download: add support for downloading to file

Author: tulir

download-to-file.go

@@ -0,0 +1,194 @@
+// Copyright (c) 2024 Tulir Asokan
+//
+// This Source Code Form is subject to the terms of the Mozilla Public
+// License, v. 2.0. If a copy of the MPL was not distributed with this
+// file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+package whatsmeow
+
+import (
+	"crypto/hmac"
+	"crypto/sha256"
+	"encoding/base64"
+	"errors"
+	"fmt"
+	"io"
+	"os"
+	"strings"
+	"time"
+
+	"go.mau.fi/util/fallocate"
+	"go.mau.fi/util/retryafter"
+
+	"go.mau.fi/whatsmeow/proto/waMediaTransport"
+	"go.mau.fi/whatsmeow/util/cbcutil"
+)
+
+type File interface {
+	io.Reader
+	io.Writer
+	io.Seeker
+	io.ReaderAt
+	io.WriterAt
+	Truncate(size int64) error
+	Stat() (os.FileInfo, error)
+}
+
+// DownloadToFile downloads the attachment from the given protobuf message.
+//
+// This is otherwise identical to [Download], but writes the attachment to a file instead of returning it as a byte slice.
+func (cli *Client) DownloadToFile(msg DownloadableMessage, file File) error {
+	mediaType, ok := classToMediaType[msg.ProtoReflect().Descriptor().Name()]
+	if !ok {
+		return fmt.Errorf("%w '%s'", ErrUnknownMediaType, string(msg.ProtoReflect().Descriptor().Name()))
+	}
+	urlable, ok := msg.(downloadableMessageWithURL)
+	var url string
+	var isWebWhatsappNetURL bool
+	if ok {
+		url = urlable.GetUrl()
+		isWebWhatsappNetURL = strings.HasPrefix(url, "https://web.whatsapp.net")
+	}
+	if len(url) > 0 && !isWebWhatsappNetURL {
+		return cli.downloadAndDecryptToFile(url, msg.GetMediaKey(), mediaType, getSize(msg), msg.GetFileEncSHA256(), msg.GetFileSHA256(), file)
+	} else if len(msg.GetDirectPath()) > 0 {
+		return cli.DownloadMediaWithPathToFile(msg.GetDirectPath(), msg.GetFileEncSHA256(), msg.GetFileSHA256(), msg.GetMediaKey(), getSize(msg), mediaType, mediaTypeToMMSType[mediaType], file)
+	} else {
+		if isWebWhatsappNetURL {
+			cli.Log.Warnf("Got a media message with a web.whatsapp.net URL (%s) and no direct path", url)
+		}
+		return ErrNoURLPresent
+	}
+}
+
+func (cli *Client) DownloadFBToFile(transport *waMediaTransport.WAMediaTransport_Integral, mediaType MediaType, file File) error {
+	return cli.DownloadMediaWithPathToFile(transport.GetDirectPath(), transport.GetFileEncSHA256(), transport.GetFileSHA256(), transport.GetMediaKey(), -1, mediaType, mediaTypeToMMSType[mediaType], file)
+}
+
+func (cli *Client) DownloadMediaWithPathToFile(directPath string, encFileHash, fileHash, mediaKey []byte, fileLength int, mediaType MediaType, mmsType string, file File) error {
+	mediaConn, err := cli.refreshMediaConn(false)
+	if err != nil {
+		return fmt.Errorf("failed to refresh media connections: %w", err)
+	}
+	if len(mmsType) == 0 {
+		mmsType = mediaTypeToMMSType[mediaType]
+	}
+	for i, host := range mediaConn.Hosts {
+		// TODO omit hash for unencrypted media?
+		mediaURL := fmt.Sprintf("https://%s%s&hash=%s&mms-type=%s&__wa-mms=", host.Hostname, directPath, base64.URLEncoding.EncodeToString(encFileHash), mmsType)
+		err = cli.downloadAndDecryptToFile(mediaURL, mediaKey, mediaType, fileLength, encFileHash, fileHash, file)
+		if err == nil || errors.Is(err, ErrFileLengthMismatch) || errors.Is(err, ErrInvalidMediaSHA256) {
+			return err
+		} else if i >= len(mediaConn.Hosts)-1 {
+			return fmt.Errorf("failed to download media from last host: %w", err)
+		}
+		// TODO there are probably some errors that shouldn't retry
+		cli.Log.Warnf("Failed to download media: %s, trying with next host...", err)
+	}
+	return err
+}
+
+func (cli *Client) downloadAndDecryptToFile(url string, mediaKey []byte, appInfo MediaType, fileLength int, fileEncSHA256, fileSHA256 []byte, file File) error {
+	iv, cipherKey, macKey, _ := getMediaKeys(mediaKey, appInfo)
+	hasher := sha256.New()
+	if mac, err := cli.downloadPossiblyEncryptedMediaWithRetriesToFile(url, fileEncSHA256, file); err != nil {
+		return err
+	} else if mediaKey == nil && fileEncSHA256 == nil && mac == nil {
+		// Unencrypted media, just return the downloaded data
+		return nil
+	} else if err = validateMediaFile(file, iv, macKey, mac); err != nil {
+		return err
+	} else if _, err = file.Seek(0, io.SeekStart); err != nil {
+		return fmt.Errorf("failed to seek to start of file after validating mac: %w", err)
+	} else if err = cbcutil.DecryptFile(cipherKey, iv, file); err != nil {
+		return fmt.Errorf("failed to decrypt file: %w", err)
+	} else if info, err := file.Stat(); err != nil {
+		return fmt.Errorf("failed to stat file: %w", err)
+	} else if info.Size() != int64(fileLength) {
+		return fmt.Errorf("%w: expected %d, got %d", ErrFileLengthMismatch, fileLength, info.Size())
+	} else if _, err = file.Seek(0, io.SeekStart); err != nil {
+		return fmt.Errorf("failed to seek to start of file after decrypting: %w", err)
+	} else if _, err = io.Copy(hasher, file); err != nil {
+		return fmt.Errorf("failed to hash file: %w", err)
+	} else if !hmac.Equal(fileSHA256, hasher.Sum(nil)) {
+		return ErrInvalidMediaSHA256
+	}
+	return nil
+}
+
+func (cli *Client) downloadPossiblyEncryptedMediaWithRetriesToFile(url string, checksum []byte, file File) (mac []byte, err error) {
+	for retryNum := 0; retryNum < 5; retryNum++ {
+		if checksum == nil {
+			_, _, err = cli.downloadMediaToFile(url, file)
+		} else {
+			mac, err = cli.downloadEncryptedMediaToFile(url, checksum, file)
+		}
+		if err == nil || !shouldRetryMediaDownload(err) {
+			return
+		}
+		retryDuration := time.Duration(retryNum+1) * time.Second
+		var httpErr DownloadHTTPError
+		if errors.As(err, &httpErr) {
+			retryDuration = retryafter.Parse(httpErr.Response.Header.Get("Retry-After"), retryDuration)
+		}
+		cli.Log.Warnf("Failed to download media due to network error: %v, retrying in %s...", err, retryDuration)
+		time.Sleep(retryDuration)
+	}
+	return
+}
+
+func (cli *Client) downloadMediaToFile(url string, file io.Writer) (int64, []byte, error) {
+	resp, err := cli.doMediaDownloadRequest(url)
+	if err != nil {
+		return 0, nil, err
+	}
+	defer resp.Body.Close()
+	osFile, ok := file.(*os.File)
+	if ok && resp.ContentLength > 0 {
+		err = fallocate.Fallocate(osFile, int(resp.ContentLength))
+		if err != nil {
+			return 0, nil, fmt.Errorf("failed to preallocate file: %w", err)
+		}
+	}
+	hasher := sha256.New()
+	n, err := io.Copy(file, io.TeeReader(resp.Body, hasher))
+	return n, hasher.Sum(nil), err
+}
+
+func (cli *Client) downloadEncryptedMediaToFile(url string, checksum []byte, file File) ([]byte, error) {
+	size, hash, err := cli.downloadMediaToFile(url, file)
+	if err != nil {
+		return nil, err
+	} else if size <= mediaHMACLength {
+		return nil, ErrTooShortFile
+	} else if len(checksum) == 32 && !hmac.Equal(checksum, hash) {
+		return nil, ErrInvalidMediaEncSHA256
+	}
+	mac := make([]byte, mediaHMACLength)
+	_, err = file.ReadAt(mac, size-mediaHMACLength)
+	if err != nil {
+		return nil, fmt.Errorf("failed to read MAC from file: %w", err)
+	}
+	err = file.Truncate(size - mediaHMACLength)
+	if err != nil {
+		return nil, fmt.Errorf("failed to truncate file to remove MAC: %w", err)
+	}
+	return mac, nil
+}
+
+func validateMediaFile(file io.ReadSeeker, iv, macKey, mac []byte) error {
+	h := hmac.New(sha256.New, macKey)
+	h.Write(iv)
+	_, err := file.Seek(0, io.SeekStart)
+	if err != nil {
+		return fmt.Errorf("failed to seek to start of file: %w", err)
+	}
+	_, err = io.Copy(h, file)
+	if err != nil {
+		return fmt.Errorf("failed to hash file: %w", err)
+	}
+	if !hmac.Equal(h.Sum(nil)[:mediaHMACLength], mac) {
+		return ErrInvalidMediaHMAC
+	}
+	return nil
+}

download.go

@@ -288,13 +288,13 @@ func (cli *Client) downloadPossiblyEncryptedMediaWithRetries(url string, checksu
 		if errors.As(err, &httpErr) {
 			retryDuration = retryafter.Parse(httpErr.Response.Header.Get("Retry-After"), retryDuration)
 		}
-		cli.Log.Warnf("Failed to download media due to network error: %w, retrying in %s...", err, retryDuration)
+		cli.Log.Warnf("Failed to download media due to network error: %v, retrying in %s...", err, retryDuration)
 		time.Sleep(retryDuration)
 	}
 	return
 }
 
-func (cli *Client) downloadMedia(url string) ([]byte, error) {
+func (cli *Client) doMediaDownloadRequest(url string) (*http.Response, error) {
 	req, err := http.NewRequest(http.MethodGet, url, nil)
 	if err != nil {
 		return nil, fmt.Errorf("failed to prepare request: %w", err)
@@ -309,22 +309,34 @@ func (cli *Client) downloadMedia(url string) ([]byte, error) {
 	if err != nil {
 		return nil, err
 	}
-	defer resp.Body.Close()
 	if resp.StatusCode != http.StatusOK {
+		_ = resp.Body.Close()
 		return nil, DownloadHTTPError{Response: resp}
 	}
-	return io.ReadAll(resp.Body)
+	return resp, nil
+}
+
+func (cli *Client) downloadMedia(url string) ([]byte, error) {
+	resp, err := cli.doMediaDownloadRequest(url)
+	if err != nil {
+		return nil, err
+	}
+	data, err := io.ReadAll(resp.Body)
+	_ = resp.Body.Close()
+	return data, err
 }
 
+const mediaHMACLength = 10
+
 func (cli *Client) downloadEncryptedMedia(url string, checksum []byte) (file, mac []byte, err error) {
 	data, err := cli.downloadMedia(url)
 	if err != nil {
 		return
-	} else if len(data) <= 10 {
+	} else if len(data) <= mediaHMACLength {
 		err = ErrTooShortFile
 		return
 	}
-	file, mac = data[:len(data)-10], data[len(data)-10:]
+	file, mac = data[:len(data)-mediaHMACLength], data[len(data)-mediaHMACLength:]
 	if len(checksum) == 32 && sha256.Sum256(data) != *(*[32]byte)(checksum) {
 		err = ErrInvalidMediaEncSHA256
 	}
@@ -335,7 +347,7 @@ func validateMedia(iv, file, macKey, mac []byte) error {
 	h := hmac.New(sha256.New, macKey)
 	h.Write(iv)
 	h.Write(file)
-	if !hmac.Equal(h.Sum(nil)[:10], mac) {
+	if !hmac.Equal(h.Sum(nil)[:mediaHMACLength], mac) {
 		return ErrInvalidMediaHMAC
 	}
 	return nil

util/cbcutil/cbc.go

@@ -24,33 +24,86 @@ import (
 	"errors"
 	"fmt"
 	"io"
+	"os"
 )
 
 /*
 Decrypt is a function that decrypts a given cipher text with a provided key and initialization vector(iv).
 */
 func Decrypt(key, iv, ciphertext []byte) ([]byte, error) {
 	block, err := aes.NewCipher(key)
-
 	if err != nil {
 		return nil, err
-	}
-
-	if len(ciphertext) < aes.BlockSize {
+	} else if len(ciphertext) < aes.BlockSize {
 		return nil, fmt.Errorf("ciphertext is shorter then block size: %d / %d", len(ciphertext), aes.BlockSize)
 	}
 
-	if iv == nil {
-		iv = ciphertext[:aes.BlockSize]
-		ciphertext = ciphertext[aes.BlockSize:]
-	}
-
 	cbc := cipher.NewCBCDecrypter(block, iv)
 	cbc.CryptBlocks(ciphertext, ciphertext)
 
 	return unpad(ciphertext)
 }
 
+type File interface {
+	io.Reader
+	io.WriterAt
+	Truncate(size int64) error
+	Stat() (os.FileInfo, error)
+}
+
+func DecryptFile(key, iv []byte, file File) error {
+	block, err := aes.NewCipher(key)
+	if err != nil {
+		return err
+	}
+	cbc := cipher.NewCBCDecrypter(block, iv)
+	stat, err := file.Stat()
+	if err != nil {
+		return fmt.Errorf("failed to stat file: %w", err)
+	}
+	fileSize := stat.Size()
+	if fileSize%aes.BlockSize != 0 {
+		return fmt.Errorf("file size is not a multiple of the block size: %d / %d", fileSize, aes.BlockSize)
+	}
+
+	var bufSize int64 = 32 * 1024
+	if fileSize < bufSize {
+		bufSize = fileSize
+	}
+	buf := make([]byte, bufSize)
+	var writePtr int64
+	var lastByte byte
+	for writePtr < fileSize {
+		if writePtr+bufSize > fileSize {
+			buf = buf[:fileSize-writePtr]
+		}
+		var n int
+		n, err = io.ReadFull(file, buf)
+		if err != nil {
+			return fmt.Errorf("failed to read file: %w", err)
+		} else if n != len(buf) {
+			return fmt.Errorf("failed to read full buffer: %d / %d", n, len(buf))
+		}
+		cbc.CryptBlocks(buf, buf)
+		n, err = file.WriteAt(buf, writePtr)
+		if err != nil {
+			return fmt.Errorf("failed to write file: %w", err)
+		} else if n != len(buf) {
+			return fmt.Errorf("failed to write full buffer: %d / %d", n, len(buf))
+		}
+		writePtr += int64(len(buf))
+		lastByte = buf[len(buf)-1]
+	}
+	if int64(lastByte) > fileSize {
+		return fmt.Errorf("padding is greater then the length: %d / %d", lastByte, fileSize)
+	}
+	err = file.Truncate(fileSize - int64(lastByte))
+	if err != nil {
+		return fmt.Errorf("failed to truncate file to remove padding: %w", err)
+	}
+	return nil
+}
+
 /*
 Encrypt is a function that encrypts plaintext with a given key and an optional initialization vector(iv).
 */