@signalapp/libsignal-client 0.69.1 → 0.70.1

package/Native.d.ts

@@ -130,7 +130,29 @@ type ChatListener = {
   ): void;
 };
 
-type RequestedInformation = 'pushChallenge' | 'captcha';
+type RegistrationSessionRequestedInformation = 'pushChallenge' | 'captcha';
+
+type RegistrationPushTokenType = 'apn' | 'fcm';
+
+type RegistrationCreateSessionRequest = {
+  number: string;
+  push_token?: string;
+  push_token_type?: RegistrationPushTokenType;
+  mcc?: string;
+  mnc?: string;
+};
+
+type RegisterResponseBadge = {
+  id: string;
+  visible: boolean;
+  expirationSeconds: number;
+};
+
+type SignedPublicPreKey = {
+  keyId: number;
+  publicKey: Buffer;
+  signature: Buffer;
+};
 
 type Wrapper<T> = Readonly<{
   _nativeHandle: T;
@@ -336,7 +358,6 @@ export function LookupRequest_new(): LookupRequest;
 export function LookupRequest_setToken(request: Wrapper<LookupRequest>, token: Buffer): void;
 export function MessageBackupKey_FromAccountEntropyPool(accountEntropy: AccountEntropyPool, aci: Buffer): MessageBackupKey;
 export function MessageBackupKey_FromBackupKeyAndBackupId(backupKey: Buffer, backupId: Buffer): MessageBackupKey;
-export function MessageBackupKey_FromMasterKey(masterKey: Buffer, aci: Buffer): MessageBackupKey;
 export function MessageBackupKey_GetAesKey(key: Wrapper<MessageBackupKey>): Buffer;
 export function MessageBackupKey_GetHmacKey(key: Wrapper<MessageBackupKey>): Buffer;
 export function MessageBackupValidator_Validate(key: Wrapper<MessageBackupKey>, firstStream: InputStream, secondStream: InputStream, len: bigint, purpose: number): Promise<MessageBackupValidationOutcome>;
@@ -412,11 +433,28 @@ export function ReceiptCredentialResponse_CheckValidContents(buffer: Buffer): vo
 export function ReceiptCredential_CheckValidContents(buffer: Buffer): void;
 export function ReceiptCredential_GetReceiptExpirationTime(receiptCredential: Serialized<ReceiptCredential>): Timestamp;
 export function ReceiptCredential_GetReceiptLevel(receiptCredential: Serialized<ReceiptCredential>): bigint;
-export function RegistrationService_CreateSession(asyncRuntime: Wrapper<TokioAsyncContext>, createSession: CreateSession, connectChat: ConnectChatBridge): CancellablePromise<RegistrationService>;
+export function RegisterAccountRequest_Create(): RegisterAccountRequest;
+export function RegisterAccountRequest_SetAccountPassword(registerAccount: Wrapper<RegisterAccountRequest>, accountPassword: Buffer): void;
+export function RegisterAccountRequest_SetIdentityPqLastResortPreKey(registerAccount: Wrapper<RegisterAccountRequest>, identityType: number, pqLastResortPreKey: SignedPublicPreKey): void;
+export function RegisterAccountRequest_SetIdentityPublicKey(registerAccount: Wrapper<RegisterAccountRequest>, identityType: number, identityKey: Wrapper<PublicKey>): void;
+export function RegisterAccountRequest_SetIdentitySignedPreKey(registerAccount: Wrapper<RegisterAccountRequest>, identityType: number, signedPreKey: SignedPublicPreKey): void;
+export function RegisterAccountRequest_SetSkipDeviceTransfer(registerAccount: Wrapper<RegisterAccountRequest>): void;
+export function RegisterAccountResponse_GetEntitlementBackupExpirationSeconds(response: Wrapper<RegisterAccountResponse>): bigint | null;
+export function RegisterAccountResponse_GetEntitlementBackupLevel(response: Wrapper<RegisterAccountResponse>): bigint | null;
+export function RegisterAccountResponse_GetEntitlementBadges(response: Wrapper<RegisterAccountResponse>): RegisterResponseBadge[];
+export function RegisterAccountResponse_GetIdentity(response: Wrapper<RegisterAccountResponse>, identityType: number): Buffer;
+export function RegisterAccountResponse_GetNumber(response: Wrapper<RegisterAccountResponse>): string;
+export function RegisterAccountResponse_GetReregistration(response: Wrapper<RegisterAccountResponse>): boolean;
+export function RegisterAccountResponse_GetStorageCapable(response: Wrapper<RegisterAccountResponse>): boolean;
+export function RegisterAccountResponse_GetUsernameHash(response: Wrapper<RegisterAccountResponse>): Buffer | null;
+export function RegisterAccountResponse_GetUsernameLinkHandle(response: Wrapper<RegisterAccountResponse>): Uuid | null;
+export function RegistrationAccountAttributes_Create(recoveryPassword: Buffer, aciRegistrationId: number, pniRegistrationId: number, registrationLock: string | null, unidentifiedAccessKey: Buffer | null, unrestrictedUnidentifiedAccess: boolean, capabilities: string[], discoverableByPhoneNumber: boolean): RegistrationAccountAttributes;
+export function RegistrationService_CreateSession(asyncRuntime: Wrapper<TokioAsyncContext>, createSession: RegistrationCreateSessionRequest, connectChat: ConnectChatBridge): CancellablePromise<RegistrationService>;
+export function RegistrationService_RegisterAccount(asyncRuntime: Wrapper<TokioAsyncContext>, service: Wrapper<RegistrationService>, registerAccount: Wrapper<RegisterAccountRequest>, accountAttributes: Wrapper<RegistrationAccountAttributes>): CancellablePromise<RegisterAccountResponse>;
 export function RegistrationService_RegistrationSession(service: Wrapper<RegistrationService>): RegistrationSession;
-export function RegistrationService_RequestPushChallenge(asyncRuntime: Wrapper<TokioAsyncContext>, service: Wrapper<RegistrationService>, pushToken: string, pushTokenType: PushTokenType): CancellablePromise<void>;
-export function RegistrationService_RequestVerificationCode(asyncRuntime: Wrapper<TokioAsyncContext>, service: Wrapper<RegistrationService>, transport: string, client: string): CancellablePromise<void>;
-export function RegistrationService_ResumeSession(asyncRuntime: Wrapper<TokioAsyncContext>, sessionId: string, connectChat: ConnectChatBridge): CancellablePromise<RegistrationService>;
+export function RegistrationService_RequestPushChallenge(asyncRuntime: Wrapper<TokioAsyncContext>, service: Wrapper<RegistrationService>, pushToken: string, pushTokenType: RegistrationPushTokenType): CancellablePromise<void>;
+export function RegistrationService_RequestVerificationCode(asyncRuntime: Wrapper<TokioAsyncContext>, service: Wrapper<RegistrationService>, transport: string, client: string, languages: string[]): CancellablePromise<void>;
+export function RegistrationService_ResumeSession(asyncRuntime: Wrapper<TokioAsyncContext>, sessionId: string, number: string, connectChat: ConnectChatBridge): CancellablePromise<RegistrationService>;
 export function RegistrationService_SessionId(service: Wrapper<RegistrationService>): string;
 export function RegistrationService_SubmitCaptcha(asyncRuntime: Wrapper<TokioAsyncContext>, service: Wrapper<RegistrationService>, captchaValue: string): CancellablePromise<void>;
 export function RegistrationService_SubmitPushChallenge(asyncRuntime: Wrapper<TokioAsyncContext>, service: Wrapper<RegistrationService>, pushChallenge: string): CancellablePromise<void>;
@@ -425,7 +463,7 @@ export function RegistrationSession_GetAllowedToRequestCode(session: Wrapper<Reg
 export function RegistrationSession_GetNextCallSeconds(session: Wrapper<RegistrationSession>): number | null;
 export function RegistrationSession_GetNextSmsSeconds(session: Wrapper<RegistrationSession>): number | null;
 export function RegistrationSession_GetNextVerificationAttemptSeconds(session: Wrapper<RegistrationSession>): number | null;
-export function RegistrationSession_GetRequestedInformation(session: Wrapper<RegistrationSession>): RequestedInformation[];
+export function RegistrationSession_GetRequestedInformation(session: Wrapper<RegistrationSession>): RegistrationSessionRequestedInformation[];
 export function RegistrationSession_GetVerified(session: Wrapper<RegistrationSession>): boolean;
 export function SanitizedMetadata_GetDataLen(sanitized: Wrapper<SanitizedMetadata>): bigint;
 export function SanitizedMetadata_GetDataOffset(sanitized: Wrapper<SanitizedMetadata>): bigint;
@@ -572,7 +610,7 @@ export function TESTING_FakeChatSentRequest_RequestId(request: Wrapper<FakeChatS
 export function TESTING_FakeChatSentRequest_TakeHttpRequest(request: Wrapper<FakeChatSentRequest>): HttpRequest;
 export function TESTING_FakeChatServer_Create(): FakeChatServer;
 export function TESTING_FakeChatServer_GetNextRemote(asyncRuntime: Wrapper<TokioAsyncContext>, server: Wrapper<FakeChatServer>): CancellablePromise<FakeChatRemoteEnd>;
-export function TESTING_FakeRegistrationSession_CreateSession(asyncRuntime: Wrapper<TokioAsyncContext>, createSession: CreateSession, chat: Wrapper<FakeChatServer>): CancellablePromise<RegistrationService>;
+export function TESTING_FakeRegistrationSession_CreateSession(asyncRuntime: Wrapper<TokioAsyncContext>, createSession: RegistrationCreateSessionRequest, chat: Wrapper<FakeChatServer>): CancellablePromise<RegistrationService>;
 export function TESTING_FutureFailure(asyncRuntime: Wrapper<NonSuspendingBackgroundThreadRuntime>, _input: number): CancellablePromise<number>;
 export function TESTING_FutureProducesOtherPointerType(asyncRuntime: Wrapper<NonSuspendingBackgroundThreadRuntime>, input: string): CancellablePromise<OtherTestingHandleType>;
 export function TESTING_FutureProducesPointerType(asyncRuntime: Wrapper<NonSuspendingBackgroundThreadRuntime>, input: number): CancellablePromise<TestingHandleType>;
@@ -595,6 +633,7 @@ export function TESTING_PanicOnReturnAsync(_needsCleanup: null): Promise<null>;
 export function TESTING_PanicOnReturnIo(asyncRuntime: Wrapper<NonSuspendingBackgroundThreadRuntime>, _needsCleanup: null): CancellablePromise<null>;
 export function TESTING_PanicOnReturnSync(_needsCleanup: null): null;
 export function TESTING_ProcessBytestringArray(input: Buffer[]): Buffer[];
+export function TESTING_RegisterAccountResponse_CreateTestValue(): RegisterAccountResponse;
 export function TESTING_RegistrationService_CreateSessionErrorConvert(errorDescription: string): void;
 export function TESTING_RegistrationService_RequestVerificationCodeErrorConvert(errorDescription: string): void;
 export function TESTING_RegistrationService_ResumeSessionErrorConvert(errorDescription: string): void;
@@ -608,6 +647,7 @@ export function TESTING_RoundTripU32(input: number): number;
 export function TESTING_RoundTripU64(input: bigint): bigint;
 export function TESTING_RoundTripU8(input: number): number;
 export function TESTING_ServerMessageAck_Create(): ServerMessageAck;
+export function TESTING_SignedPublicPreKey_CheckBridgesCorrectly(sourcePublicKey: Wrapper<PublicKey>, signedPreKey: SignedPublicPreKey): void;
 export function TESTING_TestingHandleType_getValue(handle: Wrapper<TestingHandleType>): number;
 export function TokioAsyncContext_cancel(context: Wrapper<TokioAsyncContext>, rawCancellationId: bigint): void;
 export function TokioAsyncContext_new(): TokioAsyncContext;
@@ -689,6 +729,9 @@ interface ReceiptCredentialPresentation { readonly __type: unique symbol; }
 interface ReceiptCredentialRequest { readonly __type: unique symbol; }
 interface ReceiptCredentialRequestContext { readonly __type: unique symbol; }
 interface ReceiptCredentialResponse { readonly __type: unique symbol; }
+interface RegisterAccountRequest { readonly __type: unique symbol; }
+interface RegisterAccountResponse { readonly __type: unique symbol; }
+interface RegistrationAccountAttributes { readonly __type: unique symbol; }
 interface RegistrationService { readonly __type: unique symbol; }
 interface RegistrationSession { readonly __type: unique symbol; }
 interface SanitizedMetadata { readonly __type: unique symbol; }

package/dist/MessageBackup.d.ts

@@ -44,14 +44,6 @@ export type MessageBackupKeyInput = Readonly<{
  */
 export declare class MessageBackupKey {
     readonly _nativeHandle: Native.MessageBackupKey;
-    /**
-     * Create a backup bundle key from the given master key and ACI.
-     *
-     * `masterKeyBytes` should contain exactly 32 bytes.
-     *
-     * @deprecated Use AccountEntropyPool instead.
-     */
-    constructor(masterKeyBytes: Buffer, aci: Aci);
     /**
      * Create a backup bundle key from an account entropy pool and ACI.
      *

package/dist/MessageBackup.js

@@ -37,19 +37,24 @@ exports.ValidationOutcome = ValidationOutcome;
  * @see {@link BackupKey}
  */
 class MessageBackupKey {
-    constructor(inputOrMasterKeyBytes, maybeAci) {
-        if (inputOrMasterKeyBytes instanceof Buffer) {
-            if (maybeAci === undefined)
-                throw new Error('missing ACI parameter');
-            this._nativeHandle = Native.MessageBackupKey_FromMasterKey(inputOrMasterKeyBytes, maybeAci.getServiceIdFixedWidthBinary());
-        }
-        else if ('accountEntropy' in inputOrMasterKeyBytes) {
-            const { accountEntropy, aci } = inputOrMasterKeyBytes;
+    /**
+     * Create a backup bundle key from an account entropy pool and ACI.
+     *
+     * ...or from a backup key and ID, used when reading from a local backup, which may have been
+     * created with a different ACI. This still uses AccountEntropyPool-based key derivation rules; it
+     * cannot be used to read a backup created from a master key.
+     *
+     * The account entropy pool must be **validated**; passing an arbitrary string here is considered
+     * a programmer error. Similarly, passing a backup key or ID of the wrong length is also an error.
+     */
+    constructor(input) {
+        if ('accountEntropy' in input) {
+            const { accountEntropy, aci } = input;
             this._nativeHandle = Native.MessageBackupKey_FromAccountEntropyPool(accountEntropy, aci.getServiceIdFixedWidthBinary());
         }
         else {
-            const { backupId } = inputOrMasterKeyBytes;
-            let { backupKey } = inputOrMasterKeyBytes;
+            const { backupId } = input;
+            let { backupKey } = input;
             if (backupKey instanceof AccountKeys_1.BackupKey) {
                 backupKey = backupKey.contents;
             }

package/dist/acknowledgments.md

@@ -1800,7 +1800,7 @@ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
 ```
 
-## libcrux-intrinsics 0.0.2, libcrux-ml-kem 0.0.2-alpha.3, libcrux-platform 0.0.2, libcrux-sha3 0.0.2
+## libcrux-intrinsics 0.0.2, libcrux-ml-kem 0.0.2, libcrux-platform 0.0.2, libcrux-sha3 0.0.2
 
 ```
                                  Apache License
@@ -6383,7 +6383,7 @@ SOFTWARE.
 
 ```
 
-## anstream 0.6.18, anstyle-query 1.1.2, clap 4.5.35, colorchoice 1.0.3, env_filter 0.1.3, env_logger 0.11.8, is_terminal_polyfill 1.70.1, toml_datetime 0.6.8, toml_edit 0.22.24
+## anstream 0.6.18, anstyle-query 1.1.2, clap 4.5.35, colorchoice 1.0.3, env_filter 0.1.3, env_logger 0.11.8, is_terminal_polyfill 1.70.1
 
 ```
 Copyright (c) Individual contributors
@@ -6520,7 +6520,7 @@ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLI
 
 ```
 
-## rand 0.8.5, rand_chacha 0.3.1, rand_core 0.6.4
+## rand 0.8.5, rand 0.9.0, rand_chacha 0.3.1, rand_chacha 0.9.0, rand_core 0.6.4, rand_core 0.9.3
 
 ```
 Copyright 2018 Developers of the Rand project
@@ -7356,7 +7356,7 @@ SOFTWARE.
 
 ```
 
-## curve25519-dalek-derive 0.1.1, adler2 2.0.0, anyhow 1.0.97, async-trait 0.1.88, atomic-waker 1.1.2, auto_enums 0.8.7, derive_utils 0.15.0, displaydoc 0.2.5, dyn-clone 1.0.19, fastrand 2.3.0, home 0.5.9, itoa 1.0.15, linkme-impl 0.3.32, linkme 0.3.32, linux-raw-sys 0.4.15, linux-raw-sys 0.9.3, minimal-lexical 0.2.1, num_enum 0.7.3, num_enum_derive 0.7.3, once_cell 1.21.3, paste 1.0.15, pin-project-internal 1.1.10, pin-project-lite 0.2.16, pin-project 1.1.10, prettyplease 0.2.32, proc-macro-crate 3.3.0, proc-macro2 1.0.94, quote 1.0.40, rustc-hash 1.1.0, rustix 0.38.44, rustix 1.0.5, rustversion 1.0.20, semver 1.0.26, send_wrapper 0.6.0, serde 1.0.219, serde_derive 1.0.219, serde_json 1.0.140, syn-mid 0.6.0, syn 2.0.100, thiserror-impl 1.0.69, thiserror-impl 2.0.12, thiserror 1.0.69, thiserror 2.0.12, unicode-ident 1.0.18, utf-8 0.7.6
+## curve25519-dalek-derive 0.1.1, adler2 2.0.0, anyhow 1.0.97, async-trait 0.1.88, atomic-waker 1.1.2, auto_enums 0.8.7, derive_utils 0.15.0, displaydoc 0.2.5, dyn-clone 1.0.19, fastrand 2.3.0, home 0.5.9, itoa 1.0.15, linkme-impl 0.3.32, linkme 0.3.32, linux-raw-sys 0.4.15, linux-raw-sys 0.9.3, minimal-lexical 0.2.1, once_cell 1.21.3, paste 1.0.15, pin-project-internal 1.1.10, pin-project-lite 0.2.16, pin-project 1.1.10, prettyplease 0.2.32, proc-macro2 1.0.94, quote 1.0.40, rustc-hash 1.1.0, rustix 0.38.44, rustix 1.0.5, rustversion 1.0.20, semver 1.0.26, send_wrapper 0.6.0, serde 1.0.219, serde_derive 1.0.219, serde_json 1.0.140, syn-mid 0.6.0, syn 2.0.100, thiserror-impl 1.0.69, thiserror-impl 2.0.12, thiserror 1.0.69, thiserror 2.0.12, unicode-ident 1.0.18, utf-8 0.7.6
 
 ```
 Permission is hereby granted, free of charge, to any
@@ -7385,30 +7385,6 @@ DEALINGS IN THE SOFTWARE.
 
 ```
 
-## winnow 0.7.4
-
-```
-Permission is hereby granted, free of charge, to any person obtaining
-a copy of this software and associated documentation files (the
-"Software"), to deal in the Software without restriction, including
-without limitation the rights to use, copy, modify, merge, publish,
-distribute, sublicense, and/or sell copies of the Software, and to
-permit persons to whom the Software is furnished to do so, subject to
-the following conditions:
-
-The above copyright notice and this permission notice shall be
-included in all copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
-EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
-NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
-LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
-OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
-WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
-
-```
-
 ## android_system_properties 0.1.5
 
 ```

package/dist/incremental_mac.d.ts

@@ -1,6 +1,5 @@
 /// <reference types="node" />
 /// <reference types="node" />
-import * as Native from '../Native';
 import * as stream from 'stream';
 type CallbackType = (error?: Error | null) => void;
 export type ChunkSizeChoice = {
@@ -12,17 +11,6 @@ export type ChunkSizeChoice = {
 };
 export declare function everyNthByte(n: number): ChunkSizeChoice;
 export declare function inferChunkSize(dataSize: number): ChunkSizeChoice;
-/**
- * @deprecated Use the DigestingPassThrough instead
- */
-export declare class DigestingWritable extends stream.Writable {
-    _nativeHandle: Native.IncrementalMac;
-    _digests: Buffer[];
-    constructor(key: Buffer, sizeChoice: ChunkSizeChoice);
-    getFinalDigest(): Buffer;
-    _write(chunk: any, encoding: BufferEncoding, callback: CallbackType): void;
-    _final(callback: CallbackType): void;
-}
 export declare class DigestingPassThrough extends stream.Transform {
     private digester;
     constructor(key: Buffer, sizeChoice: ChunkSizeChoice);
@@ -30,17 +18,6 @@ export declare class DigestingPassThrough extends stream.Transform {
     _transform(data: Buffer, enc: BufferEncoding, callback: CallbackType): void;
     _final(callback: CallbackType): void;
 }
-/**
- * @deprecated Use the ValidatingPassThrough instead
- */
-export declare class ValidatingWritable extends stream.Writable {
-    _nativeHandle: Native.ValidatingMac;
-    _validatedBytes: number;
-    constructor(key: Buffer, sizeChoice: ChunkSizeChoice, digest: Buffer);
-    validatedSize(): number;
-    _write(chunk: any, encoding: BufferEncoding, callback: CallbackType): void;
-    _final(callback: CallbackType): void;
-}
 export declare class ValidatingPassThrough extends stream.Transform {
     private validator;
     private buffer;

package/dist/incremental_mac.js

@@ -4,7 +4,7 @@
 // SPDX-License-Identifier: AGPL-3.0-only
 //
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.chunkSizeInBytes = exports.ValidatingPassThrough = exports.ValidatingWritable = exports.DigestingPassThrough = exports.DigestingWritable = exports.inferChunkSize = exports.everyNthByte = void 0;
+exports.chunkSizeInBytes = exports.ValidatingPassThrough = exports.DigestingPassThrough = exports.inferChunkSize = exports.everyNthByte = void 0;
 const Native = require("../Native");
 const stream = require("stream");
 const Errors_1 = require("./Errors");
@@ -16,9 +16,6 @@ function inferChunkSize(dataSize) {
     return { kind: 'chunksOf', dataSize: dataSize };
 }
 exports.inferChunkSize = inferChunkSize;
-/**
- * @deprecated Use the DigestingPassThrough instead
- */
 class DigestingWritable extends stream.Writable {
     constructor(key, sizeChoice) {
         super();
@@ -44,7 +41,6 @@ class DigestingWritable extends stream.Writable {
         callback();
     }
 }
-exports.DigestingWritable = DigestingWritable;
 class DigestingPassThrough extends stream.Transform {
     constructor(key, sizeChoice) {
         super();
@@ -76,9 +72,6 @@ class DigestingPassThrough extends stream.Transform {
     }
 }
 exports.DigestingPassThrough = DigestingPassThrough;
-/**
- * @deprecated Use the ValidatingPassThrough instead
- */
 class ValidatingWritable extends stream.Writable {
     constructor(key, sizeChoice, digest) {
         super();
@@ -113,7 +106,6 @@ class ValidatingWritable extends stream.Writable {
         }
     }
 }
-exports.ValidatingWritable = ValidatingWritable;
 class ValidatingPassThrough extends stream.Transform {
     constructor(key, sizeChoice, digest) {
         super();

package/dist/index.d.ts

@@ -26,13 +26,6 @@ export declare enum ContentHint {
     Implicit = 2
 }
 export type Uuid = string;
-export declare class HKDF {
-    /**
-     * @deprecated Use the top-level 'hkdf' function for standard HKDF behavior
-     */
-    static new(version: number): HKDF;
-    deriveSecrets(outputLength: number, keyMaterial: Buffer, label: Buffer, salt: Buffer | null): Buffer;
-}
 export declare function hkdf(outputLength: number, keyMaterial: Buffer, label: Buffer, salt: Buffer | null): Buffer;
 export declare class ScannableFingerprint {
     private readonly scannable;
@@ -83,6 +76,18 @@ export declare class KEMKeyPair {
     getPublicKey(): KEMPublicKey;
     getSecretKey(): KEMSecretKey;
 }
+/** The public information contained in a {@link SignedPreKeyRecord} */
+export type SignedPublicPreKey = {
+    id(): number;
+    publicKey(): PublicKey;
+    signature(): Buffer;
+};
+/** The public information contained in a {@link KyberPreKeyRecord} */
+export type SignedKyberPublicPreKey = {
+    id(): number;
+    publicKey(): KEMPublicKey;
+    signature(): Buffer;
+};
 export declare class PreKeyBundle {
     readonly _nativeHandle: Native.PreKeyBundle;
     private constructor();
@@ -110,7 +115,7 @@ export declare class PreKeyRecord {
     publicKey(): PublicKey;
     serialize(): Buffer;
 }
-export declare class SignedPreKeyRecord {
+export declare class SignedPreKeyRecord implements SignedPublicPreKey {
     readonly _nativeHandle: Native.SignedPreKeyRecord;
     private constructor();
     static _fromNativeHandle(nativeHandle: Native.SignedPreKeyRecord): SignedPreKeyRecord;
@@ -123,7 +128,7 @@ export declare class SignedPreKeyRecord {
     signature(): Buffer;
     timestamp(): number;
 }
-export declare class KyberPreKeyRecord {
+export declare class KyberPreKeyRecord implements SignedKyberPublicPreKey {
     readonly _nativeHandle: Native.KyberPreKeyRecord;
     private constructor();
     static _fromNativeHandle(nativeHandle: Native.KyberPreKeyRecord): KyberPreKeyRecord;

package/dist/index.js

@@ -18,8 +18,8 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
     for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.sealedSenderMultiRecipientEncrypt = exports.sealedSenderEncrypt = exports.sealedSenderEncryptMessage = exports.signalDecryptPreKey = exports.signalDecrypt = exports.signalEncrypt = exports.processPreKeyBundle = exports.DecryptionErrorMessage = exports.PlaintextContent = exports.CiphertextMessage = exports.SealedSenderDecryptionResult = exports.groupDecrypt = exports.groupEncrypt = exports.SenderKeyStore = exports.KyberPreKeyStore = exports.SignedPreKeyStore = exports.PreKeyStore = exports.IdentityKeyStore = exports.SessionStore = exports.UnidentifiedSenderMessageContent = exports.SenderKeyMessage = exports.processSenderKeyDistributionMessage = exports.SenderKeyDistributionMessage = exports.SenderCertificate = exports.SenderKeyRecord = exports.ServerCertificate = exports.SessionRecord = exports.PreKeySignalMessage = exports.SignalMessage = exports.KyberPreKeyRecord = exports.SignedPreKeyRecord = exports.PreKeyRecord = exports.PreKeyBundle = exports.KEMKeyPair = exports.KEMSecretKey = exports.KEMPublicKey = exports.Aes256GcmSiv = exports.Fingerprint = exports.DisplayableFingerprint = exports.ScannableFingerprint = exports.hkdf = exports.HKDF = exports.ContentHint = exports.Direction = exports.CiphertextMessageType = exports.WebpSanitizer = exports.Mp4Sanitizer = exports.Net = exports.io = exports.usernames = void 0;
-exports.initLogger = exports.LogLevel = exports.HsmEnclaveClient = exports.Cds2Client = exports.sealedSenderDecryptToUsmc = exports.sealedSenderDecryptMessage = exports.sealedSenderMultiRecipientMessageForSingleRecipient = void 0;
+exports.sealedSenderMultiRecipientMessageForSingleRecipient = exports.sealedSenderMultiRecipientEncrypt = exports.sealedSenderEncrypt = exports.sealedSenderEncryptMessage = exports.signalDecryptPreKey = exports.signalDecrypt = exports.signalEncrypt = exports.processPreKeyBundle = exports.DecryptionErrorMessage = exports.PlaintextContent = exports.CiphertextMessage = exports.SealedSenderDecryptionResult = exports.groupDecrypt = exports.groupEncrypt = exports.SenderKeyStore = exports.KyberPreKeyStore = exports.SignedPreKeyStore = exports.PreKeyStore = exports.IdentityKeyStore = exports.SessionStore = exports.UnidentifiedSenderMessageContent = exports.SenderKeyMessage = exports.processSenderKeyDistributionMessage = exports.SenderKeyDistributionMessage = exports.SenderCertificate = exports.SenderKeyRecord = exports.ServerCertificate = exports.SessionRecord = exports.PreKeySignalMessage = exports.SignalMessage = exports.KyberPreKeyRecord = exports.SignedPreKeyRecord = exports.PreKeyRecord = exports.PreKeyBundle = exports.KEMKeyPair = exports.KEMSecretKey = exports.KEMPublicKey = exports.Aes256GcmSiv = exports.Fingerprint = exports.DisplayableFingerprint = exports.ScannableFingerprint = exports.hkdf = exports.ContentHint = exports.Direction = exports.CiphertextMessageType = exports.WebpSanitizer = exports.Mp4Sanitizer = exports.Net = exports.io = exports.usernames = void 0;
+exports.initLogger = exports.LogLevel = exports.HsmEnclaveClient = exports.Cds2Client = exports.sealedSenderDecryptToUsmc = exports.sealedSenderDecryptMessage = void 0;
 const uuid = require("uuid");
 const Errors = require("./Errors");
 __exportStar(require("./Errors"), exports);
@@ -54,21 +54,6 @@ var ContentHint;
     ContentHint[ContentHint["Resendable"] = 1] = "Resendable";
     ContentHint[ContentHint["Implicit"] = 2] = "Implicit";
 })(ContentHint || (exports.ContentHint = ContentHint = {}));
-class HKDF {
-    /**
-     * @deprecated Use the top-level 'hkdf' function for standard HKDF behavior
-     */
-    static new(version) {
-        if (version != 3) {
-            throw new Error('HKDF versions other than 3 are no longer supported');
-        }
-        return new HKDF();
-    }
-    deriveSecrets(outputLength, keyMaterial, label, salt) {
-        return hkdf(outputLength, keyMaterial, label, salt);
-    }
-}
-exports.HKDF = HKDF;
 function hkdf(outputLength, keyMaterial, label, salt) {
     return Native.HKDF_DeriveSecrets(outputLength, keyMaterial, label, salt);
 }

package/dist/net/CDSI.d.ts

@@ -7,10 +7,6 @@ export type CDSRequestOptionsType = {
         aci: string;
         accessKey: string;
     }>;
-    /**
-     * @deprecated this option is ignored by the server.
-     */
-    returnAcisWithoutUaks: boolean;
     abortSignal?: AbortSignal;
 };
 export type CDSResponseEntryType<Aci, Pni> = {

package/dist/net/Registration.d.ts

@@ -1,6 +1,10 @@
+/// <reference types="node" />
 import type { ReadonlyDeep } from 'type-fest';
 import * as Native from '../../Native';
 import { type TokioAsyncContext } from '../net';
+import { PublicKey } from '../EcKeys';
+import { Aci, Pni } from '../Address';
+import { SignedKyberPublicPreKey, SignedPublicPreKey } from '..';
 type ConnectionManager = Native.Wrapper<Native.ConnectionManager>;
 type RegistrationOptions = {
     tokioAsyncContext: TokioAsyncContext;
@@ -20,6 +24,7 @@ type CreateSessionArgs = Readonly<{
 }>;
 type ResumeSessionArgs = Readonly<{
     sessionId: string;
+    e164: string;
 }>;
 /**
  * A client for the Signal registration service.
@@ -58,7 +63,7 @@ export declare class RegistrationService {
      * @returns a `Promise` that resolves to the `RegistrationService` if
      * resumption is successful, otherwise a {@link LibSignalError}.
      */
-    static resumeSession(options: ReadonlyDeep<RegistrationOptions>, { sessionId }: ResumeSessionArgs): Promise<RegistrationService>;
+    static resumeSession(options: ReadonlyDeep<RegistrationOptions>, { sessionId, e164 }: ResumeSessionArgs): Promise<RegistrationService>;
     /**
      * Starts a new registration session.
      *
@@ -77,11 +82,23 @@ export declare class RegistrationService {
     submitCaptcha(captcha: string): Promise<{
         allowedToRequestCode: boolean;
     }>;
-    requestVerification({ transport, client, }: {
+    requestVerification({ transport, client, languages, }: {
         transport: 'sms' | 'voice';
         client: string;
+        languages: string[];
     }): Promise<void>;
     verifySession(code: string): Promise<boolean>;
+    registerAccount(inputs: {
+        accountPassword: Uint8Array;
+        skipDeviceTransfer: boolean;
+        accountAttributes: AccountAttributes;
+        aciPublicKey: PublicKey;
+        pniPublicKey: PublicKey;
+        aciSignedPreKey: SignedPublicPreKey;
+        pniSignedPreKey: SignedPublicPreKey;
+        aciPqLastResortPreKey: SignedKyberPublicPreKey;
+        pniPqLastResortPreKey: SignedKyberPublicPreKey;
+    }): Promise<RegisterAccountResponse>;
     /**
      *  Internal, only public for testing
      */
@@ -96,4 +113,37 @@ export declare class RegistrationService {
      */
     static fakeCreateSession(tokio: TokioAsyncContext, { e164 }: CreateSessionArgs): [Promise<RegistrationService>, Native.Wrapper<Native.FakeChatServer>];
 }
+export declare class AccountAttributes {
+    readonly _nativeHandle: Native.RegistrationAccountAttributes;
+    constructor({ recoveryPassword, aciRegistrationId, pniRegistrationId, registrationLock, unidentifiedAccessKey, unrestrictedUnidentifiedAccess, capabilities, discoverableByPhoneNumber, }: {
+        recoveryPassword: Uint8Array;
+        aciRegistrationId: number;
+        pniRegistrationId: number;
+        registrationLock: string | null;
+        unidentifiedAccessKey: Uint8Array;
+        unrestrictedUnidentifiedAccess: boolean;
+        capabilities: Set<string>;
+        discoverableByPhoneNumber: boolean;
+    });
+}
+export declare class RegisterAccountResponse {
+    readonly _nativeHandle: Native.RegisterAccountResponse;
+    constructor(_nativeHandle: Native.RegisterAccountResponse);
+    get aci(): Aci;
+    get pni(): Pni;
+    get number(): string;
+    get usernameHash(): Buffer | null;
+    get usernameLinkHandle(): Buffer | null;
+    get backupEntitlement(): {
+        backupLevel: bigint;
+        expirationSeconds: bigint;
+    } | null;
+    get entitlementBadges(): Array<{
+        id: string;
+        expirationSeconds: number;
+        visible: boolean;
+    }>;
+    get reregistration(): boolean;
+    get storageCapable(): boolean;
+}
 export {};

package/dist/net/Registration.js

@@ -4,9 +4,10 @@
 // SPDX-License-Identifier: AGPL-3.0-only
 //
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.RegistrationService = void 0;
+exports.RegisterAccountResponse = exports.AccountAttributes = exports.RegistrationService = void 0;
 const Native = require("../../Native");
 const net_1 = require("../net");
+const Address_1 = require("../Address");
 /**
  * A client for the Signal registration service.
  *
@@ -49,8 +50,8 @@ class RegistrationService {
      * @returns a `Promise` that resolves to the `RegistrationService` if
      * resumption is successful, otherwise a {@link LibSignalError}.
      */
-    static async resumeSession(options, { sessionId }) {
-        const session = await Native.RegistrationService_ResumeSession(options.tokioAsyncContext, sessionId, options.connectionManager);
+    static async resumeSession(options, { sessionId, e164 }) {
+        const session = await Native.RegistrationService_ResumeSession(options.tokioAsyncContext, sessionId, e164, options.connectionManager);
         return new RegistrationService(session, options.tokioAsyncContext);
     }
     /**
@@ -75,13 +76,28 @@ class RegistrationService {
         await Native.RegistrationService_SubmitCaptcha(this.tokioAsyncContext, this, captcha);
         return this.sessionState;
     }
-    async requestVerification({ transport, client, }) {
-        await Native.RegistrationService_RequestVerificationCode(this.tokioAsyncContext, this, transport, client);
+    async requestVerification({ transport, client, languages = [], }) {
+        await Native.RegistrationService_RequestVerificationCode(this.tokioAsyncContext, this, transport, client, languages);
     }
     async verifySession(code) {
         await Native.RegistrationService_SubmitVerificationCode(this.tokioAsyncContext, this, code);
         return this.sessionState.verified;
     }
+    async registerAccount(inputs) {
+        const { accountPassword, skipDeviceTransfer = false, accountAttributes, aciPublicKey, pniPublicKey, aciSignedPreKey, pniSignedPreKey, aciPqLastResortPreKey, pniPqLastResortPreKey, } = inputs;
+        const args = (0, net_1.newNativeHandle)(Native.RegisterAccountRequest_Create());
+        Native.RegisterAccountRequest_SetAccountPassword(args, Buffer.from(accountPassword));
+        if (skipDeviceTransfer) {
+            Native.RegisterAccountRequest_SetSkipDeviceTransfer(args);
+        }
+        Native.RegisterAccountRequest_SetIdentityPublicKey(args, Address_1.ServiceIdKind.Aci, aciPublicKey);
+        Native.RegisterAccountRequest_SetIdentityPublicKey(args, Address_1.ServiceIdKind.Pni, pniPublicKey);
+        Native.RegisterAccountRequest_SetIdentitySignedPreKey(args, Address_1.ServiceIdKind.Aci, toBridgedPublicPreKey(aciSignedPreKey));
+        Native.RegisterAccountRequest_SetIdentitySignedPreKey(args, Address_1.ServiceIdKind.Pni, toBridgedPublicPreKey(pniSignedPreKey));
+        Native.RegisterAccountRequest_SetIdentityPqLastResortPreKey(args, Address_1.ServiceIdKind.Aci, toBridgedPublicPreKey(aciPqLastResortPreKey));
+        Native.RegisterAccountRequest_SetIdentityPqLastResortPreKey(args, Address_1.ServiceIdKind.Pni, toBridgedPublicPreKey(pniPqLastResortPreKey));
+        return new RegisterAccountResponse(await Native.RegistrationService_RegisterAccount(this.tokioAsyncContext, this, args, accountAttributes));
+    }
     /**
      *  Internal, only public for testing
      */
@@ -118,4 +134,58 @@ class RegistrationService {
     }
 }
 exports.RegistrationService = RegistrationService;
+function toBridgedPublicPreKey(key) {
+    return {
+        keyId: key.id(),
+        signature: key.signature(),
+        publicKey: key.publicKey().serialize(),
+    };
+}
+class AccountAttributes {
+    constructor({ recoveryPassword, aciRegistrationId, pniRegistrationId, registrationLock, unidentifiedAccessKey, unrestrictedUnidentifiedAccess, capabilities, discoverableByPhoneNumber, }) {
+        const capabilitiesArray = Array.from(capabilities);
+        this._nativeHandle = Native.RegistrationAccountAttributes_Create(Buffer.from(recoveryPassword), aciRegistrationId, pniRegistrationId, registrationLock, Buffer.from(unidentifiedAccessKey), unrestrictedUnidentifiedAccess, capabilitiesArray, discoverableByPhoneNumber);
+    }
+}
+exports.AccountAttributes = AccountAttributes;
+class RegisterAccountResponse {
+    constructor(_nativeHandle) {
+        this._nativeHandle = _nativeHandle;
+    }
+    get aci() {
+        return new Address_1.Aci(Native.RegisterAccountResponse_GetIdentity(this, Address_1.ServiceIdKind.Aci));
+    }
+    get pni() {
+        return new Address_1.Pni(Native.RegisterAccountResponse_GetIdentity(this, Address_1.ServiceIdKind.Pni));
+    }
+    get number() {
+        return Native.RegisterAccountResponse_GetNumber(this);
+    }
+    get usernameHash() {
+        return Native.RegisterAccountResponse_GetUsernameHash(this);
+    }
+    get usernameLinkHandle() {
+        return Native.RegisterAccountResponse_GetUsernameLinkHandle(this);
+    }
+    get backupEntitlement() {
+        const backupLevel = Native.RegisterAccountResponse_GetEntitlementBackupLevel(this);
+        const expirationSeconds = Native.RegisterAccountResponse_GetEntitlementBackupExpirationSeconds(this);
+        if (backupLevel == null || expirationSeconds == null)
+            return null;
+        return {
+            backupLevel,
+            expirationSeconds,
+        };
+    }
+    get entitlementBadges() {
+        return Native.RegisterAccountResponse_GetEntitlementBadges(this);
+    }
+    get reregistration() {
+        return Native.RegisterAccountResponse_GetReregistration(this);
+    }
+    get storageCapable() {
+        return Native.RegisterAccountResponse_GetStorageCapable(this);
+    }
+}
+exports.RegisterAccountResponse = RegisterAccountResponse;
 //# sourceMappingURL=Registration.js.map

package/dist/net.d.ts

@@ -90,8 +90,9 @@ export declare class Net {
     connectAuthenticatedChat(username: string, password: string, receiveStories: boolean, listener: ChatServiceListener, options?: {
         abortSignal?: AbortSignal;
     }): Promise<AuthenticatedChatConnection>;
-    resumeRegistrationSession({ sessionId, connectionTimeoutMillis, }: {
+    resumeRegistrationSession({ sessionId, e164, connectionTimeoutMillis, }: {
         sessionId: string;
+        e164: string;
         connectionTimeoutMillis?: number;
     }): Promise<RegistrationService>;
     createRegistrationSession({ e164, connectionTimeoutMillis, }: {

package/dist/net.js

@@ -104,12 +104,12 @@ class Net {
     connectAuthenticatedChat(username, password, receiveStories, listener, options) {
         return Chat_1.AuthenticatedChatConnection.connect(this.asyncContext, this._connectionManager, username, password, receiveStories, listener, options);
     }
-    async resumeRegistrationSession({ sessionId, connectionTimeoutMillis, }) {
+    async resumeRegistrationSession({ sessionId, e164, connectionTimeoutMillis, }) {
         return Registration_1.RegistrationService.resumeSession({
             connectionManager: this._connectionManager,
             tokioAsyncContext: this.asyncContext,
             connectionTimeoutMillis: connectionTimeoutMillis,
-        }, { sessionId });
+        }, { sessionId, e164 });
     }
     async createRegistrationSession({ e164, connectionTimeoutMillis, }) {
         return Registration_1.RegistrationService.createSession({

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@signalapp/libsignal-client",
-  "version": "0.69.1",
+  "version": "0.70.1",
   "license": "AGPL-3.0-only",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
@@ -53,6 +53,7 @@
     "chance": "^1.1.11",
     "eslint": "^8.30.0",
     "eslint-config-prettier": "^8.5.0",
+    "eslint-plugin-chai-expect": "^3.1.0",
     "eslint-plugin-header": "^3.1.0",
     "eslint-plugin-import": "^2.26.0",
     "eslint-plugin-jsdoc": "^48.2.0",

package/dist/pin.d.ts

@@ -1,3 +0,0 @@
-export { 
-/** @deprecated AccountEntropyPool was moved to 'AccountKeys' */
-AccountEntropyPool, } from './AccountKeys';

package/dist/pin.js

@@ -1,11 +0,0 @@
-"use strict";
-//
-// Copyright 2024 Signal Messenger, LLC.
-// SPDX-License-Identifier: AGPL-3.0-only
-//
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.AccountEntropyPool = void 0;
-var AccountKeys_1 = require("./AccountKeys");
-/** @deprecated AccountEntropyPool was moved to 'AccountKeys' */
-Object.defineProperty(exports, "AccountEntropyPool", { enumerable: true, get: function () { return AccountKeys_1.AccountEntropyPool; } });
-//# sourceMappingURL=pin.js.map