npm - zapo-js - Versions diffs - 0.2.0 → 0.3.0 - Mend

zapo-js 0.2.0 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (351) hide show

package/README.md +7 -3
package/dist/appstate/WaAppStateCrypto.js +49 -41
package/dist/appstate/WaAppStateSyncClient.js +79 -42
package/dist/appstate/index.js +2 -2
package/dist/auth/WaAuthClient.js +20 -11
package/dist/auth/{flow/WaAuthCredentialsFlow.js → credentials-flow.js} +83 -18
package/dist/auth/pairing/WaPairingFlow.js +26 -29
package/dist/auth/pairing/{WaPairingCodeCrypto.js → pairing-code-crypto.js} +29 -13
package/dist/client/WaClient.js +115 -75
package/dist/client/WaClientFactory.js +113 -30
package/dist/client/connection/WaConnectionManager.js +4 -1
package/dist/client/coordinators/WaAbPropsCoordinator.js +141 -0
package/dist/client/coordinators/WaBusinessCoordinator.js +3 -12
package/dist/client/coordinators/WaEmailCoordinator.js +63 -0
package/dist/client/coordinators/WaIncomingNodeCoordinator.js +33 -8
package/dist/client/coordinators/WaMessageDispatchCoordinator.js +55 -25
package/dist/client/coordinators/WaOfflineResumeCoordinator.js +114 -0
package/dist/client/coordinators/WaPassiveTasksCoordinator.js +38 -20
package/dist/client/coordinators/WaProfileCoordinator.js +3 -1
package/dist/client/coordinators/WaRetryCoordinator.js +11 -9
package/dist/client/coordinators/WaTrustedContactTokenCoordinator.js +22 -4
package/dist/client/dirty.js +1 -1
package/dist/client/events/abprops.js +43 -0
package/dist/client/events/privacy-token.js +1 -2
package/dist/client/events/registration.js +42 -0
package/dist/client/incoming.js +37 -0
package/dist/client/mailbox.js +17 -1
package/dist/client/media.js +243 -0
package/dist/client/messages.js +163 -86
package/dist/crypto/core/index.js +4 -1
package/dist/crypto/core/random.js +3 -9
package/dist/crypto/core/xeddsa.js +57 -0
package/dist/crypto/curves/X25519.js +18 -0
package/dist/crypto/curves/constants.js +2 -1
package/dist/esm/appstate/WaAppStateCrypto.js +39 -31
package/dist/esm/appstate/WaAppStateSyncClient.js +68 -31
package/dist/esm/appstate/index.js +1 -1
package/dist/esm/appstate/{WaAppStateSyncResponseParser.js → response-parser.js} +1 -1
package/dist/esm/auth/WaAuthClient.js +17 -8
package/dist/esm/auth/{flow/WaAuthCredentialsFlow.js → credentials-flow.js} +83 -18
package/dist/esm/auth/pairing/WaPairingFlow.js +25 -28
package/dist/esm/auth/pairing/{WaPairingCodeCrypto.js → pairing-code-crypto.js} +20 -6
package/dist/esm/client/WaClient.js +116 -76
package/dist/esm/client/WaClientFactory.js +114 -31
package/dist/esm/client/connection/WaConnectionManager.js +4 -1
package/dist/esm/client/coordinators/WaAbPropsCoordinator.js +137 -0
package/dist/esm/client/coordinators/WaBusinessCoordinator.js +4 -13
package/dist/esm/client/coordinators/WaEmailCoordinator.js +60 -0
package/dist/esm/client/coordinators/WaIncomingNodeCoordinator.js +35 -10
package/dist/esm/client/coordinators/WaMessageDispatchCoordinator.js +47 -17
package/dist/esm/client/coordinators/WaOfflineResumeCoordinator.js +110 -0
package/dist/esm/client/coordinators/WaPassiveTasksCoordinator.js +38 -20
package/dist/esm/client/coordinators/WaProfileCoordinator.js +3 -1
package/dist/esm/client/coordinators/WaRetryCoordinator.js +11 -9
package/dist/esm/client/coordinators/WaTrustedContactTokenCoordinator.js +24 -6
package/dist/esm/client/dirty.js +1 -1
package/dist/esm/client/events/abprops.js +40 -0
package/dist/esm/client/events/privacy-token.js +1 -2
package/dist/esm/client/events/registration.js +39 -0
package/dist/esm/client/incoming.js +36 -0
package/dist/esm/client/mailbox.js +17 -1
package/dist/esm/client/media.js +234 -0
package/dist/esm/client/messages.js +162 -85
package/dist/esm/crypto/core/index.js +1 -0
package/dist/esm/crypto/core/random.js +2 -7
package/dist/esm/crypto/core/xeddsa.js +53 -0
package/dist/esm/crypto/curves/X25519.js +20 -2
package/dist/esm/crypto/curves/constants.js +1 -0
package/dist/esm/infra/perf/StoreLock.js +7 -4
package/dist/esm/media/WaMediaCrypto.js +257 -62
package/dist/esm/media/WaMediaTransferClient.js +47 -190
package/dist/esm/media/constants.js +2 -0
package/dist/esm/media/processor.js +1 -0
package/dist/esm/message/addon-crypto.js +130 -3
package/dist/esm/message/content.js +12 -6
package/dist/esm/message/icdc.js +8 -8
package/dist/esm/message/incoming.js +14 -12
package/dist/esm/message/phash.js +32 -12
package/dist/esm/message/reporting-token.js +3 -3
package/dist/esm/message/use-case-secret.js +1 -1
package/dist/esm/protocol/abprops.js +159 -0
package/dist/esm/protocol/browser.js +14 -0
package/dist/esm/protocol/constants.js +3 -1
package/dist/esm/protocol/email.js +30 -0
package/dist/esm/protocol/jid.js +44 -10
package/dist/esm/protocol/nodes.js +6 -2
package/dist/esm/protocol/notification.js +7 -1
package/dist/esm/retry/reason.js +1 -1
package/dist/esm/signal/api/SignalDeviceSyncApi.js +5 -2
package/dist/esm/signal/api/SignalDigestSyncApi.js +8 -6
package/dist/esm/signal/api/SignalIdentitySyncApi.js +4 -4
package/dist/esm/signal/api/SignalMissingPreKeysSyncApi.js +1 -1
package/dist/esm/signal/api/SignalSessionSyncApi.js +1 -1
package/dist/esm/signal/crypto/WaAdvSignature.js +5 -51
package/dist/esm/signal/crypto/constants.js +0 -4
package/dist/esm/signal/encoding.js +11 -54
package/dist/esm/signal/group/SenderKeyChain.js +3 -3
package/dist/esm/signal/group/SenderKeyCodec.js +5 -6
package/dist/esm/signal/group/SenderKeyManager.js +13 -10
package/dist/esm/signal/registration/keygen.js +2 -3
package/dist/esm/signal/registration/utils.js +2 -2
package/dist/esm/signal/session/SignalProtocol.js +18 -17
package/dist/esm/signal/session/SignalRatchet.js +21 -10
package/dist/esm/signal/session/SignalSerializer.js +5 -6
package/dist/esm/signal/session/SignalSession.js +11 -9
package/dist/esm/signal/session/resolver.js +6 -6
package/dist/esm/store/contracts/identity.store.js +1 -0
package/dist/esm/store/contracts/message-secret.store.js +1 -0
package/dist/esm/store/contracts/pre-key.store.js +1 -0
package/dist/esm/store/contracts/session.store.js +1 -0
package/dist/esm/store/createStore.js +48 -12
package/dist/esm/store/index.js +4 -0
package/dist/esm/store/locks/identity.lock.js +16 -0
package/dist/esm/store/locks/message-secret.lock.js +17 -0
package/dist/esm/store/locks/pre-key.lock.js +27 -0
package/dist/esm/store/locks/session.lock.js +19 -0
package/dist/esm/store/locks/signal.lock.js +0 -24
package/dist/esm/store/noop.store.js +20 -0
package/dist/esm/store/providers/memory/device-list.store.js +3 -0
package/dist/esm/store/providers/memory/identity.store.js +31 -0
package/dist/esm/store/providers/memory/message-secret.store.js +81 -0
package/dist/esm/store/providers/memory/participants.store.js +3 -0
package/dist/esm/store/providers/memory/pre-key.store.js +97 -0
package/dist/esm/store/providers/memory/retry.store.js +25 -11
package/dist/esm/store/providers/memory/session.store.js +45 -0
package/dist/esm/store/providers/memory/signal.store.js +1 -164
package/dist/esm/transport/WaComms.js +4 -3
package/dist/esm/transport/WaWebSocket.js +9 -1
package/dist/esm/transport/index.js +6 -0
package/dist/esm/transport/keepalive/WaKeepAlive.js +17 -8
package/dist/esm/transport/node/WaMobileTcpSocket.js +114 -0
package/dist/esm/transport/node/WaNodeOrchestrator.js +17 -8
package/dist/esm/transport/node/builders/abprops.js +20 -0
package/dist/esm/transport/node/builders/device.js +11 -0
package/dist/esm/transport/node/builders/email.js +65 -0
package/dist/esm/transport/node/builders/offline.js +14 -0
package/dist/esm/transport/node/builders/prekeys.js +37 -40
package/dist/esm/transport/node/builders/presence.js +13 -0
package/dist/esm/transport/node/builders/privacy-token.js +19 -23
package/dist/esm/transport/node/builders/retry.js +1 -1
package/dist/esm/transport/node/helpers.js +24 -0
package/dist/esm/transport/node/mex/argo-decoder.js +152 -0
package/dist/esm/transport/node/mex/client.js +83 -0
package/dist/esm/transport/node/mex/persist-ids.js +10 -0
package/dist/esm/transport/noise/WaClientPayload.js +15 -10
package/dist/esm/transport/noise/WaFrameCodec.js +2 -2
package/dist/esm/transport/noise/WaMobileClientPayload.js +53 -0
package/dist/esm/transport/noise/WaNoiseCert.js +9 -27
package/dist/esm/transport/noise/WaNoiseSession.js +12 -11
package/dist/infra/perf/StoreLock.js +7 -4
package/dist/media/WaMediaCrypto.js +253 -58
package/dist/media/WaMediaTransferClient.js +50 -223
package/dist/media/constants.js +3 -1
package/dist/media/processor.js +2 -0
package/dist/message/addon-crypto.js +131 -0
package/dist/message/content.js +13 -5
package/dist/message/icdc.js +8 -8
package/dist/message/incoming.js +14 -12
package/dist/message/phash.js +32 -12
package/dist/message/reporting-token.js +2 -2
package/dist/message/use-case-secret.js +1 -1
package/dist/protocol/abprops.js +163 -0
package/dist/protocol/browser.js +15 -0
package/dist/protocol/constants.js +14 -2
package/dist/protocol/email.js +33 -0
package/dist/protocol/jid.js +45 -10
package/dist/protocol/nodes.js +6 -2
package/dist/protocol/notification.js +8 -2
package/dist/retry/reason.js +1 -1
package/dist/signal/api/SignalDeviceSyncApi.js +5 -2
package/dist/signal/api/SignalDigestSyncApi.js +8 -6
package/dist/signal/api/SignalIdentitySyncApi.js +4 -4
package/dist/signal/crypto/WaAdvSignature.js +2 -50
package/dist/signal/crypto/constants.js +1 -5
package/dist/signal/encoding.js +11 -49
package/dist/signal/group/SenderKeyChain.js +2 -2
package/dist/signal/group/SenderKeyCodec.js +4 -5
package/dist/signal/group/SenderKeyManager.js +12 -9
package/dist/signal/registration/keygen.js +1 -2
package/dist/signal/registration/utils.js +2 -2
package/dist/signal/session/SignalProtocol.js +18 -17
package/dist/signal/session/SignalRatchet.js +19 -8
package/dist/signal/session/SignalSerializer.js +5 -6
package/dist/signal/session/SignalSession.js +11 -9
package/dist/signal/session/resolver.js +6 -6
package/dist/store/contracts/identity.store.js +2 -0
package/dist/store/contracts/message-secret.store.js +2 -0
package/dist/store/contracts/pre-key.store.js +2 -0
package/dist/store/contracts/session.store.js +2 -0
package/dist/store/createStore.js +47 -11
package/dist/store/index.js +9 -1
package/dist/store/locks/identity.lock.js +19 -0
package/dist/store/locks/message-secret.lock.js +20 -0
package/dist/store/locks/pre-key.lock.js +30 -0
package/dist/store/locks/session.lock.js +22 -0
package/dist/store/locks/signal.lock.js +0 -24
package/dist/store/noop.store.js +21 -1
package/dist/store/providers/memory/device-list.store.js +3 -0
package/dist/store/providers/memory/identity.store.js +35 -0
package/dist/store/providers/memory/message-secret.store.js +85 -0
package/dist/store/providers/memory/participants.store.js +3 -0
package/dist/store/providers/memory/pre-key.store.js +101 -0
package/dist/store/providers/memory/retry.store.js +24 -10
package/dist/store/providers/memory/session.store.js +49 -0
package/dist/store/providers/memory/signal.store.js +1 -164
package/dist/transport/WaComms.js +4 -3
package/dist/transport/WaWebSocket.js +9 -1
package/dist/transport/index.js +17 -1
package/dist/transport/keepalive/WaKeepAlive.js +17 -8
package/dist/transport/node/WaMobileTcpSocket.js +118 -0
package/dist/transport/node/WaNodeOrchestrator.js +16 -7
package/dist/transport/node/builders/abprops.js +23 -0
package/dist/transport/node/builders/device.js +14 -0
package/dist/transport/node/builders/email.js +72 -0
package/dist/transport/node/builders/offline.js +17 -0
package/dist/transport/node/builders/prekeys.js +36 -39
package/dist/transport/node/builders/presence.js +16 -0
package/dist/transport/node/builders/privacy-token.js +18 -22
package/dist/transport/node/builders/retry.js +1 -1
package/dist/transport/node/helpers.js +26 -0
package/dist/transport/node/mex/argo-decoder.js +189 -0
package/dist/transport/node/mex/client.js +86 -0
package/dist/transport/node/mex/persist-ids.js +13 -0
package/dist/transport/noise/WaClientPayload.js +14 -9
package/dist/transport/noise/WaFrameCodec.js +1 -1
package/dist/transport/noise/WaMobileClientPayload.js +56 -0
package/dist/transport/noise/WaNoiseCert.js +8 -26
package/dist/transport/noise/WaNoiseSession.js +11 -10
package/dist/types/appstate/WaAppStateCrypto.d.ts +11 -8
package/dist/types/appstate/WaAppStateSyncClient.d.ts +6 -2
package/dist/types/appstate/index.d.ts +1 -1
package/dist/types/appstate/{WaAppStateSyncResponseParser.d.ts → response-parser.d.ts} +1 -1
package/dist/types/appstate/types.d.ts +1 -1
package/dist/types/auth/WaAuthClient.d.ts +9 -3
package/dist/types/auth/credentials-flow.d.ts +20 -0
package/dist/types/auth/pairing/WaPairingFlow.d.ts +3 -2
package/dist/types/auth/pairing/{WaPairingCodeCrypto.d.ts → pairing-code-crypto.d.ts} +6 -1
package/dist/types/auth/types.d.ts +40 -0
package/dist/types/client/WaClient.d.ts +19 -8
package/dist/types/client/WaClientFactory.d.ts +10 -4
package/dist/types/client/coordinators/WaAbPropsCoordinator.d.ts +26 -0
package/dist/types/client/coordinators/WaBusinessCoordinator.d.ts +1 -1
package/dist/types/client/coordinators/WaEmailCoordinator.d.ts +24 -0
package/dist/types/client/coordinators/WaIncomingNodeCoordinator.d.ts +6 -1
package/dist/types/client/coordinators/WaMessageDispatchCoordinator.d.ts +15 -2
package/dist/types/client/coordinators/WaOfflineResumeCoordinator.d.ts +31 -0
package/dist/types/client/coordinators/WaPassiveTasksCoordinator.d.ts +13 -2
package/dist/types/client/coordinators/WaPrivacyCoordinator.d.ts +1 -1
package/dist/types/client/coordinators/WaProfileCoordinator.d.ts +4 -2
package/dist/types/client/coordinators/WaRetryCoordinator.d.ts +6 -0
package/dist/types/client/coordinators/WaTrustedContactTokenCoordinator.d.ts +11 -1
package/dist/types/client/dirty.d.ts +3 -1
package/dist/types/client/events/abprops.d.ts +14 -0
package/dist/types/client/events/registration.d.ts +17 -0
package/dist/types/client/incoming.d.ts +6 -1
package/dist/types/client/mailbox.d.ts +2 -0
package/dist/types/client/media.d.ts +31 -0
package/dist/types/client/messages.d.ts +2 -0
package/dist/types/client/persistence/WriteBehindPersistence.d.ts +1 -1
package/dist/types/client/types.d.ts +100 -1
package/dist/types/crypto/core/index.d.ts +1 -0
package/dist/types/crypto/core/primitives.d.ts +1 -1
package/dist/types/crypto/core/random.d.ts +1 -1
package/dist/types/crypto/core/xeddsa.d.ts +2 -0
package/dist/types/crypto/curves/constants.d.ts +1 -0
package/dist/types/crypto/index.d.ts +1 -0
package/dist/types/index.d.ts +2 -1
package/dist/types/infra/log/ConsoleLogger.d.ts +1 -1
package/dist/types/infra/log/PinoLogger.d.ts +1 -1
package/dist/types/infra/perf/StoreLock.d.ts +1 -0
package/dist/types/media/WaMediaCrypto.d.ts +15 -6
package/dist/types/media/WaMediaTransferClient.d.ts +3 -11
package/dist/types/media/constants.d.ts +2 -0
package/dist/types/media/index.d.ts +1 -0
package/dist/types/media/processor.d.ts +28 -0
package/dist/types/media/types.d.ts +9 -3
package/dist/types/message/addon-crypto.d.ts +34 -3
package/dist/types/message/content.d.ts +3 -1
package/dist/types/message/icdc.d.ts +4 -4
package/dist/types/message/types.d.ts +16 -24
package/dist/types/protocol/abprops.d.ts +142 -0
package/dist/types/protocol/browser.d.ts +1 -0
package/dist/types/protocol/constants.d.ts +5 -1
package/dist/types/protocol/email.d.ts +32 -0
package/dist/types/protocol/jid.d.ts +1 -0
package/dist/types/protocol/nodes.d.ts +4 -0
package/dist/types/protocol/notification.d.ts +6 -0
package/dist/types/protocol/stream.d.ts +1 -0
package/dist/types/retry/reason.d.ts +1 -1
package/dist/types/signal/api/SignalDigestSyncApi.d.ts +3 -0
package/dist/types/signal/api/SignalIdentitySyncApi.d.ts +3 -3
package/dist/types/signal/crypto/WaAdvSignature.d.ts +0 -2
package/dist/types/signal/crypto/constants.d.ts +0 -1
package/dist/types/signal/encoding.d.ts +7 -1
package/dist/types/signal/group/SenderKeyChain.d.ts +1 -1
package/dist/types/signal/group/SenderKeyManager.d.ts +7 -2
package/dist/types/signal/registration/utils.d.ts +2 -1
package/dist/types/signal/session/SignalProtocol.d.ts +11 -2
package/dist/types/signal/session/SignalSerializer.d.ts +2 -1
package/dist/types/signal/session/resolver.d.ts +4 -2
package/dist/types/signal/types.d.ts +16 -4
package/dist/types/store/contracts/identity.store.d.ts +11 -0
package/dist/types/store/contracts/message-secret.store.d.ts +16 -0
package/dist/types/store/contracts/pre-key.store.d.ts +13 -0
package/dist/types/store/contracts/session.store.d.ts +14 -0
package/dist/types/store/contracts/signal.store.d.ts +1 -34
package/dist/types/store/index.d.ts +9 -1
package/dist/types/store/locks/identity.lock.d.ts +3 -0
package/dist/types/store/locks/message-secret.lock.d.ts +3 -0
package/dist/types/store/locks/pre-key.lock.d.ts +3 -0
package/dist/types/store/locks/session.lock.d.ts +3 -0
package/dist/types/store/noop.store.d.ts +4 -0
package/dist/types/store/providers/memory/identity.store.d.ts +18 -0
package/dist/types/store/providers/memory/message-secret.store.d.ts +21 -0
package/dist/types/store/providers/memory/pre-key.store.d.ts +23 -0
package/dist/types/store/providers/memory/retry.store.d.ts +7 -1
package/dist/types/store/providers/memory/session.store.d.ts +21 -0
package/dist/types/store/providers/memory/signal.store.d.ts +3 -45
package/dist/types/store/providers/memory/thread.store.d.ts +1 -1
package/dist/types/store/types.d.ts +21 -1
package/dist/types/transport/WaWebSocket.d.ts +1 -0
package/dist/types/transport/index.d.ts +8 -1
package/dist/types/transport/keepalive/WaKeepAlive.d.ts +4 -1
package/dist/types/transport/node/WaMobileTcpSocket.d.ts +18 -0
package/dist/types/transport/node/WaNodeOrchestrator.d.ts +6 -2
package/dist/types/transport/node/builders/abprops.d.ts +5 -0
package/dist/types/transport/node/builders/device.d.ts +2 -0
package/dist/types/transport/node/builders/email.d.ts +11 -0
package/dist/types/transport/node/builders/offline.d.ts +2 -0
package/dist/types/transport/node/builders/prekeys.d.ts +4 -3
package/dist/types/transport/node/builders/presence.d.ts +6 -0
package/dist/types/transport/node/helpers.d.ts +3 -0
package/dist/types/transport/node/mex/argo-decoder.d.ts +11 -0
package/dist/types/transport/node/mex/client.d.ts +18 -0
package/dist/types/transport/node/mex/persist-ids.d.ts +14 -0
package/dist/types/transport/noise/WaMobileClientPayload.d.ts +29 -0
package/dist/types/transport/noise/WaNoiseCert.d.ts +7 -1
package/dist/types/transport/noise/WaNoiseSession.d.ts +1 -0
package/dist/types/transport/types.d.ts +8 -0
package/package.json +6 -4
package/dist/auth/pairing/constants.js +0 -5
package/dist/client/connection/WaKeyShareCoordinator.js +0 -63
package/dist/esm/auth/pairing/constants.js +0 -2
package/dist/esm/client/connection/WaKeyShareCoordinator.js +0 -59
package/dist/esm/transport/node/builders/index.js +0 -11
package/dist/transport/node/builders/index.js +0 -51
package/dist/types/auth/flow/WaAuthCredentialsFlow.d.ts +0 -14
package/dist/types/auth/pairing/constants.d.ts +0 -2
package/dist/types/client/connection/WaKeyShareCoordinator.d.ts +0 -14
package/dist/types/transport/node/builders/index.d.ts +0 -11
/package/dist/appstate/{WaAppStateSyncResponseParser.js → response-parser.js} +0 -0

package/dist/esm/infra/perf/StoreLock.js CHANGED Viewed

@@ -25,12 +25,14 @@ export class StoreLock {
                 current = Promise.reject(error);
             }
         }
-        const tracker = current.then(() => undefined, () => undefined);
+        const tracker = current.then(StoreLock._noop, StoreLock._noop);
         this.chains.set(key, tracker);
-        void tracker.finally(() => {
-            if (this.chains.get(key) === tracker) {
+        tracker.then(() => {
+            if (this.chains.get(key) === tracker)
+                this.chains.delete(key);
+        }, () => {
+            if (this.chains.get(key) === tracker)
                 this.chains.delete(key);
-            }
         });
         return current;
     }
@@ -75,3 +77,4 @@ export class StoreLock {
         }
     }
 }
+StoreLock._noop = () => undefined;

package/dist/esm/media/WaMediaCrypto.js CHANGED Viewed

@@ -1,4 +1,4 @@
-import { createCipheriv, createDecipheriv, createHash, createHmac } from 'node:crypto';
+import { createHash, createHmac } from 'node:crypto';
 import { once } from 'node:events';
 import { createWriteStream } from 'node:fs';
 import { stat, unlink } from 'node:fs/promises';
@@ -8,10 +8,91 @@ import { PassThrough } from 'node:stream';
 import { hkdf } from '../crypto/core/hkdf.js';
 import { aesCbcDecrypt, aesCbcEncrypt, hmacSign, importAesCbcKey, importHmacKey, sha256 } from '../crypto/core/primitives.js';
 import { randomBytesAsync } from '../crypto/core/random.js';
-import { ENC_KEY_END, ENC_KEY_START, HMAC_TRUNCATED_SIZE, IV_SIZE, MAC_KEY_END, MAC_KEY_START, MEDIA_HKDF_SIZE } from './constants.js';
-import { WA_APP_STATE_KEY_TYPES, getWaMediaHkdfInfo } from '../protocol/constants.js';
-import { assertByteLength, concatBytes, EMPTY_BYTES, toChunkBytes, toBytesView, uint8Equal, uint8TimingSafeEqual } from '../util/bytes.js';
+import { ENC_KEY_END, ENC_KEY_START, HMAC_TRUNCATED_SIZE, IV_SIZE, MAC_KEY_END, MAC_KEY_START, MEDIA_HKDF_SIZE, SIDECAR_CHUNK_SIZE, SIDECAR_HMAC_SIZE } from './constants.js';
+import { getWaMediaHkdfInfo, WA_APP_STATE_KEY_TYPES } from '../protocol/constants.js';
+import { assertByteLength, concatBytes, EMPTY_BYTES, toBytesView, toChunkBytes, uint8Equal, uint8TimingSafeEqual } from '../util/bytes.js';
 import { toError } from '../util/primitives.js';
+const AES_BLOCK_SIZE = 16;
+const PKCS7_FULL_BLOCK = new Uint8Array(AES_BLOCK_SIZE).fill(AES_BLOCK_SIZE);
+async function aesCbcEncryptChunk(key, iv, chunk, isFinal) {
+    const encrypted = await aesCbcEncrypt(key, iv, chunk);
+    if (isFinal) {
+        return {
+            ciphertext: encrypted,
+            nextIv: encrypted.subarray(encrypted.byteLength - AES_BLOCK_SIZE)
+        };
+    }
+    const ciphertext = encrypted.subarray(0, encrypted.byteLength - AES_BLOCK_SIZE);
+    return {
+        ciphertext,
+        nextIv: ciphertext.subarray(ciphertext.byteLength - AES_BLOCK_SIZE)
+    };
+}
+async function aesCbcDecryptChunk(key, iv, ciphertext, isFinal) {
+    const nextIv = toBytesView(ciphertext.subarray(ciphertext.byteLength - AES_BLOCK_SIZE));
+    if (isFinal) {
+        return { plaintext: await aesCbcDecrypt(key, iv, ciphertext), nextIv };
+    }
+    const padBlock = (await aesCbcEncrypt(key, nextIv, PKCS7_FULL_BLOCK)).subarray(0, AES_BLOCK_SIZE);
+    const withPad = concatBytes([ciphertext, padBlock]);
+    return { plaintext: await aesCbcDecrypt(key, iv, withPad), nextIv };
+}
+async function computeFirstFrameSidecar(macKey, ivCiphertext, firstFrameLength) {
+    const aligned = Math.ceil(firstFrameLength / AES_BLOCK_SIZE) * AES_BLOCK_SIZE;
+    const slice = ivCiphertext.subarray(0, IV_SIZE + aligned);
+    const key = await importHmacKey(macKey);
+    const digest = await hmacSign(key, slice);
+    return digest.subarray(0, SIDECAR_HMAC_SIZE);
+}
+class SidecarAccumulator {
+    constructor(macKey, estimatedSize = 0) {
+        this.resultOffset = 0;
+        this.totalPushed = 0;
+        this.windowOffset = 0;
+        this.nextChunkStart = 0;
+        this.macKey = macKey;
+        this.window = new Uint8Array(IV_SIZE + SIDECAR_CHUNK_SIZE);
+        const estimated = Math.max(Math.ceil(estimatedSize / SIDECAR_CHUNK_SIZE) + 1, 16);
+        this.result = new Uint8Array(estimated * SIDECAR_HMAC_SIZE);
+    }
+    push(data) {
+        let srcOffset = 0;
+        while (srcOffset < data.byteLength) {
+            const windowEnd = this.nextChunkStart + IV_SIZE + SIDECAR_CHUNK_SIZE;
+            const remaining = windowEnd - this.totalPushed;
+            const toCopy = Math.min(remaining, data.byteLength - srcOffset);
+            this.window.set(data.subarray(srcOffset, srcOffset + toCopy), this.windowOffset);
+            this.windowOffset += toCopy;
+            this.totalPushed += toCopy;
+            srcOffset += toCopy;
+            if (this.totalPushed === windowEnd) {
+                this.flushChunk();
+            }
+        }
+    }
+    finish() {
+        if (this.windowOffset > 0) {
+            this.flushChunk();
+        }
+        return this.result.subarray(0, this.resultOffset);
+    }
+    flushChunk() {
+        const digest = createHmac('sha256', this.macKey)
+            .update(this.window.subarray(0, this.windowOffset))
+            .digest();
+        if (this.resultOffset + SIDECAR_HMAC_SIZE > this.result.byteLength) {
+            const grown = new Uint8Array(this.result.byteLength * 2);
+            grown.set(this.result);
+            this.result = grown;
+        }
+        this.result.set(digest.subarray(0, SIDECAR_HMAC_SIZE), this.resultOffset);
+        this.resultOffset += SIDECAR_HMAC_SIZE;
+        this.nextChunkStart += SIDECAR_CHUNK_SIZE;
+        const overlapSrc = this.window.subarray(this.windowOffset - IV_SIZE, this.windowOffset);
+        this.window.set(overlapSrc, 0);
+        this.windowOffset = IV_SIZE;
+    }
+}
 export class WaMediaCrypto {
     static async generateMediaKey() {
         return randomBytesAsync(32);
@@ -27,24 +108,41 @@ export class WaMediaCrypto {
             refKey: expanded.subarray(MAC_KEY_END, MEDIA_HKDF_SIZE)
         };
     }
-    static async encryptBytes(mediaType, mediaKey, plaintext) {
+    static async encryptBytes(mediaType, mediaKey, plaintext, options) {
         const keys = await WaMediaCrypto.deriveKeys(mediaType, mediaKey);
-        const [aesKey, macKey] = await Promise.all([
+        const [aesKey, hmacKey] = await Promise.all([
             importAesCbcKey(keys.encKey),
             importHmacKey(keys.macKey)
         ]);
         const ciphertext = await aesCbcEncrypt(aesKey, keys.iv, plaintext);
         const ivCiphertext = concatBytes([keys.iv, ciphertext]);
-        const mac = await hmacSign(macKey, ivCiphertext);
+        const mac = await hmacSign(hmacKey, ivCiphertext);
         const signature = mac.subarray(0, HMAC_TRUNCATED_SIZE);
         const ciphertextHmac = concatBytes([ciphertext, signature]);
+        let streamingSidecar;
+        if (options?.sidecar !== false) {
+            const acc = new SidecarAccumulator(keys.macKey);
+            acc.push(keys.iv);
+            acc.push(ciphertext);
+            acc.push(signature);
+            streamingSidecar = acc.finish();
+        }
+        const firstFrameSidecar = options?.firstFrameLength !== undefined
+            ? await computeFirstFrameSidecar(keys.macKey, ivCiphertext, options.firstFrameLength)
+            : undefined;
         const [fileSha256, fileEncSha256] = await Promise.all([
             sha256(plaintext),
             sha256(ciphertextHmac)
         ]);
-        return { ciphertextHmac, fileSha256, fileEncSha256 };
+        return {
+            ciphertextHmac,
+            fileSha256,
+            fileEncSha256,
+            streamingSidecar,
+            firstFrameSidecar
+        };
     }
-    static async decryptBytes(mediaType, mediaKey, ciphertextHmac, expectedFileSha256, expectedFileEncSha256) {
+    static async decryptBytes(mediaType, mediaKey, ciphertextHmac, expectedFileSha256, expectedFileEncSha256, skipMacVerification = false) {
         if (ciphertextHmac.byteLength < HMAC_TRUNCATED_SIZE) {
             throw new Error(`ciphertext too short: ${ciphertextHmac.byteLength}`);
         }
@@ -55,17 +153,19 @@ export class WaMediaCrypto {
             }
         }
         const keys = await WaMediaCrypto.deriveKeys(mediaType, mediaKey);
+        const [aesKey, hmacKey] = await Promise.all([
+            importAesCbcKey(keys.encKey),
+            importHmacKey(keys.macKey)
+        ]);
         const ciphertext = ciphertextHmac.subarray(0, ciphertextHmac.byteLength - HMAC_TRUNCATED_SIZE);
         const expectedMac = ciphertextHmac.subarray(ciphertextHmac.byteLength - HMAC_TRUNCATED_SIZE);
         const ivCiphertext = concatBytes([keys.iv, ciphertext]);
-        const [macKey, aesKey] = await Promise.all([
-            importHmacKey(keys.macKey),
-            importAesCbcKey(keys.encKey)
-        ]);
-        const mac = await hmacSign(macKey, ivCiphertext);
-        const signature = mac.subarray(0, HMAC_TRUNCATED_SIZE);
-        if (!uint8TimingSafeEqual(signature, expectedMac)) {
-            throw new Error('media MAC mismatch');
+        if (!skipMacVerification) {
+            const mac = await hmacSign(hmacKey, ivCiphertext);
+            const signature = mac.subarray(0, HMAC_TRUNCATED_SIZE);
+            if (!uint8TimingSafeEqual(signature, expectedMac)) {
+                throw new Error('media MAC mismatch');
+            }
         }
         const plaintext = await aesCbcDecrypt(aesKey, keys.iv, ciphertext);
         const fileSha256 = await sha256(plaintext);
@@ -75,18 +175,18 @@ export class WaMediaCrypto {
         const fileEncSha256 = expectedFileEncSha256 ?? (await sha256(ciphertextHmac));
         return { plaintext, fileSha256, fileEncSha256 };
     }
-    static async encryptReadable(mediaType, mediaKey, plaintext) {
+    static async encryptReadable(mediaType, mediaKey, plaintext, options) {
         const keys = await WaMediaCrypto.deriveKeys(mediaType, mediaKey);
         const encrypted = new PassThrough();
-        const metadata = pumpEncryption(plaintext, encrypted, keys);
+        const metadata = pumpEncryption(plaintext, encrypted, keys, options?.sidecar !== false, options?.firstFrameLength);
         return { encrypted, metadata };
     }
-    static async encryptToFile(mediaType, mediaKey, plaintext) {
+    static async encryptToFile(mediaType, mediaKey, plaintext, options) {
         const keys = await WaMediaCrypto.deriveKeys(mediaType, mediaKey);
         const filePath = join(tmpdir(), `zapo-enc-${Date.now()}-${Math.random().toString(36).slice(2)}`);
         const output = createWriteStream(filePath);
         try {
-            const metadata = await pumpEncryptionToWritable(plaintext, output, keys);
+            const metadata = await pumpEncryptionToWritable(plaintext, output, keys, options?.sidecar !== false, options?.firstFrameLength);
             const fileSize = (await stat(filePath)).size;
             return { filePath, fileSize, ...metadata };
         }
@@ -112,42 +212,80 @@ export class WaMediaCrypto {
         return paddedLength + HMAC_TRUNCATED_SIZE;
     }
 }
-async function pumpEncryption(plaintext, encrypted, keys) {
+async function pumpEncryption(plaintext, encrypted, keys, computeSidecar, firstFrameLength) {
+    const aesKey = await importAesCbcKey(keys.encKey);
     const plainHash = createHash('sha256');
     const encHash = createHash('sha256');
     const hmac = createHmac('sha256', keys.macKey);
-    const cipher = createCipheriv('aes-256-cbc', keys.encKey, keys.iv);
+    const sidecar = computeSidecar ? new SidecarAccumulator(keys.macKey) : null;
+    const ffTarget = firstFrameLength !== undefined
+        ? IV_SIZE + Math.ceil(firstFrameLength / AES_BLOCK_SIZE) * AES_BLOCK_SIZE
+        : 0;
+    let ffCollected = 0;
+    const ffChunks = ffTarget > 0 ? [keys.iv] : [];
+    if (ffTarget > 0)
+        ffCollected = IV_SIZE;
     let plaintextLength = 0;
+    let currentIv = keys.iv;
+    let pending = EMPTY_BYTES;
     hmac.update(keys.iv);
+    sidecar?.push(keys.iv);
     try {
         for await (const chunk of plaintext) {
             const plainChunk = toChunkBytes(chunk);
-            if (plainChunk.byteLength === 0) {
+            if (plainChunk.byteLength === 0)
                 continue;
-            }
             plaintextLength += plainChunk.byteLength;
             plainHash.update(plainChunk);
-            const encryptedChunk = cipher.update(plainChunk);
-            if (encryptedChunk.byteLength > 0) {
-                hmac.update(encryptedChunk);
-                encHash.update(encryptedChunk);
-                await writeChunk(encrypted, encryptedChunk);
+            const combined = pending.byteLength > 0
+                ? concatBytes([pending, plainChunk])
+                : toBytesView(plainChunk);
+            const aligned = combined.byteLength - (combined.byteLength % AES_BLOCK_SIZE);
+            if (aligned === 0) {
+                pending = combined;
+                continue;
             }
+            const toEncrypt = toBytesView(combined.subarray(0, aligned));
+            pending = toBytesView(combined.subarray(aligned));
+            const { ciphertext, nextIv } = await aesCbcEncryptChunk(aesKey, currentIv, toEncrypt, false);
+            currentIv = nextIv;
+            hmac.update(ciphertext);
+            encHash.update(ciphertext);
+            sidecar?.push(ciphertext);
+            if (ffCollected < ffTarget) {
+                const need = ffTarget - ffCollected;
+                ffChunks.push(ciphertext.subarray(0, Math.min(need, ciphertext.byteLength)));
+                ffCollected += ciphertext.byteLength;
+            }
+            await writeChunk(encrypted, ciphertext);
         }
-        const encryptedFinal = cipher.final();
-        if (encryptedFinal.byteLength > 0) {
-            hmac.update(encryptedFinal);
-            encHash.update(encryptedFinal);
-            await writeChunk(encrypted, encryptedFinal);
+        const { ciphertext: finalCiphertext } = await aesCbcEncryptChunk(aesKey, currentIv, pending, true);
+        hmac.update(finalCiphertext);
+        encHash.update(finalCiphertext);
+        sidecar?.push(finalCiphertext);
+        if (ffCollected < ffTarget) {
+            const need = ffTarget - ffCollected;
+            ffChunks.push(finalCiphertext.subarray(0, Math.min(need, finalCiphertext.byteLength)));
         }
-        const signature = hmac.digest().subarray(0, HMAC_TRUNCATED_SIZE);
+        await writeChunk(encrypted, finalCiphertext);
+        const signature = toBytesView(hmac.digest().subarray(0, HMAC_TRUNCATED_SIZE));
         encHash.update(signature);
+        sidecar?.push(signature);
         await writeChunk(encrypted, signature);
         encrypted.end();
+        let firstFrameSidecar;
+        if (ffTarget > 0) {
+            const ivCiphertextSlice = concatBytes(ffChunks);
+            const ffKey = await importHmacKey(keys.macKey);
+            const ffDigest = await hmacSign(ffKey, ivCiphertextSlice);
+            firstFrameSidecar = ffDigest.subarray(0, SIDECAR_HMAC_SIZE);
+        }
         return {
             fileSha256: toBytesView(plainHash.digest()),
             fileEncSha256: toBytesView(encHash.digest()),
-            plaintextLength
+            plaintextLength,
+            streamingSidecar: sidecar?.finish(),
+            firstFrameSidecar
         };
     }
     catch (error) {
@@ -182,42 +320,80 @@ async function endWritable(stream) {
         stream.end(() => resolve());
     });
 }
-async function pumpEncryptionToWritable(plaintext, output, keys) {
+async function pumpEncryptionToWritable(plaintext, output, keys, computeSidecar, firstFrameLength) {
+    const aesKey = await importAesCbcKey(keys.encKey);
     const plainHash = createHash('sha256');
     const encHash = createHash('sha256');
     const hmac = createHmac('sha256', keys.macKey);
-    const cipher = createCipheriv('aes-256-cbc', keys.encKey, keys.iv);
+    const sidecar = computeSidecar ? new SidecarAccumulator(keys.macKey) : null;
+    const ffTarget = firstFrameLength !== undefined
+        ? IV_SIZE + Math.ceil(firstFrameLength / AES_BLOCK_SIZE) * AES_BLOCK_SIZE
+        : 0;
+    let ffCollected = 0;
+    const ffChunks = ffTarget > 0 ? [keys.iv] : [];
+    if (ffTarget > 0)
+        ffCollected = IV_SIZE;
     let plaintextLength = 0;
+    let currentIv = keys.iv;
+    let pending = EMPTY_BYTES;
     hmac.update(keys.iv);
+    sidecar?.push(keys.iv);
     try {
         for await (const chunk of plaintext) {
             const plainChunk = toChunkBytes(chunk);
-            if (plainChunk.byteLength === 0) {
+            if (plainChunk.byteLength === 0)
                 continue;
-            }
             plaintextLength += plainChunk.byteLength;
             plainHash.update(plainChunk);
-            const encryptedChunk = cipher.update(plainChunk);
-            if (encryptedChunk.byteLength > 0) {
-                hmac.update(encryptedChunk);
-                encHash.update(encryptedChunk);
-                await writeChunkToWritable(output, encryptedChunk);
+            const combined = pending.byteLength > 0
+                ? concatBytes([pending, plainChunk])
+                : toBytesView(plainChunk);
+            const aligned = combined.byteLength - (combined.byteLength % AES_BLOCK_SIZE);
+            if (aligned === 0) {
+                pending = combined;
+                continue;
+            }
+            const toEncrypt = toBytesView(combined.subarray(0, aligned));
+            pending = toBytesView(combined.subarray(aligned));
+            const { ciphertext, nextIv } = await aesCbcEncryptChunk(aesKey, currentIv, toEncrypt, false);
+            currentIv = nextIv;
+            hmac.update(ciphertext);
+            encHash.update(ciphertext);
+            sidecar?.push(ciphertext);
+            if (ffCollected < ffTarget) {
+                const need = ffTarget - ffCollected;
+                ffChunks.push(ciphertext.subarray(0, Math.min(need, ciphertext.byteLength)));
+                ffCollected += ciphertext.byteLength;
             }
+            await writeChunkToWritable(output, ciphertext);
         }
-        const encryptedFinal = cipher.final();
-        if (encryptedFinal.byteLength > 0) {
-            hmac.update(encryptedFinal);
-            encHash.update(encryptedFinal);
-            await writeChunkToWritable(output, encryptedFinal);
+        const { ciphertext: finalCiphertext } = await aesCbcEncryptChunk(aesKey, currentIv, pending, true);
+        hmac.update(finalCiphertext);
+        encHash.update(finalCiphertext);
+        sidecar?.push(finalCiphertext);
+        if (ffCollected < ffTarget) {
+            const need = ffTarget - ffCollected;
+            ffChunks.push(finalCiphertext.subarray(0, Math.min(need, finalCiphertext.byteLength)));
         }
-        const signature = hmac.digest().subarray(0, HMAC_TRUNCATED_SIZE);
+        await writeChunkToWritable(output, finalCiphertext);
+        const signature = toBytesView(hmac.digest().subarray(0, HMAC_TRUNCATED_SIZE));
         encHash.update(signature);
+        sidecar?.push(signature);
         await writeChunkToWritable(output, signature);
         await endWritable(output);
+        let firstFrameSidecar;
+        if (ffTarget > 0) {
+            const ivCiphertextSlice = concatBytes(ffChunks);
+            const ffKey = await importHmacKey(keys.macKey);
+            const ffDigest = await hmacSign(ffKey, ivCiphertextSlice);
+            firstFrameSidecar = ffDigest.subarray(0, SIDECAR_HMAC_SIZE);
+        }
         return {
             fileSha256: toBytesView(plainHash.digest()),
             fileEncSha256: toBytesView(encHash.digest()),
-            plaintextLength
+            plaintextLength,
+            streamingSidecar: sidecar?.finish(),
+            firstFrameSidecar
         };
     }
     catch (error) {
@@ -227,10 +403,12 @@ async function pumpEncryptionToWritable(plaintext, output, keys) {
     }
 }
 async function pumpDecryption(encrypted, plaintext, keys, options) {
+    const aesKey = await importAesCbcKey(keys.encKey);
     const plainHash = createHash('sha256');
     const encHash = createHash('sha256');
     const hmac = createHmac('sha256', keys.macKey);
-    const decipher = createDecipheriv('aes-256-cbc', keys.encKey, keys.iv);
+    let currentIv = keys.iv;
+    let pending = EMPTY_BYTES;
     hmac.update(keys.iv);
     try {
         let trailing = EMPTY_BYTES;
@@ -248,20 +426,37 @@ async function pumpDecryption(encrypted, plaintext, keys, options) {
             const ciphertextChunk = merged.subarray(0, merged.byteLength - HMAC_TRUNCATED_SIZE);
             trailing = merged.subarray(merged.byteLength - HMAC_TRUNCATED_SIZE);
             hmac.update(ciphertextChunk);
-            const plainChunk = decipher.update(ciphertextChunk);
-            if (plainChunk.byteLength > 0) {
-                plainHash.update(plainChunk);
-                await writeChunk(plaintext, plainChunk);
+            const combined = pending.byteLength > 0
+                ? concatBytes([pending, ciphertextChunk])
+                : toBytesView(ciphertextChunk);
+            const aligned = combined.byteLength - (combined.byteLength % AES_BLOCK_SIZE);
+            if (aligned > AES_BLOCK_SIZE) {
+                const toDecrypt = combined.subarray(0, aligned - AES_BLOCK_SIZE);
+                const { plaintext: plainChunk, nextIv } = await aesCbcDecryptChunk(aesKey, currentIv, toDecrypt, false);
+                currentIv = nextIv;
+                if (plainChunk.byteLength > 0) {
+                    plainHash.update(plainChunk);
+                    await writeChunk(plaintext, plainChunk);
+                }
+                pending = toBytesView(combined.subarray(aligned - AES_BLOCK_SIZE));
+            }
+            else {
+                pending = combined;
             }
         }
         if (trailing.byteLength !== HMAC_TRUNCATED_SIZE) {
             throw new Error(`ciphertext too short: ${trailing.byteLength}`);
         }
-        const signature = hmac.digest().subarray(0, HMAC_TRUNCATED_SIZE);
-        if (!uint8TimingSafeEqual(signature, trailing)) {
-            throw new Error('media MAC mismatch');
+        if (!options.skipMacVerification) {
+            const signature = hmac.digest().subarray(0, HMAC_TRUNCATED_SIZE);
+            if (!uint8TimingSafeEqual(signature, trailing)) {
+                throw new Error('media MAC mismatch');
+            }
+        }
+        if (pending.byteLength < AES_BLOCK_SIZE || pending.byteLength % AES_BLOCK_SIZE !== 0) {
+            throw new Error(`invalid ciphertext length: ${pending.byteLength}`);
         }
-        const plainFinal = decipher.final();
+        const { plaintext: plainFinal } = await aesCbcDecryptChunk(aesKey, currentIv, pending, true);
         if (plainFinal.byteLength > 0) {
             plainHash.update(plainFinal);
             await writeChunk(plaintext, plainFinal);