import { Boom } from '@hapi/boom' import { proto } from '../../WAProto/index.js' import type { WAMessage, WAMessageKey } from '../Types' import type { SignalRepositoryWithLIDStore } from '../Types/Signal' import { areJidsSameUser, type BinaryNode, isJidBroadcast, isJidGroup, isJidMetaAI, isJidNewsletter, isJidStatusBroadcast, isLidUser, isPnUser, transferDevice } from '../WABinary' import { unpadRandomMax16 } from './generics' import type { ILogger } from './logger' import { decodeAndHydrate } from './proto-utils' const getDecryptionJid = async (sender: string, repository: SignalRepositoryWithLIDStore): Promise => { if (!sender.includes('@s.whatsapp.net')) { return sender } const mapped = await repository.lidMapping.getLIDForPN(sender) return mapped || sender } const storeMappingFromEnvelope = async ( stanza: BinaryNode, sender: string, repository: SignalRepositoryWithLIDStore, decryptionJid: string, logger: ILogger ): Promise => { const { senderAlt } = extractAddressingContext(stanza) if (senderAlt && isLidUser(senderAlt) && isPnUser(sender) && decryptionJid === sender) { try { await repository.lidMapping.storeLIDPNMappings([{ lid: senderAlt, pn: sender }]) await repository.migrateSession(sender, senderAlt) logger.debug({ sender, senderAlt }, 'Stored LID mapping from envelope') } catch (error) { logger.warn({ sender, senderAlt, error }, 'Failed to store LID mapping') } } } export const NO_MESSAGE_FOUND_ERROR_TEXT = 'Message absent from node' export const MISSING_KEYS_ERROR_TEXT = 'Key used already or never filled' // Retry configuration for failed decryption export const DECRYPTION_RETRY_CONFIG = { maxRetries: 3, baseDelayMs: 100, sessionRecordErrors: ['No session record', 'SessionError: No session record'] } export const NACK_REASONS = { ParsingError: 487, UnrecognizedStanza: 488, UnrecognizedStanzaClass: 489, UnrecognizedStanzaType: 490, InvalidProtobuf: 491, InvalidHostedCompanionStanza: 493, MissingMessageSecret: 495, SignalErrorOldCounter: 496, MessageDeletedOnPeer: 499, UnhandledError: 500, UnsupportedAdminRevoke: 550, UnsupportedLIDGroup: 551, DBOperationFailed: 552 } type MessageType = | 'chat' | 'peer_broadcast' | 'other_broadcast' | 'group' | 'direct_peer_status' | 'other_status' | 'newsletter' export const extractAddressingContext = (stanza: BinaryNode) => { let senderAlt: string | undefined let recipientAlt: string | undefined const sender = stanza.attrs.participant || stanza.attrs.from const addressingMode = stanza.attrs.addressing_mode || (sender?.endsWith('lid') ? 'lid' : 'pn') if (addressingMode === 'lid') { // Message is LID-addressed: sender is LID, extract corresponding PN // without device data senderAlt = stanza.attrs.participant_pn || stanza.attrs.sender_pn || stanza.attrs.peer_recipient_pn recipientAlt = stanza.attrs.recipient_pn // with device data if (sender && senderAlt) senderAlt = transferDevice(sender, senderAlt) } else { // Message is PN-addressed: sender is PN, extract corresponding LID // without device data senderAlt = stanza.attrs.participant_lid || stanza.attrs.sender_lid || stanza.attrs.peer_recipient_lid recipientAlt = stanza.attrs.recipient_lid //with device data if (sender && senderAlt) senderAlt = transferDevice(sender, senderAlt) } return { addressingMode, senderAlt, recipientAlt } } /** * Decode the received node as a message. * @note this will only parse the message, not decrypt it */ export function decodeMessageNode(stanza: BinaryNode, meId: string, meLid: string) { let msgType: MessageType let chatId: string let author: string let fromMe: boolean = false const msgId = stanza.attrs.id const from = stanza.attrs.from const participant: string | undefined = stanza.attrs.participant const recipient: string | undefined = stanza.attrs.recipient const addressingContext = extractAddressingContext(stanza) const isMe = (jid: string) => areJidsSameUser(jid, meId) const isMeLid = (jid: string) => areJidsSameUser(jid, meLid) if (isPnUser(from) || isLidUser(from)) { if (recipient && !isJidMetaAI(recipient)) { if (!isMe(from!) && !isMeLid(from!)) { throw new Boom('receipient present, but msg not from me', { data: stanza }) } if (isMe(from!) || isMeLid(from!)) { fromMe = true } chatId = recipient } else { chatId = from! } msgType = 'chat' author = from! } else if (isJidGroup(from)) { if (!participant) { throw new Boom('No participant in group message') } if (isMe(participant) || isMeLid(participant)) { fromMe = true } msgType = 'group' author = participant chatId = from! } else if (isJidBroadcast(from)) { if (!participant) { throw new Boom('No participant in group message') } const isParticipantMe = isMe(participant) if (isJidStatusBroadcast(from!)) { msgType = isParticipantMe ? 'direct_peer_status' : 'other_status' } else { msgType = isParticipantMe ? 'peer_broadcast' : 'other_broadcast' } fromMe = isParticipantMe chatId = from! author = participant } else if (isJidNewsletter(from)) { msgType = 'newsletter' chatId = from! author = from! if (isMe(from!) || isMeLid(from!)) { fromMe = true } } else { throw new Boom('Unknown message type', { data: stanza }) } const pushname = stanza?.attrs?.notify const key: WAMessageKey = { remoteJid: chatId, remoteJidAlt: !isJidGroup(chatId) ? addressingContext.senderAlt : undefined, fromMe, id: msgId, participant, participantAlt: isJidGroup(chatId) ? addressingContext.senderAlt : undefined, addressingMode: addressingContext.addressingMode, ...(msgType === 'newsletter' && stanza.attrs.server_id ? { server_id: stanza.attrs.server_id } : {}) } const fullMessage: WAMessage = { key, messageTimestamp: +stanza.attrs.t!, pushName: pushname, broadcast: isJidBroadcast(from) } if (key.fromMe) { fullMessage.status = proto.WebMessageInfo.Status.SERVER_ACK } return { fullMessage, author, sender: msgType === 'chat' ? author : chatId } } export const decryptMessageNode = ( stanza: BinaryNode, meId: string, meLid: string, repository: SignalRepositoryWithLIDStore, logger: ILogger ) => { const { fullMessage, author, sender } = decodeMessageNode(stanza, meId, meLid) return { fullMessage, category: stanza.attrs.category, author, async decrypt() { let decryptables = 0 if (Array.isArray(stanza.content)) { for (const { tag, attrs, content } of stanza.content) { if (tag === 'verified_name' && content instanceof Uint8Array) { const cert = decodeAndHydrate(proto.VerifiedNameCertificate, content) const details = proto.VerifiedNameCertificate.Details.decode(cert.details) fullMessage.verifiedBizName = details.verifiedName } if (tag === 'unavailable' && attrs.type === 'view_once') { fullMessage.key.isViewOnce = true // TODO: remove from here and add a STUB TYPE } if (tag !== 'enc' && tag !== 'plaintext') { continue } if (!(content instanceof Uint8Array)) { continue } decryptables += 1 let msgBuffer: Uint8Array const user = isPnUser(sender) ? sender : author // TODO: flaky logic const decryptionJid = await getDecryptionJid(user, repository) if (tag !== 'plaintext') { await storeMappingFromEnvelope(stanza, user, repository, decryptionJid, logger) } try { const e2eType = tag === 'plaintext' ? 'plaintext' : attrs.type switch (e2eType) { case 'skmsg': msgBuffer = await repository.decryptGroupMessage({ group: sender, authorJid: author, msg: content }) break case 'pkmsg': case 'msg': msgBuffer = await repository.decryptMessage({ jid: decryptionJid, type: e2eType, ciphertext: content }) break case 'plaintext': msgBuffer = content break default: throw new Error(`Unknown e2e type: ${e2eType}`) } let msg: proto.IMessage = decodeAndHydrate( proto.Message, e2eType !== 'plaintext' ? unpadRandomMax16(msgBuffer) : msgBuffer ) msg = msg.deviceSentMessage?.message || msg if (msg.senderKeyDistributionMessage) { //eslint-disable-next-line max-depth try { await repository.processSenderKeyDistributionMessage({ authorJid: author, item: msg.senderKeyDistributionMessage }) } catch (err) { logger.error({ key: fullMessage.key, err }, 'failed to process sender key distribution message') } } if (fullMessage.message) { Object.assign(fullMessage.message, msg) } else { fullMessage.message = msg } } catch (err: any) { const errorContext = { key: fullMessage.key, err, messageType: tag === 'plaintext' ? 'plaintext' : attrs.type, sender, author, isSessionRecordError: isSessionRecordError(err) } logger.error(errorContext, 'failed to decrypt message') fullMessage.messageStubType = proto.WebMessageInfo.StubType.CIPHERTEXT fullMessage.messageStubParameters = [err.message.toString()] } } } // if nothing was found to decrypt if (!decryptables) { fullMessage.messageStubType = proto.WebMessageInfo.StubType.CIPHERTEXT fullMessage.messageStubParameters = [NO_MESSAGE_FOUND_ERROR_TEXT] } } } } /** * Utility function to check if an error is related to missing session record */ function isSessionRecordError(error: any): boolean { const errorMessage = error?.message || error?.toString() || '' return DECRYPTION_RETRY_CONFIG.sessionRecordErrors.some(errorPattern => errorMessage.includes(errorPattern)) }