zapo-js 0.2.0 → 0.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +7 -3
- package/dist/appstate/WaAppStateCrypto.js +49 -41
- package/dist/appstate/WaAppStateSyncClient.js +79 -42
- package/dist/appstate/index.js +2 -2
- package/dist/auth/WaAuthClient.js +20 -11
- package/dist/auth/{flow/WaAuthCredentialsFlow.js → credentials-flow.js} +83 -18
- package/dist/auth/pairing/WaPairingFlow.js +26 -29
- package/dist/auth/pairing/{WaPairingCodeCrypto.js → pairing-code-crypto.js} +29 -13
- package/dist/client/WaClient.js +115 -75
- package/dist/client/WaClientFactory.js +113 -30
- package/dist/client/connection/WaConnectionManager.js +4 -1
- package/dist/client/coordinators/WaAbPropsCoordinator.js +141 -0
- package/dist/client/coordinators/WaBusinessCoordinator.js +3 -12
- package/dist/client/coordinators/WaEmailCoordinator.js +63 -0
- package/dist/client/coordinators/WaIncomingNodeCoordinator.js +33 -8
- package/dist/client/coordinators/WaMessageDispatchCoordinator.js +55 -25
- package/dist/client/coordinators/WaOfflineResumeCoordinator.js +114 -0
- package/dist/client/coordinators/WaPassiveTasksCoordinator.js +38 -20
- package/dist/client/coordinators/WaProfileCoordinator.js +3 -1
- package/dist/client/coordinators/WaRetryCoordinator.js +11 -9
- package/dist/client/coordinators/WaTrustedContactTokenCoordinator.js +22 -4
- package/dist/client/dirty.js +1 -1
- package/dist/client/events/abprops.js +43 -0
- package/dist/client/events/privacy-token.js +1 -2
- package/dist/client/events/registration.js +42 -0
- package/dist/client/incoming.js +37 -0
- package/dist/client/mailbox.js +17 -1
- package/dist/client/media.js +243 -0
- package/dist/client/messages.js +163 -86
- package/dist/crypto/core/index.js +4 -1
- package/dist/crypto/core/random.js +3 -9
- package/dist/crypto/core/xeddsa.js +57 -0
- package/dist/crypto/curves/X25519.js +18 -0
- package/dist/crypto/curves/constants.js +2 -1
- package/dist/esm/appstate/WaAppStateCrypto.js +39 -31
- package/dist/esm/appstate/WaAppStateSyncClient.js +68 -31
- package/dist/esm/appstate/index.js +1 -1
- package/dist/esm/appstate/{WaAppStateSyncResponseParser.js → response-parser.js} +1 -1
- package/dist/esm/auth/WaAuthClient.js +17 -8
- package/dist/esm/auth/{flow/WaAuthCredentialsFlow.js → credentials-flow.js} +83 -18
- package/dist/esm/auth/pairing/WaPairingFlow.js +25 -28
- package/dist/esm/auth/pairing/{WaPairingCodeCrypto.js → pairing-code-crypto.js} +20 -6
- package/dist/esm/client/WaClient.js +116 -76
- package/dist/esm/client/WaClientFactory.js +114 -31
- package/dist/esm/client/connection/WaConnectionManager.js +4 -1
- package/dist/esm/client/coordinators/WaAbPropsCoordinator.js +137 -0
- package/dist/esm/client/coordinators/WaBusinessCoordinator.js +4 -13
- package/dist/esm/client/coordinators/WaEmailCoordinator.js +60 -0
- package/dist/esm/client/coordinators/WaIncomingNodeCoordinator.js +35 -10
- package/dist/esm/client/coordinators/WaMessageDispatchCoordinator.js +47 -17
- package/dist/esm/client/coordinators/WaOfflineResumeCoordinator.js +110 -0
- package/dist/esm/client/coordinators/WaPassiveTasksCoordinator.js +38 -20
- package/dist/esm/client/coordinators/WaProfileCoordinator.js +3 -1
- package/dist/esm/client/coordinators/WaRetryCoordinator.js +11 -9
- package/dist/esm/client/coordinators/WaTrustedContactTokenCoordinator.js +24 -6
- package/dist/esm/client/dirty.js +1 -1
- package/dist/esm/client/events/abprops.js +40 -0
- package/dist/esm/client/events/privacy-token.js +1 -2
- package/dist/esm/client/events/registration.js +39 -0
- package/dist/esm/client/incoming.js +36 -0
- package/dist/esm/client/mailbox.js +17 -1
- package/dist/esm/client/media.js +234 -0
- package/dist/esm/client/messages.js +162 -85
- package/dist/esm/crypto/core/index.js +1 -0
- package/dist/esm/crypto/core/random.js +2 -7
- package/dist/esm/crypto/core/xeddsa.js +53 -0
- package/dist/esm/crypto/curves/X25519.js +20 -2
- package/dist/esm/crypto/curves/constants.js +1 -0
- package/dist/esm/infra/perf/StoreLock.js +7 -4
- package/dist/esm/media/WaMediaCrypto.js +257 -62
- package/dist/esm/media/WaMediaTransferClient.js +47 -190
- package/dist/esm/media/constants.js +2 -0
- package/dist/esm/media/processor.js +1 -0
- package/dist/esm/message/addon-crypto.js +130 -3
- package/dist/esm/message/content.js +12 -6
- package/dist/esm/message/icdc.js +8 -8
- package/dist/esm/message/incoming.js +14 -12
- package/dist/esm/message/phash.js +32 -12
- package/dist/esm/message/reporting-token.js +3 -3
- package/dist/esm/message/use-case-secret.js +1 -1
- package/dist/esm/protocol/abprops.js +159 -0
- package/dist/esm/protocol/browser.js +14 -0
- package/dist/esm/protocol/constants.js +3 -1
- package/dist/esm/protocol/email.js +30 -0
- package/dist/esm/protocol/jid.js +44 -10
- package/dist/esm/protocol/nodes.js +6 -2
- package/dist/esm/protocol/notification.js +7 -1
- package/dist/esm/retry/reason.js +1 -1
- package/dist/esm/signal/api/SignalDeviceSyncApi.js +5 -2
- package/dist/esm/signal/api/SignalDigestSyncApi.js +8 -6
- package/dist/esm/signal/api/SignalIdentitySyncApi.js +4 -4
- package/dist/esm/signal/api/SignalMissingPreKeysSyncApi.js +1 -1
- package/dist/esm/signal/api/SignalSessionSyncApi.js +1 -1
- package/dist/esm/signal/crypto/WaAdvSignature.js +5 -51
- package/dist/esm/signal/crypto/constants.js +0 -4
- package/dist/esm/signal/encoding.js +11 -54
- package/dist/esm/signal/group/SenderKeyChain.js +3 -3
- package/dist/esm/signal/group/SenderKeyCodec.js +5 -6
- package/dist/esm/signal/group/SenderKeyManager.js +13 -10
- package/dist/esm/signal/registration/keygen.js +2 -3
- package/dist/esm/signal/registration/utils.js +2 -2
- package/dist/esm/signal/session/SignalProtocol.js +18 -17
- package/dist/esm/signal/session/SignalRatchet.js +21 -10
- package/dist/esm/signal/session/SignalSerializer.js +5 -6
- package/dist/esm/signal/session/SignalSession.js +11 -9
- package/dist/esm/signal/session/resolver.js +6 -6
- package/dist/esm/store/contracts/identity.store.js +1 -0
- package/dist/esm/store/contracts/message-secret.store.js +1 -0
- package/dist/esm/store/contracts/pre-key.store.js +1 -0
- package/dist/esm/store/contracts/session.store.js +1 -0
- package/dist/esm/store/createStore.js +48 -12
- package/dist/esm/store/index.js +4 -0
- package/dist/esm/store/locks/identity.lock.js +16 -0
- package/dist/esm/store/locks/message-secret.lock.js +17 -0
- package/dist/esm/store/locks/pre-key.lock.js +27 -0
- package/dist/esm/store/locks/session.lock.js +19 -0
- package/dist/esm/store/locks/signal.lock.js +0 -24
- package/dist/esm/store/noop.store.js +20 -0
- package/dist/esm/store/providers/memory/device-list.store.js +3 -0
- package/dist/esm/store/providers/memory/identity.store.js +31 -0
- package/dist/esm/store/providers/memory/message-secret.store.js +81 -0
- package/dist/esm/store/providers/memory/participants.store.js +3 -0
- package/dist/esm/store/providers/memory/pre-key.store.js +97 -0
- package/dist/esm/store/providers/memory/retry.store.js +25 -11
- package/dist/esm/store/providers/memory/session.store.js +45 -0
- package/dist/esm/store/providers/memory/signal.store.js +1 -164
- package/dist/esm/transport/WaComms.js +4 -3
- package/dist/esm/transport/WaWebSocket.js +9 -1
- package/dist/esm/transport/index.js +6 -0
- package/dist/esm/transport/keepalive/WaKeepAlive.js +17 -8
- package/dist/esm/transport/node/WaMobileTcpSocket.js +114 -0
- package/dist/esm/transport/node/WaNodeOrchestrator.js +17 -8
- package/dist/esm/transport/node/builders/abprops.js +20 -0
- package/dist/esm/transport/node/builders/device.js +11 -0
- package/dist/esm/transport/node/builders/email.js +65 -0
- package/dist/esm/transport/node/builders/offline.js +14 -0
- package/dist/esm/transport/node/builders/prekeys.js +37 -40
- package/dist/esm/transport/node/builders/presence.js +13 -0
- package/dist/esm/transport/node/builders/privacy-token.js +19 -23
- package/dist/esm/transport/node/builders/retry.js +1 -1
- package/dist/esm/transport/node/helpers.js +24 -0
- package/dist/esm/transport/node/mex/argo-decoder.js +152 -0
- package/dist/esm/transport/node/mex/client.js +83 -0
- package/dist/esm/transport/node/mex/persist-ids.js +10 -0
- package/dist/esm/transport/noise/WaClientPayload.js +15 -10
- package/dist/esm/transport/noise/WaFrameCodec.js +2 -2
- package/dist/esm/transport/noise/WaMobileClientPayload.js +53 -0
- package/dist/esm/transport/noise/WaNoiseCert.js +9 -27
- package/dist/esm/transport/noise/WaNoiseSession.js +12 -11
- package/dist/infra/perf/StoreLock.js +7 -4
- package/dist/media/WaMediaCrypto.js +253 -58
- package/dist/media/WaMediaTransferClient.js +50 -223
- package/dist/media/constants.js +3 -1
- package/dist/media/processor.js +2 -0
- package/dist/message/addon-crypto.js +131 -0
- package/dist/message/content.js +13 -5
- package/dist/message/icdc.js +8 -8
- package/dist/message/incoming.js +14 -12
- package/dist/message/phash.js +32 -12
- package/dist/message/reporting-token.js +2 -2
- package/dist/message/use-case-secret.js +1 -1
- package/dist/protocol/abprops.js +163 -0
- package/dist/protocol/browser.js +15 -0
- package/dist/protocol/constants.js +14 -2
- package/dist/protocol/email.js +33 -0
- package/dist/protocol/jid.js +45 -10
- package/dist/protocol/nodes.js +6 -2
- package/dist/protocol/notification.js +8 -2
- package/dist/retry/reason.js +1 -1
- package/dist/signal/api/SignalDeviceSyncApi.js +5 -2
- package/dist/signal/api/SignalDigestSyncApi.js +8 -6
- package/dist/signal/api/SignalIdentitySyncApi.js +4 -4
- package/dist/signal/crypto/WaAdvSignature.js +2 -50
- package/dist/signal/crypto/constants.js +1 -5
- package/dist/signal/encoding.js +11 -49
- package/dist/signal/group/SenderKeyChain.js +2 -2
- package/dist/signal/group/SenderKeyCodec.js +4 -5
- package/dist/signal/group/SenderKeyManager.js +12 -9
- package/dist/signal/registration/keygen.js +1 -2
- package/dist/signal/registration/utils.js +2 -2
- package/dist/signal/session/SignalProtocol.js +18 -17
- package/dist/signal/session/SignalRatchet.js +19 -8
- package/dist/signal/session/SignalSerializer.js +5 -6
- package/dist/signal/session/SignalSession.js +11 -9
- package/dist/signal/session/resolver.js +6 -6
- package/dist/store/contracts/identity.store.js +2 -0
- package/dist/store/contracts/message-secret.store.js +2 -0
- package/dist/store/contracts/pre-key.store.js +2 -0
- package/dist/store/contracts/session.store.js +2 -0
- package/dist/store/createStore.js +47 -11
- package/dist/store/index.js +9 -1
- package/dist/store/locks/identity.lock.js +19 -0
- package/dist/store/locks/message-secret.lock.js +20 -0
- package/dist/store/locks/pre-key.lock.js +30 -0
- package/dist/store/locks/session.lock.js +22 -0
- package/dist/store/locks/signal.lock.js +0 -24
- package/dist/store/noop.store.js +21 -1
- package/dist/store/providers/memory/device-list.store.js +3 -0
- package/dist/store/providers/memory/identity.store.js +35 -0
- package/dist/store/providers/memory/message-secret.store.js +85 -0
- package/dist/store/providers/memory/participants.store.js +3 -0
- package/dist/store/providers/memory/pre-key.store.js +101 -0
- package/dist/store/providers/memory/retry.store.js +24 -10
- package/dist/store/providers/memory/session.store.js +49 -0
- package/dist/store/providers/memory/signal.store.js +1 -164
- package/dist/transport/WaComms.js +4 -3
- package/dist/transport/WaWebSocket.js +9 -1
- package/dist/transport/index.js +17 -1
- package/dist/transport/keepalive/WaKeepAlive.js +17 -8
- package/dist/transport/node/WaMobileTcpSocket.js +118 -0
- package/dist/transport/node/WaNodeOrchestrator.js +16 -7
- package/dist/transport/node/builders/abprops.js +23 -0
- package/dist/transport/node/builders/device.js +14 -0
- package/dist/transport/node/builders/email.js +72 -0
- package/dist/transport/node/builders/offline.js +17 -0
- package/dist/transport/node/builders/prekeys.js +36 -39
- package/dist/transport/node/builders/presence.js +16 -0
- package/dist/transport/node/builders/privacy-token.js +18 -22
- package/dist/transport/node/builders/retry.js +1 -1
- package/dist/transport/node/helpers.js +26 -0
- package/dist/transport/node/mex/argo-decoder.js +189 -0
- package/dist/transport/node/mex/client.js +86 -0
- package/dist/transport/node/mex/persist-ids.js +13 -0
- package/dist/transport/noise/WaClientPayload.js +14 -9
- package/dist/transport/noise/WaFrameCodec.js +1 -1
- package/dist/transport/noise/WaMobileClientPayload.js +56 -0
- package/dist/transport/noise/WaNoiseCert.js +8 -26
- package/dist/transport/noise/WaNoiseSession.js +11 -10
- package/dist/types/appstate/WaAppStateCrypto.d.ts +11 -8
- package/dist/types/appstate/WaAppStateSyncClient.d.ts +6 -2
- package/dist/types/appstate/index.d.ts +1 -1
- package/dist/types/appstate/{WaAppStateSyncResponseParser.d.ts → response-parser.d.ts} +1 -1
- package/dist/types/appstate/types.d.ts +1 -1
- package/dist/types/auth/WaAuthClient.d.ts +9 -3
- package/dist/types/auth/credentials-flow.d.ts +20 -0
- package/dist/types/auth/pairing/WaPairingFlow.d.ts +3 -2
- package/dist/types/auth/pairing/{WaPairingCodeCrypto.d.ts → pairing-code-crypto.d.ts} +6 -1
- package/dist/types/auth/types.d.ts +40 -0
- package/dist/types/client/WaClient.d.ts +19 -8
- package/dist/types/client/WaClientFactory.d.ts +10 -4
- package/dist/types/client/coordinators/WaAbPropsCoordinator.d.ts +26 -0
- package/dist/types/client/coordinators/WaBusinessCoordinator.d.ts +1 -1
- package/dist/types/client/coordinators/WaEmailCoordinator.d.ts +24 -0
- package/dist/types/client/coordinators/WaIncomingNodeCoordinator.d.ts +6 -1
- package/dist/types/client/coordinators/WaMessageDispatchCoordinator.d.ts +15 -2
- package/dist/types/client/coordinators/WaOfflineResumeCoordinator.d.ts +31 -0
- package/dist/types/client/coordinators/WaPassiveTasksCoordinator.d.ts +13 -2
- package/dist/types/client/coordinators/WaPrivacyCoordinator.d.ts +1 -1
- package/dist/types/client/coordinators/WaProfileCoordinator.d.ts +4 -2
- package/dist/types/client/coordinators/WaRetryCoordinator.d.ts +6 -0
- package/dist/types/client/coordinators/WaTrustedContactTokenCoordinator.d.ts +11 -1
- package/dist/types/client/dirty.d.ts +3 -1
- package/dist/types/client/events/abprops.d.ts +14 -0
- package/dist/types/client/events/registration.d.ts +17 -0
- package/dist/types/client/incoming.d.ts +6 -1
- package/dist/types/client/mailbox.d.ts +2 -0
- package/dist/types/client/media.d.ts +31 -0
- package/dist/types/client/messages.d.ts +2 -0
- package/dist/types/client/persistence/WriteBehindPersistence.d.ts +1 -1
- package/dist/types/client/types.d.ts +100 -1
- package/dist/types/crypto/core/index.d.ts +1 -0
- package/dist/types/crypto/core/primitives.d.ts +1 -1
- package/dist/types/crypto/core/random.d.ts +1 -1
- package/dist/types/crypto/core/xeddsa.d.ts +2 -0
- package/dist/types/crypto/curves/constants.d.ts +1 -0
- package/dist/types/crypto/index.d.ts +1 -0
- package/dist/types/index.d.ts +2 -1
- package/dist/types/infra/log/ConsoleLogger.d.ts +1 -1
- package/dist/types/infra/log/PinoLogger.d.ts +1 -1
- package/dist/types/infra/perf/StoreLock.d.ts +1 -0
- package/dist/types/media/WaMediaCrypto.d.ts +15 -6
- package/dist/types/media/WaMediaTransferClient.d.ts +3 -11
- package/dist/types/media/constants.d.ts +2 -0
- package/dist/types/media/index.d.ts +1 -0
- package/dist/types/media/processor.d.ts +28 -0
- package/dist/types/media/types.d.ts +9 -3
- package/dist/types/message/addon-crypto.d.ts +34 -3
- package/dist/types/message/content.d.ts +3 -1
- package/dist/types/message/icdc.d.ts +4 -4
- package/dist/types/message/types.d.ts +16 -24
- package/dist/types/protocol/abprops.d.ts +142 -0
- package/dist/types/protocol/browser.d.ts +1 -0
- package/dist/types/protocol/constants.d.ts +5 -1
- package/dist/types/protocol/email.d.ts +32 -0
- package/dist/types/protocol/jid.d.ts +1 -0
- package/dist/types/protocol/nodes.d.ts +4 -0
- package/dist/types/protocol/notification.d.ts +6 -0
- package/dist/types/protocol/stream.d.ts +1 -0
- package/dist/types/retry/reason.d.ts +1 -1
- package/dist/types/signal/api/SignalDigestSyncApi.d.ts +3 -0
- package/dist/types/signal/api/SignalIdentitySyncApi.d.ts +3 -3
- package/dist/types/signal/crypto/WaAdvSignature.d.ts +0 -2
- package/dist/types/signal/crypto/constants.d.ts +0 -1
- package/dist/types/signal/encoding.d.ts +7 -1
- package/dist/types/signal/group/SenderKeyChain.d.ts +1 -1
- package/dist/types/signal/group/SenderKeyManager.d.ts +7 -2
- package/dist/types/signal/registration/utils.d.ts +2 -1
- package/dist/types/signal/session/SignalProtocol.d.ts +11 -2
- package/dist/types/signal/session/SignalSerializer.d.ts +2 -1
- package/dist/types/signal/session/resolver.d.ts +4 -2
- package/dist/types/signal/types.d.ts +16 -4
- package/dist/types/store/contracts/identity.store.d.ts +11 -0
- package/dist/types/store/contracts/message-secret.store.d.ts +16 -0
- package/dist/types/store/contracts/pre-key.store.d.ts +13 -0
- package/dist/types/store/contracts/session.store.d.ts +14 -0
- package/dist/types/store/contracts/signal.store.d.ts +1 -34
- package/dist/types/store/index.d.ts +9 -1
- package/dist/types/store/locks/identity.lock.d.ts +3 -0
- package/dist/types/store/locks/message-secret.lock.d.ts +3 -0
- package/dist/types/store/locks/pre-key.lock.d.ts +3 -0
- package/dist/types/store/locks/session.lock.d.ts +3 -0
- package/dist/types/store/noop.store.d.ts +4 -0
- package/dist/types/store/providers/memory/identity.store.d.ts +18 -0
- package/dist/types/store/providers/memory/message-secret.store.d.ts +21 -0
- package/dist/types/store/providers/memory/pre-key.store.d.ts +23 -0
- package/dist/types/store/providers/memory/retry.store.d.ts +7 -1
- package/dist/types/store/providers/memory/session.store.d.ts +21 -0
- package/dist/types/store/providers/memory/signal.store.d.ts +3 -45
- package/dist/types/store/providers/memory/thread.store.d.ts +1 -1
- package/dist/types/store/types.d.ts +21 -1
- package/dist/types/transport/WaWebSocket.d.ts +1 -0
- package/dist/types/transport/index.d.ts +8 -1
- package/dist/types/transport/keepalive/WaKeepAlive.d.ts +4 -1
- package/dist/types/transport/node/WaMobileTcpSocket.d.ts +18 -0
- package/dist/types/transport/node/WaNodeOrchestrator.d.ts +6 -2
- package/dist/types/transport/node/builders/abprops.d.ts +5 -0
- package/dist/types/transport/node/builders/device.d.ts +2 -0
- package/dist/types/transport/node/builders/email.d.ts +11 -0
- package/dist/types/transport/node/builders/offline.d.ts +2 -0
- package/dist/types/transport/node/builders/prekeys.d.ts +4 -3
- package/dist/types/transport/node/builders/presence.d.ts +6 -0
- package/dist/types/transport/node/helpers.d.ts +3 -0
- package/dist/types/transport/node/mex/argo-decoder.d.ts +11 -0
- package/dist/types/transport/node/mex/client.d.ts +18 -0
- package/dist/types/transport/node/mex/persist-ids.d.ts +14 -0
- package/dist/types/transport/noise/WaMobileClientPayload.d.ts +29 -0
- package/dist/types/transport/noise/WaNoiseCert.d.ts +7 -1
- package/dist/types/transport/noise/WaNoiseSession.d.ts +1 -0
- package/dist/types/transport/types.d.ts +8 -0
- package/package.json +6 -4
- package/dist/auth/pairing/constants.js +0 -5
- package/dist/client/connection/WaKeyShareCoordinator.js +0 -63
- package/dist/esm/auth/pairing/constants.js +0 -2
- package/dist/esm/client/connection/WaKeyShareCoordinator.js +0 -59
- package/dist/esm/transport/node/builders/index.js +0 -11
- package/dist/transport/node/builders/index.js +0 -51
- package/dist/types/auth/flow/WaAuthCredentialsFlow.d.ts +0 -14
- package/dist/types/auth/pairing/constants.d.ts +0 -2
- package/dist/types/client/connection/WaKeyShareCoordinator.d.ts +0 -14
- package/dist/types/transport/node/builders/index.d.ts +0 -11
- /package/dist/appstate/{WaAppStateSyncResponseParser.js → response-parser.js} +0 -0
|
@@ -3,14 +3,15 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
3
3
|
exports.loadOrCreateCredentials = loadOrCreateCredentials;
|
|
4
4
|
exports.persistCredentials = persistCredentials;
|
|
5
5
|
exports.buildCommsConfig = buildCommsConfig;
|
|
6
|
-
const _crypto_1 = require("
|
|
7
|
-
const keys_1 = require("
|
|
8
|
-
const X25519_1 = require("
|
|
9
|
-
const jid_1 = require("
|
|
10
|
-
const
|
|
11
|
-
const
|
|
12
|
-
const
|
|
13
|
-
const
|
|
6
|
+
const _crypto_1 = require("../crypto/index.js");
|
|
7
|
+
const keys_1 = require("../crypto/core/keys");
|
|
8
|
+
const X25519_1 = require("../crypto/curves/X25519");
|
|
9
|
+
const jid_1 = require("../protocol/jid");
|
|
10
|
+
const utils_1 = require("../signal/registration/utils");
|
|
11
|
+
const WaMobileTcpSocket_1 = require("../transport/node/WaMobileTcpSocket");
|
|
12
|
+
const WaMobileClientPayload_1 = require("../transport/noise/WaMobileClientPayload");
|
|
13
|
+
const proxy_1 = require("../transport/proxy");
|
|
14
|
+
const primitives_1 = require("../util/primitives");
|
|
14
15
|
async function loadOrCreateCredentials(args) {
|
|
15
16
|
args.logger.trace('auth credentials loadOrCreate start');
|
|
16
17
|
const existing = await args.authStore.load();
|
|
@@ -23,13 +24,16 @@ async function loadOrCreateCredentials(args) {
|
|
|
23
24
|
registered: existing.meJid !== null && existing.meJid !== undefined,
|
|
24
25
|
hasServerStaticKey: existing.serverStaticKey !== null && existing.serverStaticKey !== undefined
|
|
25
26
|
});
|
|
26
|
-
|
|
27
|
+
const skipSignedPreKeyCheck = args.skipSignedPreKeySignatureVerification === true;
|
|
28
|
+
if (!existing.meJid &&
|
|
29
|
+
!skipSignedPreKeyCheck &&
|
|
30
|
+
!(await hasValidSignedPreKey(args.logger, existing))) {
|
|
27
31
|
args.logger.warn('signed pre-key is invalid, regenerating credentials');
|
|
28
32
|
const fresh = await createFreshAndPersistCredentials(args);
|
|
29
33
|
args.logger.info('regenerated credentials due to invalid signed pre-key');
|
|
30
34
|
return fresh;
|
|
31
35
|
}
|
|
32
|
-
await restoreSignalStore(args.signalStore, existing);
|
|
36
|
+
await restoreSignalStore(args.signalStore, args.preKeyStore, existing);
|
|
33
37
|
args.logger.trace('auth credentials restored into signal store');
|
|
34
38
|
return existing;
|
|
35
39
|
}
|
|
@@ -39,15 +43,72 @@ async function persistCredentials(args, credentials) {
|
|
|
39
43
|
});
|
|
40
44
|
await args.authStore.save(credentials);
|
|
41
45
|
}
|
|
46
|
+
function mobileTransportFromCredentials(credentials) {
|
|
47
|
+
if (!credentials.deviceInfo)
|
|
48
|
+
return undefined;
|
|
49
|
+
return {
|
|
50
|
+
deviceInfo: credentials.deviceInfo,
|
|
51
|
+
...(credentials.pushName !== undefined ? { pushName: credentials.pushName } : {}),
|
|
52
|
+
...(credentials.yearClass !== undefined ? { yearClass: credentials.yearClass } : {}),
|
|
53
|
+
...(credentials.memClass !== undefined ? { memClass: credentials.memClass } : {})
|
|
54
|
+
};
|
|
55
|
+
}
|
|
42
56
|
function buildCommsConfig(logger, credentials, socketOptions, clientOptions) {
|
|
43
57
|
const meJid = credentials.meJid;
|
|
44
58
|
const registered = meJid !== null && meJid !== undefined;
|
|
45
59
|
const loginIdentity = registered ? (0, jid_1.getLoginIdentity)(meJid) : null;
|
|
46
60
|
const wsProxy = socketOptions.proxy?.ws;
|
|
61
|
+
// Resolve the effective mobile transport: explicit option wins, otherwise
|
|
62
|
+
// synthesize one from persisted credentials.deviceInfo so a registered
|
|
63
|
+
// mobile session boots in mobile mode without the caller re-passing
|
|
64
|
+
// deviceInfo on every `new WaClient(...)` call.
|
|
65
|
+
const effectiveMobileTransport = clientOptions.mobileTransport ?? mobileTransportFromCredentials(credentials);
|
|
47
66
|
logger.debug('building comms config from credentials', {
|
|
48
67
|
registered,
|
|
49
|
-
hasServerStaticKey: credentials.serverStaticKey !== null && credentials.serverStaticKey !== undefined
|
|
68
|
+
hasServerStaticKey: credentials.serverStaticKey !== null && credentials.serverStaticKey !== undefined,
|
|
69
|
+
mobile: Boolean(effectiveMobileTransport),
|
|
70
|
+
mobileSource: clientOptions.mobileTransport
|
|
71
|
+
? 'option'
|
|
72
|
+
: effectiveMobileTransport
|
|
73
|
+
? 'credentials'
|
|
74
|
+
: 'none'
|
|
50
75
|
});
|
|
76
|
+
if (effectiveMobileTransport) {
|
|
77
|
+
if (wsProxy) {
|
|
78
|
+
throw new Error('mobileTransport does not support socketOptions.proxy.ws — remove the proxy option or open an issue to add TCP proxy support');
|
|
79
|
+
}
|
|
80
|
+
if (!loginIdentity) {
|
|
81
|
+
throw new Error('mobileTransport requires registered credentials (meJid) — run the mobile bridge flow first');
|
|
82
|
+
}
|
|
83
|
+
const loginPayload = (0, WaMobileClientPayload_1.buildMobileLoginPayload)({
|
|
84
|
+
username: loginIdentity.username,
|
|
85
|
+
device: loginIdentity.device,
|
|
86
|
+
passive: effectiveMobileTransport.passive ?? false,
|
|
87
|
+
deviceInfo: effectiveMobileTransport.deviceInfo,
|
|
88
|
+
pushName: effectiveMobileTransport.pushName,
|
|
89
|
+
yearClass: effectiveMobileTransport.yearClass,
|
|
90
|
+
memClass: effectiveMobileTransport.memClass
|
|
91
|
+
});
|
|
92
|
+
return {
|
|
93
|
+
url: effectiveMobileTransport.tcpUrl ?? 'tcp://g.whatsapp.net:443',
|
|
94
|
+
rawWebSocketConstructor: WaMobileTcpSocket_1.WaMobileTcpSocketCtor,
|
|
95
|
+
connectTimeoutMs: socketOptions.connectTimeoutMs,
|
|
96
|
+
reconnectIntervalMs: socketOptions.reconnectIntervalMs,
|
|
97
|
+
timeoutIntervalMs: socketOptions.timeoutIntervalMs,
|
|
98
|
+
maxReconnectAttempts: socketOptions.maxReconnectAttempts,
|
|
99
|
+
noise: {
|
|
100
|
+
clientStaticKeyPair: credentials.noiseKeyPair,
|
|
101
|
+
isRegistered: true,
|
|
102
|
+
serverStaticKey: credentials.serverStaticKey,
|
|
103
|
+
routingInfo: credentials.routingInfo,
|
|
104
|
+
trustedRootCa: clientOptions.noiseTrustedRootCa,
|
|
105
|
+
verifyCertificateChain: clientOptions.disableNoiseCertificateChainVerification
|
|
106
|
+
? false
|
|
107
|
+
: undefined,
|
|
108
|
+
loginPayload
|
|
109
|
+
}
|
|
110
|
+
};
|
|
111
|
+
}
|
|
51
112
|
return {
|
|
52
113
|
url: socketOptions.url,
|
|
53
114
|
urls: socketOptions.urls,
|
|
@@ -63,6 +124,10 @@ function buildCommsConfig(logger, credentials, socketOptions, clientOptions) {
|
|
|
63
124
|
isRegistered: registered,
|
|
64
125
|
serverStaticKey: credentials.serverStaticKey,
|
|
65
126
|
routingInfo: credentials.routingInfo,
|
|
127
|
+
trustedRootCa: clientOptions.noiseTrustedRootCa,
|
|
128
|
+
verifyCertificateChain: clientOptions.disableNoiseCertificateChainVerification
|
|
129
|
+
? false
|
|
130
|
+
: undefined,
|
|
66
131
|
loginPayloadConfig: loginIdentity
|
|
67
132
|
? {
|
|
68
133
|
username: loginIdentity.username,
|
|
@@ -85,11 +150,11 @@ function buildCommsConfig(logger, credentials, socketOptions, clientOptions) {
|
|
|
85
150
|
}
|
|
86
151
|
};
|
|
87
152
|
}
|
|
88
|
-
async function createFreshCredentials(signalStore, logger) {
|
|
153
|
+
async function createFreshCredentials(signalStore, preKeyStore, logger) {
|
|
89
154
|
logger.trace('creating fresh credentials');
|
|
90
155
|
const [noiseKeyPair, registrationBundle, advSecretKey] = await Promise.all([
|
|
91
156
|
X25519_1.X25519.generateKeyPair(),
|
|
92
|
-
(0, utils_1.createAndStoreInitialKeys)(signalStore),
|
|
157
|
+
(0, utils_1.createAndStoreInitialKeys)(signalStore, preKeyStore),
|
|
93
158
|
(0, _crypto_1.randomBytesAsync)(32)
|
|
94
159
|
]);
|
|
95
160
|
return {
|
|
@@ -101,16 +166,16 @@ async function createFreshCredentials(signalStore, logger) {
|
|
|
101
166
|
};
|
|
102
167
|
}
|
|
103
168
|
async function createFreshAndPersistCredentials(args) {
|
|
104
|
-
const credentials = await createFreshCredentials(args.signalStore, args.logger);
|
|
169
|
+
const credentials = await createFreshCredentials(args.signalStore, args.preKeyStore, args.logger);
|
|
105
170
|
// Persist credentials first so signal restore never commits state for credentials that failed to save.
|
|
106
171
|
await args.authStore.save(credentials);
|
|
107
|
-
await restoreSignalStore(args.signalStore, credentials);
|
|
172
|
+
await restoreSignalStore(args.signalStore, args.preKeyStore, credentials);
|
|
108
173
|
return credentials;
|
|
109
174
|
}
|
|
110
175
|
async function hasValidSignedPreKey(logger, credentials) {
|
|
111
176
|
try {
|
|
112
177
|
const serializedPubKey = (0, keys_1.toSerializedPubKey)(credentials.signedPreKey.keyPair.pubKey);
|
|
113
|
-
const valid = await (0,
|
|
178
|
+
const valid = await (0, _crypto_1.xeddsaVerify)((0, _crypto_1.toRawPubKey)(credentials.registrationInfo.identityKeyPair.pubKey), serializedPubKey, credentials.signedPreKey.signature);
|
|
114
179
|
logger.trace('signed pre-key validation completed', { valid });
|
|
115
180
|
return valid;
|
|
116
181
|
}
|
|
@@ -121,10 +186,10 @@ async function hasValidSignedPreKey(logger, credentials) {
|
|
|
121
186
|
return false;
|
|
122
187
|
}
|
|
123
188
|
}
|
|
124
|
-
async function restoreSignalStore(signalStore, credentials) {
|
|
189
|
+
async function restoreSignalStore(signalStore, preKeyStore, credentials) {
|
|
125
190
|
await Promise.all([
|
|
126
191
|
signalStore.setRegistrationInfo(credentials.registrationInfo),
|
|
127
192
|
signalStore.setSignedPreKey(credentials.signedPreKey),
|
|
128
|
-
|
|
193
|
+
preKeyStore.setServerHasPreKeys(credentials.serverHasPreKeys === true)
|
|
129
194
|
]);
|
|
130
195
|
}
|
|
@@ -1,9 +1,10 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
exports.WaPairingFlow = void 0;
|
|
4
|
-
const
|
|
4
|
+
const pairing_code_crypto_1 = require("../pairing/pairing-code-crypto");
|
|
5
5
|
const _crypto_1 = require("../../crypto/index.js");
|
|
6
6
|
const _proto_1 = require("../../proto.js");
|
|
7
|
+
const browser_1 = require("../../protocol/browser");
|
|
7
8
|
const constants_1 = require("../../protocol/constants");
|
|
8
9
|
const jid_1 = require("../../protocol/jid");
|
|
9
10
|
const WaAdvSignature_1 = require("../../signal/crypto/WaAdvSignature");
|
|
@@ -11,7 +12,6 @@ const global_1 = require("../../transport/node/builders/global");
|
|
|
11
12
|
const pairing_1 = require("../../transport/node/builders/pairing");
|
|
12
13
|
const helpers_1 = require("../../transport/node/helpers");
|
|
13
14
|
const bytes_1 = require("../../util/bytes");
|
|
14
|
-
const bytes_2 = require("../../util/bytes");
|
|
15
15
|
class WaPairingFlow {
|
|
16
16
|
constructor(options) {
|
|
17
17
|
this.opts = options;
|
|
@@ -24,26 +24,19 @@ class WaPairingFlow {
|
|
|
24
24
|
this.opts.logger.trace('pairing flow session cleared');
|
|
25
25
|
this.pairingSession = null;
|
|
26
26
|
}
|
|
27
|
-
async requestPairingCode(phoneNumber, shouldShowPushNotification = false) {
|
|
27
|
+
async requestPairingCode(phoneNumber, shouldShowPushNotification = false, customCode) {
|
|
28
28
|
this.opts.logger.info('requesting pairing code', {
|
|
29
|
-
shouldShowPushNotification
|
|
29
|
+
shouldShowPushNotification,
|
|
30
|
+
hasCustomCode: customCode !== undefined
|
|
30
31
|
});
|
|
32
|
+
const normalizedCustomCode = customCode !== undefined ? (0, pairing_code_crypto_1.normalizeCustomPairingCode)(customCode) : undefined;
|
|
31
33
|
const credentials = this.requireCredentials();
|
|
32
34
|
const phoneJid = (0, jid_1.parsePhoneJid)(phoneNumber);
|
|
33
35
|
const [companionHello, refreshedCredentials] = await Promise.all([
|
|
34
|
-
(0,
|
|
36
|
+
(0, pairing_code_crypto_1.createCompanionHello)({ customCode: normalizedCustomCode }),
|
|
35
37
|
this.rotateAdvSecret(credentials)
|
|
36
38
|
]);
|
|
37
|
-
const
|
|
38
|
-
const browserDisplayName = {
|
|
39
|
-
chrome: 'Chrome',
|
|
40
|
-
firefox: 'Firefox',
|
|
41
|
-
ie: 'IE',
|
|
42
|
-
opera: 'Opera',
|
|
43
|
-
safari: 'Safari',
|
|
44
|
-
edge: 'Edge',
|
|
45
|
-
chromium: 'Chromium'
|
|
46
|
-
}[browser.trim().toLowerCase()] ?? browser;
|
|
39
|
+
const browserDisplayName = (0, browser_1.getWaBrowserDisplayName)(this.opts.device.browser);
|
|
47
40
|
const response = await this.opts.socket.query((0, pairing_1.buildCompanionHelloRequestNode)({
|
|
48
41
|
phoneJid,
|
|
49
42
|
shouldShowPushNotification,
|
|
@@ -133,7 +126,7 @@ class WaPairingFlow {
|
|
|
133
126
|
return true;
|
|
134
127
|
}
|
|
135
128
|
const ref = (0, helpers_1.decodeNodeContentUtf8OrBytes)(refNode.content, 'refresh_code.link_code_pairing_ref');
|
|
136
|
-
if ((0,
|
|
129
|
+
if ((0, bytes_1.uint8Equal)(ref, this.pairingSession.ref)) {
|
|
137
130
|
this.opts.logger.info('received pairing refresh notification', {
|
|
138
131
|
forceManualRefresh: linkCodeNode.attrs.force_manual_refresh === 'true'
|
|
139
132
|
});
|
|
@@ -189,13 +182,15 @@ class WaPairingFlow {
|
|
|
189
182
|
const wrappedHmac = (0, bytes_1.decodeProtoBytes)(wrappedIdentity.hmac, 'ADVSignedDeviceIdentityHMAC.hmac');
|
|
190
183
|
const accountType = wrappedIdentity.accountType ?? _proto_1.proto.ADVEncryptionType.E2EE;
|
|
191
184
|
const isHosted = accountType === _proto_1.proto.ADVEncryptionType.HOSTED;
|
|
192
|
-
|
|
193
|
-
|
|
194
|
-
|
|
195
|
-
|
|
196
|
-
|
|
197
|
-
|
|
198
|
-
|
|
185
|
+
if (this.opts.dangerous?.disablePairSuccessHmacVerification !== true) {
|
|
186
|
+
const hmacInput = isHosted
|
|
187
|
+
? (0, bytes_1.concatBytes)([WaAdvSignature_1.ADV_PREFIX_HOSTED_ACCOUNT_SIGNATURE, wrappedDetails])
|
|
188
|
+
: wrappedDetails;
|
|
189
|
+
const expectedHmac = await (0, WaAdvSignature_1.computeAdvIdentityHmac)(credentials.advSecretKey, hmacInput);
|
|
190
|
+
if (!(0, bytes_1.uint8Equal)(expectedHmac, wrappedHmac)) {
|
|
191
|
+
this.opts.logger.error('pair-success hmac mismatch');
|
|
192
|
+
throw new Error('pair-success HMAC validation failed');
|
|
193
|
+
}
|
|
199
194
|
}
|
|
200
195
|
const { signedIdentity, keyIndex, responseIdentityBytes } = await this.buildPairSuccessResponseIdentity(credentials, wrappedDetails, isHosted);
|
|
201
196
|
const nextCredentials = {
|
|
@@ -244,10 +239,12 @@ class WaPairingFlow {
|
|
|
244
239
|
const accountSignature = (0, bytes_1.decodeProtoBytes)(signedIdentity.accountSignature, 'ADVSignedDeviceIdentity.accountSignature');
|
|
245
240
|
const accountSignatureKey = (0, bytes_1.decodeProtoBytes)(signedIdentity.accountSignatureKey, 'ADVSignedDeviceIdentity.accountSignatureKey');
|
|
246
241
|
const localIdentity = credentials.registrationInfo.identityKeyPair;
|
|
247
|
-
|
|
248
|
-
|
|
249
|
-
|
|
250
|
-
|
|
242
|
+
if (this.opts.dangerous?.disableAdvSignatureVerification !== true) {
|
|
243
|
+
const validAccountSignature = await (0, WaAdvSignature_1.verifyDeviceIdentityAccountSignature)(details, accountSignature, localIdentity.pubKey, accountSignatureKey, isHosted);
|
|
244
|
+
if (!validAccountSignature) {
|
|
245
|
+
this.opts.logger.error('pair-success account signature invalid');
|
|
246
|
+
throw new Error('pair-success account signature validation failed');
|
|
247
|
+
}
|
|
251
248
|
}
|
|
252
249
|
signedIdentity.deviceSignature = await (0, WaAdvSignature_1.generateDeviceSignature)(details, localIdentity, accountSignatureKey, isHosted);
|
|
253
250
|
const advDeviceIdentity = _proto_1.proto.ADVDeviceIdentity.decode(details);
|
|
@@ -285,7 +282,7 @@ class WaPairingFlow {
|
|
|
285
282
|
throw new Error('primary_hello notification is missing fields');
|
|
286
283
|
}
|
|
287
284
|
const ref = (0, helpers_1.decodeNodeContentUtf8OrBytes)(refNode.content, 'primary_hello.link_code_pairing_ref');
|
|
288
|
-
if (!pairingSession.ref || !(0,
|
|
285
|
+
if (!pairingSession.ref || !(0, bytes_1.uint8Equal)(ref, pairingSession.ref)) {
|
|
289
286
|
this.opts.logger.warn('primary_hello ref mismatch ignored');
|
|
290
287
|
return;
|
|
291
288
|
}
|
|
@@ -294,7 +291,7 @@ class WaPairingFlow {
|
|
|
294
291
|
constants_1.WA_DEFAULTS.PAIRING_CODE_MAX_AGE_SECONDS) {
|
|
295
292
|
throw new Error('primary_hello received for an expired pairing code');
|
|
296
293
|
}
|
|
297
|
-
const finish = await (0,
|
|
294
|
+
const finish = await (0, pairing_code_crypto_1.completeCompanionFinish)({
|
|
298
295
|
pairingCode: pairingSession.pairingCode,
|
|
299
296
|
wrappedPrimaryEphemeralPub: (0, helpers_1.decodeNodeContentUtf8OrBytes)(wrappedPrimaryNode.content, 'primary_hello.link_code_pairing_wrapped_primary_ephemeral_pub'),
|
|
300
297
|
primaryIdentityPub: (0, helpers_1.decodeNodeContentUtf8OrBytes)(primaryIdentityNode.content, 'primary_hello.primary_identity_pub'),
|
|
@@ -1,12 +1,15 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.PBKDF2_ITERATIONS = exports.CROCKFORD_ALPHABET = void 0;
|
|
4
|
+
exports.normalizeCustomPairingCode = normalizeCustomPairingCode;
|
|
3
5
|
exports.createCompanionHello = createCompanionHello;
|
|
4
6
|
exports.completeCompanionFinish = completeCompanionFinish;
|
|
5
|
-
const constants_1 = require("../pairing/constants");
|
|
6
7
|
const _crypto_1 = require("../../crypto/index.js");
|
|
7
8
|
const X25519_1 = require("../../crypto/curves/X25519");
|
|
8
|
-
const
|
|
9
|
+
const constants_1 = require("../../protocol/constants");
|
|
9
10
|
const bytes_1 = require("../../util/bytes");
|
|
11
|
+
exports.CROCKFORD_ALPHABET = '123456789ABCDEFGHJKLMNPQRSTVWXYZ';
|
|
12
|
+
exports.PBKDF2_ITERATIONS = 2 << 16;
|
|
10
13
|
function bytesToCrockford(bytes) {
|
|
11
14
|
let bitCount = 0;
|
|
12
15
|
let value = 0;
|
|
@@ -15,24 +18,37 @@ function bytesToCrockford(bytes) {
|
|
|
15
18
|
value = (value << 8) | bytes[i];
|
|
16
19
|
bitCount += 8;
|
|
17
20
|
while (bitCount >= 5) {
|
|
18
|
-
out +=
|
|
21
|
+
out += exports.CROCKFORD_ALPHABET[(value >>> (bitCount - 5)) & 31];
|
|
19
22
|
bitCount -= 5;
|
|
20
23
|
}
|
|
21
24
|
}
|
|
22
25
|
if (bitCount > 0) {
|
|
23
|
-
out +=
|
|
26
|
+
out += exports.CROCKFORD_ALPHABET[(value << (5 - bitCount)) & 31];
|
|
24
27
|
}
|
|
25
28
|
return out;
|
|
26
29
|
}
|
|
27
|
-
|
|
28
|
-
const
|
|
29
|
-
|
|
30
|
+
function normalizeCustomPairingCode(input) {
|
|
31
|
+
const stripped = input.replace(/-/g, '').toUpperCase();
|
|
32
|
+
if (stripped.length !== 8) {
|
|
33
|
+
throw new Error(`custom pairing code must be 8 characters, got ${stripped.length}`);
|
|
34
|
+
}
|
|
35
|
+
for (let i = 0; i < stripped.length; i += 1) {
|
|
36
|
+
if (exports.CROCKFORD_ALPHABET.indexOf(stripped[i]) < 0) {
|
|
37
|
+
throw new Error(`custom pairing code contains invalid character "${stripped[i]}" (allowed: ${exports.CROCKFORD_ALPHABET})`);
|
|
38
|
+
}
|
|
39
|
+
}
|
|
40
|
+
return stripped;
|
|
41
|
+
}
|
|
42
|
+
async function createCompanionHello(options = {}) {
|
|
43
|
+
const normalizedCustomCode = options.customCode !== undefined ? normalizeCustomPairingCode(options.customCode) : null;
|
|
44
|
+
const [companionEphemeralKeyPair, salt, counter, codeBytes] = await Promise.all([
|
|
30
45
|
X25519_1.X25519.generateKeyPair(),
|
|
31
46
|
(0, _crypto_1.randomBytesAsync)(32),
|
|
32
|
-
(0, _crypto_1.randomBytesAsync)(16)
|
|
47
|
+
(0, _crypto_1.randomBytesAsync)(16),
|
|
48
|
+
normalizedCustomCode !== null ? Promise.resolve(null) : (0, _crypto_1.randomBytesAsync)(5)
|
|
33
49
|
]);
|
|
34
|
-
const pairingCode = bytesToCrockford(codeBytes);
|
|
35
|
-
const cipher = await (0, _crypto_1.pbkdf2DeriveAesCtrKey)(bytes_1.TEXT_ENCODER.encode(pairingCode), salt,
|
|
50
|
+
const pairingCode = normalizedCustomCode ?? bytesToCrockford(codeBytes);
|
|
51
|
+
const cipher = await (0, _crypto_1.pbkdf2DeriveAesCtrKey)(bytes_1.TEXT_ENCODER.encode(pairingCode), salt, exports.PBKDF2_ITERATIONS);
|
|
36
52
|
const encrypted = await (0, _crypto_1.aesCtrEncrypt)(cipher, counter, companionEphemeralKeyPair.pubKey);
|
|
37
53
|
return {
|
|
38
54
|
pairingCode,
|
|
@@ -44,7 +60,7 @@ async function completeCompanionFinish(args) {
|
|
|
44
60
|
if (args.wrappedPrimaryEphemeralPub.length <= 48) {
|
|
45
61
|
throw new Error('invalid wrapped primary payload');
|
|
46
62
|
}
|
|
47
|
-
const pairingCipher = await (0, _crypto_1.pbkdf2DeriveAesCtrKey)(bytes_1.TEXT_ENCODER.encode(args.pairingCode), args.wrappedPrimaryEphemeralPub.subarray(0, 32),
|
|
63
|
+
const pairingCipher = await (0, _crypto_1.pbkdf2DeriveAesCtrKey)(bytes_1.TEXT_ENCODER.encode(args.pairingCode), args.wrappedPrimaryEphemeralPub.subarray(0, 32), exports.PBKDF2_ITERATIONS);
|
|
48
64
|
const primaryEphemeralPub = await (0, _crypto_1.aesCtrDecrypt)(pairingCipher, args.wrappedPrimaryEphemeralPub.subarray(32, 48), args.wrappedPrimaryEphemeralPub.subarray(48));
|
|
49
65
|
if (primaryEphemeralPub.length === 0) {
|
|
50
66
|
throw new Error('empty primary ephemeral public key');
|
|
@@ -55,7 +71,7 @@ async function completeCompanionFinish(args) {
|
|
|
55
71
|
(0, _crypto_1.randomBytesAsync)(32),
|
|
56
72
|
(0, _crypto_1.randomBytesAsync)(12)
|
|
57
73
|
]);
|
|
58
|
-
const bundleEncryptionKeyRaw = await (0, _crypto_1.hkdf)(sharedEphemeral, bundleSalt,
|
|
74
|
+
const bundleEncryptionKeyRaw = await (0, _crypto_1.hkdf)(sharedEphemeral, bundleSalt, constants_1.WA_PAIRING_KDF_INFO.LINK_CODE_BUNDLE, 32);
|
|
59
75
|
const bundleEncryptionKey = await (0, _crypto_1.importAesGcmKey)(bundleEncryptionKeyRaw, ['encrypt']);
|
|
60
76
|
const plaintextBundle = (0, bytes_1.concatBytes)([
|
|
61
77
|
args.registrationIdentityKeyPair.pubKey,
|
|
@@ -68,7 +84,7 @@ async function completeCompanionFinish(args) {
|
|
|
68
84
|
]);
|
|
69
85
|
const wrappedKeyBundle = (0, bytes_1.concatBytes)([bundleSalt, bundleIv, encryptedBundle]);
|
|
70
86
|
const advMaterial = (0, bytes_1.concatBytes)([sharedEphemeral, sharedIdentity, bundleSecret]);
|
|
71
|
-
const advSecret = await (0, _crypto_1.hkdf)(advMaterial, null,
|
|
87
|
+
const advSecret = await (0, _crypto_1.hkdf)(advMaterial, null, constants_1.WA_PAIRING_KDF_INFO.ADV_SECRET, 32);
|
|
72
88
|
return {
|
|
73
89
|
wrappedKeyBundle,
|
|
74
90
|
companionIdentityPublic: args.registrationIdentityKeyPair.pubKey,
|