zapo-js 0.1.1 → 0.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +20 -4
- package/dist/appstate/WaAppStateCrypto.js +19 -26
- package/dist/appstate/WaAppStateSyncClient.js +293 -181
- package/dist/appstate/WaAppStateSyncResponseParser.js +16 -5
- package/dist/appstate/constants.js +4 -3
- package/dist/appstate/{store/sqlite.js → encoding.js} +13 -8
- package/dist/appstate/index.js +8 -6
- package/dist/appstate/utils.js +9 -34
- package/dist/auth/WaAuthClient.js +43 -61
- package/dist/auth/flow/WaAuthCredentialsFlow.js +22 -15
- package/dist/auth/index.js +1 -8
- package/dist/auth/pairing/WaPairingCodeCrypto.js +6 -4
- package/dist/auth/pairing/WaPairingFlow.js +34 -26
- package/dist/auth/pairing/WaQrFlow.js +37 -24
- package/dist/client/WaClient.js +275 -324
- package/dist/client/WaClientFactory.js +500 -133
- package/dist/client/connection/WaConnectionManager.js +301 -0
- package/dist/client/connection/WaKeyShareCoordinator.js +63 -0
- package/dist/client/connection/WaReceiptQueue.js +51 -0
- package/dist/client/coordinators/WaAppStateMutationCoordinator.js +471 -0
- package/dist/client/coordinators/WaBusinessCoordinator.js +241 -0
- package/dist/client/coordinators/WaGroupCoordinator.js +30 -16
- package/dist/client/coordinators/WaIncomingNodeCoordinator.js +21 -27
- package/dist/client/coordinators/WaMessageDispatchCoordinator.js +439 -701
- package/dist/client/coordinators/WaPassiveTasksCoordinator.js +74 -31
- package/dist/client/coordinators/WaPrivacyCoordinator.js +134 -0
- package/dist/client/coordinators/WaProfileCoordinator.js +212 -0
- package/dist/client/coordinators/WaRetryCoordinator.js +242 -57
- package/dist/client/coordinators/WaStreamControlCoordinator.js +18 -11
- package/dist/client/coordinators/WaTrustedContactTokenCoordinator.js +166 -0
- package/dist/client/dirty.js +74 -48
- package/dist/client/events/chat.js +4 -3
- package/dist/client/events/devices.js +72 -0
- package/dist/client/events/group.js +62 -47
- package/dist/client/events/identity.js +22 -0
- package/dist/client/events/privacy-token.js +39 -0
- package/dist/client/history-sync.js +94 -63
- package/dist/client/incoming.js +60 -27
- package/dist/client/mailbox.js +24 -23
- package/dist/client/messages.js +107 -31
- package/dist/client/messaging/fanout.js +199 -0
- package/dist/client/messaging/key-protocol.js +130 -0
- package/dist/client/messaging/participants.js +193 -0
- package/dist/client/persistence/WriteBehindPersistence.js +129 -0
- package/dist/client/tokens/cs-token.js +50 -0
- package/dist/client/tokens/tc-token.js +25 -0
- package/dist/crypto/core/hkdf.js +3 -8
- package/dist/crypto/core/index.js +2 -5
- package/dist/crypto/core/keys.js +6 -7
- package/dist/crypto/core/nonce.js +2 -0
- package/dist/crypto/core/primitives.js +12 -23
- package/dist/crypto/core/random.js +26 -23
- package/dist/crypto/curves/Ed25519.js +7 -8
- package/dist/crypto/curves/X25519.js +38 -22
- package/dist/crypto/index.js +1 -3
- package/dist/crypto/math/constants.js +13 -36
- package/dist/crypto/math/edwards.js +171 -44
- package/dist/crypto/math/fe.js +706 -0
- package/dist/crypto/math/mod.js +10 -3
- package/dist/esm/appstate/WaAppStateCrypto.js +7 -14
- package/dist/esm/appstate/WaAppStateSyncClient.js +284 -172
- package/dist/esm/appstate/WaAppStateSyncResponseParser.js +17 -6
- package/dist/esm/appstate/constants.js +3 -2
- package/dist/esm/appstate/{store/sqlite.js → encoding.js} +13 -8
- package/dist/esm/appstate/index.js +2 -2
- package/dist/esm/appstate/utils.js +8 -30
- package/dist/esm/auth/WaAuthClient.js +43 -61
- package/dist/esm/auth/flow/WaAuthCredentialsFlow.js +22 -15
- package/dist/esm/auth/index.js +0 -3
- package/dist/esm/auth/pairing/WaPairingCodeCrypto.js +6 -4
- package/dist/esm/auth/pairing/WaPairingFlow.js +28 -20
- package/dist/esm/auth/pairing/WaQrFlow.js +37 -24
- package/dist/esm/client/WaClient.js +275 -324
- package/dist/esm/client/WaClientFactory.js +501 -134
- package/dist/esm/client/connection/WaConnectionManager.js +297 -0
- package/dist/esm/client/connection/WaKeyShareCoordinator.js +59 -0
- package/dist/esm/client/connection/WaReceiptQueue.js +47 -0
- package/dist/esm/client/coordinators/WaAppStateMutationCoordinator.js +467 -0
- package/dist/esm/client/coordinators/WaBusinessCoordinator.js +238 -0
- package/dist/esm/client/coordinators/WaGroupCoordinator.js +23 -9
- package/dist/esm/client/coordinators/WaIncomingNodeCoordinator.js +21 -27
- package/dist/esm/client/coordinators/WaMessageDispatchCoordinator.js +443 -705
- package/dist/esm/client/coordinators/WaPassiveTasksCoordinator.js +74 -31
- package/dist/esm/client/coordinators/WaPrivacyCoordinator.js +131 -0
- package/dist/esm/client/coordinators/WaProfileCoordinator.js +209 -0
- package/dist/esm/client/coordinators/WaRetryCoordinator.js +244 -59
- package/dist/esm/client/coordinators/WaStreamControlCoordinator.js +19 -12
- package/dist/esm/client/coordinators/WaTrustedContactTokenCoordinator.js +162 -0
- package/dist/esm/client/dirty.js +69 -43
- package/dist/esm/client/events/chat.js +4 -3
- package/dist/esm/client/events/devices.js +68 -0
- package/dist/esm/client/events/group.js +53 -39
- package/dist/esm/client/events/identity.js +19 -0
- package/dist/esm/client/events/privacy-token.js +36 -0
- package/dist/esm/client/history-sync.js +91 -60
- package/dist/esm/client/incoming.js +61 -28
- package/dist/esm/client/mailbox.js +24 -23
- package/dist/esm/client/messages.js +108 -32
- package/dist/esm/client/messaging/fanout.js +196 -0
- package/dist/esm/client/messaging/key-protocol.js +127 -0
- package/dist/esm/client/messaging/participants.js +190 -0
- package/dist/esm/client/persistence/WriteBehindPersistence.js +125 -0
- package/dist/esm/client/tokens/cs-token.js +46 -0
- package/dist/esm/client/tokens/tc-token.js +18 -0
- package/dist/esm/crypto/core/hkdf.js +3 -8
- package/dist/esm/crypto/core/index.js +2 -3
- package/dist/esm/crypto/core/keys.js +3 -4
- package/dist/esm/crypto/core/nonce.js +2 -0
- package/dist/esm/crypto/core/primitives.js +12 -22
- package/dist/esm/crypto/core/random.js +25 -23
- package/dist/esm/crypto/curves/Ed25519.js +4 -5
- package/dist/esm/crypto/curves/X25519.js +35 -19
- package/dist/esm/crypto/index.js +0 -1
- package/dist/esm/crypto/math/constants.js +12 -35
- package/dist/esm/crypto/math/edwards.js +174 -47
- package/dist/esm/crypto/math/fe.js +691 -0
- package/dist/esm/crypto/math/mod.js +10 -1
- package/dist/esm/index.js +1 -1
- package/dist/esm/infra/log/ConsoleLogger.js +18 -17
- package/dist/esm/infra/log/PinoLogger.js +15 -9
- package/dist/esm/infra/log/types.js +11 -1
- package/dist/esm/infra/perf/BackgroundQueue.js +478 -0
- package/dist/esm/infra/perf/BoundedTaskQueue.js +16 -18
- package/dist/esm/infra/perf/PromiseDedup.js +20 -0
- package/dist/esm/infra/perf/SharedExclusiveGate.js +109 -0
- package/dist/esm/infra/perf/StoreLock.js +77 -0
- package/dist/esm/media/WaMediaCrypto.js +96 -16
- package/dist/esm/media/WaMediaTransferClient.js +251 -91
- package/dist/esm/media/conn.js +10 -6
- package/dist/esm/media/constants.js +6 -2
- package/dist/esm/message/WaMessageClient.js +30 -32
- package/dist/esm/message/ack.js +6 -6
- package/dist/esm/message/addon-crypto.js +59 -0
- package/dist/esm/message/content.js +195 -9
- package/dist/esm/message/icdc.js +76 -0
- package/dist/esm/message/incoming.js +129 -122
- package/dist/esm/message/index.js +2 -0
- package/dist/esm/message/phash.js +3 -1
- package/dist/esm/message/reporting-token.js +425 -0
- package/dist/esm/message/use-case-secret.js +49 -0
- package/dist/esm/protocol/appstate.js +27 -0
- package/dist/esm/protocol/browser.js +10 -18
- package/dist/esm/protocol/constants.js +6 -3
- package/dist/esm/protocol/defaults.js +6 -0
- package/dist/esm/protocol/index.js +2 -11
- package/dist/esm/protocol/jid.js +133 -52
- package/dist/esm/protocol/media.js +3 -3
- package/dist/esm/protocol/message.js +61 -1
- package/dist/esm/protocol/nodes.js +4 -0
- package/dist/esm/protocol/notification.js +3 -1
- package/dist/esm/protocol/privacy-token.js +17 -0
- package/dist/esm/protocol/privacy.js +55 -0
- package/dist/esm/protocol/stream.js +26 -1
- package/dist/esm/protocol/usync.js +11 -0
- package/dist/esm/retry/codec.js +216 -0
- package/dist/esm/retry/constants.js +1 -1
- package/dist/esm/retry/index.js +3 -2
- package/dist/esm/retry/parse.js +88 -86
- package/dist/esm/retry/replay.js +54 -51
- package/dist/esm/retry/tracker.js +94 -0
- package/dist/esm/signal/api/SignalDeviceSyncApi.js +276 -92
- package/dist/esm/signal/api/SignalDigestSyncApi.js +17 -8
- package/dist/esm/signal/api/SignalIdentitySyncApi.js +67 -37
- package/dist/esm/signal/api/SignalMissingPreKeysSyncApi.js +86 -67
- package/dist/esm/signal/api/SignalRotateKeyApi.js +4 -2
- package/dist/esm/signal/api/SignalSessionSyncApi.js +36 -34
- package/dist/esm/signal/api/result-map.js +10 -0
- package/dist/esm/signal/constants.js +0 -4
- package/dist/esm/signal/crypto/WaAdvSignature.js +13 -9
- package/dist/esm/signal/{store/sqlite.js → encoding.js} +93 -60
- package/dist/esm/signal/group/SenderKeyChain.js +28 -23
- package/dist/esm/signal/group/SenderKeyCodec.js +5 -6
- package/dist/esm/signal/group/SenderKeyManager.js +144 -115
- package/dist/esm/signal/index.js +2 -0
- package/dist/esm/signal/registration/keygen.js +6 -2
- package/dist/esm/signal/registration/utils.js +1 -0
- package/dist/esm/signal/session/SignalProtocol.js +164 -53
- package/dist/esm/signal/session/SignalRatchet.js +24 -15
- package/dist/esm/signal/session/SignalSession.js +14 -9
- package/dist/esm/signal/session/resolver.js +221 -0
- package/dist/esm/store/contracts/privacy-token.store.js +1 -0
- package/dist/esm/store/createStore.js +100 -188
- package/dist/esm/store/index.js +1 -10
- package/dist/esm/store/locks/appstate.lock.js +26 -0
- package/dist/esm/store/locks/auth.lock.js +15 -0
- package/dist/esm/store/locks/contact.lock.js +20 -0
- package/dist/esm/store/locks/device-list.lock.js +20 -0
- package/dist/esm/store/locks/message.lock.js +21 -0
- package/dist/esm/store/locks/participants.lock.js +20 -0
- package/dist/esm/store/locks/privacy-token.lock.js +18 -0
- package/dist/esm/store/locks/retry.lock.js +29 -0
- package/dist/esm/store/locks/sender-key.lock.js +52 -0
- package/dist/esm/store/locks/signal.lock.js +63 -0
- package/dist/esm/store/locks/thread.lock.js +21 -0
- package/dist/esm/store/noop.store.js +4 -7
- package/dist/esm/store/providers/memory/appstate.store.js +38 -16
- package/dist/esm/store/providers/memory/contact.store.js +5 -0
- package/dist/esm/store/providers/memory/device-list.store.js +12 -34
- package/dist/esm/store/providers/memory/message.store.js +11 -5
- package/dist/esm/store/providers/memory/participants.store.js +1 -8
- package/dist/esm/store/providers/memory/privacy-token.store.js +43 -0
- package/dist/esm/store/providers/memory/retry.store.js +77 -2
- package/dist/esm/store/providers/memory/sender-key.store.js +11 -8
- package/dist/esm/store/providers/memory/signal.store.js +47 -18
- package/dist/esm/store/providers/memory/thread.store.js +5 -0
- package/dist/esm/transport/WaComms.js +28 -24
- package/dist/esm/transport/WaWebSocket.js +115 -18
- package/dist/esm/transport/binary/constants.js +0 -30
- package/dist/esm/transport/binary/decoder.js +8 -8
- package/dist/esm/transport/binary/encoder.js +10 -9
- package/dist/esm/transport/binary/index.js +0 -1
- package/dist/esm/transport/index.js +1 -0
- package/dist/esm/transport/keepalive/WaKeepAlive.js +2 -8
- package/dist/esm/transport/node/WaNodeOrchestrator.js +25 -21
- package/dist/esm/transport/node/WaNodeTransport.js +0 -3
- package/dist/esm/transport/node/builders/{accountSync.js → account-sync.js} +16 -36
- package/dist/esm/transport/node/builders/business.js +129 -0
- package/dist/esm/transport/node/builders/global.js +370 -0
- package/dist/esm/transport/node/builders/index.js +7 -3
- package/dist/esm/transport/node/builders/message.js +63 -230
- package/dist/esm/transport/node/builders/pairing.js +2 -27
- package/dist/esm/transport/node/builders/privacy-token.js +41 -0
- package/dist/esm/transport/node/builders/privacy.js +48 -0
- package/dist/esm/transport/node/builders/profile.js +70 -0
- package/dist/esm/transport/node/builders/retry.js +10 -22
- package/dist/esm/transport/node/builders/usync.js +45 -0
- package/dist/esm/transport/node/helpers.js +125 -5
- package/dist/esm/transport/node/usync.js +5 -0
- package/dist/esm/transport/node/xml.js +35 -14
- package/dist/esm/transport/noise/WaClientPayload.js +10 -10
- package/dist/esm/transport/noise/WaFrameCodec.js +48 -33
- package/dist/esm/transport/noise/WaNoiseCert.js +4 -7
- package/dist/esm/transport/noise/WaNoiseSession.js +77 -29
- package/dist/esm/transport/noise/WaNoiseSocket.js +8 -4
- package/dist/esm/transport/proxy.js +27 -0
- package/dist/esm/transport/stream/parse.js +17 -48
- package/dist/esm/util/bytes.js +67 -45
- package/dist/esm/util/coercion.js +6 -14
- package/dist/esm/util/index.js +5 -0
- package/dist/esm/util/primitives.js +40 -14
- package/dist/index.js +7 -1
- package/dist/infra/log/ConsoleLogger.js +18 -17
- package/dist/infra/log/PinoLogger.js +15 -9
- package/dist/infra/log/types.js +12 -0
- package/dist/infra/perf/BackgroundQueue.js +482 -0
- package/dist/infra/perf/BoundedTaskQueue.js +16 -18
- package/dist/infra/perf/PromiseDedup.js +24 -0
- package/dist/infra/perf/SharedExclusiveGate.js +113 -0
- package/dist/infra/perf/StoreLock.js +81 -0
- package/dist/media/WaMediaCrypto.js +95 -15
- package/dist/media/WaMediaTransferClient.js +284 -91
- package/dist/media/conn.js +10 -6
- package/dist/media/constants.js +6 -2
- package/dist/message/WaMessageClient.js +31 -33
- package/dist/message/ack.js +6 -6
- package/dist/message/addon-crypto.js +65 -0
- package/dist/message/content.js +198 -9
- package/dist/message/icdc.js +81 -0
- package/dist/message/incoming.js +127 -120
- package/dist/message/index.js +2 -0
- package/dist/message/phash.js +3 -1
- package/dist/message/reporting-token.js +429 -0
- package/dist/message/use-case-secret.js +55 -0
- package/dist/protocol/appstate.js +28 -1
- package/dist/protocol/browser.js +10 -18
- package/dist/protocol/constants.js +26 -1
- package/dist/protocol/defaults.js +6 -0
- package/dist/protocol/index.js +23 -42
- package/dist/protocol/jid.js +140 -52
- package/dist/protocol/media.js +3 -3
- package/dist/protocol/message.js +62 -2
- package/dist/protocol/nodes.js +4 -0
- package/dist/protocol/notification.js +3 -1
- package/dist/protocol/privacy-token.js +20 -0
- package/dist/protocol/privacy.js +58 -0
- package/dist/protocol/stream.js +27 -2
- package/dist/protocol/usync.js +14 -0
- package/dist/retry/codec.js +220 -0
- package/dist/retry/constants.js +1 -1
- package/dist/retry/index.js +7 -5
- package/dist/retry/parse.js +88 -85
- package/dist/retry/replay.js +52 -49
- package/dist/retry/tracker.js +97 -0
- package/dist/signal/api/SignalDeviceSyncApi.js +273 -89
- package/dist/signal/api/SignalDigestSyncApi.js +17 -8
- package/dist/signal/api/SignalIdentitySyncApi.js +66 -36
- package/dist/signal/api/SignalMissingPreKeysSyncApi.js +82 -63
- package/dist/signal/api/SignalRotateKeyApi.js +4 -2
- package/dist/signal/api/SignalSessionSyncApi.js +36 -34
- package/dist/signal/api/result-map.js +13 -0
- package/dist/signal/constants.js +1 -5
- package/dist/signal/crypto/WaAdvSignature.js +11 -7
- package/dist/signal/{store/sqlite.js → encoding.js} +94 -61
- package/dist/signal/group/SenderKeyChain.js +27 -22
- package/dist/signal/group/SenderKeyCodec.js +5 -6
- package/dist/signal/group/SenderKeyManager.js +144 -115
- package/dist/signal/index.js +15 -1
- package/dist/signal/registration/keygen.js +6 -2
- package/dist/signal/registration/utils.js +1 -0
- package/dist/signal/session/SignalProtocol.js +164 -53
- package/dist/signal/session/SignalRatchet.js +24 -15
- package/dist/signal/session/SignalSession.js +14 -9
- package/dist/signal/session/resolver.js +224 -0
- package/dist/store/contracts/privacy-token.store.js +2 -0
- package/dist/store/createStore.js +100 -188
- package/dist/store/index.js +15 -33
- package/dist/store/locks/appstate.lock.js +29 -0
- package/dist/store/locks/auth.lock.js +18 -0
- package/dist/store/locks/contact.lock.js +23 -0
- package/dist/store/locks/device-list.lock.js +23 -0
- package/dist/store/locks/message.lock.js +24 -0
- package/dist/store/locks/participants.lock.js +23 -0
- package/dist/store/locks/privacy-token.lock.js +21 -0
- package/dist/store/locks/retry.lock.js +32 -0
- package/dist/store/locks/sender-key.lock.js +55 -0
- package/dist/store/locks/signal.lock.js +66 -0
- package/dist/store/locks/thread.lock.js +24 -0
- package/dist/store/noop.store.js +4 -7
- package/dist/store/providers/memory/appstate.store.js +36 -14
- package/dist/store/providers/memory/contact.store.js +5 -0
- package/dist/store/providers/memory/device-list.store.js +12 -34
- package/dist/store/providers/memory/message.store.js +11 -5
- package/dist/store/providers/memory/participants.store.js +1 -8
- package/dist/store/providers/memory/privacy-token.store.js +47 -0
- package/dist/store/providers/memory/retry.store.js +77 -2
- package/dist/store/providers/memory/sender-key.store.js +14 -11
- package/dist/store/providers/memory/signal.store.js +54 -25
- package/dist/store/providers/memory/thread.store.js +5 -0
- package/dist/transport/WaComms.js +30 -26
- package/dist/transport/WaWebSocket.js +148 -18
- package/dist/transport/binary/constants.js +1 -31
- package/dist/transport/binary/decoder.js +8 -8
- package/dist/transport/binary/encoder.js +10 -9
- package/dist/transport/binary/index.js +0 -4
- package/dist/transport/index.js +7 -1
- package/dist/transport/keepalive/WaKeepAlive.js +1 -7
- package/dist/transport/node/WaNodeOrchestrator.js +25 -21
- package/dist/transport/node/WaNodeTransport.js +0 -3
- package/dist/transport/node/builders/{accountSync.js → account-sync.js} +15 -35
- package/dist/transport/node/builders/business.js +137 -0
- package/dist/transport/node/builders/global.js +375 -0
- package/dist/transport/node/builders/index.js +29 -17
- package/dist/transport/node/builders/message.js +64 -236
- package/dist/transport/node/builders/pairing.js +2 -29
- package/dist/transport/node/builders/privacy-token.js +46 -0
- package/dist/transport/node/builders/privacy.js +55 -0
- package/dist/transport/node/builders/profile.js +78 -0
- package/dist/transport/node/builders/retry.js +9 -21
- package/dist/transport/node/builders/usync.js +49 -0
- package/dist/transport/node/helpers.js +131 -4
- package/dist/transport/node/usync.js +8 -0
- package/dist/transport/node/xml.js +35 -14
- package/dist/transport/noise/WaClientPayload.js +13 -13
- package/dist/transport/noise/WaFrameCodec.js +47 -32
- package/dist/transport/noise/WaNoiseCert.js +5 -8
- package/dist/transport/noise/WaNoiseSession.js +77 -29
- package/dist/transport/noise/WaNoiseSocket.js +8 -4
- package/dist/transport/proxy.js +34 -0
- package/dist/transport/stream/parse.js +20 -52
- package/dist/types/appstate/WaAppStateCrypto.d.ts +0 -1
- package/dist/types/appstate/WaAppStateSyncClient.d.ts +5 -2
- package/dist/types/appstate/constants.d.ts +1 -0
- package/dist/types/appstate/encoding.d.ts +7 -0
- package/dist/types/appstate/index.d.ts +3 -3
- package/dist/types/appstate/utils.d.ts +0 -3
- package/dist/types/auth/WaAuthClient.d.ts +10 -12
- package/dist/types/auth/flow/WaAuthCredentialsFlow.d.ts +1 -1
- package/dist/types/auth/index.d.ts +0 -4
- package/dist/types/auth/pairing/WaQrFlow.d.ts +1 -1
- package/dist/types/auth/types.d.ts +7 -9
- package/dist/types/client/WaClient.d.ts +42 -25
- package/dist/types/client/WaClientFactory.d.ts +33 -26
- package/dist/types/client/connection/WaConnectionManager.d.ts +66 -0
- package/dist/types/client/connection/WaKeyShareCoordinator.d.ts +14 -0
- package/dist/types/client/connection/WaReceiptQueue.d.ts +13 -0
- package/dist/types/client/coordinators/WaAppStateMutationCoordinator.d.ts +46 -0
- package/dist/types/client/coordinators/WaBusinessCoordinator.d.ts +57 -0
- package/dist/types/client/coordinators/WaIncomingNodeCoordinator.d.ts +3 -2
- package/dist/types/client/coordinators/WaMessageDispatchCoordinator.d.ts +29 -38
- package/dist/types/client/coordinators/WaPassiveTasksCoordinator.d.ts +4 -0
- package/dist/types/client/coordinators/WaPrivacyCoordinator.d.ts +26 -0
- package/dist/types/client/coordinators/WaProfileCoordinator.d.ts +36 -0
- package/dist/types/client/coordinators/WaRetryCoordinator.d.ts +8 -0
- package/dist/types/client/coordinators/WaStreamControlCoordinator.d.ts +3 -2
- package/dist/types/client/coordinators/WaTrustedContactTokenCoordinator.d.ts +45 -0
- package/dist/types/client/dirty.d.ts +1 -0
- package/dist/types/client/events/devices.d.ts +20 -0
- package/dist/types/client/events/group.d.ts +2 -1
- package/dist/types/client/events/identity.d.ts +9 -0
- package/dist/types/client/events/privacy-token.d.ts +7 -0
- package/dist/types/client/history-sync.d.ts +9 -6
- package/dist/types/client/incoming.d.ts +3 -1
- package/dist/types/client/index.d.ts +1 -1
- package/dist/types/client/mailbox.d.ts +3 -5
- package/dist/types/client/messages.d.ts +1 -2
- package/dist/types/client/messaging/fanout.d.ts +14 -0
- package/dist/types/client/messaging/key-protocol.d.ts +18 -0
- package/dist/types/client/messaging/participants.d.ts +13 -0
- package/dist/types/client/persistence/WriteBehindPersistence.d.ts +34 -0
- package/dist/types/client/tokens/cs-token.d.ts +10 -0
- package/dist/types/client/tokens/tc-token.d.ts +5 -0
- package/dist/types/client/types.d.ts +75 -4
- package/dist/types/crypto/core/hkdf.d.ts +0 -6
- package/dist/types/crypto/core/index.d.ts +2 -3
- package/dist/types/crypto/core/nonce.d.ts +2 -0
- package/dist/types/crypto/core/primitives.d.ts +0 -1
- package/dist/types/crypto/core/random.d.ts +2 -7
- package/dist/types/crypto/index.d.ts +0 -1
- package/dist/types/crypto/math/constants.d.ts +4 -2
- package/dist/types/crypto/math/fe.d.ts +30 -0
- package/dist/types/crypto/math/mod.d.ts +0 -2
- package/dist/types/crypto/math/types.d.ts +11 -4
- package/dist/types/index.d.ts +5 -3
- package/dist/types/infra/log/ConsoleLogger.d.ts +2 -1
- package/dist/types/infra/log/PinoLogger.d.ts +1 -1
- package/dist/types/infra/log/types.d.ts +1 -0
- package/dist/types/infra/perf/BackgroundQueue.d.ts +58 -0
- package/dist/types/infra/perf/BoundedTaskQueue.d.ts +1 -1
- package/dist/types/infra/perf/PromiseDedup.d.ts +4 -0
- package/dist/types/infra/perf/SharedExclusiveGate.d.ts +17 -0
- package/dist/types/infra/perf/StoreLock.d.ts +10 -0
- package/dist/types/media/WaMediaCrypto.d.ts +3 -2
- package/dist/types/media/WaMediaTransferClient.d.ts +16 -15
- package/dist/types/media/constants.d.ts +1 -1
- package/dist/types/media/index.d.ts +1 -1
- package/dist/types/media/types.d.ts +15 -2
- package/dist/types/message/addon-crypto.d.ts +25 -0
- package/dist/types/message/content.d.ts +8 -0
- package/dist/types/message/icdc.d.ts +13 -0
- package/dist/types/message/index.d.ts +2 -0
- package/dist/types/message/reporting-token.d.ts +18 -0
- package/dist/types/message/types.d.ts +45 -6
- package/dist/types/message/use-case-secret.d.ts +20 -0
- package/dist/types/protocol/appstate.d.ts +47 -0
- package/dist/types/protocol/constants.d.ts +8 -3
- package/dist/types/protocol/defaults.d.ts +6 -0
- package/dist/types/protocol/index.d.ts +2 -11
- package/dist/types/protocol/jid.d.ts +22 -5
- package/dist/types/protocol/message.d.ts +60 -0
- package/dist/types/protocol/nodes.d.ts +4 -0
- package/dist/types/protocol/notification.d.ts +2 -0
- package/dist/types/protocol/privacy-token.d.ts +17 -0
- package/dist/types/protocol/privacy.d.ts +75 -0
- package/dist/types/protocol/stream.d.ts +30 -0
- package/dist/types/protocol/usync.d.ts +11 -0
- package/dist/types/retry/codec.d.ts +3 -0
- package/dist/types/retry/index.d.ts +4 -3
- package/dist/types/retry/parse.d.ts +5 -2
- package/dist/types/retry/replay.d.ts +0 -4
- package/dist/types/retry/tracker.d.ts +20 -0
- package/dist/types/retry/types.d.ts +10 -4
- package/dist/types/signal/api/SignalDeviceSyncApi.d.ts +15 -2
- package/dist/types/signal/api/SignalDigestSyncApi.d.ts +6 -0
- package/dist/types/signal/api/SignalIdentitySyncApi.d.ts +2 -0
- package/dist/types/signal/api/SignalRotateKeyApi.d.ts +4 -5
- package/dist/types/signal/api/SignalSessionSyncApi.d.ts +8 -6
- package/dist/types/signal/api/result-map.d.ts +1 -0
- package/dist/types/signal/constants.d.ts +0 -3
- package/dist/types/signal/{store/sqlite.d.ts → encoding.d.ts} +3 -3
- package/dist/types/signal/group/SenderKeyCodec.d.ts +4 -6
- package/dist/types/signal/group/SenderKeyManager.d.ts +10 -5
- package/dist/types/signal/index.d.ts +3 -0
- package/dist/types/signal/session/SignalProtocol.d.ts +19 -4
- package/dist/types/signal/session/resolver.d.ts +22 -0
- package/dist/types/store/contracts/appstate.store.d.ts +4 -1
- package/dist/types/store/contracts/contact.store.d.ts +1 -0
- package/dist/types/store/contracts/device-list.store.d.ts +0 -3
- package/dist/types/store/contracts/message.store.d.ts +1 -0
- package/dist/types/store/contracts/participants.store.d.ts +0 -1
- package/dist/types/store/contracts/privacy-token.store.d.ts +16 -0
- package/dist/types/store/contracts/retry.store.d.ts +7 -0
- package/dist/types/store/contracts/sender-key.store.d.ts +0 -1
- package/dist/types/store/contracts/signal.store.d.ts +13 -0
- package/dist/types/store/contracts/thread.store.d.ts +1 -0
- package/dist/types/store/createStore.d.ts +1 -1
- package/dist/types/store/index.d.ts +5 -13
- package/dist/types/store/locks/appstate.lock.d.ts +3 -0
- package/dist/types/store/locks/auth.lock.d.ts +3 -0
- package/dist/types/store/locks/contact.lock.d.ts +3 -0
- package/dist/types/store/locks/device-list.lock.d.ts +2 -0
- package/dist/types/store/locks/message.lock.d.ts +3 -0
- package/dist/types/store/locks/participants.lock.d.ts +2 -0
- package/dist/types/store/locks/privacy-token.lock.d.ts +2 -0
- package/dist/types/store/locks/retry.lock.d.ts +2 -0
- package/dist/types/store/locks/sender-key.lock.d.ts +3 -0
- package/dist/types/store/locks/signal.lock.d.ts +3 -0
- package/dist/types/store/locks/thread.lock.d.ts +3 -0
- package/dist/types/store/providers/memory/appstate.store.d.ts +3 -1
- package/dist/types/store/providers/memory/contact.store.d.ts +1 -0
- package/dist/types/store/providers/memory/device-list.store.d.ts +0 -3
- package/dist/types/store/providers/memory/message.store.d.ts +1 -0
- package/dist/types/store/providers/memory/participants.store.d.ts +0 -1
- package/dist/types/store/providers/memory/privacy-token.store.d.ts +13 -0
- package/dist/types/store/providers/memory/retry.store.d.ts +8 -0
- package/dist/types/store/providers/memory/sender-key.store.d.ts +0 -1
- package/dist/types/store/providers/memory/signal.store.d.ts +8 -1
- package/dist/types/store/providers/memory/thread.store.d.ts +1 -0
- package/dist/types/store/types.d.ts +49 -58
- package/dist/types/transport/WaWebSocket.d.ts +3 -1
- package/dist/types/transport/binary/constants.d.ts +0 -30
- package/dist/types/transport/binary/index.d.ts +0 -1
- package/dist/types/transport/index.d.ts +2 -1
- package/dist/types/transport/keepalive/WaKeepAlive.d.ts +0 -1
- package/dist/types/transport/node/WaNodeOrchestrator.d.ts +3 -4
- package/dist/types/transport/node/WaNodeTransport.d.ts +0 -9
- package/dist/types/transport/node/builders/business.d.ts +29 -0
- package/dist/types/transport/node/builders/global.d.ts +102 -0
- package/dist/types/transport/node/builders/group.d.ts +4 -6
- package/dist/types/transport/node/builders/index.d.ts +7 -3
- package/dist/types/transport/node/builders/message.d.ts +20 -30
- package/dist/types/transport/node/builders/pairing.d.ts +0 -2
- package/dist/types/transport/node/builders/privacy-token.d.ts +9 -0
- package/dist/types/transport/node/builders/privacy.d.ts +7 -0
- package/dist/types/transport/node/builders/profile.d.ts +8 -0
- package/dist/types/transport/node/builders/retry.d.ts +2 -5
- package/dist/types/transport/node/builders/usync.d.ts +21 -0
- package/dist/types/transport/node/helpers.d.ts +13 -0
- package/dist/types/transport/node/usync.d.ts +2 -0
- package/dist/types/transport/noise/WaFrameCodec.d.ts +3 -0
- package/dist/types/transport/noise/WaNoiseSession.d.ts +4 -2
- package/dist/types/transport/noise/WaNoiseSocket.d.ts +4 -2
- package/dist/types/transport/proxy.d.ts +6 -0
- package/dist/types/transport/stream/parse.d.ts +0 -1
- package/dist/types/transport/types.d.ts +18 -1
- package/dist/types/util/bytes.d.ts +5 -0
- package/dist/types/util/index.d.ts +5 -0
- package/dist/types/util/primitives.d.ts +2 -0
- package/dist/util/bytes.js +72 -46
- package/dist/util/coercion.js +6 -14
- package/dist/util/index.js +23 -0
- package/dist/util/primitives.js +42 -14
- package/package.json +52 -9
- package/proto/index.js +1 -1
- package/dist/crypto/core/constants.js +0 -4
- package/dist/crypto/core/encoding.js +0 -29
- package/dist/esm/crypto/core/constants.js +0 -1
- package/dist/esm/crypto/core/encoding.js +0 -25
- package/dist/esm/retry/outbound.js +0 -83
- package/dist/esm/store/providers/sqlite/BaseSqliteStore.js +0 -37
- package/dist/esm/store/providers/sqlite/appstate.store.js +0 -169
- package/dist/esm/store/providers/sqlite/auth.store.js +0 -176
- package/dist/esm/store/providers/sqlite/connection.js +0 -240
- package/dist/esm/store/providers/sqlite/contact.store.js +0 -61
- package/dist/esm/store/providers/sqlite/device-list.store.js +0 -155
- package/dist/esm/store/providers/sqlite/message.store.js +0 -119
- package/dist/esm/store/providers/sqlite/migrations.js +0 -347
- package/dist/esm/store/providers/sqlite/participants.store.js +0 -85
- package/dist/esm/store/providers/sqlite/retry.store.js +0 -144
- package/dist/esm/store/providers/sqlite/sender-key.store.js +0 -203
- package/dist/esm/store/providers/sqlite/signal.store.js +0 -353
- package/dist/esm/store/providers/sqlite/thread.store.js +0 -72
- package/dist/esm/util/base64.js +0 -18
- package/dist/esm/util/signal-address.js +0 -5
- package/dist/retry/outbound.js +0 -88
- package/dist/store/providers/sqlite/BaseSqliteStore.js +0 -41
- package/dist/store/providers/sqlite/appstate.store.js +0 -173
- package/dist/store/providers/sqlite/auth.store.js +0 -180
- package/dist/store/providers/sqlite/connection.js +0 -276
- package/dist/store/providers/sqlite/contact.store.js +0 -65
- package/dist/store/providers/sqlite/device-list.store.js +0 -159
- package/dist/store/providers/sqlite/message.store.js +0 -123
- package/dist/store/providers/sqlite/migrations.js +0 -350
- package/dist/store/providers/sqlite/participants.store.js +0 -89
- package/dist/store/providers/sqlite/retry.store.js +0 -148
- package/dist/store/providers/sqlite/sender-key.store.js +0 -207
- package/dist/store/providers/sqlite/signal.store.js +0 -357
- package/dist/store/providers/sqlite/thread.store.js +0 -76
- package/dist/types/appstate/store/sqlite.d.ts +0 -21
- package/dist/types/crypto/core/constants.d.ts +0 -1
- package/dist/types/crypto/core/encoding.d.ts +0 -11
- package/dist/types/retry/outbound.d.ts +0 -4
- package/dist/types/store/providers/sqlite/BaseSqliteStore.d.ts +0 -12
- package/dist/types/store/providers/sqlite/appstate.store.d.ts +0 -15
- package/dist/types/store/providers/sqlite/auth.store.d.ts +0 -10
- package/dist/types/store/providers/sqlite/connection.d.ts +0 -10
- package/dist/types/store/providers/sqlite/contact.store.d.ts +0 -10
- package/dist/types/store/providers/sqlite/device-list.store.d.ts +0 -18
- package/dist/types/store/providers/sqlite/message.store.d.ts +0 -11
- package/dist/types/store/providers/sqlite/migrations.d.ts +0 -3
- package/dist/types/store/providers/sqlite/participants.store.d.ts +0 -13
- package/dist/types/store/providers/sqlite/retry.store.d.ts +0 -16
- package/dist/types/store/providers/sqlite/sender-key.store.d.ts +0 -25
- package/dist/types/store/providers/sqlite/signal.store.d.ts +0 -46
- package/dist/types/store/providers/sqlite/thread.store.d.ts +0 -11
- package/dist/types/util/base64.d.ts +0 -4
- package/dist/types/util/signal-address.d.ts +0 -2
- package/dist/util/base64.js +0 -24
- package/dist/util/signal-address.js +0 -8
- /package/dist/types/transport/node/builders/{accountSync.d.ts → account-sync.d.ts} +0 -0
|
@@ -1,6 +1,9 @@
|
|
|
1
1
|
import { aesCbcDecrypt, aesCbcEncrypt, importAesCbcKey, toSerializedPubKey, prependVersion, randomBytesAsync, randomIntAsync, X25519 } from '../../crypto/index.js';
|
|
2
|
+
import { StoreLock } from '../../infra/perf/StoreLock.js';
|
|
2
3
|
import { proto } from '../../proto.js';
|
|
3
|
-
import {
|
|
4
|
+
import { signalAddressKey } from '../../protocol/jid.js';
|
|
5
|
+
import { SIGNAL_SIGNATURE_LENGTH } from '../api/constants.js';
|
|
6
|
+
import { SIGNAL_GROUP_VERSION } from '../constants.js';
|
|
4
7
|
import { signSignalMessage, verifySignalSignature } from '../crypto/WaAdvSignature.js';
|
|
5
8
|
import { deriveSenderKeyMsgKey, selectMessageKey } from '../group/SenderKeyChain.js';
|
|
6
9
|
import { parseDistributionPayload, parseSenderKeyMessage } from '../group/SenderKeyCodec.js';
|
|
@@ -24,148 +27,171 @@ async function aesCbcDecryptFromSeed(seed, ciphertext) {
|
|
|
24
27
|
}
|
|
25
28
|
export class SenderKeyManager {
|
|
26
29
|
constructor(store) {
|
|
30
|
+
this.senderLock = new StoreLock();
|
|
27
31
|
this.store = store;
|
|
28
32
|
}
|
|
29
|
-
async
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
33
|
+
async prepareGroupEncryption(groupId, sender, plaintext) {
|
|
34
|
+
return this.runWithSenderLock(groupId, sender, async () => {
|
|
35
|
+
const senderKey = await this.ensureSenderKeyInternal(groupId, sender);
|
|
36
|
+
if (!senderKey.signingPrivateKey) {
|
|
37
|
+
throw new Error('sender private signing key is missing');
|
|
38
|
+
}
|
|
39
|
+
const derived = await deriveSenderKeyMsgKey(senderKey.iteration, senderKey.chainKey);
|
|
40
|
+
await this.store.upsertSenderKey({
|
|
41
|
+
...senderKey,
|
|
42
|
+
chainKey: derived.nextChainKey,
|
|
43
|
+
iteration: derived.messageKey.iteration + 1
|
|
44
|
+
});
|
|
45
|
+
const distributionProto = proto.SenderKeyDistributionMessage.encode({
|
|
46
|
+
id: senderKey.keyId,
|
|
47
|
+
iteration: senderKey.iteration,
|
|
48
|
+
chainKey: senderKey.chainKey,
|
|
49
|
+
signingKey: senderKey.signingPublicKey
|
|
50
|
+
}).finish();
|
|
51
|
+
const distributionMessage = {
|
|
52
|
+
groupId,
|
|
53
|
+
axolotlSenderKeyDistributionMessage: prependVersion(distributionProto, SIGNAL_GROUP_VERSION)
|
|
54
|
+
};
|
|
55
|
+
const messagePayload = await aesCbcEncryptFromSeed(derived.messageKey.seed, plaintext);
|
|
56
|
+
const senderKeyMessage = proto.SenderKeyMessage.encode({
|
|
57
|
+
id: senderKey.keyId,
|
|
58
|
+
iteration: derived.messageKey.iteration,
|
|
59
|
+
ciphertext: messagePayload
|
|
60
|
+
}).finish();
|
|
61
|
+
const versionedContent = prependVersion(senderKeyMessage, SIGNAL_GROUP_VERSION);
|
|
62
|
+
const signature = await signSignalMessage(senderKey.signingPrivateKey, versionedContent);
|
|
63
|
+
if (signature.length !== SIGNAL_SIGNATURE_LENGTH) {
|
|
64
|
+
throw new Error(`invalid sender key signature length ${signature.length}`);
|
|
65
|
+
}
|
|
66
|
+
const ciphertext = {
|
|
67
|
+
groupId,
|
|
68
|
+
sender,
|
|
69
|
+
keyId: senderKey.keyId,
|
|
70
|
+
iteration: derived.messageKey.iteration,
|
|
71
|
+
ciphertext: concatBytes([versionedContent, signature])
|
|
72
|
+
};
|
|
73
|
+
await this.store.upsertSenderKeyDistribution({
|
|
74
|
+
groupId,
|
|
75
|
+
sender,
|
|
76
|
+
keyId: senderKey.keyId,
|
|
77
|
+
timestampMs: Date.now()
|
|
78
|
+
});
|
|
79
|
+
return {
|
|
80
|
+
distributionMessage,
|
|
81
|
+
ciphertext,
|
|
82
|
+
keyId: senderKey.keyId
|
|
83
|
+
};
|
|
43
84
|
});
|
|
44
|
-
return {
|
|
45
|
-
groupId,
|
|
46
|
-
axolotlSenderKeyDistributionMessage: payload
|
|
47
|
-
};
|
|
48
85
|
}
|
|
49
|
-
async filterParticipantsNeedingDistribution(groupId,
|
|
86
|
+
async filterParticipantsNeedingDistribution(groupId, senderKeyId, participants) {
|
|
50
87
|
if (participants.length === 0) {
|
|
51
88
|
return [];
|
|
52
89
|
}
|
|
53
|
-
const senderKey = await this.ensureSenderKey(groupId, sender);
|
|
54
90
|
const distributed = await this.store.getDeviceSenderKeyDistributions(groupId, participants);
|
|
55
|
-
|
|
91
|
+
const pendingParticipants = new Array(participants.length);
|
|
92
|
+
let pendingCount = 0;
|
|
93
|
+
for (let index = 0; index < participants.length; index += 1) {
|
|
56
94
|
const record = distributed[index];
|
|
57
|
-
|
|
58
|
-
|
|
95
|
+
if (!record || record.keyId !== senderKeyId) {
|
|
96
|
+
pendingParticipants[pendingCount] = participants[index];
|
|
97
|
+
pendingCount += 1;
|
|
98
|
+
}
|
|
99
|
+
}
|
|
100
|
+
pendingParticipants.length = pendingCount;
|
|
101
|
+
return pendingParticipants;
|
|
59
102
|
}
|
|
60
|
-
async markSenderKeyDistributed(groupId,
|
|
103
|
+
async markSenderKeyDistributed(groupId, senderKeyId, participants) {
|
|
61
104
|
if (participants.length === 0) {
|
|
62
105
|
return;
|
|
63
106
|
}
|
|
64
|
-
const senderKey = await this.ensureSenderKey(groupId, sender);
|
|
65
107
|
const timestampMs = Date.now();
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
|
|
73
|
-
|
|
74
|
-
if (groupId.length === 0) {
|
|
75
|
-
throw new Error('sender key distribution missing groupId');
|
|
108
|
+
const distributions = new Array(participants.length);
|
|
109
|
+
for (let index = 0; index < participants.length; index += 1) {
|
|
110
|
+
distributions[index] = {
|
|
111
|
+
groupId,
|
|
112
|
+
sender: participants[index],
|
|
113
|
+
keyId: senderKeyId,
|
|
114
|
+
timestampMs
|
|
115
|
+
};
|
|
76
116
|
}
|
|
77
|
-
|
|
78
|
-
const record = {
|
|
79
|
-
groupId,
|
|
80
|
-
sender,
|
|
81
|
-
keyId: parsed.keyId,
|
|
82
|
-
iteration: parsed.iteration,
|
|
83
|
-
chainKey: parsed.chainKey,
|
|
84
|
-
signingPublicKey: parsed.signingPublicKey,
|
|
85
|
-
unusedMessageKeys: []
|
|
86
|
-
};
|
|
87
|
-
await this.store.upsertSenderKey(record);
|
|
88
|
-
await this.store.upsertSenderKeyDistribution({
|
|
89
|
-
groupId,
|
|
90
|
-
sender,
|
|
91
|
-
keyId: parsed.keyId,
|
|
92
|
-
timestampMs: Date.now()
|
|
93
|
-
});
|
|
94
|
-
return record;
|
|
117
|
+
await this.store.upsertSenderKeyDistributions(distributions);
|
|
95
118
|
}
|
|
96
|
-
async
|
|
97
|
-
|
|
98
|
-
|
|
99
|
-
|
|
100
|
-
|
|
101
|
-
|
|
102
|
-
|
|
103
|
-
|
|
104
|
-
|
|
105
|
-
|
|
106
|
-
|
|
107
|
-
|
|
108
|
-
|
|
109
|
-
|
|
110
|
-
|
|
111
|
-
|
|
112
|
-
|
|
113
|
-
|
|
114
|
-
|
|
115
|
-
|
|
116
|
-
|
|
117
|
-
|
|
119
|
+
async processSenderKeyDistributionPayload(groupId, sender, payload) {
|
|
120
|
+
return this.runWithSenderLock(groupId, sender, async () => {
|
|
121
|
+
if (groupId.length === 0) {
|
|
122
|
+
throw new Error('sender key distribution missing groupId');
|
|
123
|
+
}
|
|
124
|
+
const parsed = parseDistributionPayload(payload);
|
|
125
|
+
const record = {
|
|
126
|
+
groupId,
|
|
127
|
+
sender,
|
|
128
|
+
keyId: parsed.keyId,
|
|
129
|
+
iteration: parsed.iteration,
|
|
130
|
+
chainKey: parsed.chainKey,
|
|
131
|
+
signingPublicKey: parsed.signingPublicKey,
|
|
132
|
+
unusedMessageKeys: []
|
|
133
|
+
};
|
|
134
|
+
await Promise.all([
|
|
135
|
+
this.store.upsertSenderKey(record),
|
|
136
|
+
this.store.upsertSenderKeyDistribution({
|
|
137
|
+
groupId,
|
|
138
|
+
sender,
|
|
139
|
+
keyId: parsed.keyId,
|
|
140
|
+
timestampMs: Date.now()
|
|
141
|
+
})
|
|
142
|
+
]);
|
|
143
|
+
return record;
|
|
118
144
|
});
|
|
119
|
-
return {
|
|
120
|
-
groupId,
|
|
121
|
-
sender,
|
|
122
|
-
keyId: senderKey.keyId,
|
|
123
|
-
iteration: derived.messageKey.iteration,
|
|
124
|
-
ciphertext
|
|
125
|
-
};
|
|
126
145
|
}
|
|
127
146
|
async decryptGroupMessage(payload) {
|
|
128
|
-
|
|
129
|
-
|
|
130
|
-
|
|
131
|
-
|
|
132
|
-
|
|
133
|
-
|
|
134
|
-
|
|
135
|
-
|
|
136
|
-
|
|
137
|
-
payload.keyId !==
|
|
138
|
-
|
|
139
|
-
|
|
140
|
-
|
|
141
|
-
|
|
142
|
-
payload.iteration !==
|
|
143
|
-
|
|
144
|
-
|
|
145
|
-
|
|
146
|
-
|
|
147
|
-
|
|
148
|
-
|
|
149
|
-
|
|
150
|
-
|
|
151
|
-
|
|
152
|
-
|
|
153
|
-
|
|
154
|
-
|
|
155
|
-
|
|
147
|
+
return this.runWithSenderLock(payload.groupId, payload.sender, async () => {
|
|
148
|
+
const parsed = parseSenderKeyMessage(payload.ciphertext);
|
|
149
|
+
const senderKey = await this.store.getDeviceSenderKey(payload.groupId, payload.sender);
|
|
150
|
+
if (!senderKey) {
|
|
151
|
+
throw new Error('missing sender key');
|
|
152
|
+
}
|
|
153
|
+
if (senderKey.keyId !== parsed.keyId) {
|
|
154
|
+
throw new Error('sender key id mismatch');
|
|
155
|
+
}
|
|
156
|
+
if (payload.keyId !== undefined &&
|
|
157
|
+
payload.keyId !== null &&
|
|
158
|
+
parsed.keyId !== payload.keyId) {
|
|
159
|
+
throw new Error('sender key id mismatch');
|
|
160
|
+
}
|
|
161
|
+
if (payload.iteration !== undefined &&
|
|
162
|
+
payload.iteration !== null &&
|
|
163
|
+
parsed.iteration !== payload.iteration) {
|
|
164
|
+
throw new Error('sender key iteration mismatch');
|
|
165
|
+
}
|
|
166
|
+
const signedContent = parsed.versionContentMac.subarray(0, parsed.versionContentMac.length - SIGNAL_SIGNATURE_LENGTH);
|
|
167
|
+
const signature = parsed.versionContentMac.subarray(parsed.versionContentMac.length - SIGNAL_SIGNATURE_LENGTH);
|
|
168
|
+
const validSignature = await verifySignalSignature(senderKey.signingPublicKey, signedContent, signature);
|
|
169
|
+
if (!validSignature) {
|
|
170
|
+
throw new Error('invalid sender key signature');
|
|
171
|
+
}
|
|
172
|
+
const selected = await selectMessageKey(senderKey, parsed.iteration);
|
|
173
|
+
// Keep decrypt + persist ordered: failed decrypt must not advance sender-key state.
|
|
174
|
+
const plaintext = await aesCbcDecryptFromSeed(selected.messageKey.seed, parsed.ciphertext);
|
|
175
|
+
await this.store.upsertSenderKey(selected.updatedRecord);
|
|
176
|
+
return plaintext;
|
|
177
|
+
});
|
|
156
178
|
}
|
|
157
|
-
async
|
|
179
|
+
async ensureSenderKeyInternal(groupId, sender) {
|
|
158
180
|
const existing = await this.store.getDeviceSenderKey(groupId, sender);
|
|
159
181
|
if (existing) {
|
|
160
182
|
return existing;
|
|
161
183
|
}
|
|
162
|
-
const signingKeyPair = await
|
|
184
|
+
const [signingKeyPair, keyId, chainKey] = await Promise.all([
|
|
185
|
+
X25519.generateKeyPair(),
|
|
186
|
+
randomIntAsync(1, 2147483647),
|
|
187
|
+
randomBytesAsync(32)
|
|
188
|
+
]);
|
|
163
189
|
const created = {
|
|
164
190
|
groupId,
|
|
165
191
|
sender,
|
|
166
|
-
keyId
|
|
192
|
+
keyId,
|
|
167
193
|
iteration: 0,
|
|
168
|
-
chainKey
|
|
194
|
+
chainKey,
|
|
169
195
|
signingPublicKey: toSerializedPubKey(signingKeyPair.pubKey),
|
|
170
196
|
signingPrivateKey: signingKeyPair.privKey,
|
|
171
197
|
unusedMessageKeys: []
|
|
@@ -173,4 +199,7 @@ export class SenderKeyManager {
|
|
|
173
199
|
await this.store.upsertSenderKey(created);
|
|
174
200
|
return created;
|
|
175
201
|
}
|
|
202
|
+
runWithSenderLock(groupId, sender, task) {
|
|
203
|
+
return this.senderLock.run(`senderKey:${groupId}:${signalAddressKey(sender)}`, task);
|
|
204
|
+
}
|
|
176
205
|
}
|
package/dist/esm/signal/index.js
CHANGED
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
export { decodeSignalPreKeyRow, decodeSignalRegistrationRow, decodeSignalRemoteIdentity, decodeSignalSessionRecord, decodeSignalSignedPreKeyRow, decodeSenderKeyDistributionRow, decodeSenderKeyRecord, decodeStoreCount, encodeSenderKeyRecord, encodeSignalSessionRecord, toSignalAddressParts } from './encoding.js';
|
|
1
2
|
export { generatePreKeyPair, generateRegistrationId, generateRegistrationInfo, generateSignedPreKey } from './registration/keygen.js';
|
|
2
3
|
export { buildPreKeyUploadIq, parsePreKeyUploadFailure } from './api/prekeys.js';
|
|
3
4
|
export { SignalDigestSyncApi } from './api/SignalDigestSyncApi.js';
|
|
@@ -9,3 +10,4 @@ export { SignalSessionSyncApi } from './api/SignalSessionSyncApi.js';
|
|
|
9
10
|
export { SenderKeyManager } from './group/SenderKeyManager.js';
|
|
10
11
|
export { createAndStoreInitialKeys } from './registration/utils.js';
|
|
11
12
|
export { SignalProtocol } from './session/SignalProtocol.js';
|
|
13
|
+
export { createSignalSessionResolver } from './session/resolver.js';
|
|
@@ -3,9 +3,13 @@ import { toSerializedPubKey } from '../../crypto/core/keys.js';
|
|
|
3
3
|
import { X25519 } from '../../crypto/curves/X25519.js';
|
|
4
4
|
import { signSignalMessage } from '../crypto/WaAdvSignature.js';
|
|
5
5
|
export async function generateRegistrationInfo() {
|
|
6
|
+
const [registrationId, identityKeyPair] = await Promise.all([
|
|
7
|
+
generateRegistrationId(),
|
|
8
|
+
X25519.generateKeyPair()
|
|
9
|
+
]);
|
|
6
10
|
return {
|
|
7
|
-
registrationId
|
|
8
|
-
identityKeyPair
|
|
11
|
+
registrationId,
|
|
12
|
+
identityKeyPair
|
|
9
13
|
};
|
|
10
14
|
}
|
|
11
15
|
export async function generatePreKeyPair(keyId) {
|
|
@@ -5,6 +5,7 @@ export async function createAndStoreInitialKeys(store) {
|
|
|
5
5
|
generatePreKeyPair(1)
|
|
6
6
|
]);
|
|
7
7
|
const signedPreKey = await generateSignedPreKey(1, registrationInfo.identityKeyPair.privKey);
|
|
8
|
+
// Keep writes ordered so partial commit failures don't leave split registration bootstrap state.
|
|
8
9
|
await store.setRegistrationInfo(registrationInfo);
|
|
9
10
|
await store.setSignedPreKey(signedPreKey);
|
|
10
11
|
await store.getOrGenSinglePreKey(async () => firstPreKey);
|
|
@@ -1,76 +1,186 @@
|
|
|
1
1
|
import { toSerializedPubKey } from '../../crypto/index.js';
|
|
2
2
|
import { ConsoleLogger } from '../../infra/log/ConsoleLogger.js';
|
|
3
|
+
import { StoreLock } from '../../infra/perf/StoreLock.js';
|
|
3
4
|
import { MAX_PREV_SESSIONS } from '../constants.js';
|
|
4
5
|
import { decryptMsg, decryptMsgFromSession, encryptMsg } from '../session/SignalRatchet.js';
|
|
5
6
|
import { deserializeMsg, deserializePkMsg, requirePreKey, requireSignedPreKey } from '../session/SignalSerializer.js';
|
|
6
7
|
import { detachSession, findMatchingSession, generateSerializedKeyPair, initiateSessionIncoming, initiateSessionOutgoing, requireLocalIdentity, toSerializedKeyPair } from '../session/SignalSession.js';
|
|
7
8
|
import { uint8Equal } from '../../util/bytes.js';
|
|
9
|
+
function signalAddressMapKey(address) {
|
|
10
|
+
return `${address.user}\u0001${address.server ?? ''}\u0001${address.device}`;
|
|
11
|
+
}
|
|
12
|
+
function signalAddressLockKey(address) {
|
|
13
|
+
return `signal:${signalAddressMapKey(address)}`;
|
|
14
|
+
}
|
|
8
15
|
export class SignalProtocol {
|
|
9
16
|
constructor(store, logger = new ConsoleLogger('info')) {
|
|
10
17
|
this.store = store;
|
|
11
18
|
this.logger = logger;
|
|
19
|
+
this.sessionMutationLock = new StoreLock();
|
|
12
20
|
}
|
|
13
|
-
async
|
|
14
|
-
return this.
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
21
|
+
async establishOutgoingSession(address, remoteBundle, options = {}) {
|
|
22
|
+
return this.runWithAddressLock(address, async () => {
|
|
23
|
+
if (options.reuseExisting) {
|
|
24
|
+
const existing = await this.store.getSession(address);
|
|
25
|
+
if (existing) {
|
|
26
|
+
const remoteIdentity = toSerializedPubKey(remoteBundle.identity);
|
|
27
|
+
if (!uint8Equal(existing.remote.pubKey, remoteIdentity)) {
|
|
28
|
+
throw new Error('identity mismatch');
|
|
29
|
+
}
|
|
30
|
+
return existing;
|
|
31
|
+
}
|
|
32
|
+
}
|
|
33
|
+
const [local, localOneTimeBase] = await Promise.all([
|
|
34
|
+
requireLocalIdentity(this.store),
|
|
35
|
+
generateSerializedKeyPair()
|
|
36
|
+
]);
|
|
37
|
+
const session = await initiateSessionOutgoing(local, remoteBundle, localOneTimeBase);
|
|
38
|
+
// Keep writes ordered: a stored session without matching remote identity causes false mismatch checks.
|
|
39
|
+
await this.store.setRemoteIdentity(address, session.remote.pubKey);
|
|
40
|
+
await this.store.setSession(address, session);
|
|
41
|
+
return session;
|
|
42
|
+
});
|
|
18
43
|
}
|
|
19
|
-
async
|
|
20
|
-
const [
|
|
21
|
-
|
|
22
|
-
generateSerializedKeyPair()
|
|
44
|
+
async encryptMessage(address, plaintext, expectedIdentity) {
|
|
45
|
+
const [encrypted] = await this.encryptMessagesBatch([
|
|
46
|
+
{ address, plaintext, expectedIdentity }
|
|
23
47
|
]);
|
|
24
|
-
|
|
25
|
-
await this.store.setRemoteIdentity(address, session.remote.pubKey);
|
|
26
|
-
await this.store.setSession(address, session);
|
|
27
|
-
return session;
|
|
48
|
+
return encrypted;
|
|
28
49
|
}
|
|
29
|
-
async
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
throw new Error('signal session not found');
|
|
33
|
-
}
|
|
34
|
-
if (expectedIdentity &&
|
|
35
|
-
!uint8Equal(toSerializedPubKey(expectedIdentity), session.remote.pubKey)) {
|
|
36
|
-
throw new Error('identity mismatch');
|
|
50
|
+
async encryptMessagesBatch(requests, prefetchedSessions) {
|
|
51
|
+
if (requests.length === 0) {
|
|
52
|
+
return [];
|
|
37
53
|
}
|
|
38
|
-
const
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
54
|
+
const lockKeySet = new Set();
|
|
55
|
+
for (let i = 0; i < requests.length; i += 1)
|
|
56
|
+
lockKeySet.add(signalAddressLockKey(requests[i].address));
|
|
57
|
+
const lockKeys = [...lockKeySet];
|
|
58
|
+
return this.sessionMutationLock.runMany(lockKeys, async () => {
|
|
59
|
+
const prefetchedByAddress = new Map();
|
|
60
|
+
if (prefetchedSessions && prefetchedSessions.length > 0) {
|
|
61
|
+
for (let index = 0; index < prefetchedSessions.length; index += 1) {
|
|
62
|
+
const entry = prefetchedSessions[index];
|
|
63
|
+
prefetchedByAddress.set(signalAddressMapKey(entry.address), entry.session);
|
|
64
|
+
}
|
|
65
|
+
}
|
|
66
|
+
const uniqueAddressKeys = new Array(requests.length);
|
|
67
|
+
const uniqueAddresses = new Array(requests.length);
|
|
68
|
+
let uniqueAddressCount = 0;
|
|
69
|
+
for (let index = 0; index < requests.length; index += 1) {
|
|
70
|
+
const address = requests[index].address;
|
|
71
|
+
const addressKey = signalAddressMapKey(address);
|
|
72
|
+
let isDuplicate = false;
|
|
73
|
+
for (let dedupIndex = 0; dedupIndex < uniqueAddressCount; dedupIndex += 1) {
|
|
74
|
+
if (uniqueAddressKeys[dedupIndex] === addressKey) {
|
|
75
|
+
isDuplicate = true;
|
|
76
|
+
break;
|
|
77
|
+
}
|
|
78
|
+
}
|
|
79
|
+
if (isDuplicate) {
|
|
80
|
+
continue;
|
|
81
|
+
}
|
|
82
|
+
uniqueAddressKeys[uniqueAddressCount] = addressKey;
|
|
83
|
+
uniqueAddresses[uniqueAddressCount] = address;
|
|
84
|
+
uniqueAddressCount += 1;
|
|
85
|
+
}
|
|
86
|
+
uniqueAddressKeys.length = uniqueAddressCount;
|
|
87
|
+
uniqueAddresses.length = uniqueAddressCount;
|
|
88
|
+
const currentSessions = await this.store.getSessionsBatch(uniqueAddresses);
|
|
89
|
+
const latestSessionByAddress = new Map();
|
|
90
|
+
for (let index = 0; index < uniqueAddressCount; index += 1) {
|
|
91
|
+
const addressKey = uniqueAddressKeys[index];
|
|
92
|
+
const current = currentSessions[index];
|
|
93
|
+
if (current) {
|
|
94
|
+
latestSessionByAddress.set(addressKey, current);
|
|
95
|
+
continue;
|
|
96
|
+
}
|
|
97
|
+
const prefetched = prefetchedByAddress.get(addressKey);
|
|
98
|
+
if (prefetched) {
|
|
99
|
+
latestSessionByAddress.set(addressKey, prefetched);
|
|
100
|
+
}
|
|
101
|
+
}
|
|
102
|
+
const sessionUpdatesByAddress = new Map();
|
|
103
|
+
const identityUpdatesByAddress = new Map();
|
|
104
|
+
const results = new Array(requests.length);
|
|
105
|
+
for (let index = 0; index < requests.length; index += 1) {
|
|
106
|
+
const request = requests[index];
|
|
107
|
+
const address = request.address;
|
|
108
|
+
const addressKey = signalAddressMapKey(address);
|
|
109
|
+
const session = latestSessionByAddress.get(addressKey);
|
|
110
|
+
if (!session) {
|
|
111
|
+
throw new Error('signal session not found');
|
|
112
|
+
}
|
|
113
|
+
if (request.expectedIdentity &&
|
|
114
|
+
!uint8Equal(toSerializedPubKey(request.expectedIdentity), session.remote.pubKey)) {
|
|
115
|
+
throw new Error('identity mismatch');
|
|
116
|
+
}
|
|
117
|
+
const [updatedSession, encrypted] = await encryptMsg(session, request.plaintext);
|
|
118
|
+
latestSessionByAddress.set(addressKey, updatedSession);
|
|
119
|
+
sessionUpdatesByAddress.set(addressKey, {
|
|
120
|
+
address,
|
|
121
|
+
session: updatedSession
|
|
122
|
+
});
|
|
123
|
+
if (!uint8Equal(updatedSession.remote.pubKey, session.remote.pubKey)) {
|
|
124
|
+
identityUpdatesByAddress.set(addressKey, {
|
|
125
|
+
address,
|
|
126
|
+
identityKey: updatedSession.remote.pubKey
|
|
127
|
+
});
|
|
128
|
+
}
|
|
129
|
+
results[index] = {
|
|
130
|
+
...encrypted,
|
|
131
|
+
baseKey: updatedSession.aliceBaseKey
|
|
132
|
+
};
|
|
133
|
+
}
|
|
134
|
+
// Persist remote identities first when needed so session writes never commit ahead of identity data.
|
|
135
|
+
if (identityUpdatesByAddress.size > 0) {
|
|
136
|
+
const identityUpdates = new Array(identityUpdatesByAddress.size);
|
|
137
|
+
let identityIndex = 0;
|
|
138
|
+
for (const update of identityUpdatesByAddress.values()) {
|
|
139
|
+
identityUpdates[identityIndex] = update;
|
|
140
|
+
identityIndex += 1;
|
|
141
|
+
}
|
|
142
|
+
await this.store.setRemoteIdentities(identityUpdates);
|
|
143
|
+
}
|
|
144
|
+
const sessionUpdates = new Array(sessionUpdatesByAddress.size);
|
|
145
|
+
let sessionIndex = 0;
|
|
146
|
+
for (const update of sessionUpdatesByAddress.values()) {
|
|
147
|
+
sessionUpdates[sessionIndex] = update;
|
|
148
|
+
sessionIndex += 1;
|
|
149
|
+
}
|
|
150
|
+
await this.store.setSessionsBatch(sessionUpdates);
|
|
151
|
+
return results;
|
|
152
|
+
});
|
|
47
153
|
}
|
|
48
154
|
async decryptMessage(address, envelope) {
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
|
|
155
|
+
return this.runWithAddressLock(address, async () => {
|
|
156
|
+
const currentSession = await this.store.getSession(address);
|
|
157
|
+
let outcome;
|
|
158
|
+
if (envelope.type === 'pkmsg') {
|
|
159
|
+
const parsedPk = deserializePkMsg(envelope.ciphertext);
|
|
160
|
+
outcome = await this.decryptPkMsg(currentSession, parsedPk);
|
|
161
|
+
}
|
|
162
|
+
else {
|
|
163
|
+
const parsed = deserializeMsg(envelope.ciphertext);
|
|
164
|
+
outcome = await decryptMsg(currentSession, parsed, (error, previousSessionIndex) => {
|
|
165
|
+
this.logger.debug('signal decrypt fallback session failed', {
|
|
166
|
+
previousSessionIndex,
|
|
167
|
+
message: error.message
|
|
168
|
+
});
|
|
169
|
+
});
|
|
170
|
+
}
|
|
171
|
+
const nextRemoteIdentity = outcome.newSessionInfo?.newIdentity ?? outcome.updatedSession.remote.pubKey;
|
|
172
|
+
const identityChanged = !currentSession || !uint8Equal(currentSession.remote.pubKey, nextRemoteIdentity);
|
|
173
|
+
// Keep writes ordered for consistency with resolver identity checks.
|
|
174
|
+
if (identityChanged) {
|
|
175
|
+
await this.store.setRemoteIdentity(address, nextRemoteIdentity);
|
|
176
|
+
}
|
|
177
|
+
await this.store.setSession(address, outcome.updatedSession);
|
|
178
|
+
return outcome.plaintext;
|
|
72
179
|
});
|
|
73
180
|
}
|
|
181
|
+
runWithAddressLock(address, task) {
|
|
182
|
+
return this.sessionMutationLock.run(signalAddressLockKey(address), task);
|
|
183
|
+
}
|
|
74
184
|
async decryptPkMsg(currentSession, parsed) {
|
|
75
185
|
const matchingSession = findMatchingSession(currentSession, parsed.sessionBaseKey);
|
|
76
186
|
if (matchingSession) {
|
|
@@ -106,6 +216,7 @@ export class SignalProtocol {
|
|
|
106
216
|
}
|
|
107
217
|
: incoming;
|
|
108
218
|
const [updatedSession, plaintext] = await decryptMsgFromSession(baseSession, parsed);
|
|
219
|
+
// Only consume one-time prekeys after successful decrypt/session materialization.
|
|
109
220
|
if (parsed.localOneTimeKeyId !== null && parsed.localOneTimeKeyId !== undefined) {
|
|
110
221
|
await this.store.consumePreKeyById(parsed.localOneTimeKeyId);
|
|
111
222
|
}
|
|
@@ -51,24 +51,33 @@ export async function selectMessageKey(chain, targetCounter) {
|
|
|
51
51
|
const first = await deriveMsgKeyFromState(chain.nextMsgIndex, chainState);
|
|
52
52
|
let currentMessageKey = first.messageKey;
|
|
53
53
|
chainState = first.nextState;
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
|
|
54
|
+
if (delta === 0) {
|
|
55
|
+
return {
|
|
56
|
+
messageKey: currentMessageKey,
|
|
57
|
+
updatedChain: {
|
|
58
|
+
ratchetPubKey: chain.ratchetPubKey,
|
|
59
|
+
nextMsgIndex: targetCounter + 1,
|
|
60
|
+
chainKey: chainState.chainKey,
|
|
61
|
+
unusedMsgKeys: unused
|
|
62
|
+
}
|
|
63
|
+
};
|
|
64
|
+
}
|
|
65
|
+
const nextUnused = unused.slice();
|
|
66
|
+
let overflow = delta + unused.length - MAX_UNUSED_KEYS;
|
|
67
|
+
if (overflow > 0) {
|
|
68
|
+
nextUnused.splice(0, overflow);
|
|
69
|
+
overflow -= unused.length;
|
|
70
|
+
}
|
|
71
|
+
for (let counter = chain.nextMsgIndex + 1; counter <= targetCounter; counter += 1) {
|
|
57
72
|
if (overflow > 0) {
|
|
58
|
-
|
|
59
|
-
overflow -= unused.length;
|
|
73
|
+
overflow -= 1;
|
|
60
74
|
}
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
overflow -= 1;
|
|
64
|
-
}
|
|
65
|
-
else {
|
|
66
|
-
nextUnused.push(currentMessageKey);
|
|
67
|
-
}
|
|
68
|
-
const derived = await deriveMsgKeyFromState(counter, chainState);
|
|
69
|
-
currentMessageKey = derived.messageKey;
|
|
70
|
-
chainState = derived.nextState;
|
|
75
|
+
else {
|
|
76
|
+
nextUnused.push(currentMessageKey);
|
|
71
77
|
}
|
|
78
|
+
const derived = await deriveMsgKeyFromState(counter, chainState);
|
|
79
|
+
currentMessageKey = derived.messageKey;
|
|
80
|
+
chainState = derived.nextState;
|
|
72
81
|
}
|
|
73
82
|
return {
|
|
74
83
|
messageKey: currentMessageKey,
|