diff --git a/lib/tunnelbroker/use-peer-to-peer-message-handler.js b/lib/tunnelbroker/use-peer-to-peer-message-handler.js --- a/lib/tunnelbroker/use-peer-to-peer-message-handler.js +++ b/lib/tunnelbroker/use-peer-to-peer-message-handler.js @@ -44,7 +44,7 @@ import { getMessageForException } from '../utils/errors.js'; import { hasHigherDeviceID, - OLM_SESSION_ERROR_PREFIX, + OLM_ERROR_FLAG, olmSessionErrors, } from '../utils/olm-utils.js'; import { getClientMessageIDFromTunnelbrokerMessageID } from '../utils/peer-to-peer-communication-utils.js'; @@ -314,7 +314,7 @@ ); if ( - !e.message?.includes(OLM_SESSION_ERROR_PREFIX) && + !e.message?.includes(OLM_ERROR_FLAG) && !e.message?.includes(olmSessionErrors.sessionDoesNotExist) ) { throw e; diff --git a/lib/utils/olm-utils.js b/lib/utils/olm-utils.js --- a/lib/utils/olm-utils.js +++ b/lib/utils/olm-utils.js @@ -104,6 +104,11 @@ } export const OLM_SESSION_ERROR_PREFIX = 'OLM_'; + +// this constant has to match olmErrorFlag constant +// in native/cpp/CommonCpp/CryptoTools/Session.cpp +export const OLM_ERROR_FLAG = 'OLM_ERROR'; + const olmSessionErrors = Object.freeze({ // Two clients send the session request to each other at the same time, // we choose which session to keep based on `deviceID`. diff --git a/native/cpp/CommonCpp/CryptoTools/Session.cpp b/native/cpp/CommonCpp/CryptoTools/Session.cpp --- a/native/cpp/CommonCpp/CryptoTools/Session.cpp +++ b/native/cpp/CommonCpp/CryptoTools/Session.cpp @@ -7,6 +7,10 @@ namespace comm { namespace crypto { +// this constant has to match OLM_ERROR_FLAG constant in +// lib/utils/olm-utils.js +static const std::string olmErrorFlag = "OLM_ERROR"; + OlmSession *Session::getOlmSession() { return reinterpret_cast(this->olmSessionBuffer.data()); } @@ -174,8 +178,8 @@ decryptedMessage.size()); if (decryptedSize == -1) { throw std::runtime_error{ - "error decrypt => " + std::string{::olm_session_last_error(session)} + - ". Hash: " + + "error decrypt => " + olmErrorFlag + " " + + std::string{::olm_session_last_error(session)} + ". Hash: " + std::string{messageHashBuffer.begin(), messageHashBuffer.end()}}; } return std::string{(char *)decryptedMessage.data(), decryptedSize}; diff --git a/web/shared-worker/worker/worker-crypto.js b/web/shared-worker/worker/worker-crypto.js --- a/web/shared-worker/worker/worker-crypto.js +++ b/web/shared-worker/worker/worker-crypto.js @@ -31,6 +31,7 @@ shouldForgetPrekey, shouldRotatePrekey, olmSessionErrors, + OLM_ERROR_FLAG, } from 'lib/utils/olm-utils.js'; import { getIdentityClient } from './identity-client.js'; @@ -611,10 +612,15 @@ throw new Error(olmSessionErrors.invalidSessionVersion); } - const result = olmSession.session.decrypt( - encryptedData.messageType, - encryptedData.message, - ); + let result; + try { + result = olmSession.session.decrypt( + encryptedData.messageType, + encryptedData.message, + ); + } catch (e) { + throw new Error(`error decrypt => ${OLM_ERROR_FLAG} ` + e.message); + } await persistCryptoStore(); @@ -642,10 +648,15 @@ throw new Error(olmSessionErrors.invalidSessionVersion); } - const result = olmSession.session.decrypt( - encryptedData.messageType, - encryptedData.message, - ); + let result; + try { + result = olmSession.session.decrypt( + encryptedData.messageType, + encryptedData.message, + ); + } catch (e) { + throw new Error(`error decrypt => ${OLM_ERROR_FLAG} ` + e.message); + } const sqliteQueryExecutor = getSQLiteQueryExecutor(); const dbModule = getDBModule(); @@ -703,10 +714,15 @@ ); contentAccount.remove_one_time_keys(session); - const initialEncryptedMessage = session.decrypt( - initialEncryptedData.messageType, - initialEncryptedData.message, - ); + let initialEncryptedMessage; + try { + initialEncryptedMessage = session.decrypt( + initialEncryptedData.messageType, + initialEncryptedData.message, + ); + } catch (e) { + throw new Error(`error decrypt => ${OLM_ERROR_FLAG} ` + e.message); + } contentSessions[contentIdentityKeys.ed25519] = { session,