+      return parsedKeys.transaction(async () => {
+        await cipher.initOutgoing(session);
+      }, jid);
+    },
+    jidToSignalProtocolAddress(jid) {
+      return jidToSignalProtocolAddress(jid).toString();
+    },
+    // Optimized direct access to LID mapping store
+    lidMapping,
+    async validateSession(jid) {
+      try {
+        const addr = jidToSignalProtocolAddress(jid);
+        const session = await storage.loadSession(addr.toString());
+        if (!session) {
+          return { exists: false, reason: "no session" };
+        }
+        if (!session.haveOpenSession()) {
+          return { exists: false, reason: "no open session" };
+        }
+        return { exists: true };
+      } catch (error) {
+        return { exists: false, reason: "validation error" };
+      }
+    },
+    async deleteSession(jids) {
+      if (!jids.length) return;
+      // Convert JIDs to signal addresses and prepare for bulk deletion
+      const sessionUpdates = {};
+      jids.forEach((jid) => {
+        const addr = jidToSignalProtocolAddress(jid);
+        sessionUpdates[addr.toString()] = null;
+      });
+      // Single transaction for all deletions
+      return parsedKeys.transaction(async () => {
+        await auth.keys.set({ session: sessionUpdates });
+      }, `delete-${jids.length}-sessions`);
+    },
+    async migrateSession(fromJid, toJid) {
+      // TODO: use usync to handle this entire mess
+      if (!fromJid || (!isLidUser(toJid) && !isHostedLidUser(toJid)))
+        return { migrated: 0, skipped: 0, total: 0 };
+      // Only support PN to LID migration
+      if (!isPnUser(fromJid) && !isHostedPnUser(fromJid)) {
+        return { migrated: 0, skipped: 0, total: 1 };
+      }
+      const { user } = jidDecode(fromJid);
+      logger.debug(
+        { fromJid },
+        "bulk device migration - loading all user devices",
+      );
+      // Get user's device list from storage
+      const { [user]: userDevices } = await parsedKeys.get("device-list", [
+        user,
+      ]);
+      if (!userDevices) {
+        return { migrated: 0, skipped: 0, total: 0 };
+      }
+      const { device: fromDevice } = jidDecode(fromJid);
+      const fromDeviceStr = fromDevice?.toString() || "0";
+      if (!userDevices.includes(fromDeviceStr)) {
+        userDevices.push(fromDeviceStr);
+      }
+      // Filter out cached devices before database fetch
+      const uncachedDevices = userDevices.filter((device) => {
+        const deviceKey = `${user}.${device}`;
+        return !migratedSessionCache.has(deviceKey);
+      });
+      // Bulk check session existence only for uncached devices
+      const deviceSessionKeys = uncachedDevices.map(
+        (device) => `${user}.${device}`,
+      );
+      const existingSessions = await parsedKeys.get(
+        "session",
+        deviceSessionKeys,
+      );
+      // Step 3: Convert existing sessions to JIDs (only migrate sessions that exist)
+      const deviceJids = [];
+      for (const [sessionKey, sessionData] of Object.entries(
+        existingSessions,
+      )) {
+        if (sessionData) {
+          // Session exists in storage
+          const deviceStr = sessionKey.split(".")[1];
+          if (!deviceStr) continue;
+          const deviceNum = parseInt(deviceStr);
+          let jid =
+            deviceNum === 0
+              ? `${user}@s.whatsapp.net`
+              : `${user}:${deviceNum}@s.whatsapp.net`;
+          if (deviceNum === 99) {
+            jid = `${user}:99@hosted`;
+          }
+          deviceJids.push(jid);
+        }
+      }
+      logger.debug(
+        {
+          fromJid,
+          totalDevices: userDevices.length,
+          devicesWithSessions: deviceJids.length,
+          devices: deviceJids,
+        },
+        "bulk device migration complete - all user devices processed",
+      );
+      // Single transaction for all migrations
+      return parsedKeys.transaction(
+        async () => {
+          const migrationOps = deviceJids.map((jid) => {
+            const lidWithDevice = transferDevice(jid, toJid);
+            const fromDecoded = jidDecode(jid);
+            const toDecoded = jidDecode(lidWithDevice);
+            return {
+              fromJid: jid,
+              toJid: lidWithDevice,
+              pnUser: fromDecoded.user,
+              lidUser: toDecoded.user,
+              deviceId: fromDecoded.device || 0,
+              fromAddr: jidToSignalProtocolAddress(jid),
+              toAddr: jidToSignalProtocolAddress(lidWithDevice),
+            };
+          });
+          const totalOps = migrationOps.length;
+          let migratedCount = 0;
+          // Bulk fetch PN sessions - already exist (verified during device discovery)
+          const pnAddrStrings = Array.from(
+            new Set(migrationOps.map((op) => op.fromAddr.toString())),
+          );
+          const pnSessions = await parsedKeys.get("session", pnAddrStrings);
+          // Prepare bulk session updates (PN → LID migration + deletion)
+          const sessionUpdates = {};
+          for (const op of migrationOps) {
+            const pnAddrStr = op.fromAddr.toString();
+            const lidAddrStr = op.toAddr.toString();
+            const pnSession = pnSessions[pnAddrStr];
+            if (pnSession) {
+              // Session exists (guaranteed from device discovery)
+              const fromSession =
+                libsignal.SessionRecord.deserialize(pnSession);
+              if (fromSession.haveOpenSession()) {
+                // Queue for bulk update: copy to LID, delete from PN
+                sessionUpdates[lidAddrStr] = fromSession.serialize();
+                sessionUpdates[pnAddrStr] = null;
+                migratedCount++;
+              }
+            }
+          }
+          // Single bulk session update for all migrations
+          if (Object.keys(sessionUpdates).length > 0) {
+            await parsedKeys.set({ session: sessionUpdates });
+            logger.debug(
+              { migratedSessions: migratedCount },
+              "bulk session migration complete",
+            );
+            // Cache device-level migrations
+            for (const op of migrationOps) {
+              if (sessionUpdates[op.toAddr.toString()]) {
+                const deviceKey = `${op.pnUser}.${op.deviceId}`;
+                migratedSessionCache.set(deviceKey, true);
+              }
+            }
+          }
+          const skippedCount = totalOps - migratedCount;
+          return {
+            migrated: migratedCount,
+            skipped: skippedCount,
+            total: totalOps,
+          };
+        },
+        `migrate-${deviceJids.length}-sessions-${jidDecode(toJid)?.user}`,
+      );
+    },
+  };
+  return repository;
+}
+const jidToSignalProtocolAddress = (jid) => {
+  const decoded = jidDecode(jid);
+  const { user, device, server, domainType } = decoded;
+  if (!user) {
+    throw new Error(
+      `JID decoded but user is empty: "${jid}" -> user: "${user}", server: "${server}", device: ${device}`,
+    );
+  }
+  const signalUser =
+    domainType !== WAJIDDomains.WHATSAPP ? `${user}_${domainType}` : user;
+  const finalDevice = device || 0;
+  if (
+    device === 99 &&
+    decoded.server !== "hosted" &&
+    decoded.server !== "hosted.lid"
+  ) {
+    throw new Error(
+      "Unexpected non-hosted device JID with device 99. This ID seems invalid. ID:" +
+        jid,
+    );
+  }
+  return new libsignal.ProtocolAddress(signalUser, finalDevice);
+};
+const jidToSignalSenderKeyName = (group, user) => {
+  return new SenderKeyName(group, jidToSignalProtocolAddress(user));
+};
+function signalStorage({ creds, keys }, lidMapping) {
+  // Shared function to resolve PN signal address to LID if mapping exists
+  const resolveLIDSignalAddress = async (id) => {
+    if (id.includes(".")) {
+      const [deviceId, device] = id.split(".");
+      const [user, domainType_] = deviceId.split("_");
+      const domainType = parseInt(domainType_ || "0");
+      if (
+        domainType === WAJIDDomains.LID ||
+        domainType === WAJIDDomains.HOSTED_LID
+      )
+        return id;
+      const pnJid = `${user}${device !== "0" ? `:${device}` : ""}@${domainType === WAJIDDomains.HOSTED ? "hosted" : "s.whatsapp.net"}`;
+      const lidForPN = await lidMapping.getLIDForPN(pnJid);
+      if (lidForPN) {
+        const lidAddr = jidToSignalProtocolAddress(lidForPN);
+        return lidAddr.toString();
+      }
+    }
+    return id;
+  };
+  return {
+    loadSession: async (id) => {
+      try {
+        const wireJid = await resolveLIDSignalAddress(id);
+        const { [wireJid]: sess } = await keys.get("session", [wireJid]);
+        if (sess) {
+          return libsignal.SessionRecord.deserialize(sess);
+        }
+      } catch (e) {
+        return null;
+      }
+      return null;
+    },
+    storeSession: async (id, session) => {
+      const wireJid = await resolveLIDSignalAddress(id);
+      await keys.set({ session: { [wireJid]: session.serialize() } });
+    },
+    isTrustedIdentity: () => {
+      return true; // todo: implement
+    },
+    loadPreKey: async (id) => {
+      const keyId = id.toString();
+      const { [keyId]: key } = await keys.get("pre-key", [keyId]);
+      if (key) {
+        return {
+          privKey: Buffer.from(key.private),
+          pubKey: Buffer.from(key.public),
+        };
+      }
+    },
+    removePreKey: (id) => keys.set({ "pre-key": { [id]: null } }),
+    loadSignedPreKey: () => {
+      const key = creds.signedPreKey;
+      return {
+        privKey: Buffer.from(key.keyPair.private),
+        pubKey: Buffer.from(key.keyPair.public),
+      };
+    },
+    loadSenderKey: async (senderKeyName) => {
+      const keyId = senderKeyName.toString();
+      const { [keyId]: key } = await keys.get("sender-key", [keyId]);
+      if (key) {
+        return SenderKeyRecord.deserialize(key);
+      }
+      return new SenderKeyRecord();
+    },
+    storeSenderKey: async (senderKeyName, key) => {
+      const keyId = senderKeyName.toString();
+      const serialized = JSON.stringify(key.serialize());
+      await keys.set({
+        "sender-key": { [keyId]: Buffer.from(serialized, "utf-8") },
+      });
+    },
+    getOurRegistrationId: () => creds.registrationId,
+    getOurIdentity: () => {
+      const { signedIdentityKey } = creds;
+      return {
+        privKey: Buffer.from(signedIdentityKey.private),
+        pubKey: Buffer.from(generateSignalPubKey(signedIdentityKey.public)),
+      };
+    },
+  };
+}
+//# sourceMappingURL=libsignal.js.map