wiz0u/WTelegramClient
1
0
Fork 0
mirror of https://github.com/wiz0u/WTelegramClient.git synced 2026-01-04 07:39:58 +01:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Safety check on bareRpc <-> unencrypted

Browse source
This commit is contained in:
Wizou 2022-08-30 15:15:43 +02:00
parent ace31a3213
commit 983c9a4c6b
1 changed files with 14 additions and 15 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

29
src/Client.cs
View file

@ -370,10 +370,11 @@ namespace WTelegram
int length = reader.ReadInt32();
dataLen -= 20;
if (length > dataLen || length < dataLen - (_paddedMode ? 15 : 0))
throw new ApplicationException($"Unexpected unencrypted length {length} != {dataLen}");
throw new ApplicationException($"Unexpected unencrypted/padding length {dataLen} - {length}");
var obj = reader.ReadTLObject();
Helpers.Log(1, $"{_dcSession.DcID}>Receiving {obj.GetType().Name,-40} {MsgIdToStamp(msgId):u} clear{((msgId & 2) == 0 ? "" : " NAR")}");
if (_bareRpc == null) throw new ApplicationException("Shouldn't receive unencrypted packet at this point");
return obj;
}
else
@ -384,7 +385,7 @@ namespace WTelegram
_sha256Recv.TransformBlock(_dcSession.AuthKey, 96, 32, null, 0);
_sha256Recv.TransformFinalBlock(decrypted_data, 0, decrypted_data.Length);
if (!data.AsSpan(8, 16).SequenceEqual(_sha256Recv.Hash.AsSpan(8, 16)))
throw new ApplicationException($"Mismatch between MsgKey & decrypted SHA256");
throw new ApplicationException("Mismatch between MsgKey & decrypted SHA256");
_sha256Recv.Initialize();
using var reader = new TL.BinaryReader(new MemoryStream(decrypted_data), this);
var serverSalt = reader.ReadInt64(); // int64 salt
@ -412,7 +413,7 @@ namespace WTelegram
_dcSession.Salt = serverSalt;
_saltChangeCounter += 20; // counter is decreased by KeepAlive every minute (we have margin of 10)
if (_saltChangeCounter >= 30)
throw new ApplicationException($"Server salt changed too often! Security issue?");
throw new ApplicationException("Server salt changed too often! Security issue?");
}
if ((seqno & 1) != 0) lock (_msgsToAck) _msgsToAck.Add(msgId);
@ -558,6 +559,15 @@ namespace WTelegram
private async Task HandleMessageAsync(IObject obj)
{
if (_bareRpc != null)
{
var rpc = PullPendingRequest(_bareRpc.msgId);
if ((rpc?.type.IsAssignableFrom(obj.GetType())) != true)
throw new ApplicationException($"Received a {obj.GetType()} incompatible with expected bare {rpc?.type}");
_bareRpc = null;
rpc.tcs.SetResult(obj);
return;
}
switch (obj)
{
case MsgContainer container:
@ -634,18 +644,6 @@ namespace WTelegram
RaiseUpdate(obj);
break;
default:
if (_bareRpc != null)
{
var rpc = PullPendingRequest(_bareRpc.msgId);
if (rpc?.type.IsAssignableFrom(obj.GetType()) == true)
{
_bareRpc = null;
rpc.tcs.SetResult(obj);
break;
}
else
Helpers.Log(4, $"Received a {obj.GetType()} incompatible with expected bare {rpc?.type}");
}
RaiseUpdate(obj);
break;
}
@ -1067,6 +1065,7 @@ namespace WTelegram
if (_dcSession.AuthKeyID == 0) // send unencrypted message
{
if (_bareRpc == null) throw new ApplicationException($"Shouldn't send a {msg.GetType().Name} unencrypted");
writer.Write(0L); // int64 auth_key_id = 0 (Unencrypted)
writer.Write(msgId); // int64 message_id
writer.Write(0); // int32 message_data_length (to be patched)