defaults, validate: fix account signature check for non-hosted JIDs

This commit is contained in:
Rajeh Taher
2025-09-28 18:59:57 +03:00
parent fb12f6d9d3
commit 357ef1e599
2 changed files with 13 additions and 7 deletions
+4 -5
View File
@@ -15,11 +15,10 @@ export const DEF_CALLBACK_PREFIX = 'CB:'
export const DEF_TAG_PREFIX = 'TAG:' export const DEF_TAG_PREFIX = 'TAG:'
export const PHONE_CONNECTION_CB = 'CB:Pong' export const PHONE_CONNECTION_CB = 'CB:Pong'
export const WA_ADV_ACCOUNT_SIG_PREFIX = Buffer.from([6, 0])
export const WA_ADV_ACCOUNT_SIG_PREFIX = Buffer.from([6,0]) export const WA_ADV_DEVICE_SIG_PREFIX = Buffer.from([6, 1])
export const WA_ADV_DEVICE_SIG_PREFIX = Buffer.from([6,1]) export const WA_ADV_HOSTED_ACCOUNT_SIG_PREFIX = Buffer.from([6, 5])
export const WA_ADV_HOSTED_ACCOUNT_SIG_PREFIX = Buffer.from([6,5]) export const WA_ADV_HOSTED_DEVICE_SIG_PREFIX = Buffer.from([6, 6])
export const WA_ADV_HOSTED_DEVICE_SIG_PREFIX = Buffer.from([6,6])
export const WA_DEFAULT_EPHEMERAL = 7 * 24 * 60 * 60 export const WA_DEFAULT_EPHEMERAL = 7 * 24 * 60 * 60
+9 -2
View File
@@ -1,7 +1,13 @@
import { Boom } from '@hapi/boom' import { Boom } from '@hapi/boom'
import { createHash } from 'crypto' import { createHash } from 'crypto'
import { proto } from '../../WAProto/index.js' import { proto } from '../../WAProto/index.js'
import { KEY_BUNDLE_TYPE, WA_ADV_ACCOUNT_SIG_PREFIX, WA_ADV_DEVICE_SIG_PREFIX, WA_ADV_HOSTED_ACCOUNT_SIG_PREFIX, WA_ADV_HOSTED_DEVICE_SIG_PREFIX } from '../Defaults' import {
KEY_BUNDLE_TYPE,
WA_ADV_ACCOUNT_SIG_PREFIX,
WA_ADV_DEVICE_SIG_PREFIX,
WA_ADV_HOSTED_ACCOUNT_SIG_PREFIX,
WA_ADV_HOSTED_DEVICE_SIG_PREFIX
} from '../Defaults'
import type { AuthenticationCreds, SignalCreds, SocketConfig } from '../Types' import type { AuthenticationCreds, SignalCreds, SocketConfig } from '../Types'
import { type BinaryNode, getBinaryNodeChild, jidDecode, S_WHATSAPP_NET } from '../WABinary' import { type BinaryNode, getBinaryNodeChild, jidDecode, S_WHATSAPP_NET } from '../WABinary'
import { Curve, hmacSign } from './crypto' import { Curve, hmacSign } from './crypto'
@@ -151,7 +157,8 @@ export const configureSuccessfulPairing = (
const account = decodeAndHydrate(proto.ADVSignedDeviceIdentity, details) const account = decodeAndHydrate(proto.ADVSignedDeviceIdentity, details)
const { accountSignatureKey, accountSignature, details: deviceDetails } = account const { accountSignatureKey, accountSignature, details: deviceDetails } = account
const accountMsg = Buffer.concat([accountPrefix, deviceDetails, signedIdentityKey.public]) const accountSignaturePrefix = isHostedAccount ? WA_ADV_HOSTED_ACCOUNT_SIG_PREFIX : WA_ADV_ACCOUNT_SIG_PREFIX
const accountMsg = Buffer.concat([accountSignaturePrefix, deviceDetails, signedIdentityKey.public])
if (!Curve.verify(accountSignatureKey, accountMsg, accountSignature)) { if (!Curve.verify(accountSignatureKey, accountMsg, accountSignature)) {
throw new Boom('Failed to verify account signature') throw new Boom('Failed to verify account signature')
} }