defaults, validate-connection: fix structure of ADV types
This commit is contained in:
@@ -15,6 +15,12 @@ export const DEF_CALLBACK_PREFIX = 'CB:'
|
||||
export const DEF_TAG_PREFIX = 'TAG:'
|
||||
export const PHONE_CONNECTION_CB = 'CB:Pong'
|
||||
|
||||
|
||||
export const WA_ADV_ACCOUNT_SIG_PREFIX = Buffer.from([6,0])
|
||||
export const WA_ADV_DEVICE_SIG_PREFIX = Buffer.from([6,1])
|
||||
export const WA_ADV_HOSTED_ACCOUNT_SIG_PREFIX = Buffer.from([6,5])
|
||||
export const WA_ADV_HOSTED_DEVICE_SIG_PREFIX = Buffer.from([6,6])
|
||||
|
||||
export const WA_DEFAULT_EPHEMERAL = 7 * 24 * 60 * 60
|
||||
|
||||
export const NOISE_MODE = 'Noise_XX_25519_AESGCM_SHA256\0\0\0\0'
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
import { Boom } from '@hapi/boom'
|
||||
import { createHash } from 'crypto'
|
||||
import { proto } from '../../WAProto/index.js'
|
||||
import { KEY_BUNDLE_TYPE } from '../Defaults'
|
||||
import { KEY_BUNDLE_TYPE, WA_ADV_ACCOUNT_SIG_PREFIX, WA_ADV_DEVICE_SIG_PREFIX, WA_ADV_HOSTED_ACCOUNT_SIG_PREFIX, WA_ADV_HOSTED_DEVICE_SIG_PREFIX } from '../Defaults'
|
||||
import type { AuthenticationCreds, SignalCreds, SocketConfig } from '../Types'
|
||||
import { type BinaryNode, getBinaryNodeChild, jidDecode, S_WHATSAPP_NET } from '../WABinary'
|
||||
import { Curve, hmacSign } from './crypto'
|
||||
@@ -142,20 +142,21 @@ export const configureSuccessfulPairing = (
|
||||
)
|
||||
const isHostedAccount = accountType !== undefined && accountType === proto.ADVEncryptionType.HOSTED
|
||||
|
||||
const hmacPrefix = isHostedAccount ? Buffer.from([6, 5]) : Buffer.alloc(0)
|
||||
const advSign = hmacSign(Buffer.concat([hmacPrefix, details]), Buffer.from(advSecretKey, 'base64'))
|
||||
const accountPrefix = isHostedAccount ? WA_ADV_HOSTED_ACCOUNT_SIG_PREFIX : Buffer.from([])
|
||||
|
||||
const advSign = hmacSign(Buffer.concat([accountPrefix, details]), Buffer.from(advSecretKey, 'base64'))
|
||||
if (Buffer.compare(hmac, advSign) !== 0) {
|
||||
throw new Boom('Invalid account signature')
|
||||
}
|
||||
|
||||
const account = decodeAndHydrate(proto.ADVSignedDeviceIdentity, details)
|
||||
const { accountSignatureKey, accountSignature, details: deviceDetails } = account
|
||||
const accountMsg = Buffer.concat([Buffer.from([6, 0]), deviceDetails, signedIdentityKey.public])
|
||||
const accountMsg = Buffer.concat([accountPrefix, deviceDetails, signedIdentityKey.public])
|
||||
if (!Curve.verify(accountSignatureKey, accountMsg, accountSignature)) {
|
||||
throw new Boom('Failed to verify account signature')
|
||||
}
|
||||
|
||||
const devicePrefix = isHostedAccount ? Buffer.from([6, 6]) : Buffer.from([6, 1])
|
||||
const devicePrefix = isHostedAccount ? WA_ADV_HOSTED_DEVICE_SIG_PREFIX : WA_ADV_DEVICE_SIG_PREFIX
|
||||
const deviceMsg = Buffer.concat([devicePrefix, deviceDetails, signedIdentityKey.public, accountSignatureKey])
|
||||
account.deviceSignature = Curve.sign(signedIdentityKey.private, deviceMsg)
|
||||
|
||||
|
||||
Reference in New Issue
Block a user