@signalapp/libsignal-client 0.84.0 → 0.85.0

package/Native.d.ts

@@ -642,13 +642,11 @@ export function TESTING_FakeChatConnection_TakeAuthenticatedChat(chat: Wrapper<F
 export function TESTING_FakeChatConnection_TakeRemote(chat: Wrapper<FakeChatConnection>): FakeChatRemoteEnd;
 export function TESTING_FakeChatConnection_TakeUnauthenticatedChat(chat: Wrapper<FakeChatConnection>): UnauthenticatedChatConnection;
 export function TESTING_FakeChatRemoteEnd_InjectConnectionInterrupted(chat: Wrapper<FakeChatRemoteEnd>): void;
-export function TESTING_FakeChatRemoteEnd_ReceiveIncomingRequest(asyncRuntime: Wrapper<TokioAsyncContext>, chat: Wrapper<FakeChatRemoteEnd>): CancellablePromise<FakeChatSentRequest | null>;
+export function TESTING_FakeChatRemoteEnd_ReceiveIncomingRequest(asyncRuntime: Wrapper<TokioAsyncContext>, chat: Wrapper<FakeChatRemoteEnd>): CancellablePromise<[HttpRequest, bigint] | null>;
 export function TESTING_FakeChatRemoteEnd_SendRawServerRequest(chat: Wrapper<FakeChatRemoteEnd>, bytes: Uint8Array): void;
 export function TESTING_FakeChatRemoteEnd_SendRawServerResponse(chat: Wrapper<FakeChatRemoteEnd>, bytes: Uint8Array): void;
 export function TESTING_FakeChatRemoteEnd_SendServerResponse(chat: Wrapper<FakeChatRemoteEnd>, response: Wrapper<FakeChatResponse>): void;
 export function TESTING_FakeChatResponse_Create(id: bigint, status: number, message: string, headers: string[], body: Uint8Array | null): FakeChatResponse;
-export function TESTING_FakeChatSentRequest_RequestId(request: Wrapper<FakeChatSentRequest>): bigint;
-export function TESTING_FakeChatSentRequest_TakeHttpRequest(request: Wrapper<FakeChatSentRequest>): HttpRequest;
 export function TESTING_FakeChatServer_Create(): FakeChatServer;
 export function TESTING_FakeChatServer_GetNextRemote(asyncRuntime: Wrapper<TokioAsyncContext>, server: Wrapper<FakeChatServer>): CancellablePromise<FakeChatRemoteEnd>;
 export function TESTING_FakeRegistrationSession_CreateSession(asyncRuntime: Wrapper<TokioAsyncContext>, createSession: RegistrationCreateSessionRequest, chat: Wrapper<FakeChatServer>): CancellablePromise<RegistrationService>;
@@ -714,6 +712,7 @@ export function UnauthenticatedChatConnection_info(chat: Wrapper<Unauthenticated
 export function UnauthenticatedChatConnection_init_listener(chat: Wrapper<UnauthenticatedChatConnection>, listener: ChatListener): void;
 export function UnauthenticatedChatConnection_look_up_username_hash(asyncRuntime: Wrapper<TokioAsyncContext>, chat: Wrapper<UnauthenticatedChatConnection>, hash: Uint8Array): CancellablePromise<Uuid | null>;
 export function UnauthenticatedChatConnection_send(asyncRuntime: Wrapper<TokioAsyncContext>, chat: Wrapper<UnauthenticatedChatConnection>, httpRequest: Wrapper<HttpRequest>, timeoutMillis: number): CancellablePromise<ChatResponse>;
+export function UnauthenticatedChatConnection_send_multi_recipient_message(asyncRuntime: Wrapper<TokioAsyncContext>, chat: Wrapper<UnauthenticatedChatConnection>, payload: Uint8Array, timestamp: Timestamp, auth: Uint8Array|null, onlineOnly: boolean, isUrgent: boolean): CancellablePromise<Uint8Array[]>;
 export function UnidentifiedSenderMessageContent_Deserialize(data: Uint8Array): UnidentifiedSenderMessageContent;
 export function UnidentifiedSenderMessageContent_GetContentHint(m: Wrapper<UnidentifiedSenderMessageContent>): number;
 export function UnidentifiedSenderMessageContent_GetContents(obj: Wrapper<UnidentifiedSenderMessageContent>): Uint8Array;
@@ -731,7 +730,7 @@ export function Username_Proof(username: string, randomness: Uint8Array): Uint8A
 export function Username_Verify(proof: Uint8Array, hash: Uint8Array): void;
 export function UuidCiphertext_CheckValidContents(buffer: Uint8Array): void;
 export function ValidatingMac_Finalize(mac: Wrapper<ValidatingMac>): number;
-export function ValidatingMac_Initialize(key: Uint8Array, chunkSize: number, digests: Uint8Array): ValidatingMac;
+export function ValidatingMac_Initialize(key: Uint8Array, chunkSize: number, digests: Uint8Array): ValidatingMac | null;
 export function ValidatingMac_Update(mac: Wrapper<ValidatingMac>, bytes: Uint8Array, offset: number, length: number): number;
 export function WebpSanitizer_Sanitize(input: SyncInputStream): void;
 export function initLogger(maxLevel: LogLevel, callback: (level: LogLevel, target: string, file: string | null, line: number | null, message: string) => void): void
@@ -754,7 +753,6 @@ interface ExpiringProfileKeyCredentialResponse { readonly __type: unique symbol;
 interface FakeChatConnection { readonly __type: unique symbol; }
 interface FakeChatRemoteEnd { readonly __type: unique symbol; }
 interface FakeChatResponse { readonly __type: unique symbol; }
-interface FakeChatSentRequest { readonly __type: unique symbol; }
 interface FakeChatServer { readonly __type: unique symbol; }
 interface Fingerprint { readonly __type: unique symbol; }
 interface GroupMasterKey { readonly __type: unique symbol; }

package/dist/Errors.d.ts

@@ -1,4 +1,4 @@
-import { ProtocolAddress } from './Address.js';
+import { ProtocolAddress, ServiceId } from './Address.js';
 import Native from '../Native.js';
 export declare enum ErrorCode {
     Generic = 0,
@@ -46,7 +46,33 @@ export declare enum ErrorCode {
     Cancelled = 42,
     KeyTransparencyError = 43,
     KeyTransparencyVerificationFailed = 44,
-    IncrementalMacVerificationFailed = 45
+    IncrementalMacVerificationFailed = 45,
+    RequestUnauthorized = 46,
+    MismatchedDevices = 47
+}
+/** Called out as a separate type so it's not confused with a normal ServiceIdBinary. */
+type ServiceIdFixedWidthBinary = Uint8Array;
+/**
+ * A failure sending to a recipient on account of not being up to date on their devices.
+ *
+ * An entry in {@link MismatchedDevicesError}. Each entry represents a recipient that has either
+ * added, removed, or relinked some devices in their account (potentially including their primary
+ * device), as represented by the {@link MismatchedDevicesEntry#missingDevices},
+ * {@link MismatchedDevicesEntry#extraDevices}, and {@link MismatchedDevicesEntry#staleDevices}
+ * arrays, respectively. Handling the exception involves removing the "extra" devices and
+ * establishing new sessions for the "missing" and "stale" devices.
+ */
+export declare class MismatchedDevicesEntry {
+    account: ServiceId;
+    missingDevices: number[];
+    extraDevices: number[];
+    staleDevices: number[];
+    constructor({ account, missingDevices, extraDevices, staleDevices, }: {
+        account: ServiceId | ServiceIdFixedWidthBinary;
+        missingDevices?: number[];
+        extraDevices?: number[];
+        staleDevices?: number[];
+    });
 }
 export declare class LibSignalErrorBase extends Error {
     readonly code: ErrorCode;
@@ -211,4 +237,12 @@ export type KeyTransparencyVerificationFailed = LibSignalErrorCommon & {
 export type IncrementalMacVerificationFailed = LibSignalErrorCommon & {
     code: ErrorCode.IncrementalMacVerificationFailed;
 };
-export type LibSignalError = GenericError | DuplicatedMessageError | SealedSenderSelfSendError | UntrustedIdentityError | InvalidRegistrationIdError | InvalidProtocolAddress | VerificationFailedError | InvalidSessionError | InvalidSenderKeySessionError | NicknameCannotBeEmptyError | CannotStartWithDigitError | MissingSeparatorError | BadNicknameCharacterError | NicknameTooShortError | NicknameTooLongError | DiscriminatorCannotBeEmptyError | DiscriminatorCannotBeZeroError | DiscriminatorCannotBeSingleDigitError | DiscriminatorCannotHaveLeadingZerosError | BadDiscriminatorCharacterError | DiscriminatorTooLargeError | InputDataTooLong | InvalidEntropyDataLength | InvalidUsernameLinkEncryptedData | IoError | CdsiInvalidTokenError | InvalidUriError | InvalidMediaInputError | SvrDataMissingError | SvrRestoreFailedError | SvrRequestFailedError | SvrAttestationError | SvrInvalidDataError | UnsupportedMediaInputError | ChatServiceInactive | AppExpiredError | DeviceDelinkedError | ConnectionInvalidatedError | ConnectedElsewhereError | RateLimitedError | RateLimitChallengeError | BackupValidationError | CancellationError | KeyTransparencyError | KeyTransparencyVerificationFailed | IncrementalMacVerificationFailed;
+export type RequestUnauthorizedError = LibSignalErrorCommon & {
+    code: ErrorCode.RequestUnauthorized;
+};
+export type MismatchedDevicesError = LibSignalErrorCommon & {
+    code: ErrorCode.MismatchedDevices;
+    readonly entries: MismatchedDevicesEntry[];
+};
+export type LibSignalError = GenericError | DuplicatedMessageError | SealedSenderSelfSendError | UntrustedIdentityError | InvalidRegistrationIdError | InvalidProtocolAddress | VerificationFailedError | InvalidSessionError | InvalidSenderKeySessionError | NicknameCannotBeEmptyError | CannotStartWithDigitError | MissingSeparatorError | BadNicknameCharacterError | NicknameTooShortError | NicknameTooLongError | DiscriminatorCannotBeEmptyError | DiscriminatorCannotBeZeroError | DiscriminatorCannotBeSingleDigitError | DiscriminatorCannotHaveLeadingZerosError | BadDiscriminatorCharacterError | DiscriminatorTooLargeError | InputDataTooLong | InvalidEntropyDataLength | InvalidUsernameLinkEncryptedData | IoError | CdsiInvalidTokenError | InvalidUriError | InvalidMediaInputError | SvrDataMissingError | SvrRestoreFailedError | SvrRequestFailedError | SvrAttestationError | SvrInvalidDataError | UnsupportedMediaInputError | ChatServiceInactive | AppExpiredError | DeviceDelinkedError | ConnectionInvalidatedError | ConnectedElsewhereError | RateLimitedError | RateLimitChallengeError | BackupValidationError | CancellationError | KeyTransparencyError | KeyTransparencyVerificationFailed | IncrementalMacVerificationFailed | RequestUnauthorizedError | MismatchedDevicesError;
+export {};

package/dist/Errors.js

@@ -2,7 +2,7 @@
 // Copyright 2021 Signal Messenger, LLC.
 // SPDX-License-Identifier: AGPL-3.0-only
 //
-import { ProtocolAddress } from './Address.js';
+import { ProtocolAddress, ServiceId } from './Address.js';
 export var ErrorCode;
 (function (ErrorCode) {
     ErrorCode[ErrorCode["Generic"] = 0] = "Generic";
@@ -51,7 +51,30 @@ export var ErrorCode;
     ErrorCode[ErrorCode["KeyTransparencyError"] = 43] = "KeyTransparencyError";
     ErrorCode[ErrorCode["KeyTransparencyVerificationFailed"] = 44] = "KeyTransparencyVerificationFailed";
     ErrorCode[ErrorCode["IncrementalMacVerificationFailed"] = 45] = "IncrementalMacVerificationFailed";
+    ErrorCode[ErrorCode["RequestUnauthorized"] = 46] = "RequestUnauthorized";
+    ErrorCode[ErrorCode["MismatchedDevices"] = 47] = "MismatchedDevices";
 })(ErrorCode || (ErrorCode = {}));
+/**
+ * A failure sending to a recipient on account of not being up to date on their devices.
+ *
+ * An entry in {@link MismatchedDevicesError}. Each entry represents a recipient that has either
+ * added, removed, or relinked some devices in their account (potentially including their primary
+ * device), as represented by the {@link MismatchedDevicesEntry#missingDevices},
+ * {@link MismatchedDevicesEntry#extraDevices}, and {@link MismatchedDevicesEntry#staleDevices}
+ * arrays, respectively. Handling the exception involves removing the "extra" devices and
+ * establishing new sessions for the "missing" and "stale" devices.
+ */
+export class MismatchedDevicesEntry {
+    constructor({ account, missingDevices, extraDevices, staleDevices, }) {
+        this.account =
+            account instanceof ServiceId
+                ? account
+                : ServiceId.parseFromServiceIdFixedWidthBinary(account);
+        this.missingDevices = missingDevices ?? [];
+        this.extraDevices = extraDevices ?? [];
+        this.staleDevices = staleDevices ?? [];
+    }
+}
 export class LibSignalErrorBase extends Error {
     constructor(message, name, operation, extraProps) {
         super(message);

package/dist/incremental_mac.js

@@ -73,7 +73,14 @@ class ValidatingWritable extends stream.Writable {
     constructor(key, sizeChoice, digest) {
         super();
         this._validatedBytes = 0;
-        this._nativeHandle = Native.ValidatingMac_Initialize(key, chunkSizeInBytes(sizeChoice), digest);
+        const handle = Native.ValidatingMac_Initialize(key, chunkSizeInBytes(sizeChoice), digest);
+        if (!handle) {
+            // Not sure why eslint isn't treating IncrementalMacVerificationFailed as an Error;
+            // standalone examples are not reproducing.
+            // eslint-disable-next-line @typescript-eslint/only-throw-error
+            throw makeVerificationError('Invalid configuration data');
+        }
+        this._nativeHandle = handle;
     }
     validatedSize() {
         return this._validatedBytes;

package/dist/net/chat/UnauthMessagesService.d.ts

@@ -0,0 +1,48 @@
+import { ServiceId } from '../../Address.js';
+import { RequestOptions } from '../Chat.js';
+import { GroupSendFullToken } from '../../zkgroup/index.js';
+declare module '../Chat' {
+    interface UnauthenticatedChatConnection extends UnauthMessagesService {
+    }
+}
+/** See {@link UnauthMessagesService#sendMultiRecipientMessage}. */
+export type MultiRecipientMessageRequest = Readonly<{
+    payload: Uint8Array;
+    timestamp: number;
+    auth: 'story' | GroupSendFullToken;
+    onlineOnly: boolean;
+    urgent: boolean;
+}>;
+/**
+ * Successful response for {@link UnauthMessagesService#sendMultiRecipientMessage}.
+ *
+ * When authenticating using a {@link GroupSendFullToken}, the server will report which recipients
+ * are currently unregistered. For `story` auth the list will always be empty.
+ */
+export declare class MultiRecipientMessageResponse {
+    unregisteredIds: ServiceId[];
+    constructor(unregisteredIds: ServiceId[]);
+}
+export interface UnauthMessagesService {
+    /**
+     * Sends a multi-recipient message encrypted with Sealed Sender v2.
+     *
+     * Messages to accounts that have been unregistered will be dropped by the server and (if using
+     * {@link GroupSendFullToken}-based auth) reported in the resulting
+     * {@link MultiRecipientMessageResponse}.
+     *
+     * @throws {RequestUnauthorizedError} if `auth` is not valid for the recipients specified in
+     * `payload`. (This cannot happen when `auth` is `'story'`.)
+     * @throws {MismatchedDevicesError} if the recipient devices specified in `payload` are out of
+     * date in some way. This is not a "partial success" result; the message has not been sent to
+     * anybody.
+     * @throws {ChatServiceInactive} if the chat connection has been closed.
+     * @throws {IoError} if an error occurred while communicating with the server.
+     * @throws {RateLimitedError} if the server is rate limiting this client. This is **retryable**
+     * after waiting the designated delay.
+     *
+     * @see `sealedSenderMultiRecipientEncrypt`
+     * @see {@link MismatchedDevicesEntry}
+     */
+    sendMultiRecipientMessage: (request: MultiRecipientMessageRequest, options?: RequestOptions) => Promise<MultiRecipientMessageResponse>;
+}

package/dist/net/chat/UnauthMessagesService.js

@@ -0,0 +1,24 @@
+//
+// Copyright 2025 Signal Messenger, LLC.
+// SPDX-License-Identifier: AGPL-3.0-only
+//
+import Native from '../../../Native.js';
+import { ServiceId } from '../../Address.js';
+import { UnauthenticatedChatConnection } from '../Chat.js';
+/**
+ * Successful response for {@link UnauthMessagesService#sendMultiRecipientMessage}.
+ *
+ * When authenticating using a {@link GroupSendFullToken}, the server will report which recipients
+ * are currently unregistered. For `story` auth the list will always be empty.
+ */
+export class MultiRecipientMessageResponse {
+    constructor(unregisteredIds) {
+        this.unregisteredIds = unregisteredIds;
+    }
+}
+UnauthenticatedChatConnection.prototype.sendMultiRecipientMessage =
+    async function ({ payload, timestamp, auth, onlineOnly, urgent, }, options) {
+        const response = await this._asyncContext.makeCancellable(options?.abortSignal, Native.UnauthenticatedChatConnection_send_multi_recipient_message(this._asyncContext, this._chatService, payload, timestamp, auth === 'story' ? null : auth.getContents(), onlineOnly, urgent));
+        return new MultiRecipientMessageResponse(response.map((raw) => ServiceId.parseFromServiceIdFixedWidthBinary(raw)));
+    };
+//# sourceMappingURL=UnauthMessagesService.js.map

package/dist/net.d.ts

@@ -6,6 +6,7 @@ import { RegistrationService } from './net/Registration.js';
 import { SvrB } from './net/SvrB.js';
 export * from './net/CDSI.js';
 export * from './net/Chat.js';
+export * from './net/chat/UnauthMessagesService.js';
 export * from './net/chat/UnauthUsernamesService.js';
 export * from './net/Registration.js';
 export * from './net/SvrB.js';

package/dist/net.js

@@ -10,6 +10,7 @@ import { SvrB } from './net/SvrB.js';
 import { BridgedStringMap, newNativeHandle } from './internal.js';
 export * from './net/CDSI.js';
 export * from './net/Chat.js';
+export * from './net/chat/UnauthMessagesService.js';
 export * from './net/chat/UnauthUsernamesService.js';
 export * from './net/Registration.js';
 export * from './net/SvrB.js';

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@signalapp/libsignal-client",
-  "version": "0.84.0",
+  "version": "0.85.0",
   "license": "AGPL-3.0-only",
   "type": "module",
   "main": "dist/index.js",