From 7319d429d74d0b9e314610be79c827994860b6a4 Mon Sep 17 00:00:00 2001
From: Tulir Asokan <tulir@maunium.net>
Date: Tue, 11 Mar 2025 18:43:51 +0200
Subject: [PATCH] client: generate curve25519 key for push

---
 pkg/connector/client.go | 11 +++++++----
 pkg/waid/dbmeta.go      |  3 ++-
 2 files changed, 9 insertions(+), 5 deletions(-)

diff --git a/pkg/connector/client.go b/pkg/connector/client.go
index 9beeacc..002219b 100644
--- a/pkg/connector/client.go
+++ b/pkg/connector/client.go
@@ -25,13 +25,13 @@ import (
 	"time"
 
 	"github.com/rs/zerolog"
-	"go.mau.fi/util/random"
 	"go.mau.fi/whatsmeow"
 	waBinary "go.mau.fi/whatsmeow/binary"
 	"go.mau.fi/whatsmeow/proto/waHistorySync"
 	"go.mau.fi/whatsmeow/proto/waWa6"
 	"go.mau.fi/whatsmeow/store"
 	"go.mau.fi/whatsmeow/types"
+	"go.mau.fi/whatsmeow/util/keys"
 	waLog "go.mau.fi/whatsmeow/util/log"
 	"golang.org/x/sync/semaphore"
 	"maunium.net/go/mautrix/bridge/status"
@@ -150,14 +150,17 @@ func (wa *WhatsAppClient) RegisterPushNotifications(ctx context.Context, pushTyp
 		}
 	case bridgev2.PushTypeAPNs:
 		meta := wa.UserLogin.Metadata.(*waid.UserLoginMetadata)
-		if meta.APNSEncKey == nil {
-			meta.APNSEncKey = random.Bytes(32)
+		if meta.APNSEncPubKey == nil {
+			k := keys.NewKeyPair()
+			meta.APNSEncPubKey = k.Pub[:]
+			meta.APNSEncPrivKey = k.Priv[:]
 			err := wa.UserLogin.Save(ctx)
 			if err != nil {
 				return fmt.Errorf("failed to save push enc key: %w", err)
 			}
 		}
-		pc = &whatsmeow.APNsPushConfig{Token: token, MsgIDEncKey: meta.APNSEncKey}
+		// TODO figure out if the key is supposed to be aes or curve25519
+		pc = &whatsmeow.APNsPushConfig{Token: token, MsgIDEncKey: meta.APNSEncPubKey}
 	default:
 		return fmt.Errorf("unsupported push type %s", pushType)
 	}
diff --git a/pkg/waid/dbmeta.go b/pkg/waid/dbmeta.go
index bac7d8e..b8ed7ee 100644
--- a/pkg/waid/dbmeta.go
+++ b/pkg/waid/dbmeta.go
@@ -33,7 +33,8 @@ type UserLoginMetadata struct {
 	PhoneLastPinged jsontime.Unix `json:"phone_last_pinged"`
 	Timezone        string        `json:"timezone"`
 	PushKeys        *PushKeys     `json:"push_keys,omitempty"`
-	APNSEncKey      []byte        `json:"apns_enc_key,omitempty"`
+	APNSEncPubKey   []byte        `json:"apns_enc_pubkey,omitempty"`
+	APNSEncPrivKey  []byte        `json:"apns_enc_privkey,omitempty"`
 
 	HistorySyncPortalsNeedCreating bool `json:"history_sync_portals_need_creating,omitempty"`
 }