Finished requestPairingCode

2025-10-13 00:32:22 +00:00 · 2023-07-16 20:14:17 +02:00
parent f498e1e56c
commit c506182035
8 changed files with 68 additions and 74 deletions
--- a/src/Socket/messages-recv.ts
+++ b/src/Socket/messages-recv.ts
@@ -2,16 +2,17 @@
 import { Boom } from '@hapi/boom'
 import { randomBytes } from 'crypto'
 import NodeCache from 'node-cache'
-import { getBinaryNodeChildBuffer } from '../../lib'
 import { proto } from '../../WAProto'
 import { DEFAULT_CACHE_TTLS, KEY_BUNDLE_TYPE, MIN_PREKEY_COUNT } from '../Defaults'
 import { MessageReceiptType, MessageRelayOptions, MessageUserReceipt, SocketConfig, WACallEvent, WAMessageKey, WAMessageStatus, WAMessageStubType, WAPatchName } from '../Types'
 import {
+	aesDecryptCTR,
 	aesEncryptGCM,
 	Curve,
 	decodeMediaRetryNode,
 	decryptMessageNode,
-	delay, derivePairingKey,
+	delay,
+	derivePairingCodeKey,
 	encodeBigEndian,
 	encodeSignedDeviceIdentity,
 	getCallStatusFromNode,
@@ -24,7 +25,19 @@ import {
 } from '../Utils'
 import { cleanMessage } from '../Utils'
 import { makeMutex } from '../Utils/make-mutex'
-import { areJidsSameUser, BinaryNode, getAllBinaryNodeChildren, getBinaryNodeChild, getBinaryNodeChildren, isJidGroup, isJidUser, jidDecode, jidNormalizedUser, S_WHATSAPP_NET } from '../WABinary'
+import {
+	areJidsSameUser,
+	BinaryNode,
+	getAllBinaryNodeChildren,
+	getBinaryNodeChild,
+	getBinaryNodeChildBuffer,
+	getBinaryNodeChildren,
+	isJidGroup,
+	isJidUser,
+	jidDecode,
+	jidNormalizedUser,
+	S_WHATSAPP_NET
+} from '../WABinary'
 import { extractGroupMetadata } from './groups'
 import { makeMessagesSocket } from './messages-send'

@@ -387,22 +400,21 @@ export const makeMessagesRecvSocket = (config: SocketConfig) => {
 			const ref = toRequiredBuffer(getBinaryNodeChildBuffer(linkCodeCompanionReg, 'link_code_pairing_ref'))
 			const primaryIdentityPublicKey = toRequiredBuffer(getBinaryNodeChildBuffer(linkCodeCompanionReg, 'primary_identity_pub'))
 			const primaryEphemeralPublicKeyWrapped = toRequiredBuffer(getBinaryNodeChildBuffer(linkCodeCompanionReg, 'link_code_pairing_wrapped_primary_ephemeral_pub'))
-			const codePairingPublicKey = await decipherLinkPublicKey(primaryEphemeralPublicKeyWrapped)
-			const companionSharedKey = Curve.sharedKey(codePairingPublicKey, authState.creds.advKeyPair.private)
+			const codePairingPublicKey = decipherLinkPublicKey(primaryEphemeralPublicKeyWrapped)
+			const companionSharedKey = Curve.sharedKey(authState.creds.pairingEphemeralKeyPair.private, codePairingPublicKey)
 			const random = randomBytes(32)
 			const linkCodeSalt = randomBytes(32)
 			const linkCodePairingExpanded = hkdf(companionSharedKey, 32, {
 				salt: linkCodeSalt,
 				info: 'link_code_pairing_key_bundle_encryption_key'
 			})
-			const encryptPayload = Buffer.concat([Buffer.from(authState.creds.signedIdentityKey.public), Buffer.from(primaryIdentityPublicKey), random])
+			const encryptPayload = Buffer.concat([Buffer.from(authState.creds.signedIdentityKey.public), primaryIdentityPublicKey, random])
 			const encryptIv = randomBytes(12)
 			const encrypted = aesEncryptGCM(encryptPayload, linkCodePairingExpanded, encryptIv, Buffer.alloc(0))
 			const encryptedPayload = Buffer.concat([linkCodeSalt, encryptIv, encrypted])
-			const identitySharedKey = Curve.sharedKey(primaryIdentityPublicKey, authState.creds.signedIdentityKey.private)
+			const identitySharedKey = Curve.sharedKey(authState.creds.signedIdentityKey.private, primaryIdentityPublicKey)
 			const identityPayload = Buffer.concat([companionSharedKey, identitySharedKey, random])
-			authState.creds.advKeyPair.public = hkdf(identityPayload, 32, { info: 'adv_secret' })
-			authState.creds.advKeyPair.private = Buffer.alloc(0)
+			authState.creds.advSecretKey = hkdf(identityPayload, 32, { info: 'adv_secret' }).toString('base64')
 			await sendNode({
 				tag: 'iq',
 				attrs: {
@@ -446,18 +458,13 @@ export const makeMessagesRecvSocket = (config: SocketConfig) => {
 		}
 	}

-	async function decipherLinkPublicKey(data: Uint8Array | Buffer) {
+	function decipherLinkPublicKey(data: Uint8Array | Buffer) {
 		const buffer = toRequiredBuffer(data)
 		const salt = buffer.slice(0, 32)
-		const secretKey = await derivePairingKey(authState.creds.pairingCode!, salt)
+		const secretKey = derivePairingCodeKey(authState.creds.pairingCode!, salt)
 		const iv = buffer.slice(32, 48)
 		const payload = buffer.slice(48, 80)
-		const result = await crypto.subtle.decrypt({
-			name: 'AES-CTR',
-			length: 64,
-			counter: iv
-		}, secretKey, payload)
-		return Buffer.from(result)
+		return aesDecryptCTR(payload, secretKey, iv)
 	}

 	function toRequiredBuffer(data: Uint8Array | Buffer | undefined) {
--- a/src/Socket/socket.ts
+++ b/src/Socket/socket.ts
@@ -2,7 +2,6 @@ import { Boom } from '@hapi/boom'
 import { randomBytes } from 'crypto'
 import { URL } from 'url'
 import { promisify } from 'util'
-import { getBinaryNodeChildBuffer } from '../../lib'
 import { proto } from '../../WAProto'
 import {
 	DEF_CALLBACK_PREFIX,
@@ -16,18 +15,20 @@ import {
 } from '../Defaults'
 import { DisconnectReason, SocketConfig } from '../Types'
 import {
-	addTransactionCapability, aesEncryptGCM,
+	addTransactionCapability,
+	aesEncryptCTR,
 	bindWaitForConnectionUpdate,
 	bytesToCrockford,
 	configureSuccessfulPairing,
-	Curve, derivePairingKey,
+	Curve,
+	derivePairingCodeKey,
 	generateLoginNode,
 	generateMdTagPrefix,
 	generateMobileNode,
 	generateRegistrationNode,
 	getCodeFromWSError,
 	getErrorCodeFromStreamError,
-	getNextPreKeysNode, hkdf,
+	getNextPreKeysNode,
 	makeEventBuffer,
 	makeNoiseHandler,
 	printQRIfNecessaryListener,
@@ -481,7 +482,8 @@ export const makeSocket = (config: SocketConfig) => {
 		end(new Boom(msg || 'Intentional Logout', { statusCode: DisconnectReason.loggedOut }))
 	}

-	const requestPairingCode = async(phoneNumber: string) => {
+	const requestPairingCode = async(phoneNumber: string): Promise<string> => {
+		authState.creds.pairingCode = bytesToCrockford(randomBytes(5))
 		authState.creds.me = {
 			id: jidEncode(phoneNumber, 's.whatsapp.net'),
 			name: '~'
@@ -507,7 +509,7 @@ export const makeSocket = (config: SocketConfig) => {
 						{
 							tag: 'link_code_pairing_wrapped_companion_ephemeral_pub',
 							attrs: {},
-							content: await generatePairingKey(randomBytes(32))
+							content: await generatePairingKey()
 						},
 						{
 							tag: 'companion_server_auth_key_pub',
@@ -533,18 +535,15 @@ export const makeSocket = (config: SocketConfig) => {
 				}
 			]
 		})
+		return authState.creds.pairingCode
 	}

-	async function generatePairingKey(salt: Buffer) {
-		authState.creds.pairingCode = bytesToCrockford(randomBytes(5))
-		const key = await derivePairingKey(authState.creds.pairingCode, salt)
+	async function generatePairingKey() {
+		const salt = randomBytes(32)
 		const randomIv = randomBytes(16)
-		const ciphered = await crypto.subtle.encrypt({
-			name: 'AES-CTR',
-			length: 64,
-			counter: randomIv
-		}, key, authState.creds.advKeyPair.public)
-		return Buffer.concat([salt, randomIv, Buffer.from(ciphered)])
+		const key = derivePairingCodeKey(authState.creds.pairingCode!, salt)
+		const ciphered = aesEncryptCTR(authState.creds.pairingEphemeralKeyPair.public, key, randomIv)
+		return Buffer.concat([salt, randomIv, ciphered])
 	}

 	ws.on('message', onMessageRecieved)
@@ -576,7 +575,7 @@ export const makeSocket = (config: SocketConfig) => {
 		const refNodes = getBinaryNodeChildren(pairDeviceNode, 'ref')
 		const noiseKeyB64 = Buffer.from(creds.noiseKey.public).toString('base64')
 		const identityKeyB64 = Buffer.from(creds.signedIdentityKey.public).toString('base64')
-		const advB64 = Buffer.from(creds.advKeyPair.public).toString('base64')
+		const advB64 = creds.advSecretKey

 		let qrMs = qrTimeout || 60_000 // time to let a QR live
 		const genPairQR = () => {