nodejs-insta-private-api-mqt 1.3.82 → 1.3.83

package/dist/repositories/account.repository.js

@@ -1138,34 +1138,74 @@ class AccountRepository extends Repository {
     });
   }
 
-  static generateAttestParams(state) {
+    static generateAttestParams(state) {
+    // Emulate Instagram's keystore attestation as closely as possible:
+    // - version: 2
+    // - type: "keystore"
+    // - errors: [0]
+    // - challenge_nonce: random base64url
+    // - signed_nonce: ECDSA signature over the nonce
+    // - key_hash: sha256(spki(publicKey))
+    // - certificate_chain: 4 PEM certificates concatenated (leaf + 2 intermediates + root)
+    //
+    // NOTE: This is *not* a real hardware-backed attestation chain, but it mirrors
+    // the structure of the official app very closely so the server sees the same
+    // shape: a single attestation object with a 4‑certificate chain.
     const challengeNonce = crypto.randomBytes(24).toString('base64url');
 
     const { privateKey, publicKey } = crypto.generateKeyPairSync('ec', {
       namedCurve: 'prime256v1',
     });
 
+    // Sign the challenge nonce with the private key (simulating TEE signing).
     const signedData = crypto.sign(null, Buffer.from(challengeNonce), privateKey);
     const signedNonce = signedData.toString('base64');
 
     const publicKeyDer = publicKey.export({ type: 'spki', format: 'der' });
     const keyHash = crypto.createHash('sha256').update(publicKeyDer).digest('hex');
 
-    const leafCertPem = AccountRepository._generateSelfSignedCert(privateKey, publicKey, 'Android Keystore Key');
-    const intermediateCertPem = AccountRepository._generateSelfSignedCert(privateKey, publicKey, 'TEE');
-
-    const certificateChain = leafCertPem + '\n' + intermediateCertPem;
+    // Build a 4‑certificate chain (leaf + 2 intermediates + root), just like
+    // what we saw in the captured traffic from the real Instagram app.
+    const leafCertPem = AccountRepository._generateSelfSignedCert(
+      privateKey,
+      publicKey,
+      'Android Keystore Key'
+    );
+    const intermediate1Pem = AccountRepository._generateSelfSignedCert(
+      privateKey,
+      publicKey,
+      'Android Keystore Key Attestation'
+    );
+    const intermediate2Pem = AccountRepository._generateSelfSignedCert(
+      privateKey,
+      publicKey,
+      'Android Hardware Keystore'
+    );
+    const rootCertPem = AccountRepository._generateSelfSignedCert(
+      privateKey,
+      publicKey,
+      'Android Keystore Root'
+    );
+
+    const certificateChain = [
+      leafCertPem,
+      intermediate1Pem,
+      intermediate2Pem,
+      rootCertPem,
+    ].join('\n');
 
     return {
-      attestation: [{
-        version: 2,
-        type: 'keystore',
-        errors: [0],
-        challenge_nonce: challengeNonce,
-        signed_nonce: signedNonce,
-        key_hash: keyHash,
-        certificate_chain: certificateChain,
-      }],
+      attestation: [
+        {
+          version: 2,
+          type: 'keystore',
+          errors: [0],
+          challenge_nonce: challengeNonce,
+          signed_nonce: signedNonce,
+          key_hash: keyHash,
+          certificate_chain: certificateChain,
+        },
+      ],
     };
   }
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "nodejs-insta-private-api-mqt",
-  "version": "1.3.82",
+  "version": "1.3.83",
   "description": "Complete Instagram MQTT protocol with FULL Featured REALTIME And api Rest All in one project .",
   "main": "dist/index.js",
   "scripts": {