diff --git a/src/Defaults/index.ts b/src/Defaults/index.ts index 9bfa00f3..18bd1efd 100644 --- a/src/Defaults/index.ts +++ b/src/Defaults/index.ts @@ -15,6 +15,12 @@ export const DEF_CALLBACK_PREFIX = 'CB:' export const DEF_TAG_PREFIX = 'TAG:' export const PHONE_CONNECTION_CB = 'CB:Pong' + +export const WA_ADV_ACCOUNT_SIG_PREFIX = Buffer.from([6,0]) +export const WA_ADV_DEVICE_SIG_PREFIX = Buffer.from([6,1]) +export const WA_ADV_HOSTED_ACCOUNT_SIG_PREFIX = Buffer.from([6,5]) +export const WA_ADV_HOSTED_DEVICE_SIG_PREFIX = Buffer.from([6,6]) + export const WA_DEFAULT_EPHEMERAL = 7 * 24 * 60 * 60 export const NOISE_MODE = 'Noise_XX_25519_AESGCM_SHA256\0\0\0\0' diff --git a/src/Utils/validate-connection.ts b/src/Utils/validate-connection.ts index 81d7999d..f4095c69 100644 --- a/src/Utils/validate-connection.ts +++ b/src/Utils/validate-connection.ts @@ -1,7 +1,7 @@ import { Boom } from '@hapi/boom' import { createHash } from 'crypto' import { proto } from '../../WAProto/index.js' -import { KEY_BUNDLE_TYPE } from '../Defaults' +import { KEY_BUNDLE_TYPE, WA_ADV_ACCOUNT_SIG_PREFIX, WA_ADV_DEVICE_SIG_PREFIX, WA_ADV_HOSTED_ACCOUNT_SIG_PREFIX, WA_ADV_HOSTED_DEVICE_SIG_PREFIX } from '../Defaults' import type { AuthenticationCreds, SignalCreds, SocketConfig } from '../Types' import { type BinaryNode, getBinaryNodeChild, jidDecode, S_WHATSAPP_NET } from '../WABinary' import { Curve, hmacSign } from './crypto' @@ -142,20 +142,21 @@ export const configureSuccessfulPairing = ( ) const isHostedAccount = accountType !== undefined && accountType === proto.ADVEncryptionType.HOSTED - const hmacPrefix = isHostedAccount ? Buffer.from([6, 5]) : Buffer.alloc(0) - const advSign = hmacSign(Buffer.concat([hmacPrefix, details]), Buffer.from(advSecretKey, 'base64')) + const accountPrefix = isHostedAccount ? WA_ADV_HOSTED_ACCOUNT_SIG_PREFIX : Buffer.from([]) + + const advSign = hmacSign(Buffer.concat([accountPrefix, details]), Buffer.from(advSecretKey, 'base64')) if (Buffer.compare(hmac, advSign) !== 0) { throw new Boom('Invalid account signature') } const account = decodeAndHydrate(proto.ADVSignedDeviceIdentity, details) const { accountSignatureKey, accountSignature, details: deviceDetails } = account - const accountMsg = Buffer.concat([Buffer.from([6, 0]), deviceDetails, signedIdentityKey.public]) + const accountMsg = Buffer.concat([accountPrefix, deviceDetails, signedIdentityKey.public]) if (!Curve.verify(accountSignatureKey, accountMsg, accountSignature)) { throw new Boom('Failed to verify account signature') } - const devicePrefix = isHostedAccount ? Buffer.from([6, 6]) : Buffer.from([6, 1]) + const devicePrefix = isHostedAccount ? WA_ADV_HOSTED_DEVICE_SIG_PREFIX : WA_ADV_DEVICE_SIG_PREFIX const deviceMsg = Buffer.concat([devicePrefix, deviceDetails, signedIdentityKey.public, accountSignatureKey]) account.deviceSignature = Curve.sign(signedIdentityKey.private, deviceMsg)