remove all files

src/Utils/decodeWAMessage.ts

@@ -0,0 +1,63 @@
+import Boom from "boom"
+import BinaryNode from "../BinaryNode"
+import { aesDecrypt, hmacSign } from "./generics"
+import { DisconnectReason, WATag } from "../Types"
+
+export const decodeWAMessage = (
+    message: string | Buffer, 
+    auth: { macKey: Buffer, encKey: Buffer }, 
+    fromMe: boolean=false
+) => {
+
+    let commaIndex = message.indexOf(',') // all whatsapp messages have a tag and a comma, followed by the actual message
+    if (commaIndex < 0) throw new Boom('invalid message', { data: message }) // if there was no comma, then this message must be not be valid
+    
+    if (message[commaIndex+1] === ',') commaIndex += 1
+    let data = message.slice(commaIndex+1, message.length)
+    
+    // get the message tag.
+    // If a query was done, the server will respond with the same message tag we sent the query with
+    const messageTag: string = message.slice(0, commaIndex).toString()
+    let json: any
+    let tags: WATag
+    if (data.length > 0) {
+        if (typeof data === 'string') {
+            json = JSON.parse(data) // parse the JSON
+        } else {
+            const { macKey, encKey } = auth || {}
+            if (!macKey || !encKey) {
+                throw new Boom('recieved encrypted buffer when auth creds unavailable', { data: message, statusCode: DisconnectReason.badSession })
+            }
+            /* 
+                If the data recieved was not a JSON, then it must be an encrypted message.
+                Such a message can only be decrypted if we're connected successfully to the servers & have encryption keys
+            */
+            if (fromMe) {
+                tags = [data[0], data[1]]
+                data = data.slice(2, data.length)
+            }
+            
+            const checksum = data.slice(0, 32) // the first 32 bytes of the buffer are the HMAC sign of the message
+            data = data.slice(32, data.length) // the actual message
+            const computedChecksum = hmacSign(data, macKey) // compute the sign of the message we recieved using our macKey
+            
+            if (checksum.equals(computedChecksum)) {
+                // the checksum the server sent, must match the one we computed for the message to be valid
+                const decrypted = aesDecrypt(data, encKey) // decrypt using AES
+                json = BinaryNode.from(decrypted) // decode the binary message into a JSON array
+            } else {
+                throw new Boom('Bad checksum', {
+                    data: {
+                        received: checksum.toString('hex'),
+                        computed: computedChecksum.toString('hex'),
+                        data: data.slice(0, 80).toString(),
+                        tag: messageTag,
+                        message: message.slice(0, 80).toString()
+                    },
+                    statusCode: DisconnectReason.badSession
+                })
+            }
+        }   
+    }
+    return [messageTag, json, tags] as const
+}

src/Utils/generics.ts

@@ -0,0 +1,148 @@
+import Boom from 'boom'
+import { createCipheriv, createDecipheriv, createHash, createHmac, randomBytes } from 'crypto'
+import HKDF from 'futoin-hkdf'
+import { platform, release } from 'os'
+
+const PLATFORM_MAP = {
+    'aix': 'AIX',
+    'darwin': 'Mac OS',
+    'win32': 'Windows',
+    'android': 'Android'
+}
+export const Browsers = {
+    ubuntu: browser => ['Ubuntu', browser, '18.04'] as [string, string, string],
+    macOS: browser => ['Mac OS', browser, '10.15.3'] as [string, string, string],
+    baileys: browser => ['Baileys', browser, '4.0.0'] as [string, string, string],
+    /** The appropriate browser based on your OS & release */
+    appropriate: browser => [ PLATFORM_MAP[platform()] || 'Ubuntu', browser, release() ] as [string, string, string]
+}
+export const toNumber = (t: Long | number) => (t['low'] || t) as number
+
+export const whatsappID = (jid: string) => jid?.replace ('@c.us', '@s.whatsapp.net')
+export const isGroupID = (jid: string) => jid?.endsWith ('@g.us')
+
+export function shallowChanges <T> (old: T, current: T, {lookForDeletedKeys}: {lookForDeletedKeys: boolean}): Partial<T> {
+    let changes: Partial<T> = {}
+    for (let key in current) {
+        if (old[key] !== current[key]) {
+            changes[key] = current[key] || null
+        }
+    }
+    if (lookForDeletedKeys) {
+        for (let key in old) {
+            if (!changes[key] && old[key] !== current[key]) {
+                changes[key] = current[key] || null
+            }
+        }
+    }
+    return changes
+}
+
+/** decrypt AES 256 CBC; where the IV is prefixed to the buffer */
+export function aesDecrypt(buffer: Buffer, key: Buffer) {
+    return aesDecryptWithIV(buffer.slice(16, buffer.length), key, buffer.slice(0, 16))
+}
+/** decrypt AES 256 CBC */
+export function aesDecryptWithIV(buffer: Buffer, key: Buffer, IV: Buffer) {
+    const aes = createDecipheriv('aes-256-cbc', key, IV)
+    return Buffer.concat([aes.update(buffer), aes.final()])
+}
+// encrypt AES 256 CBC; where a random IV is prefixed to the buffer
+export function aesEncrypt(buffer: Buffer, key: Buffer) {
+    const IV = randomBytes(16)
+    const aes = createCipheriv('aes-256-cbc', key, IV)
+    return Buffer.concat([IV, aes.update(buffer), aes.final()]) // prefix IV to the buffer
+}
+// encrypt AES 256 CBC with a given IV
+export function aesEncrypWithIV(buffer: Buffer, key: Buffer, IV: Buffer) {
+    const aes = createCipheriv('aes-256-cbc', key, IV)
+    return Buffer.concat([aes.update(buffer), aes.final()]) // prefix IV to the buffer
+}
+// sign HMAC using SHA 256
+export function hmacSign(buffer: Buffer, key: Buffer) {
+    return createHmac('sha256', key).update(buffer).digest()
+}
+export function sha256(buffer: Buffer) {
+    return createHash('sha256').update(buffer).digest()
+}
+// HKDF key expansion
+export function hkdf(buffer: Buffer, expandedLength: number, info = null) {
+    return HKDF(buffer, expandedLength, { salt: Buffer.alloc(32), info: info, hash: 'SHA-256' })
+}
+/** unix timestamp of a date in seconds */
+export const unixTimestampSeconds = (date: Date = new Date()) => Math.floor(date.getTime()/1000)
+
+export type DebouncedTimeout = ReturnType<typeof debouncedTimeout>
+export const debouncedTimeout = (intervalMs: number = 1000, task: () => void = undefined) => {
+    let timeout: NodeJS.Timeout
+    return {
+        start: (newIntervalMs?: number, newTask?: () => void) => {
+            task = newTask || task
+            intervalMs = newIntervalMs || intervalMs
+            timeout && clearTimeout(timeout)
+            timeout = setTimeout(task, intervalMs)
+        },
+        cancel: () => {
+            timeout && clearTimeout(timeout)
+            timeout = undefined
+        },
+        setTask: (newTask: () => void) => task = newTask,
+        setInterval: (newInterval: number) => intervalMs = newInterval
+    }
+}
+
+export const delay = (ms: number) => delayCancellable (ms).delay
+export const delayCancellable = (ms: number) => {
+    const stack = new Error().stack
+    let timeout: NodeJS.Timeout
+    let reject: (error) => void
+    const delay: Promise<void> = new Promise((resolve, _reject) => {
+        timeout = setTimeout(resolve, ms)
+        reject = _reject
+    })
+    const cancel = () => {
+        clearTimeout (timeout)
+        reject(
+            new Boom('Cancelled', {
+                statusCode: 500,
+                data: {
+                    stack
+                }
+            })
+        )
+    }
+    return { delay, cancel }
+}
+export async function promiseTimeout<T>(ms: number, promise: (resolve: (v?: T)=>void, reject: (error) => void) => void) {
+    if (!ms) return new Promise (promise)
+    const stack = new Error().stack
+    // Create a promise that rejects in <ms> milliseconds
+    let {delay, cancel} = delayCancellable (ms) 
+    const p = new Promise ((resolve, reject) => {
+        delay
+        .then(() => reject(
+            new Boom('Timed Out', {
+                statusCode: 408,
+                data: {
+                    stack
+                }
+            })
+        ))
+        .catch (err => reject(err)) 
+        
+        promise (resolve, reject)
+    })
+    .finally (cancel)
+    return p as Promise<T>
+}
+// whatsapp requires a message tag for every message, we just use the timestamp as one
+export function generateMessageTag(epoch?: number) {
+    let tag = unixTimestampSeconds().toString()
+    if (epoch) tag += '.--' + epoch // attach epoch if provided
+    return tag
+}
+// generate a random 16 byte client ID
+export const generateClientID = () => randomBytes(16).toString('base64')
+// generate a random ID to attach to a message
+// this is the format used for WA Web 4 byte hex prefixed with 3EB0
+export const generateMessageID = () => '3EB0' + randomBytes(4).toString('hex').toUpperCase()

src/Utils/validateConnection.ts

@@ -0,0 +1,106 @@
+import Boom from 'boom'
+import * as Curve from 'curve25519-js'
+import type { Contact } from '../Types/Contact'
+import type { AnyAuthenticationCredentials, AuthenticationCredentials, CurveKeyPair } from "../Types"
+import { aesDecrypt, hkdf, hmacSign, whatsappID } from './generics'
+import { readFileSync } from 'fs'
+
+export const normalizedAuthInfo = (authInfo: AnyAuthenticationCredentials | string) => {
+    if (!authInfo) return
+    
+    if (typeof authInfo === 'string') {
+        const file = readFileSync(authInfo, { encoding: 'utf-8' }) // load a closed session back if it exists
+        authInfo = JSON.parse(file) as AnyAuthenticationCredentials
+    }
+    if ('clientID' in authInfo) {
+        authInfo = {
+            clientID: authInfo.clientID,
+            serverToken: authInfo.serverToken,
+            clientToken: authInfo.clientToken,
+            encKey: Buffer.isBuffer(authInfo.encKey) ? authInfo.encKey : Buffer.from(authInfo.encKey, 'base64'),
+            macKey: Buffer.isBuffer(authInfo.macKey) ? authInfo.macKey : Buffer.from(authInfo.macKey, 'base64'), 
+        }
+    } else {
+        const secretBundle: {encKey: string, macKey: string} = typeof authInfo.WASecretBundle === 'string' ? JSON.parse (authInfo.WASecretBundle): authInfo.WASecretBundle
+        authInfo = {
+            clientID: authInfo.WABrowserId.replace(/\"/g, ''),
+            serverToken: authInfo.WAToken2.replace(/\"/g, ''),
+            clientToken: authInfo.WAToken1.replace(/\"/g, ''),
+            encKey: Buffer.from(secretBundle.encKey, 'base64'), // decode from base64
+            macKey: Buffer.from(secretBundle.macKey, 'base64'), // decode from base64
+        }
+    }   
+    return authInfo as AuthenticationCredentials
+}
+/**
+* Once the QR code is scanned and we can validate our connection, or we resolved the challenge when logging back in
+* @private
+* @param json
+*/
+export const validateNewConnection = (
+	json: { [_: string]: any }, 
+	auth: AuthenticationCredentials,
+	curveKeys: CurveKeyPair
+) => {
+   // set metadata: one's WhatsApp ID [cc][number]@s.whatsapp.net, name on WhatsApp, info about the phone
+   const onValidationSuccess = () => {
+	   const user: Contact = {
+           jid: whatsappID(json.wid),
+           name: json.pushname
+       }
+	   return { user, auth, phone: json.phone }
+   }
+   if (!json.secret) {
+	   // if we didn't get a secret, we don't need it, we're validated
+	   if (json.clientToken && json.clientToken !== auth.clientToken) {
+			auth = { ...auth, clientToken: json.clientToken }
+	   }
+	   if (json.serverToken && json.serverToken !== auth.serverToken) {
+		   auth = { ...auth, serverToken: json.serverToken }
+	   }
+	   return onValidationSuccess()
+   }
+   const secret = Buffer.from(json.secret, 'base64')
+   if (secret.length !== 144) {
+	   throw new Error ('incorrect secret length received: ' + secret.length)
+   }
+
+   // generate shared key from our private key & the secret shared by the server
+   const sharedKey = Curve.sharedKey(curveKeys.private, secret.slice(0, 32))
+   // expand the key to 80 bytes using HKDF
+   const expandedKey = hkdf(sharedKey as Buffer, 80)
+
+   // perform HMAC validation.
+   const hmacValidationKey = expandedKey.slice(32, 64)
+   const hmacValidationMessage = Buffer.concat([secret.slice(0, 32), secret.slice(64, secret.length)])
+
+   const hmac = hmacSign(hmacValidationMessage, hmacValidationKey)
+
+   if (!hmac.equals(secret.slice(32, 64))) {
+	   // if the checksums didn't match
+	   throw new Boom('HMAC validation failed', { statusCode: 400 })
+   }
+
+   // computed HMAC should equal secret[32:64]
+   // expandedKey[64:] + secret[64:] are the keys, encrypted using AES, that are used to encrypt/decrypt the messages recieved from WhatsApp
+   // they are encrypted using key: expandedKey[0:32]
+   const encryptedAESKeys = Buffer.concat([
+	   expandedKey.slice(64, expandedKey.length),
+	   secret.slice(64, secret.length),
+   ])
+   const decryptedKeys = aesDecrypt(encryptedAESKeys, expandedKey.slice(0, 32))
+   // set the credentials
+   auth = {
+	   encKey: decryptedKeys.slice(0, 32), // first 32 bytes form the key to encrypt/decrypt messages
+	   macKey: decryptedKeys.slice(32, 64), // last 32 bytes from the key to sign messages
+	   clientToken: json.clientToken,
+	   serverToken: json.serverToken,
+	   clientID: auth.clientID,
+   }
+   return onValidationSuccess()
+}
+export const computeChallengeResponse = (challenge: string, auth: AuthenticationCredentials) => {
+	const bytes = Buffer.from(challenge, 'base64') // decode the base64 encoded challenge string
+	const signed = hmacSign(bytes, auth.macKey).toString('base64') // sign the challenge string with our macKey
+	return[ 'admin', 'challenge', signed, auth.serverToken, auth.clientID] // prepare to send this signed string with the serverToken & clientID
+}