whatsapp-nodejs 0.0.1-security → 0.0.1

package/src/protocol/CipherState.js

@@ -0,0 +1,48 @@
+const crypto = require('./crypto');
+
+class CipherState {
+  constructor(name) {
+    this.name = name;
+    this.key = Buffer.alloc(0); // aes 加解密的 key 字段
+  }
+
+  setKey(key) {
+    this.key = key;
+    this.setNonce(0);
+  }
+
+  setNonce(nonce) {
+    this.nonce = nonce;
+  }
+
+  hasKey() {
+    return this.key && this.key.length;
+  }
+
+  rekey() {
+    const key = crypto.encryptAES256GCM(
+      Buffer.alloc(32).fill(0),
+      this.key,
+      Buffer.alloc(0),
+      2 ** 64 - 1
+    );
+    this.setKey(key);
+  }
+
+  encryptAES256GCM(ad, plaintext) {
+    if (!this.key.length) return plaintext;
+    const result = crypto.encryptAES256GCM(plaintext, this.key, ad, this.nonce);
+    this.nonce++;
+    return result;
+  }
+
+  decryptAES256GCM(ad, ciphertext) {
+    if (!this.key.length) return ciphertext;
+    const result = crypto.decryptAES256GCM(ciphertext, this.key, ad, this.nonce);
+    this.nonce++;
+
+    return result;
+  }
+}
+
+module.exports = CipherState;

package/src/protocol/FallbackPatternModifier.js

@@ -0,0 +1,48 @@
+const HandshakePattern = require('./HandshakePattern');
+
+class FallbackPatternModifier {
+  VALID_FIRST_MESSAGES = [['e'], ['s'], ['e', 's']];
+
+  constructor() {
+    this.name = 'fallback';
+    this._name = 'fallback';
+  }
+
+  _is_modifiable(handsakepattern) {
+    const str = handsakepattern.message_patterns[0].join('');
+    for (let i = 0; i < this.VALID_FIRST_MESSAGES.length; i++) {
+      const element = this.VALID_FIRST_MESSAGES[i].join('');
+      if (element === str) return true;
+    }
+    return false;
+  }
+
+  _get_message_patterns(handshakepattern) {
+    return handshakepattern.message_patterns.slice(1);
+  }
+
+  _get_initiator_pre_messages(handshakepattern) {
+    return handshakepattern.message_patterns[0];
+  }
+
+  _get_responder_pre_messages() {}
+
+  _interpret_as_bob(handshakepattern) {
+    return true;
+  }
+
+  modify(pattern) {
+    if (!this._is_modifiable(pattern)) {
+      throw new Error(`pattern ${pattern.name} is not modifiable by ${this.name}`);
+    }
+    const name = pattern.origin_name + pattern.modifiers.concat(this.name).join('+');
+    return new HandshakePattern(
+      name,
+      this._get_message_patterns(pattern),
+      this._get_initiator_pre_messages(pattern),
+      this._get_responder_pre_messages(pattern),
+      this._interpret_as_bob(pattern)
+    );
+  }
+}
+module.exports = FallbackPatternModifier;

package/src/protocol/ForwarderHandshakeState.js

@@ -0,0 +1,56 @@
+const HandShakeState = require('./HandshakeState');
+
+class ForwarderHandshakeState extends HandShakeState {
+  constructor(handshakestate) {
+    super();
+    this._handshakestate = handshakestate;
+  }
+
+  initialize(
+    handshake_pattern,
+    initiator,
+    prologue,
+    s = null,
+    e = null,
+    rs = null,
+    re = null,
+    psks = null
+  ) {
+    return this._handshakestate.initialize(
+      handshake_pattern,
+      initiator,
+      prologue,
+      s,
+      e,
+      rs,
+      re,
+      psks
+    );
+  }
+
+  write_message(payload, message_buffer) {
+    return this._handshakestate.write_message(payload, message_buffer);
+  }
+
+  read_message(message, payload_buffer) {
+    return this._handshakestate.read_message(message, payload_buffer);
+  }
+
+  get re() {
+    return this._handshakestate.re;
+  }
+
+  get rs() {
+    return this._handshakestate.rs;
+  }
+
+  get s() {
+    return this._handshakestate.s;
+  }
+
+  get e() {
+    return this._handshakestate.e;
+  }
+}
+
+module.exports = ForwarderHandshakeState;

package/src/protocol/HandShake.js

@@ -0,0 +1,273 @@
+const CipherState = require('./CipherState');
+const WASymmetricState = require('./WASymmetricState');
+const HandshakeState = require('./HandshakeState');
+const SwitchableHandshakeState = require('./SwitchableHandshakeState');
+const IKHandshakePattern = require('./handshakepatterns/IKHandshakePattern');
+const FallbackPatternModifier = require('./FallbackPatternModifier');
+const XXHandshakePattern = require('./handshakepatterns/XXHandshakePattern');
+
+const Decoder = require('../bin/decoder');
+const { ClientHello, HandshakeMessage } = require('../protobuf/pb');
+
+class HandShake {
+  constructor(waSocketClient) {
+    this.waSocketClient = waSocketClient;
+
+    const versionMajor = 5;
+    const versionMinor = 2;
+    const waversion = Buffer.from([versionMajor, versionMinor]);
+
+    this.HEADER = Buffer.concat([Buffer.from('WA'), waversion]);
+    this._prologue = Buffer.concat([Buffer.from('WA'), waversion]);
+
+    this.EDGE_HEADER = Buffer.concat([Buffer.from('ED'), Buffer.from([0, 1])]);
+
+    const cipherState = new CipherState('AESGCM');
+    const waSymmetricState = new WASymmetricState(cipherState);
+    const handshakeState = new SwitchableHandshakeState(new HandshakeState(waSymmetricState));
+    this.handshakeState = handshakeState;
+
+    this.isHandShake = false;
+
+    this.waSocketClient
+      .on('data', async data => {
+        if (!this.isHandShake) return;
+        try {
+          const buffer = this.decrypt(data);
+          const decoder = new Decoder();
+          const node = await decoder.getProtocolTreeNode(buffer);
+          if (node && node.tag) {
+            this.waSocketClient.emit('node', node);
+          }
+          const str = node.toString();
+          console.info('recv ==>', str);
+        } catch (e) {
+          console.error('解包失败', e);
+        }
+      })
+      // TODO
+      .on('sendencryptmessage', async data => {
+        this.waSocketClient.send(this.encrypt(data), true);
+      });
+  }
+
+  toBuffer(plaintext) {
+    if (typeof plaintext === 'undefined') return Buffer.alloc(0);
+    return typeof plaintext === 'string'
+      ? Buffer.from(plaintext, 'base64')
+      : Buffer.from(plaintext);
+  }
+
+  decrypt(message) {
+    return this.recvCipherState.decryptAES256GCM(Buffer.alloc(0), this.toBuffer(message));
+  }
+
+  encrypt(message) {
+    return this.sendCipherState.encryptAES256GCM(Buffer.alloc(0), this.toBuffer(message));
+  }
+
+  async start(config, serverStaticPublic) {
+    let clientStaticKeypair = Buffer.from(config.clientStaticKeypair, 'base64');
+    clientStaticKeypair = {
+      private: clientStaticKeypair.slice(0, 32),
+      public: clientStaticKeypair.slice(-32),
+    };
+
+    let cipherstatepair;
+    if (serverStaticPublic) {
+      try {
+        console.debug('perform use startHandshakeIK');
+        cipherstatepair = await this.startHandshakeIK(
+          config,
+          clientStaticKeypair,
+          serverStaticPublic
+        );
+      } catch (e) {
+        console.error('perform use startHandshakeIK error', e);
+        console.debug('perform use switchHandshakeXXFallback');
+        cipherstatepair = await this.switchHandshakeXXFallback(
+          clientStaticKeypair,
+          this.createPayload(config),
+          e.serverHello
+        );
+      }
+    } else {
+      console.debug('perform use startHandshakeXX');
+      cipherstatepair = await this.startHandshakeXX(config, clientStaticKeypair);
+    }
+    console.info('Handshake success.');
+    this.isHandShake = true;
+    return cipherstatepair;
+  }
+
+  async switchHandshakeXXFallback(clientStaticKeypair, payload, serverHello) {
+    console.debug('switchHandshakeXXFallback');
+    this.handshakeState.switch(
+      new FallbackPatternModifier().modify(new XXHandshakePattern()),
+      true,
+      this._prologue,
+      clientStaticKeypair
+    );
+    const payload_buffer = [];
+    const message = Buffer.concat([
+      Buffer.from(serverHello.ephemeral, 'base64'),
+      Buffer.from(serverHello.static, 'base64'),
+      Buffer.from(serverHello.payload, 'base64'),
+    ]);
+    this.handshakeState.read_message(message, payload_buffer);
+
+    const message_array = [];
+    const cipherpair = this.handshakeState.write_message(payload, message_array);
+    const message_buffer = Buffer.from(message_array);
+
+    const clientFinishBuffer = HandshakeMessage.HandshakeMessage.encode(
+      HandshakeMessage.HandshakeMessage.create({
+        clientFinish: {
+          static: message_buffer.slice(0, 48),
+          payload: message_buffer.slice(48),
+        },
+      })
+    ).finish();
+    this.waSocketClient.send(clientFinishBuffer);
+    // this.waSocketClient.setSendLogin(true);
+    [this.sendCipherState, this.recvCipherState] = cipherpair;
+    // 登陆成功
+    return cipherpair;
+  }
+
+  async startHandshakeIK(config, clientStaticKeypair, serverStaticPublic) {
+    const ik = new IKHandshakePattern();
+    this.handshakeState.initialize(
+      ik,
+      true,
+      this._prologue,
+      clientStaticKeypair,
+      null,
+      serverStaticPublic
+    );
+
+    const clientInfoBuffer = this.createPayload(config);
+    const messageArray = [];
+    this.handshakeState.write_message(clientInfoBuffer, messageArray);
+
+    const messageBuffer = Buffer.from(messageArray);
+    const ephemeral_public = messageBuffer.slice(0, 32);
+    const static_public = messageBuffer.slice(32, 32 + 48);
+    const payload = messageBuffer.slice(32 + 48);
+    const clientHelloBuffer = HandshakeMessage.HandshakeMessage.encode(
+      HandshakeMessage.HandshakeMessage.create({
+        clientHello: {
+          ephemeral: ephemeral_public,
+          static: static_public,
+          payload,
+        },
+      })
+    ).finish();
+
+    this.waSocketClient.send(this.EDGE_HEADER, false);
+    this.waSocketClient.send(config.edgeRoutingInfo || 'CAwIBQ==');
+    this.waSocketClient.send(this.HEADER, false);
+    this.waSocketClient.send(clientHelloBuffer);
+
+    return new Promise((resolve, reject) => {
+      this.waSocketClient.once('data', async buffer => {
+        this.isHandShake = true;
+        const { serverHello } = HandshakeMessage.HandshakeMessage.decode(buffer).toJSON();
+        console.debug('serverHello', serverHello);
+        if (serverHello.static && serverHello.static.length) {
+          const e = new Error('');
+          e.serverHello = serverHello;
+          reject(e);
+          return;
+        }
+
+        serverHello.static = Buffer.alloc(0);
+        if (serverHello.static && serverHello.static.length) {
+          serverHello.static = Buffer.from(serverHello.static, 'base64');
+        }
+
+        const message = Buffer.concat([
+          Buffer.from(serverHello.ephemeral, 'base64'),
+          serverHello.static,
+          Buffer.from(serverHello.payload, 'base64'),
+        ]);
+        const cipherpair = this.handshakeState.read_message(message, []);
+        [this.sendCipherState, this.recvCipherState] = cipherpair;
+        // 登陆成功
+        resolve(cipherpair);
+      });
+    });
+  }
+
+  generatePushName() {
+    const strings = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
+    const len = Math.floor(Math.random() * 4 + 4);
+    let name = '';
+    const stringsLen = strings.length;
+    for (let i = 0; i < len; i++) {
+      name += strings[Math.floor(Math.random() * stringsLen)];
+    }
+    return name;
+  }
+
+  createPayload(config) {
+    console.debug('client version:', config.version);
+    console.debug(
+      'account:',
+      config.cc,
+      config.mobile,
+      config.mcc,
+      config.mnc,
+      'platform',
+      config.platform
+    );
+    console.debug('client info:', config.oSVersion, config.manufacturer, config.deviceName);
+    const appVersion = config.version.split('.');
+    const clientConfig = {
+      username: config.mobile,
+      passive: false, // 是否接收被动消息
+      // passive: config.passive,
+      useragent: {
+        platform: config.platform || 0,
+        appVersion: {
+          primary: appVersion[0],
+          secondary: appVersion[1],
+          tertiary: appVersion[2],
+          quaternary: appVersion[3],
+        },
+        mcc: config.mcc || '000',
+        mnc: config.mnc || '000',
+        osVersion: config.oSVersion,
+        manufacturer: config.manufacturer,
+        device: config.deviceName,
+        osBuildNumber: config.oSVersion,
+        phoneId: config.fdid || '',
+        localeLanguageIso_639_1: config.lg || 'en',
+        localeCountryIso_3166_1Alpha_2: config.lc || 'US',
+        device2: 'unknown',
+        // releaseChannel: 0,
+      },
+      pushName: config.pushName || this.generatePushName(),
+      sessionId: Math.floor(Math.random() * 2 ** 32) + 1,
+      shortConnect: false,
+      connectType: 1,
+      // dnsSource: {
+      //   dnsMethod: 2,
+      //   appCached: 1,
+      // },
+      // connectAttemptCount: 1,
+      // tag23: 1,
+      // tag24: 134,
+    };
+    if (Number(config.platform) === 10) {
+      clientConfig.tag23 = 1;
+      clientConfig.tag24 = 5;
+    }
+
+    const ClientConfig = ClientHello.C2S;
+    const buffer = ClientConfig.encode(ClientConfig.create(clientConfig)).finish();
+    return buffer;
+  }
+}
+
+module.exports = HandShake;

package/src/protocol/HandshakePattern.js

@@ -0,0 +1,62 @@
+class HandshakePattern {
+  REGEX_PATTERN_NAME_MODIFIERS = new RegExp('([A-Z1-9]{1,4})([a-z0-9+]+)*');
+
+  TEMPLATE_REPR = '{name}:\n{patterns}';
+
+  TEMPLATE_REPR_PATTERNS_WITH_PRE = '{pre_patterns}\n  ...\n{message_patterns}';
+
+  TEMPLATE_REPR_MESSAGE_SEND = '  -> {tokens}';
+
+  TEMPLATE_REPR_MESSAGE_RECV = '  <- {tokens}';
+
+  constructor(
+    name,
+    message_patterns,
+    initiator_pre_messages = null,
+    responder_pre_message_pattern = null,
+    interpret_as_bob = false
+  ) {
+    this._name = name; // type: str
+    // this._origin_pattern, this._modifiers = this.__class__.parse_handshakepattern(this._name)
+    this._origin_pattern = name;
+    this._modifiers = [];
+    this._message_patterns = message_patterns; // type: tuple[tuple[str]]
+    this._initiator_pre_message_pattern = initiator_pre_messages || []; // type: tuple[str]
+    this._responder_pre_message_pattern = responder_pre_message_pattern || []; // type: tuple[str]
+    this._interpret_as_bob = interpret_as_bob; // type: bool
+  }
+
+  get name() {
+    return this._name;
+  }
+
+  get interpret_as_bob() {
+    return this._interpret_as_bob;
+  }
+
+  get message_patterns() {
+    return this._message_patterns;
+  }
+
+  get initiator_pre_message_pattern() {
+    return this._initiator_pre_message_pattern;
+  }
+
+  get responder_pre_message_pattern() {
+    return this._responder_pre_message_pattern;
+  }
+
+  get origin_name() {
+    return this._origin_pattern;
+  }
+
+  get modifiers() {
+    return this._modifiers;
+  }
+
+  // static parse_handshakepattern(handshake_pattern_name) {
+  //   let matches = handshake_pattern_name.search(this.REGEX_PATTERN_NAME_MODIFIERS)
+  // }
+}
+
+module.exports = HandshakePattern;

package/src/protocol/HandshakeState.js

@@ -0,0 +1,223 @@
+const utils = require('../lib/utils');
+const crypto = require('./crypto');
+
+class HandshakeState {
+  _TEMPLATE_PROTOCOL_NAME = 'Noise_{handshake}_{dh}_{cipher}_{hash}';
+
+  constructor(symmetricstate) {
+    this._symmetricstate = symmetricstate; // type: SymmetricState
+    this._s = null; // type: KeyPair config.client_static_keypair
+    this._e = null; // type: KeyPair | None 本地生成的一对公私钥
+    this._rs = null; // type: PublicKey | None 服务端公钥
+    this._re = null; // type: PublicKey | None 本次会话，服务端返回的公钥
+    this._initiator = null;
+    this._message_patterns = null; // type: list[tuple[str]]
+    this._protocol_name = null; // type: str | None
+  }
+
+  get protocol_name() {
+    return this._protocol_name;
+  }
+
+  get symmetricstate() {
+    return this._symmetricstate;
+  }
+
+  get rs() {
+    return this._rs;
+  }
+
+  get re() {
+    return this._re;
+  }
+
+  get s() {
+    return this._s;
+  }
+
+  get e() {
+    return this._e;
+  }
+
+  get dh() {
+    return this._dh;
+  }
+
+  initialize(
+    handshake_pattern,
+    initiator, // xx 时 为 true
+    prologue, // Buffer.from('WA',[4,1]) = Buffer.from([0x57,0x41,0x04,0x01])
+    s = null,
+    e = null,
+    rs = null,
+    re = null,
+    psks = null
+  ) {
+    // console.log('handshake_pattern', handshake_pattern);
+    // Noise_XX_25519_AESGCM_SHA256
+    this._protocol_name = this._derive_protocol_name(handshake_pattern.name);
+    this._symmetricstate.initialize_symmetric(this._protocol_name);
+    this._symmetricstate.mix_hash(prologue);
+    this._initiator = initiator;
+    this._s = s;
+    this._e = e;
+    this._rs = rs;
+    this._re = re;
+    this._psks = psks;
+    this._pskmode = handshake_pattern.name.indexOf('psk') !== -1;
+    if (
+      handshake_pattern.initiator_pre_message_pattern.length ||
+      handshake_pattern.responder_pre_message_pattern.length
+    ) {
+      if (initiator) {
+        for (let i = 0; i < handshake_pattern.initiator_pre_message_pattern.length; i++) {
+          const token = handshake_pattern.initiator_pre_message_pattern[i];
+          if (token === 's') {
+            this._symmetricstate.mix_hash(s.public);
+          }
+          if (token === 'e') {
+            this._symmetricstate.mix_hash(e.public);
+            if (this._pskmode) {
+              this._symmetricstate.mix_key(e.public);
+            }
+          }
+        }
+        for (let i = 0; i < handshake_pattern.responder_pre_message_pattern.length; i++) {
+          const token = handshake_pattern.responder_pre_message_pattern[i];
+          if (token === 's') {
+            this._symmetricstate.mix_hash(rs);
+          }
+          if (token === 'e') {
+            this._symmetricstate.mix_hash(re);
+          }
+        }
+      } else {
+        for (let i = 0; i < handshake_pattern.initiator_pre_message_pattern.length; i++) {
+          const token = handshake_pattern.initiator_pre_message_pattern[i];
+          if (token === 's') {
+            this._symmetricstate.mix_hash(rs);
+          }
+          if (token === 'e') {
+            this._symmetricstate.mix_hash(re);
+          }
+        }
+        for (let i = 0; i < handshake_pattern.responder_pre_message_pattern.length; i++) {
+          const token = handshake_pattern.responder_pre_message_pattern[i];
+          if (token === 's') {
+            this._symmetricstate.mix_hash(s.public);
+          }
+          if (token === 'e') {
+            this._symmetricstate.mix_hash(e.public);
+            if (this._pskmode) {
+              this._symmetricstate.mix_key(e.public);
+            }
+          }
+        }
+      }
+    }
+    this._message_patterns = handshake_pattern.message_patterns;
+  }
+
+  _derive_protocol_name(handshake_pattern_name) {
+    return `Noise_${handshake_pattern_name}_25519_${this._symmetricstate.ciphername}_${this._symmetricstate.hashname}`;
+  }
+
+  write_message(payload, message_buffer) {
+    const message_pattern = this._message_patterns.shift();
+    for (let i = 0; i < message_pattern.length; i++) {
+      const token = message_pattern[i];
+      if (token === 'e') {
+        this._e = utils.generateKeyPair();
+        this._e.public.map(val => message_buffer.push(val));
+        this._symmetricstate.mix_hash(this._e.public);
+        if (this._pskmode) {
+          this._symmetricstate.mix_key(this._e.public);
+        }
+      } else if (token === 's') {
+        const encrypted = this._symmetricstate.encrypt_and_hash(this._s.public);
+        encrypted.map(val => message_buffer.push(val));
+      } else if (token === 'ee') {
+        this._symmetricstate.mix_key(crypto.dh(this._e, this._re));
+      } else if (token === 'es') {
+        if (this._initiator) {
+          this._symmetricstate.mix_key(crypto.dh(this._e, this._rs));
+        } else {
+          this._symmetricstate.mix_key(crypto.dh(this._s, this._re));
+        }
+      } else if (token === 'se') {
+        if (this._initiator) {
+          this._symmetricstate.mix_key(crypto.dh(this._s, this._re));
+        } else {
+          this._symmetricstate.mix_key(crypto.dh(this._e, this._rs));
+        }
+      } else if (token === 'ss') {
+        this._symmetricstate.mix_key(crypto.dh(this._s, this._rs));
+      } else if (token === 'psk') {
+        this._symmetricstate.mix_key_and_hash(this._psks.shift());
+      } else {
+        throw new Error(`Unsupported token ${token} found in message_pattern`);
+      }
+    }
+    const res = this._symmetricstate.encrypt_and_hash(payload);
+    if (res && res.length) {
+      res.map(val => message_buffer.push(val));
+    }
+    if (this._message_patterns.length === 0) {
+      return this._symmetricstate.split();
+    }
+  }
+
+  read_message(message, payload_buffer) {
+    const message_pattern = this._message_patterns.shift();
+    let temp;
+    for (let i = 0; i < message_pattern.length; i++) {
+      const token = message_pattern[i];
+      console.debug('read_message', token);
+      if (token === 'e') {
+        this._re = message.slice(0, 32);
+        message = message.slice(32);
+        this._symmetricstate.mix_hash(this._re);
+        if (this._pskmode) {
+          this._symmetricstate.mix_key(this._re);
+        }
+      } else if (token === 's') {
+        if (this._symmetricstate.cipherstate_has_key()) {
+          temp = message.slice(0, 32 + 16);
+        } else {
+          temp = message.slice(0, 32);
+        }
+        message = message.slice(temp.length);
+        this._rs = this._symmetricstate.decrypt_and_hash(temp);
+      } else if (token === 'ee') {
+        this._symmetricstate.mix_key(crypto.dh(this._e, this._re));
+      } else if (token === 'es') {
+        if (this._initiator) {
+          this._symmetricstate.mix_key(crypto.dh(this._e, this._rs));
+        } else {
+          this._symmetricstate.mix_key(crypto.dh(this._s, this._re));
+        }
+      } else if (token === 'se') {
+        if (this._initiator) {
+          this._symmetricstate.mix_key(crypto.dh(this._s, this._re));
+        } else {
+          this._symmetricstate.mix_key(crypto.dh(this._e, this._rs));
+        }
+      } else if (token === 'ss') {
+        this._symmetricstate.mix_key(crypto.dh(this._s, this._rs));
+      } else if (token === 'psk') {
+        this._symmetricstate.mix_key_and_hash(this._psks.shift());
+      } else {
+        throw new Error(`Unsupported token ${token} found in message_pattern`);
+      }
+    }
+    const res = this._symmetricstate.decrypt_and_hash(message);
+    if (res && res.length) {
+      res.map(val => payload_buffer.push(val));
+    }
+    if (this._message_patterns.length === 0) {
+      return this._symmetricstate.split();
+    }
+  }
+}
+
+module.exports = HandshakeState;