whalibmob 2.1.1 → 3.3.1

package/lib/DeviceManager.js

@@ -224,6 +224,15 @@ class DeviceManager {
     return readyJids;
   }
 
+  // ─── Clear device cache (used on phash mismatch / 421 retry) ──────────────
+  clearCache(phones) {
+    if (!phones || phones.length === 0) {
+      this._deviceCache.clear();
+    } else {
+      for (const p of phones) this._deviceCache.delete(p);
+    }
+  }
+
   // ─── Build participants node ───────────────────────────────────────────────
   static buildParticipantsNode(encryptedList) {
     const toNodes = encryptedList.map(({ jid, type, ciphertext }) =>

package/lib/Registration.js

@@ -242,7 +242,7 @@ function buildPayload(store, waVersion, useToken, extraPairs) {
     'rc',         String(RELEASE_CHANNEL),
     'lg',         meta.lg,
     'lc',         meta.lc,
-    'authkey',    store.noiseKeyPair.public.toString('base64url'),
+    'authkey',    rawKey(store.noiseKeyPair.public).toString('base64url'),
     'e_regid',    intToBytes(store.registrationId, 4).toString('base64url'),
     'e_keytype',  Buffer.from([SIGNAL_KEY_TYPE]).toString('base64url'),
     'e_ident',    rawKey(store.identityKeyPair.public).toString('base64url'),

package/lib/Store.js

@@ -200,14 +200,15 @@ function fromSixParts(sixParts) {
       private:   spkPair.private,
       signature: sig
     },
-    registrationId: 1,
+    registrationId: (crypto.randomBytes(2).readUInt16BE(0) & 0x3fff) + 1,
     fdid:           uuidv4(),
     deviceId:       crypto.randomBytes(16),
     identityId,
     registered:     true,
     name:           'User',
     version:        IOS_VERSION_FALLBACK,
-    device:         IOS_DEVICE
+    device:         IOS_DEVICE,
+    advIdentity:    null
   };
 }
 

package/lib/messages/MessageSender.js

@@ -281,7 +281,7 @@ class MessageSender {
       isAnimated:        options.isAnimated || false,
       contextInfo:       options.contextInfo
     }));
-    return this._sendMessage(toJid, msgId, stkBuf, 'text', options);
+    return this._sendMessage(toJid, msgId, stkBuf, 'media', options);
   }
 
   // ─── Reaction ─────────────────────────────────────────────────────────────
@@ -302,9 +302,31 @@ class MessageSender {
 
   async _sendMessage(toJid, msgId, plaintext, mediaType, options) {
     if (isGroupJid(toJid)) {
-      return this._sendGroupMessage(toJid, msgId, plaintext, mediaType);
+      try {
+        return await this._sendGroupMessage(toJid, msgId, plaintext, mediaType);
+      } catch (err) {
+        // Error 421 = phash mismatch — server's participant list differs from ours.
+        // Flush device cache for group members and retry once (matches Cobalt behaviour).
+        if (err && /\b421\b/.test(err.message)) {
+          const members = this._client._getGroupMembers
+            ? this._client._getGroupMembers(toJid)
+            : [];
+          this._devMgr.clearCache(members.map(phoneFromJid));
+          return this._sendGroupMessage(toJid, msgId, plaintext, mediaType);
+        }
+        throw err;
+      }
+    }
+    try {
+      return await this._sendDMMessage(toJid, msgId, plaintext, mediaType);
+    } catch (err) {
+      // Same phash-mismatch retry for 1-to-1 messages.
+      if (err && /\b421\b/.test(err.message)) {
+        this._devMgr.clearCache([phoneFromJid(toJid)]);
+        return this._sendDMMessage(toJid, msgId, plaintext, mediaType);
+      }
+      throw err;
     }
-    return this._sendDMMessage(toJid, msgId, plaintext, mediaType);
   }
 
   // ─── 1-to-1 multi-device fanout ───────────────────────────────────────────
@@ -403,6 +425,13 @@ class MessageSender {
 
     const allTargets = [...memberDevices, ...ownDevices];
 
+    // phash MUST include the sender's own primary device.
+    // Cobalt's calculateGroupPhash() explicitly adds senderDevice to the set.
+    // ownDevices contains only linked devices (device != 0); ownJid is device 0.
+    const phashTargets = allTargets.includes(ownJid)
+      ? allTargets
+      : [ownJid, ...allTargets];
+
     // senderKeyMap: only send SKDM to devices that haven't received it yet.
     // Persisted in .sk.json so we don't re-send on every group message.
     const skStore   = this._signal.senderKeyStore;
@@ -418,8 +447,8 @@ class MessageSender {
     // SenderKey encrypt the actual group message (one ciphertext for all)
     const skmsgCiphertext = this._signal.senderKeyEncrypt(groupJid, ownJid, plaintext);
 
-    // phash over all group member devices
-    const phash = allTargets.length > 0 ? computePhash(allTargets) : null;
+    // phash over all group member devices + sender primary device
+    const phash = phashTargets.length > 0 ? computePhash(phashTargets) : null;
 
     // ── Feature 2: device_identity for pkmsg in SKDM ─────────────────────────
     // SKDM messages sent to devices with no prior Signal session are pkmsg.

package/lib/noise.js

@@ -10,6 +10,61 @@ const { MOBILE_PROLOGUE, WHATSAPP_HOST, WHATSAPP_PORT } = require('./constants')
 const { encodeHandshakeClientHello, encodeHandshakeClientFinish,
         decodeServerHello, encodeClientPayload } = require('./proto');
 
+// ─── CertChain validator (matches Baileys WA_CERT_DETAILS.SERIAL = 0) ────────
+//
+// Server payload inside ServerHello is a CertChain protobuf:
+//   CertChain.field2 (intermediate) → NoiseCertificate
+//     NoiseCertificate.field1 (details) → NoiseCertificate.Details
+//       Details.field2 (issuerSerial) must === 0
+//
+// All decoded manually to avoid a protobufjs dependency in noise.js.
+
+function _pbReadVarint(buf, off) {
+  let v = 0, shift = 0;
+  while (off.pos < buf.length) {
+    const b = buf[off.pos++];
+    v |= (b & 0x7f) << shift;
+    if (!(b & 0x80)) break;
+    shift += 7;
+  }
+  return v;
+}
+
+function _pbReadFields(buf) {
+  const fields = {};
+  const off = { pos: 0 };
+  while (off.pos < buf.length) {
+    const tag = _pbReadVarint(buf, off);
+    const fn  = tag >>> 3;
+    const wt  = tag & 7;
+    if (wt === 0) {
+      fields[fn] = _pbReadVarint(buf, off);
+    } else if (wt === 2) {
+      const len = _pbReadVarint(buf, off);
+      fields[fn] = buf.slice(off.pos, off.pos + len);
+      off.pos += len;
+    } else {
+      break; // unexpected wire type — stop parsing
+    }
+  }
+  return fields;
+}
+
+function validateServerCert(payloadBuf) {
+  // payloadBuf is the decrypted ServerHello.payload (CertChain protobuf)
+  const chain        = _pbReadFields(payloadBuf);
+  const intermediate = chain[2]; // field 2 = intermediate NoiseCertificate
+  if (!Buffer.isBuffer(intermediate)) return; // no intermediate cert — skip
+  const cert    = _pbReadFields(intermediate);
+  const details = cert[1]; // field 1 = details bytes
+  if (!Buffer.isBuffer(details)) return;
+  const det          = _pbReadFields(details);
+  const issuerSerial = det[2]; // field 2 = issuerSerial (uint32)
+  if (issuerSerial !== undefined && issuerSerial !== 0) {
+    throw new Error('WA server cert validation failed: issuerSerial=' + issuerSerial + ' expected 0');
+  }
+}
+
 // ─── Curve25519 DH helpers ───────────────────────────────────────────────────
 
 function stripKeyPrefix(pub) {
@@ -216,7 +271,8 @@ class NoiseSocket extends EventEmitter {
       this.noiseState.mixKey(sharedSE);
 
       if (serverHello.payload) {
-        this.noiseState.decryptWithAd(serverHello.payload);
+        const certPlain = this.noiseState.decryptWithAd(serverHello.payload);
+        validateServerCert(certPlain);
       }
 
       const noisePriv  = this.store.noiseKeyPair.private;
@@ -229,7 +285,7 @@ class NoiseSocket extends EventEmitter {
       const payload = encodeClientPayload({
         username:           BigInt(this.store.phoneNumber),
         passive:            false,
-        pushName:           this.store.name || 'User',
+        pushName:           this.store.registered ? (this.store.name || null) : null,
         shortConnect:       true,
         connectType:        1,
         connectReason:      1,

package/lib/proto/MessageProto.js

@@ -8,11 +8,13 @@ function tag(fieldNumber, wireType) {
 }
 
 function encodeVarint(n) {
+  // Use Math.floor/% instead of bitwise ops to handle values > 2^31 safely
+  // (JavaScript bitwise ops coerce to Int32, breaking timestamps in ms, large file sizes etc.)
   const bytes = [];
-  let val = n >>> 0;
+  let val = Math.floor(n);
   while (val > 127) {
-    bytes.push((val & 0x7f) | 0x80);
-    val = val >>> 7;
+    bytes.push((val % 128) | 0x80);
+    val = Math.floor(val / 128);
   }
   bytes.push(val);
   return Buffer.from(bytes);
@@ -101,23 +103,25 @@ function encodeVideoMessage(opts) {
     field(9,  WIRE_VARINT, varint(opts.height || 0)),
     field(10, WIRE_VARINT, varint(opts.width  || 0)),
     field(11, WIRE_LEN,    bytes(opts.fileEncSha256)),
-    field(12, WIRE_LEN,    str(opts.directPath)),
-    field(13, WIRE_VARINT, varintS(opts.mediaKeyTimestamp || Math.floor(Date.now() / 1000)))
+    field(13, WIRE_LEN,    str(opts.directPath)),
+    field(14, WIRE_VARINT, varintS(opts.mediaKeyTimestamp || Math.floor(Date.now() / 1000)))
   ];
-  if (opts.jpegThumbnail) parts.push(field(16, WIRE_LEN, bytes(opts.jpegThumbnail)));
   if (opts.gifPlayback)   parts.push(field(8,  WIRE_VARINT, bool(true)));
+  if (opts.jpegThumbnail) parts.push(field(16, WIRE_LEN, bytes(opts.jpegThumbnail)));
   if (opts.contextInfo)   parts.push(field(17, WIRE_LEN, encodeContextInfo(opts.contextInfo)));
   return Buffer.concat(parts);
 }
 
 function encodeAudioMessage(opts) {
+  // ptt (field 6) goes between seconds (5) and mediaKey (7) — must be in field-number order
+  const pttField = opts.ptt ? field(6, WIRE_VARINT, bool(true)) : Buffer.alloc(0);
   const parts = [
     field(1,  WIRE_LEN,    str(opts.url)),
     field(2,  WIRE_LEN,    str(opts.mimetype || 'audio/ogg; codecs=opus')),
     field(3,  WIRE_LEN,    bytes(opts.fileSha256)),
     field(4,  WIRE_VARINT, varint(opts.fileLength)),
     field(5,  WIRE_VARINT, varint(opts.seconds || 0)),
-    field(6,  WIRE_VARINT, bool(opts.ptt || false)),
+    pttField,
     field(7,  WIRE_LEN,    bytes(opts.mediaKey)),
     field(8,  WIRE_LEN,    bytes(opts.fileEncSha256)),
     field(9,  WIRE_LEN,    str(opts.directPath)),

package/lib/proto.js

@@ -43,7 +43,7 @@ function encodeUserAgent({ platform, version, mcc, mnc, osVersion, manufacturer,
   ];
   if (osVersion) parts.push(field(5, LEN, string(osVersion)));
   if (manufacturer) parts.push(field(6, LEN, string(manufacturer)));
-  if (device) parts.push(field(7, LEN, string(device)));
+  if (device) parts.push(field(7, LEN, string(String(device).replace(/_/g, ' '))));
   if (osBuildNumber) parts.push(field(8, LEN, string(osBuildNumber)));
   if (phoneId) parts.push(field(9, LEN, string(phoneId)));
   parts.push(field(10, VARINT, varint(releaseChannel || 0)));

package/lib/signal/SignalProtocol.js

@@ -11,6 +11,31 @@ const PRE_KEY_COUNT   = 100;
 const PRE_KEY_MIN     = 10;
 const PRE_KEY_START   = 1;
 
+// ─── Per-JID async mutex (matches Baileys encryptionMutex pattern) ────────────
+// Prevents race conditions when two messages are encrypted simultaneously
+// for the same Signal session (e.g. rapid sends or parallel fanout calls).
+
+const _mutexQueues = new Map();
+
+async function _withMutex(key, fn) {
+  // If no queue exists for this key, run immediately
+  if (!_mutexQueues.has(key)) {
+    _mutexQueues.set(key, Promise.resolve());
+  }
+  const prev = _mutexQueues.get(key);
+  let releasePrev;
+  const next = new Promise(r => { releasePrev = r; });
+  _mutexQueues.set(key, next);
+  await prev;
+  try {
+    return await fn();
+  } finally {
+    releasePrev();
+    // Cleanup: if no more waiters, remove from map
+    if (_mutexQueues.get(key) === next) _mutexQueues.delete(key);
+  }
+}
+
 // ─── Padding ──────────────────────────────────────────────────────────────────
 
 function randomPadding() {
@@ -159,14 +184,17 @@ class SignalProtocol {
   // ─── 1-to-1 encrypt / decrypt ─────────────────────────────────────────────
 
   async encrypt(jid, plaintext) {
-    const addr   = jidToAddress(jid);
-    const cipher = new SessionCipher(this.store, addr);
-    const padded = pad(Buffer.from(plaintext));
-    const result = await cipher.encrypt(padded);
-    return {
-      type:       result.type === 3 ? 'pkmsg' : 'msg',
-      ciphertext: Buffer.from(result.body, 'binary')
-    };
+    // Mutex per JID — prevents Signal session race conditions (matches Baileys encryptionMutex)
+    return _withMutex(jid, async () => {
+      const addr   = jidToAddress(jid);
+      const cipher = new SessionCipher(this.store, addr);
+      const padded = pad(Buffer.from(plaintext));
+      const result = await cipher.encrypt(padded);
+      return {
+        type:       result.type === 3 ? 'pkmsg' : 'msg',
+        ciphertext: Buffer.from(result.body, 'binary')
+      };
+    });
   }
 
   async decrypt(jid, type, ciphertext) {
@@ -182,18 +210,17 @@ class SignalProtocol {
   }
 
   // ─── Bulk encrypt for multiple devices (MD fanout) ─────────────────────────
+  // All devices encrypted in parallel (like Baileys Promise.all).
+  // Each JID is protected by its own mutex so parallel calls on the
+  // same JID are still serialized — no Signal session corruption possible.
   // Returns [{jid, type, ciphertext}]
   async bulkEncryptForDevices(jids, plaintext) {
-    const results = [];
-    for (const jid of jids) {
-      try {
-        const enc = await this.encrypt(jid, plaintext);
-        results.push({ jid, type: enc.type, ciphertext: enc.ciphertext });
-      } catch (err) {
-        // Skip devices with no session or errors
-      }
-    }
-    return results;
+    const settled = await Promise.allSettled(
+      jids.map(jid => this.encrypt(jid, plaintext).then(enc => ({ jid, type: enc.type, ciphertext: enc.ciphertext })))
+    );
+    return settled
+      .filter(r => r.status === 'fulfilled')
+      .map(r => r.value);
   }
 
   // ─── SenderKey group encrypt / decrypt ────────────────────────────────────

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "whalibmob",
-  "version": "2.1.1",
+  "version": "3.3.1",
   "description": "WhatsApp mobile-only Node.js client library with Signal Protocol encryption",
   "main": "index.js",
   "bin": {