zapo-js 0.1.2 → 0.2.0

package/dist/esm/signal/{store/sqlite.js → encoding.js}

@@ -1,7 +1,7 @@
-import { proto } from '../../proto.js';
-import { WA_DEFAULTS } from '../../protocol/constants.js';
-import { assertByteLength } from '../../util/bytes.js';
-import { asBytes, asNumber, asOptionalBytes, asOptionalNumber, asString, toBoolOrUndef } from '../../util/coercion.js';
+import { proto } from '../proto.js';
+import { WA_DEFAULTS } from '../protocol/constants.js';
+import { assertByteLength } from '../util/bytes.js';
+import { asBytes, asNumber, asOptionalBytes, asOptionalNumber, asString, toBoolOrUndef } from '../util/coercion.js';
 export function toSignalAddressParts(address) {
     return {
         user: address.user,
@@ -56,7 +56,13 @@ function encodeSignalSessionSnapshot(session) {
         rootKey: session.rootKey,
         previousCounter: session.prevSendChainHighestIndex,
         senderChain: encodeSignalSendChain(session.sendChain),
-        receiverChains: session.recvChains.map((chain) => encodeSignalRecvChain(chain)),
+        receiverChains: (() => {
+            const src = session.recvChains;
+            const arr = new Array(src.length);
+            for (let i = 0; i < src.length; i += 1)
+                arr[i] = encodeSignalRecvChain(src[i]);
+            return arr;
+        })(),
         pendingPreKey: session.initialExchangeInfo
             ? {
                 preKeyId: session.initialExchangeInfo.remoteOneTimeId ?? undefined,
@@ -85,12 +91,20 @@ function encodeSignalRecvChain(chain) {
             index: chain.nextMsgIndex,
             key: chain.chainKey
         },
-        messageKeys: (chain.unusedMsgKeys ?? []).map((messageKey) => ({
-            index: messageKey.index,
-            cipherKey: messageKey.cipherKey,
-            macKey: messageKey.macKey,
-            iv: messageKey.iv
-        }))
+        messageKeys: (() => {
+            const src = chain.unusedMsgKeys ?? [];
+            const arr = new Array(src.length);
+            for (let i = 0; i < src.length; i += 1) {
+                const messageKey = src[i];
+                arr[i] = {
+                    index: messageKey.index,
+                    cipherKey: messageKey.cipherKey,
+                    macKey: messageKey.macKey,
+                    iv: messageKey.iv
+                };
+            }
+            return arr;
+        })()
     };
 }
 function decodeSignalMessageKey(messageKey, field) {
@@ -120,7 +134,13 @@ function decodeSignalRecvChain(chain, field) {
         ratchetPubKey,
         nextMsgIndex: asNumber(chainKey.index, `${field}.chainKey.index`),
         chainKey: chainKeyBytes,
-        unusedMsgKeys: (chain.messageKeys ?? []).map((messageKey, index) => decodeSignalMessageKey(messageKey, `${field}.messageKeys[${index}]`))
+        unusedMsgKeys: (() => {
+            const src = chain.messageKeys ?? [];
+            const arr = new Array(src.length);
+            for (let i = 0; i < src.length; i += 1)
+                arr[i] = decodeSignalMessageKey(src[i], `${field}.messageKeys[${i}]`);
+            return arr;
+        })()
     };
 }
 function decodeSignalSendChain(chain, field) {
@@ -179,7 +199,13 @@ function decodeSignalSessionSnapshot(session, field) {
         },
         rootKey,
         sendChain: decodeSignalSendChain(senderChain, `${field}.senderChain`),
-        recvChains: (session.receiverChains ?? []).map((chain, index) => decodeSignalRecvChain(chain, `${field}.receiverChains[${index}]`)),
+        recvChains: (() => {
+            const src = session.receiverChains ?? [];
+            const arr = new Array(src.length);
+            for (let i = 0; i < src.length; i += 1)
+                arr[i] = decodeSignalRecvChain(src[i], `${field}.receiverChains[${i}]`);
+            return arr;
+        })(),
         initialExchangeInfo: pendingPreKey
             ? {
                 remoteOneTimeId: asOptionalNumber(pendingPreKey.preKeyId, `${field}.pendingPreKey.preKeyId`) ??
@@ -195,7 +221,13 @@ function decodeSignalSessionSnapshot(session, field) {
 export function encodeSignalSessionRecord(record) {
     return proto.RecordStructure.encode({
         currentSession: encodeSignalSessionSnapshot(record),
-        previousSessions: record.prevSessions.map((session) => encodeSignalSessionSnapshot(session))
+        previousSessions: (() => {
+            const src = record.prevSessions;
+            const arr = new Array(src.length);
+            for (let i = 0; i < src.length; i += 1)
+                arr[i] = encodeSignalSessionSnapshot(src[i]);
+            return arr;
+        })()
     }).finish();
 }
 export function decodeSignalSessionRecord(raw) {
@@ -206,7 +238,13 @@ export function decodeSignalSessionRecord(raw) {
     const current = decodeSignalSessionSnapshot(decoded.currentSession, 'signal_sessions.currentSession');
     return {
         ...current,
-        prevSessions: (decoded.previousSessions ?? []).map((session, index) => decodeSignalSessionSnapshot(session, `signal_sessions.previousSessions[${index}]`))
+        prevSessions: (() => {
+            const src = decoded.previousSessions ?? [];
+            const arr = new Array(src.length);
+            for (let i = 0; i < src.length; i += 1)
+                arr[i] = decodeSignalSessionSnapshot(src[i], `signal_sessions.previousSessions[${i}]`);
+            return arr;
+        })()
     };
 }
 export function encodeSenderKeyRecord(record) {
@@ -222,10 +260,18 @@ export function encodeSenderKeyRecord(record) {
                     public: record.signingPublicKey,
                     private: record.signingPrivateKey
                 },
-                senderMessageKeys: (record.unusedMessageKeys ?? []).map((messageKey) => ({
-                    iteration: messageKey.iteration,
-                    seed: messageKey.seed
-                }))
+                senderMessageKeys: (() => {
+                    const src = record.unusedMessageKeys ?? [];
+                    const arr = new Array(src.length);
+                    for (let i = 0; i < src.length; i += 1) {
+                        const messageKey = src[i];
+                        arr[i] = {
+                            iteration: messageKey.iteration,
+                            seed: messageKey.seed
+                        };
+                    }
+                    return arr;
+                })()
             }
         ]
     }).finish();
@@ -245,10 +291,18 @@ function decodeSenderKeyState(state, field) {
         signingPrivateKey: state.senderSigningKey.private !== null && state.senderSigningKey.private !== undefined
             ? asBytes(state.senderSigningKey.private, `${field}.senderSigningKey.private`)
             : undefined,
-        unusedMessageKeys: (state.senderMessageKeys ?? []).map((messageKey, index) => ({
-            iteration: asNumber(messageKey.iteration, `${field}.senderMessageKeys[${index}].iteration`),
-            seed: asBytes(messageKey.seed, `${field}.senderMessageKeys[${index}].seed`)
-        }))
+        unusedMessageKeys: (() => {
+            const src = state.senderMessageKeys ?? [];
+            const arr = new Array(src.length);
+            for (let i = 0; i < src.length; i += 1) {
+                const messageKey = src[i];
+                arr[i] = {
+                    iteration: asNumber(messageKey.iteration, `${field}.senderMessageKeys[${i}].iteration`),
+                    seed: asBytes(messageKey.seed, `${field}.senderMessageKeys[${i}].seed`)
+                };
+            }
+            return arr;
+        })()
     };
 }
 export function decodeSenderKeyRecord(raw, groupId, sender) {
@@ -281,7 +335,7 @@ export function decodeSenderKeyDistributionRow(row) {
         timestampMs: asNumber(row.timestamp_ms, 'sender_key_distribution.timestamp_ms')
     };
 }
-export function decodeSqliteCount(row, field) {
+export function decodeStoreCount(row, field) {
     return row ? asNumber(row.count, field) : 0;
 }
 export function decodeSignalRemoteIdentity(raw) {

package/dist/esm/signal/group/SenderKeyCodec.js

@@ -1,6 +1,7 @@
 import { readVersionedContent, toSerializedPubKey } from '../../crypto/index.js';
 import { proto } from '../../proto.js';
-import { SIGNATURE_SIZE, SIGNAL_GROUP_VERSION } from '../constants.js';
+import { SIGNAL_SIGNATURE_LENGTH } from '../api/constants.js';
+import { SIGNAL_GROUP_VERSION } from '../constants.js';
 import { assertByteLength, toBytesView } from '../../util/bytes.js';
 export function parseDistributionPayload(payload) {
     const body = readVersionedContent(payload, SIGNAL_GROUP_VERSION, 0);
@@ -25,7 +26,7 @@ export function parseDistributionPayload(payload) {
     };
 }
 export function parseSenderKeyMessage(versionContentMac) {
-    const body = readVersionedContent(versionContentMac, SIGNAL_GROUP_VERSION, SIGNATURE_SIZE);
+    const body = readVersionedContent(versionContentMac, SIGNAL_GROUP_VERSION, SIGNAL_SIGNATURE_LENGTH);
     const decoded = proto.SenderKeyMessage.decode(body);
     if (decoded.id === null ||
         decoded.id === undefined ||

package/dist/esm/signal/group/SenderKeyManager.js

@@ -1,6 +1,9 @@
 import { aesCbcDecrypt, aesCbcEncrypt, importAesCbcKey, toSerializedPubKey, prependVersion, randomBytesAsync, randomIntAsync, X25519 } from '../../crypto/index.js';
+import { StoreLock } from '../../infra/perf/StoreLock.js';
 import { proto } from '../../proto.js';
-import { SIGNAL_GROUP_VERSION, SIGNATURE_SIZE } from '../constants.js';
+import { signalAddressKey } from '../../protocol/jid.js';
+import { SIGNAL_SIGNATURE_LENGTH } from '../api/constants.js';
+import { SIGNAL_GROUP_VERSION } from '../constants.js';
 import { signSignalMessage, verifySignalSignature } from '../crypto/WaAdvSignature.js';
 import { deriveSenderKeyMsgKey, selectMessageKey } from '../group/SenderKeyChain.js';
 import { parseDistributionPayload, parseSenderKeyMessage } from '../group/SenderKeyCodec.js';
@@ -24,143 +27,156 @@ async function aesCbcDecryptFromSeed(seed, ciphertext) {
 }
 export class SenderKeyManager {
     constructor(store) {
+        this.senderLock = new StoreLock();
         this.store = store;
     }
-    async createSenderKeyDistributionMessage(groupId, sender) {
-        const senderKey = await this.ensureSenderKey(groupId, sender);
-        const distributionProto = proto.SenderKeyDistributionMessage.encode({
-            id: senderKey.keyId,
-            iteration: senderKey.iteration,
-            chainKey: senderKey.chainKey,
-            signingKey: senderKey.signingPublicKey
-        }).finish();
-        const payload = prependVersion(distributionProto, SIGNAL_GROUP_VERSION);
-        await this.store.upsertSenderKeyDistribution({
-            groupId,
-            sender,
-            keyId: senderKey.keyId,
-            timestampMs: Date.now()
+    async prepareGroupEncryption(groupId, sender, plaintext) {
+        return this.runWithSenderLock(groupId, sender, async () => {
+            const senderKey = await this.ensureSenderKeyInternal(groupId, sender);
+            if (!senderKey.signingPrivateKey) {
+                throw new Error('sender private signing key is missing');
+            }
+            const derived = await deriveSenderKeyMsgKey(senderKey.iteration, senderKey.chainKey);
+            await this.store.upsertSenderKey({
+                ...senderKey,
+                chainKey: derived.nextChainKey,
+                iteration: derived.messageKey.iteration + 1
+            });
+            const distributionProto = proto.SenderKeyDistributionMessage.encode({
+                id: senderKey.keyId,
+                iteration: senderKey.iteration,
+                chainKey: senderKey.chainKey,
+                signingKey: senderKey.signingPublicKey
+            }).finish();
+            const distributionMessage = {
+                groupId,
+                axolotlSenderKeyDistributionMessage: prependVersion(distributionProto, SIGNAL_GROUP_VERSION)
+            };
+            const messagePayload = await aesCbcEncryptFromSeed(derived.messageKey.seed, plaintext);
+            const senderKeyMessage = proto.SenderKeyMessage.encode({
+                id: senderKey.keyId,
+                iteration: derived.messageKey.iteration,
+                ciphertext: messagePayload
+            }).finish();
+            const versionedContent = prependVersion(senderKeyMessage, SIGNAL_GROUP_VERSION);
+            const signature = await signSignalMessage(senderKey.signingPrivateKey, versionedContent);
+            if (signature.length !== SIGNAL_SIGNATURE_LENGTH) {
+                throw new Error(`invalid sender key signature length ${signature.length}`);
+            }
+            const ciphertext = {
+                groupId,
+                sender,
+                keyId: senderKey.keyId,
+                iteration: derived.messageKey.iteration,
+                ciphertext: concatBytes([versionedContent, signature])
+            };
+            await this.store.upsertSenderKeyDistribution({
+                groupId,
+                sender,
+                keyId: senderKey.keyId,
+                timestampMs: Date.now()
+            });
+            return {
+                distributionMessage,
+                ciphertext,
+                keyId: senderKey.keyId
+            };
         });
-        return {
-            groupId,
-            axolotlSenderKeyDistributionMessage: payload
-        };
     }
-    async filterParticipantsNeedingDistribution(groupId, sender, participants) {
+    async filterParticipantsNeedingDistribution(groupId, senderKeyId, participants) {
         if (participants.length === 0) {
             return [];
         }
-        const senderKey = await this.ensureSenderKey(groupId, sender);
         const distributed = await this.store.getDeviceSenderKeyDistributions(groupId, participants);
-        return participants.filter((_, index) => {
+        const pendingParticipants = new Array(participants.length);
+        let pendingCount = 0;
+        for (let index = 0; index < participants.length; index += 1) {
             const record = distributed[index];
-            return !record || record.keyId !== senderKey.keyId;
-        });
+            if (!record || record.keyId !== senderKeyId) {
+                pendingParticipants[pendingCount] = participants[index];
+                pendingCount += 1;
+            }
+        }
+        pendingParticipants.length = pendingCount;
+        return pendingParticipants;
     }
-    async markSenderKeyDistributed(groupId, sender, participants) {
+    async markSenderKeyDistributed(groupId, senderKeyId, participants) {
         if (participants.length === 0) {
             return;
         }
-        const senderKey = await this.ensureSenderKey(groupId, sender);
         const timestampMs = Date.now();
         const distributions = new Array(participants.length);
         for (let index = 0; index < participants.length; index += 1) {
             distributions[index] = {
                 groupId,
                 sender: participants[index],
-                keyId: senderKey.keyId,
+                keyId: senderKeyId,
                 timestampMs
             };
         }
         await this.store.upsertSenderKeyDistributions(distributions);
     }
     async processSenderKeyDistributionPayload(groupId, sender, payload) {
-        if (groupId.length === 0) {
-            throw new Error('sender key distribution missing groupId');
-        }
-        const parsed = parseDistributionPayload(payload);
-        const record = {
-            groupId,
-            sender,
-            keyId: parsed.keyId,
-            iteration: parsed.iteration,
-            chainKey: parsed.chainKey,
-            signingPublicKey: parsed.signingPublicKey,
-            unusedMessageKeys: []
-        };
-        await Promise.all([
-            this.store.upsertSenderKey(record),
-            this.store.upsertSenderKeyDistribution({
+        return this.runWithSenderLock(groupId, sender, async () => {
+            if (groupId.length === 0) {
+                throw new Error('sender key distribution missing groupId');
+            }
+            const parsed = parseDistributionPayload(payload);
+            const record = {
                 groupId,
                 sender,
                 keyId: parsed.keyId,
-                timestampMs: Date.now()
-            })
-        ]);
-        return record;
-    }
-    async encryptGroupMessage(groupId, sender, plaintext) {
-        const senderKey = await this.ensureSenderKey(groupId, sender);
-        if (!senderKey.signingPrivateKey) {
-            throw new Error('sender private signing key is missing');
-        }
-        const derived = await deriveSenderKeyMsgKey(senderKey.iteration, senderKey.chainKey);
-        const messagePayload = await aesCbcEncryptFromSeed(derived.messageKey.seed, plaintext);
-        const senderKeyMessage = proto.SenderKeyMessage.encode({
-            id: senderKey.keyId,
-            iteration: derived.messageKey.iteration,
-            ciphertext: messagePayload
-        }).finish();
-        const versionedContent = prependVersion(senderKeyMessage, SIGNAL_GROUP_VERSION);
-        const signature = await signSignalMessage(senderKey.signingPrivateKey, versionedContent);
-        if (signature.length !== SIGNATURE_SIZE) {
-            throw new Error(`invalid sender key signature length ${signature.length}`);
-        }
-        const ciphertext = concatBytes([versionedContent, signature]);
-        await this.store.upsertSenderKey({
-            ...senderKey,
-            chainKey: derived.nextChainKey,
-            iteration: derived.messageKey.iteration + 1
+                iteration: parsed.iteration,
+                chainKey: parsed.chainKey,
+                signingPublicKey: parsed.signingPublicKey,
+                unusedMessageKeys: []
+            };
+            await Promise.all([
+                this.store.upsertSenderKey(record),
+                this.store.upsertSenderKeyDistribution({
+                    groupId,
+                    sender,
+                    keyId: parsed.keyId,
+                    timestampMs: Date.now()
+                })
+            ]);
+            return record;
         });
-        return {
-            groupId,
-            sender,
-            keyId: senderKey.keyId,
-            iteration: derived.messageKey.iteration,
-            ciphertext
-        };
     }
     async decryptGroupMessage(payload) {
-        const parsed = parseSenderKeyMessage(payload.ciphertext);
-        const senderKey = await this.store.getDeviceSenderKey(payload.groupId, payload.sender);
-        if (!senderKey) {
-            throw new Error('missing sender key');
-        }
-        if (senderKey.keyId !== parsed.keyId) {
-            throw new Error('sender key id mismatch');
-        }
-        if (payload.keyId !== undefined &&
-            payload.keyId !== null &&
-            parsed.keyId !== payload.keyId) {
-            throw new Error('sender key id mismatch');
-        }
-        if (payload.iteration !== undefined &&
-            payload.iteration !== null &&
-            parsed.iteration !== payload.iteration) {
-            throw new Error('sender key iteration mismatch');
-        }
-        const signedContent = parsed.versionContentMac.subarray(0, parsed.versionContentMac.length - SIGNATURE_SIZE);
-        const signature = parsed.versionContentMac.subarray(parsed.versionContentMac.length - SIGNATURE_SIZE);
-        const validSignature = await verifySignalSignature(senderKey.signingPublicKey, signedContent, signature);
-        if (!validSignature) {
-            throw new Error('invalid sender key signature');
-        }
-        const selected = await selectMessageKey(senderKey, parsed.iteration);
-        const plaintext = await aesCbcDecryptFromSeed(selected.messageKey.seed, parsed.ciphertext);
-        await this.store.upsertSenderKey(selected.updatedRecord);
-        return plaintext;
+        return this.runWithSenderLock(payload.groupId, payload.sender, async () => {
+            const parsed = parseSenderKeyMessage(payload.ciphertext);
+            const senderKey = await this.store.getDeviceSenderKey(payload.groupId, payload.sender);
+            if (!senderKey) {
+                throw new Error('missing sender key');
+            }
+            if (senderKey.keyId !== parsed.keyId) {
+                throw new Error('sender key id mismatch');
+            }
+            if (payload.keyId !== undefined &&
+                payload.keyId !== null &&
+                parsed.keyId !== payload.keyId) {
+                throw new Error('sender key id mismatch');
+            }
+            if (payload.iteration !== undefined &&
+                payload.iteration !== null &&
+                parsed.iteration !== payload.iteration) {
+                throw new Error('sender key iteration mismatch');
+            }
+            const signedContent = parsed.versionContentMac.subarray(0, parsed.versionContentMac.length - SIGNAL_SIGNATURE_LENGTH);
+            const signature = parsed.versionContentMac.subarray(parsed.versionContentMac.length - SIGNAL_SIGNATURE_LENGTH);
+            const validSignature = await verifySignalSignature(senderKey.signingPublicKey, signedContent, signature);
+            if (!validSignature) {
+                throw new Error('invalid sender key signature');
+            }
+            const selected = await selectMessageKey(senderKey, parsed.iteration);
+            // Keep decrypt + persist ordered: failed decrypt must not advance sender-key state.
+            const plaintext = await aesCbcDecryptFromSeed(selected.messageKey.seed, parsed.ciphertext);
+            await this.store.upsertSenderKey(selected.updatedRecord);
+            return plaintext;
+        });
     }
-    async ensureSenderKey(groupId, sender) {
+    async ensureSenderKeyInternal(groupId, sender) {
         const existing = await this.store.getDeviceSenderKey(groupId, sender);
         if (existing) {
             return existing;
@@ -183,4 +199,7 @@ export class SenderKeyManager {
         await this.store.upsertSenderKey(created);
         return created;
     }
+    runWithSenderLock(groupId, sender, task) {
+        return this.senderLock.run(`senderKey:${groupId}:${signalAddressKey(sender)}`, task);
+    }
 }

package/dist/esm/signal/index.js

@@ -1,3 +1,4 @@
+export { decodeSignalPreKeyRow, decodeSignalRegistrationRow, decodeSignalRemoteIdentity, decodeSignalSessionRecord, decodeSignalSignedPreKeyRow, decodeSenderKeyDistributionRow, decodeSenderKeyRecord, decodeStoreCount, encodeSenderKeyRecord, encodeSignalSessionRecord, toSignalAddressParts } from './encoding.js';
 export { generatePreKeyPair, generateRegistrationId, generateRegistrationInfo, generateSignedPreKey } from './registration/keygen.js';
 export { buildPreKeyUploadIq, parsePreKeyUploadFailure } from './api/prekeys.js';
 export { SignalDigestSyncApi } from './api/SignalDigestSyncApi.js';

package/dist/esm/signal/registration/keygen.js

@@ -3,9 +3,13 @@ import { toSerializedPubKey } from '../../crypto/core/keys.js';
 import { X25519 } from '../../crypto/curves/X25519.js';
 import { signSignalMessage } from '../crypto/WaAdvSignature.js';
 export async function generateRegistrationInfo() {
+    const [registrationId, identityKeyPair] = await Promise.all([
+        generateRegistrationId(),
+        X25519.generateKeyPair()
+    ]);
     return {
-        registrationId: await generateRegistrationId(),
-        identityKeyPair: await X25519.generateKeyPair()
+        registrationId,
+        identityKeyPair
     };
 }
 export async function generatePreKeyPair(keyId) {

package/dist/esm/signal/registration/utils.js

@@ -5,6 +5,7 @@ export async function createAndStoreInitialKeys(store) {
         generatePreKeyPair(1)
     ]);
     const signedPreKey = await generateSignedPreKey(1, registrationInfo.identityKeyPair.privKey);
+    // Keep writes ordered so partial commit failures don't leave split registration bootstrap state.
     await store.setRegistrationInfo(registrationInfo);
     await store.setSignedPreKey(signedPreKey);
     await store.getOrGenSinglePreKey(async () => firstPreKey);