Refactor + remove redundant session vars from web client

whatsapp/web_client/client.py

@@ -50,8 +50,6 @@ class WhatsAppWebClient:
         "clientToken": None,
         "serverToken": None,
         "browserToken": None,
-        "secret": None,
-        "sharedSecret": None,
         "me": None,
         "pushname": None
     }
@@ -206,26 +204,28 @@ class WhatsAppWebClient:
             self.session["me"] = json_obj[1]["wid"]
             self.session["pushname"] = json_obj[1]["pushname"]
             if 'secret' in json_obj[1]:
-                self.session["secret"] = base64.b64decode(json_obj[1]["secret"]);
-                self.session["sharedSecret"] = self.session["privateKey"].get_shared_key(curve25519.Public(self.session["secret"][:32]), lambda a: a)
+                self.extract_and_set_keys(json_obj[1]['secret'])
         except Exception as e:
             print("Error while setting authorization tokens", json_obj, e)
             return
 
-        sse = self.session["sharedSecretExpanded"] = HKDF(self.session["sharedSecret"], 80)
-        hmacValidation = HmacSha256(sse[32:64], self.session["secret"][:32] + self.session["secret"][64:])
-        if hmacValidation != self.session["secret"][32:64]:
+        print("set connection info: client, server and browser token; secret, shared secret, enc key, mac key");
+        print("logged in as " + json_obj[1]["pushname"]  + " (" + json_obj[1]["wid"] + ")")
+        self.quit_qr_server()
+
+    def extract_and_set_keys(self, secret):
+        decoded_secret = base64.b64decode(json_obj[1]["secret"]);
+        shared_secret = self.session["privateKey"].get_shared_key(curve25519.Public(self.session["secret"][:32]), lambda a: a)
+        sse = HKDF(shared_secret, 80) # shared secret extended
+        hmacValidation = HmacSha256(sse[32:64], decoded_secret[:32] + decoded_secret[64:])
+        if hmacValidation != decoded_secret[32:64]:
             raise ValueError("Hmac mismatch")
 
-        keysEncrypted = sse[64:] + self.session["secret"][64:];
+        keysEncrypted = sse[64:] + decoded_secret[64:];
         keysDecrypted = AESDecrypt(sse[:32], keysEncrypted);
         self.session["key"]["encKey"] = keysDecrypted[:32];
         self.session["key"]["macKey"] = keysDecrypted[32:64];
 
-        print("set connection info: client, server and browser token; secret, shared secret, enc key, mac key");
-        print("logged in as " + json_obj[1]["pushname"]  + " (" + json_obj[1]["wid"] + ")")
-        self.quit_qr_server()
-
     def solve_challenge(self, encoded_challenge):
         challenge = base64.b64decode(encoded_challenge)
         return base64.b64encode(HmacSha256(self.session['key']['macKey'], challenge)).decode() 
@@ -316,8 +316,6 @@ class WhatsAppWebClient:
         conn_info = {}
         for k in ['macKey', 'encKey']:
             conn_info[k] = base64.b64encode(self.session['key'][k]).decode('ascii')
-        for k in ['secret', 'sharedSecret', 'sharedSecretExpanded']:
-            conn_info[k] = base64.b64encode(self.session[k]).decode('ascii')
         for k in ['clientId', 'clientToken', 'serverToken']:
             conn_info[k] = self.session[k]
         return json.dumps(conn_info)
@@ -330,8 +328,6 @@ class WhatsAppWebClient:
         for k, v in info.items():
             if k in ['macKey', 'encKey']:
                 self.session['key'][k] = base64.b64decode(v)
-            if k in ['secret', 'sharedSecret', 'sharedSecretExpanded']:
-                self.session[k] = base64.b64decode(v)
             if k in ['clientId', 'clientToken', 'serverToken']:
                 self.session[k] = v
         return True