torbaileys 8.0.0

package/lib/Utils/crypto.js

@@ -0,0 +1,130 @@
+//=======================================================//
+import { createCipheriv, createDecipheriv, createHash, createHmac, randomBytes } from "crypto";
+import { KEY_BUNDLE_TYPE } from "../Defaults/index.js";
+import * as curve from "libsignal-xeuka/src/curve.js";
+//=======================================================//
+const { subtle } = globalThis.crypto;
+export const generateSignalPubKey = (pubKey) => pubKey.length === 33 ? pubKey : Buffer.concat([KEY_BUNDLE_TYPE, pubKey]);
+export const Curve = {
+  generateKeyPair: () => {
+    const { pubKey, privKey } = curve.generateKeyPair();
+    return {
+      private: Buffer.from(privKey),
+      public: Buffer.from(pubKey.slice(1))
+    };
+  },
+  sharedKey: (privateKey, publicKey) => {
+    const shared = curve.calculateAgreement(generateSignalPubKey(publicKey), privateKey);
+    return Buffer.from(shared);
+  },
+  sign: (privateKey, buf) => curve.calculateSignature(privateKey, buf),
+  verify: (pubKey, message, signature) => {
+    try {
+      curve.verifySignature(generateSignalPubKey(pubKey), message, signature);
+      return true;
+    }
+    catch (error) {
+      return false;
+    }
+  }
+};
+//=======================================================//
+export const signedKeyPair = (identityKeyPair, keyId) => {
+  const preKey = Curve.generateKeyPair();
+  const pubKey = generateSignalPubKey(preKey.public);
+  const signature = Curve.sign(identityKeyPair.private, pubKey);
+  return { keyPair: preKey, signature, keyId };
+};
+//=======================================================//
+const GCM_TAG_LENGTH = 128 >> 3;
+export function aesEncryptGCM(plaintext, key, iv, additionalData) {
+  const cipher = createCipheriv("aes-256-gcm", key, iv);
+  cipher.setAAD(additionalData);
+  return Buffer.concat([cipher.update(plaintext), cipher.final(), cipher.getAuthTag()]);
+}
+//=======================================================//
+export function aesDecryptGCM(ciphertext, key, iv, additionalData) {
+  const decipher = createDecipheriv("aes-256-gcm", key, iv);
+  const enc = ciphertext.slice(0, ciphertext.length - GCM_TAG_LENGTH);
+  const tag = ciphertext.slice(ciphertext.length - GCM_TAG_LENGTH);
+  decipher.setAAD(additionalData);
+  decipher.setAuthTag(tag);
+  return Buffer.concat([decipher.update(enc), decipher.final()]);
+}
+//=======================================================//
+export function aesEncryptCTR(plaintext, key, iv) {
+  const cipher = createCipheriv("aes-256-ctr", key, iv);
+  return Buffer.concat([cipher.update(plaintext), cipher.final()]);
+}
+//=======================================================//
+export function aesDecryptCTR(ciphertext, key, iv) {
+  const decipher = createDecipheriv("aes-256-ctr", key, iv);
+  return Buffer.concat([decipher.update(ciphertext), decipher.final()]);
+}
+//=======================================================//
+export function aesDecrypt(buffer, key) {
+  return aesDecryptWithIV(buffer.slice(16, buffer.length), key, buffer.slice(0, 16));
+}
+//=======================================================//
+export function aesDecryptWithIV(buffer, key, IV) {
+  const aes = createDecipheriv("aes-256-cbc", key, IV);
+  return Buffer.concat([aes.update(buffer), aes.final()]);
+}
+//=======================================================//
+export function aesEncrypt(buffer, key) {
+  const IV = randomBytes(16);
+  const aes = createCipheriv("aes-256-cbc", key, IV);
+  return Buffer.concat([IV, aes.update(buffer), aes.final()]);
+}
+//=======================================================//
+export function aesEncrypWithIV(buffer, key, IV) {
+  const aes = createCipheriv("aes-256-cbc", key, IV);
+  return Buffer.concat([aes.update(buffer), aes.final()]);
+}
+//=======================================================//
+export function hmacSign(buffer, key, variant = "sha256") {
+  return createHmac(variant, key).update(buffer).digest();
+}
+//=======================================================//
+export function sha256(buffer) {
+  return createHash("sha256").update(buffer).digest();
+}
+//=======================================================//
+export function md5(buffer) {
+  return createHash("md5").update(buffer).digest();
+}
+//=======================================================//
+export async function hkdf(buffer, expandedLength, info) {
+  const inputKeyMaterial = new Uint8Array(buffer instanceof Uint8Array ? buffer : new Uint8Array(buffer));
+  const salt = info.salt ? new Uint8Array(info.salt) : new Uint8Array(0);
+  const infoBytes = info.info ? new TextEncoder().encode(info.info) : new Uint8Array(0);
+  const importedKey = await subtle.importKey("raw", inputKeyMaterial, { name: "HKDF" }, false, [
+    "deriveBits"
+  ]);
+  const derivedBits = await subtle.deriveBits({
+    name: "HKDF",
+    hash: "SHA-256",
+    salt: salt,
+    info: infoBytes
+  }, importedKey, expandedLength * 8
+  );
+  return Buffer.from(derivedBits);
+}
+//=======================================================//
+export async function derivePairingCodeKey(pairingCode, salt) {
+  const encoder = new TextEncoder();
+  const pairingCodeBuffer = encoder.encode(pairingCode);
+  const saltBuffer = new Uint8Array(salt instanceof Uint8Array ? salt : new Uint8Array(salt));
+  const keyMaterial = await subtle.importKey("raw", pairingCodeBuffer, { name: "PBKDF2" }, false, [
+    "deriveBits"
+  ]);
+  const derivedBits = await subtle.deriveBits({
+    name: "PBKDF2",
+    salt: saltBuffer,
+    iterations: 2 << 16,
+    hash: "SHA-256"
+  }, keyMaterial, 32 * 8
+  );
+  return Buffer.from(derivedBits);
+}
+//=======================================================//

package/lib/Utils/decode-wa-message.js

@@ -0,0 +1,267 @@
+//=======================================================//
+import { areJidsSameUser, isHostedLidUser, isHostedPnUser, isJidBroadcast, isJidGroup, isJidMetaAI, isJidNewsletter, isJidStatusBroadcast, isLidUser, isPnUser } from "../WABinary/index.js";
+import { unpadRandomMax16 } from "./generics.js";
+import { proto } from "../../WAProto/index.js";
+import { Boom } from "@hapi/boom";
+//=======================================================//
+export const getDecryptionJid = async (sender, repository) => {
+  if (isLidUser(sender) || isHostedLidUser(sender)) {
+    return sender;
+  }
+  const mapped = await repository.lidMapping.getLIDForPN(sender);
+  return mapped || sender;
+};
+//=======================================================//
+const storeMappingFromEnvelope = async (stanza, sender, repository, decryptionJid, logger) => {
+  const { senderAlt } = extractAddressingContext(stanza);
+  if (senderAlt && isLidUser(senderAlt) && isPnUser(sender) && decryptionJid === sender) {
+    try {
+      await repository.lidMapping.storeLIDPNMappings([{ lid: senderAlt, pn: sender }]);
+      await repository.migrateSession(sender, senderAlt);
+      logger.debug({ sender, senderAlt }, "Stored LID mapping from envelope");
+    }
+    catch (error) {
+      logger.warn({ sender, senderAlt, error }, "Failed to store LID mapping");
+    }
+  }
+};
+//=======================================================//
+export const NO_MESSAGE_FOUND_ERROR_TEXT = "Message absent from node";
+export const MISSING_KEYS_ERROR_TEXT = "Key used already or never filled";
+//=======================================================//
+export const DECRYPTION_RETRY_CONFIG = {
+  maxRetries: 3,
+  baseDelayMs: 100,
+  sessionRecordErrors: ["No session record", "SessionError: No session record"]
+};
+//=======================================================//
+export const NACK_REASONS = {
+  ParsingError: 487,
+  UnrecognizedStanza: 488,
+  UnrecognizedStanzaClass: 489,
+  UnrecognizedStanzaType: 490,
+  InvalidProtobuf: 491,
+  InvalidHostedCompanionStanza: 493,
+  MissingMessageSecret: 495,
+  SignalErrorOldCounter: 496,
+  MessageDeletedOnPeer: 499,
+  UnhandledError: 500,
+  UnsupportedAdminRevoke: 550,
+  UnsupportedLIDGroup: 551,
+  DBOperationFailed: 552
+};
+//=======================================================//
+export const extractAddressingContext = (stanza) => {
+  let senderAlt;
+  let recipientAlt;
+  const sender = stanza.attrs.participant || stanza.attrs.from;
+  const addressingMode = stanza.attrs.addressing_mode || (sender?.endsWith("lid") ? "lid" : "pn");
+  if (addressingMode === "lid") {
+    senderAlt = stanza.attrs.participant_pn || stanza.attrs.sender_pn || stanza.attrs.peer_recipient_pn;
+    recipientAlt = stanza.attrs.recipient_pn;
+  }
+  else {
+    senderAlt = stanza.attrs.participant_lid || stanza.attrs.sender_lid || stanza.attrs.peer_recipient_lid;
+    recipientAlt = stanza.attrs.recipient_lid;
+  }
+  return {
+    addressingMode,
+    senderAlt,
+    recipientAlt
+  };
+};
+//=======================================================//
+export function decodeMessageNode(stanza, meId, meLid) {
+  let msgType;
+  let chatId;
+  let author;
+  let fromMe = false;
+  const msgId = stanza.attrs.id;
+  const from = stanza.attrs.from;
+  const participant = stanza.attrs.participant;
+  const recipient = stanza.attrs.recipient;
+  const addressingContext = extractAddressingContext(stanza);
+  const isMe = (jid) => areJidsSameUser(jid, meId);
+  const isMeLid = (jid) => areJidsSameUser(jid, meLid);
+  if (isPnUser(from) || isLidUser(from) || isHostedLidUser(from) || isHostedPnUser(from)) {
+    if (recipient && !isJidMetaAI(recipient)) {
+      if (!isMe(from) && !isMeLid(from)) {
+        throw new Boom("receipient present, but msg not from me", { data: stanza });
+      }
+      if (isMe(from) || isMeLid(from)) {
+        fromMe = true;
+      }
+      chatId = recipient;
+    }
+    else {
+      chatId = from;
+    }
+    msgType = "chat";
+    author = from;
+  }
+  else if (isJidGroup(from)) {
+    if (!participant) {
+      throw new Boom("No participant in group message");
+    }
+    if (isMe(participant) || isMeLid(participant)) {
+      fromMe = true;
+    }
+    msgType = "group";
+    author = participant;
+    chatId = from;
+  }
+  else if (isJidBroadcast(from)) {
+    if (!participant) {
+      throw new Boom("No participant in group message");
+    }
+    const isParticipantMe = isMe(participant);
+    if (isJidStatusBroadcast(from)) {
+      msgType = isParticipantMe ? "direct_peer_status" : "other_status";
+    }
+    else {
+      msgType = isParticipantMe ? "peer_broadcast" : "other_broadcast";
+    }
+    fromMe = isParticipantMe;
+    chatId = from;
+    author = participant;
+  }
+  else if (isJidNewsletter(from)) {
+    msgType = "newsletter";
+    chatId = from;
+    author = from;
+    if (isMe(from) || isMeLid(from)) {
+      fromMe = true;
+    }
+  }
+  else {
+    throw new Boom("Unknown message type", { data: stanza });
+  }
+  const pushname = stanza?.attrs?.notify;
+  const key = {
+    remoteJid: chatId,
+    remoteJidAlt: !isJidGroup(chatId) ? addressingContext.senderAlt : undefined,
+    fromMe,
+    id: msgId,
+    participant,
+    participantAlt: isJidGroup(chatId) ? addressingContext.senderAlt : undefined,
+    addressingMode: addressingContext.addressingMode,
+    ...(msgType === "newsletter" && stanza.attrs.server_id ? { server_id: stanza.attrs.server_id } : {})
+  };
+  const fullMessage = {
+    key,
+    messageTimestamp: +stanza.attrs.t,
+    pushName: pushname,
+    broadcast: isJidBroadcast(from)
+  };
+  if (key.fromMe) {
+    fullMessage.status = proto.WebMessageInfo.Status.SERVER_ACK;
+  }
+  return {
+    fullMessage,
+    author,
+    sender: msgType === "chat" ? author : chatId
+  };
+}
+//=======================================================//
+export const decryptMessageNode = (stanza, meId, meLid, repository, logger) => {
+  const { fullMessage, author, sender } = decodeMessageNode(stanza, meId, meLid);
+  return {
+    fullMessage,
+    category: stanza.attrs.category,
+    author,
+    async decrypt() {
+      let decryptables = 0;
+      if (Array.isArray(stanza.content)) {
+        for (const { tag, attrs, content } of stanza.content) {
+          if (tag === "verified_name" && content instanceof Uint8Array) {
+            const cert = proto.VerifiedNameCertificate.decode(content);
+            const details = proto.VerifiedNameCertificate.Details.decode(cert.details);
+            fullMessage.verifiedBizName = details.verifiedName;
+          }
+          if (tag === "unavailable" && attrs.type === "view_once") {
+            fullMessage.key.isViewOnce = true;
+          }
+          if (tag !== "enc" && tag !== "plaintext") {
+            continue;
+          }
+          if (!(content instanceof Uint8Array)) {
+            continue;
+          }
+          decryptables += 1;
+          let msgBuffer;
+          const decryptionJid = await getDecryptionJid(author, repository);
+          if (tag !== "plaintext") {
+            await storeMappingFromEnvelope(stanza, author, repository, decryptionJid, logger);
+          }
+          try {
+            const e2eType = tag === "plaintext" ? "plaintext" : attrs.type;
+            switch (e2eType) {
+              case "skmsg":
+                msgBuffer = await repository.decryptGroupMessage({
+                  group: sender,
+                  authorJid: author,
+                  msg: content
+                });
+                break;
+              case "pkmsg":
+              case "msg":
+                msgBuffer = await repository.decryptMessage({
+                  jid: decryptionJid,
+                  type: e2eType,
+                  ciphertext: content
+                });
+                break;
+              case "plaintext":
+                msgBuffer = content;
+                break;
+              default:
+                throw new Error(`Unknown e2e type: ${e2eType}`);
+            }
+            let msg = proto.Message.decode(e2eType !== "plaintext" ? unpadRandomMax16(msgBuffer) : msgBuffer);
+            msg = msg.deviceSentMessage?.message || msg;
+            if (msg.senderKeyDistributionMessage) {
+              try {
+                await repository.processSenderKeyDistributionMessage({
+                  authorJid: author,
+                  item: msg.senderKeyDistributionMessage
+                });
+              }
+              catch (err) {
+                logger.error({ key: fullMessage.key, err }, "failed to process sender key distribution message");
+              }
+            }
+            if (fullMessage.message) {
+              Object.assign(fullMessage.message, msg);
+            }
+            else {
+              fullMessage.message = msg;
+            }
+          }
+          catch (err) {
+            const errorContext = {
+              key: fullMessage.key,
+              err,
+              messageType: tag === "plaintext" ? "plaintext" : attrs.type,
+              sender,
+              author,
+              isSessionRecordError: isSessionRecordError(err)
+            };
+            logger.error(errorContext, "failed to decrypt message");
+            fullMessage.messageStubType = proto.WebMessageInfo.StubType.CIPHERTEXT;
+            fullMessage.messageStubParameters = [err.message.toString()];
+          }
+        }
+      }
+      if (!decryptables) {
+        fullMessage.messageStubType = proto.WebMessageInfo.StubType.CIPHERTEXT;
+        fullMessage.messageStubParameters = [NO_MESSAGE_FOUND_ERROR_TEXT];
+      }
+    }
+  };
+};
+//=======================================================//
+function isSessionRecordError(error) {
+  const errorMessage = error?.message || error?.toString() || "";
+  return DECRYPTION_RETRY_CONFIG.sessionRecordErrors.some(errorPattern => errorMessage.includes(errorPattern));
+}
+//=======================================================//

package/lib/Utils/decode-wa-message.js.bak

@@ -0,0 +1,267 @@
+//=======================================================//
+import { areJidsSameUser, isHostedLidUser, isHostedPnUser, isJidBroadcast, isJidGroup, isJidMetaAI, isJidNewsletter, isJidStatusBroadcast, isLidUser, isPnUser } from "../WABinary/index.js";
+import { unpadRandomMax16 } from "./generics.js";
+import { proto } from "../../WAProto/index.js";
+import { Boom } from "@hapi/boom";
+//=======================================================//
+export const getDecryptionJid = async (sender, repository) => {
+  if (isLidUser(sender) || isHostedLidUser(sender)) {
+    return sender;
+  }
+  const mapped = await repository.lidMapping.getLIDForPN(sender);
+  return mapped || sender;
+};
+//=======================================================//
+const storeMappingFromEnvelope = async (stanza, sender, repository, decryptionJid, logger) => {
+  const { senderAlt } = extractAddressingContext(stanza);
+  if (senderAlt && isLidUser(senderAlt) && isPnUser(sender) && decryptionJid === sender) {
+    try {
+      await repository.lidMapping.storeLIDPNMappings([{ lid: senderAlt, pn: sender }]);
+      await repository.migrateSession(sender, senderAlt);
+      logger.debug({ sender, senderAlt }, "Stored LID mapping from envelope");
+    }
+    catch (error) {
+      logger.warn({ sender, senderAlt, error }, "Failed to store LID mapping");
+    }
+  }
+};
+//=======================================================//
+export const NO_MESSAGE_FOUND_ERROR_TEXT = "Message absent from node";
+export const MISSING_KEYS_ERROR_TEXT = "Key used already or never filled";
+//=======================================================//
+export const DECRYPTION_RETRY_CONFIG = {
+  maxRetries: 3,
+  baseDelayMs: 100,
+  sessionRecordErrors: ["No session record", "SessionError: No session record"]
+};
+//=======================================================//
+export const NACK_REASONS = {
+  ParsingError: 487,
+  UnrecognizedStanza: 488,
+  UnrecognizedStanzaClass: 489,
+  UnrecognizedStanzaType: 490,
+  InvalidProtobuf: 491,
+  InvalidHostedCompanionStanza: 493,
+  MissingMessageSecret: 495,
+  SignalErrorOldCounter: 496,
+  MessageDeletedOnPeer: 499,
+  UnhandledError: 500,
+  UnsupportedAdminRevoke: 550,
+  UnsupportedLIDGroup: 551,
+  DBOperationFailed: 552
+};
+//=======================================================//
+export const extractAddressingContext = (stanza) => {
+  let senderAlt;
+  let recipientAlt;
+  const sender = stanza.attrs.participant || stanza.attrs.from;
+  const addressingMode = stanza.attrs.addressing_mode || (sender?.endsWith("lid") ? "lid" : "pn");
+  if (addressingMode === "lid") {
+    senderAlt = stanza.attrs.participant_pn || stanza.attrs.sender_pn || stanza.attrs.peer_recipient_pn;
+    recipientAlt = stanza.attrs.recipient_pn;
+  }
+  else {
+    senderAlt = stanza.attrs.participant_lid || stanza.attrs.sender_lid || stanza.attrs.peer_recipient_lid;
+    recipientAlt = stanza.attrs.recipient_lid;
+  }
+  return {
+    addressingMode,
+    senderAlt,
+    recipientAlt
+  };
+};
+//=======================================================//
+export function decodeMessageNode(stanza, meId, meLid) {
+  let msgType;
+  let chatId;
+  let author;
+  let fromMe = false;
+  const msgId = stanza.attrs.id;
+  const from = stanza.attrs.from_pn;
+  const participant = stanza.attrs.participant_pn;
+  const recipient = stanza.attrs.recipient;
+  const addressingContext = extractAddressingContext(stanza);
+  const isMe = (jid) => areJidsSameUser(jid, meId);
+  const isMeLid = (jid) => areJidsSameUser(jid, meLid);
+  if (isPnUser(from) || isLidUser(from) || isHostedLidUser(from) || isHostedPnUser(from)) {
+    if (recipient && !isJidMetaAI(recipient)) {
+      if (!isMe(from) && !isMeLid(from)) {
+        throw new Boom("receipient present, but msg not from me", { data: stanza });
+      }
+      if (isMe(from) || isMeLid(from)) {
+        fromMe = true;
+      }
+      chatId = recipient;
+    }
+    else {
+      chatId = from;
+    }
+    msgType = "chat";
+    author = from;
+  }
+  else if (isJidGroup(from)) {
+    if (!participant) {
+      throw new Boom("No participant in group message");
+    }
+    if (isMe(participant) || isMeLid(participant)) {
+      fromMe = true;
+    }
+    msgType = "group";
+    author = participant;
+    chatId = from;
+  }
+  else if (isJidBroadcast(from)) {
+    if (!participant) {
+      throw new Boom("No participant in group message");
+    }
+    const isParticipantMe = isMe(participant);
+    if (isJidStatusBroadcast(from)) {
+      msgType = isParticipantMe ? "direct_peer_status" : "other_status";
+    }
+    else {
+      msgType = isParticipantMe ? "peer_broadcast" : "other_broadcast";
+    }
+    fromMe = isParticipantMe;
+    chatId = from;
+    author = participant;
+  }
+  else if (isJidNewsletter(from)) {
+    msgType = "newsletter";
+    chatId = from;
+    author = from;
+    if (isMe(from) || isMeLid(from)) {
+      fromMe = true;
+    }
+  }
+  else {
+    throw new Boom("Unknown message type", { data: stanza });
+  }
+  const pushname = stanza?.attrs?.notify;
+  const key = {
+    remoteJid: chatId,
+    remoteJidAlt: !isJidGroup(chatId) ? addressingContext.senderAlt : undefined,
+    fromMe,
+    id: msgId,
+    participant,
+    participantAlt: isJidGroup(chatId) ? addressingContext.senderAlt : undefined,
+    addressingMode: addressingContext.addressingMode,
+    ...(msgType === "newsletter" && stanza.attrs.server_id ? { server_id: stanza.attrs.server_id } : {})
+  };
+  const fullMessage = {
+    key,
+    messageTimestamp: +stanza.attrs.t,
+    pushName: pushname,
+    broadcast: isJidBroadcast(from)
+  };
+  if (key.fromMe) {
+    fullMessage.status = proto.WebMessageInfo.Status.SERVER_ACK;
+  }
+  return {
+    fullMessage,
+    author,
+    sender: msgType === "chat" ? author : chatId
+  };
+}
+//=======================================================//
+export const decryptMessageNode = (stanza, meId, meLid, repository, logger) => {
+  const { fullMessage, author, sender } = decodeMessageNode(stanza, meId, meLid);
+  return {
+    fullMessage,
+    category: stanza.attrs.category,
+    author,
+    async decrypt() {
+      let decryptables = 0;
+      if (Array.isArray(stanza.content)) {
+        for (const { tag, attrs, content } of stanza.content) {
+          if (tag === "verified_name" && content instanceof Uint8Array) {
+            const cert = proto.VerifiedNameCertificate.decode(content);
+            const details = proto.VerifiedNameCertificate.Details.decode(cert.details);
+            fullMessage.verifiedBizName = details.verifiedName;
+          }
+          if (tag === "unavailable" && attrs.type === "view_once") {
+            fullMessage.key.isViewOnce = true;
+          }
+          if (tag !== "enc" && tag !== "plaintext") {
+            continue;
+          }
+          if (!(content instanceof Uint8Array)) {
+            continue;
+          }
+          decryptables += 1;
+          let msgBuffer;
+          const decryptionJid = await getDecryptionJid(author, repository);
+          if (tag !== "plaintext") {
+            await storeMappingFromEnvelope(stanza, author, repository, decryptionJid, logger);
+          }
+          try {
+            const e2eType = tag === "plaintext" ? "plaintext" : attrs.type;
+            switch (e2eType) {
+              case "skmsg":
+                msgBuffer = await repository.decryptGroupMessage({
+                  group: sender,
+                  authorJid: author,
+                  msg: content
+                });
+                break;
+              case "pkmsg":
+              case "msg":
+                msgBuffer = await repository.decryptMessage({
+                  jid: decryptionJid,
+                  type: e2eType,
+                  ciphertext: content
+                });
+                break;
+              case "plaintext":
+                msgBuffer = content;
+                break;
+              default:
+                throw new Error(`Unknown e2e type: ${e2eType}`);
+            }
+            let msg = proto.Message.decode(e2eType !== "plaintext" ? unpadRandomMax16(msgBuffer) : msgBuffer);
+            msg = msg.deviceSentMessage?.message || msg;
+            if (msg.senderKeyDistributionMessage) {
+              try {
+                await repository.processSenderKeyDistributionMessage({
+                  authorJid: author,
+                  item: msg.senderKeyDistributionMessage
+                });
+              }
+              catch (err) {
+                logger.error({ key: fullMessage.key, err }, "failed to process sender key distribution message");
+              }
+            }
+            if (fullMessage.message) {
+              Object.assign(fullMessage.message, msg);
+            }
+            else {
+              fullMessage.message = msg;
+            }
+          }
+          catch (err) {
+            const errorContext = {
+              key: fullMessage.key,
+              err,
+              messageType: tag === "plaintext" ? "plaintext" : attrs.type,
+              sender,
+              author,
+              isSessionRecordError: isSessionRecordError(err)
+            };
+            logger.error(errorContext, "failed to decrypt message");
+            fullMessage.messageStubType = proto.WebMessageInfo.StubType.CIPHERTEXT;
+            fullMessage.messageStubParameters = [err.message.toString()];
+          }
+        }
+      }
+      if (!decryptables) {
+        fullMessage.messageStubType = proto.WebMessageInfo.StubType.CIPHERTEXT;
+        fullMessage.messageStubParameters = [NO_MESSAGE_FOUND_ERROR_TEXT];
+      }
+    }
+  };
+};
+//=======================================================//
+function isSessionRecordError(error) {
+  const errorMessage = error?.message || error?.toString() || "";
+  return DECRYPTION_RETRY_CONFIG.sessionRecordErrors.some(errorPattern => errorMessage.includes(errorPattern));
+}
+//=======================================================//