hermes-tdata 0.1.0

Pure Rust parser for Telegram Desktop's tdata storage format. Decrypts local storage and extracts auth keys without Qt/C++ dependencies.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121

# hermes-tdata 🚀

**Pure Rust parser for Telegram Desktop's `tdata` storage.**

[![Crates.io](https://img.shields.io/crates/v/hermes-tdata.svg)](https://crates.io/crates/hermes-tdata)
[![docs.rs](https://docs.rs/hermes-tdata/badge.svg)](https://docs.rs/hermes-tdata)
[![License](https://img.shields.io/badge/license-MIT%2FApache--2.0-blue.svg)](LICENSE)

Extract sessions and authentication keys from Telegram Desktop's local storage (`tdata`) **without** launching the official client, using `Qt`, or relying on `Python`.

## ⚡️ Features

- **Pure Rust**: No dependencies on Qt, C++, or Python. Statically linked and blazing fast.
- **Cross-Platform**: Works on Linux, Windows, and macOS tdata folders.
- **Cryptography**: Full implementation of TDesktop's custom encryption scheme:
  - PBKDF2-SHA512 key derivation with custom parameters.
  - AES-256-IGE encryption implementation.
  - Custom MD5/SHA1 file integrity verification.
- **MTP Parsing**:
  - Parses `key_data` (local keys).
  - Parses `map` files (account data).
  - Extracts `AuthKey`, `UserId`, and `DcId`.
  - Supports new (64-bit ID) and legacy tdata formats.
- **Interoperability**:
  - Generates session strings compatible with `grammers` (Rust).
  - Easily adaptable for `telethon` or `pyrogram`.
- **Multi-Account**: Automatically detects and extracts all active accounts.

## 📦 Installation

Add this to your `Cargo.toml`:

```toml
[dependencies]
hermes-tdata = "0.1"
```

## 🚀 Quick Start

### Convert tdata to Session String

```rust
use hermes_tdata::tdesktop::TDesktop;
use std::path::PathBuf;

fn main() -> anyhow::Result<()> {
    // 1. Path to tdata (Linux example)
    let tdata_path = PathBuf::from(std::env::var("HOME")?)
        .join(".local/share/TelegramDesktop/tdata");

    // 2. Load TDesktop storage
    let tdata = TDesktop::from_path(&tdata_path)?;

    println!("Found {} accounts!", tdata.accounts().len());

    // 3. Iterate accounts
    for account in tdata.accounts() {
        println!("User ID: {}", account.user_id());
        
        // 4. Generate session string for Grammers
        let session = account.session_string()?;
        println!("Session: {}", session);
        
        // 5. Or get raw auth key
        let auth_key = account.auth_key();
        println!("Auth Key: {}", hex::encode(auth_key));
    }

    Ok(())
}
```

## 🛠 CLI Utility

This crate includes a ready-to-use CLI tool to inspect tdata and extract sessions.

```bash
# Run directly from source
cargo run --example cli

# Or specify a custom path
cargo run --example cli -- /path/to/tdata

# With passcode
cargo run --example cli -- --passcode "secret123"
```

**Output example:**
```text
📂 Reading tdata from: "/home/user/.local/share/TelegramDesktop/tdata"
✅ Successfully loaded TDesktop storage!
   App Version: 6004001
   Passcode:    NO
   Accounts:    2

👤 Account #1 (Index 0)
   User ID:   123456789
   DC ID:     2
   Session:   1/33p1... (ready for grammers)

👤 Account #2 (Index 1)
   User ID:   987654321
   DC ID:     2
   Session:   1/5a2b...
```

## 🔒 Security Note

This library deals with **sensitive authentication keys**.
- Never share your `tdata` folder or the output of this tool.
- Anyone with the `AuthKey` can access your Telegram account without 2FA.
- This tool runs locally on your machine and does not transmit keys anywhere.

## 🤝 Acknowledgements

- **[opentele](https://github.com/thedemons/opentele)** (Python) - Protocol reference.
- **[tdesktop](https://github.com/telegramdesktop/tdesktop)** (C++) - The source of truth.

## 📜 License

MIT or Apache-2.0