From 7054268b14aff69dec7c6b8d570fba69cb57cdf6 Mon Sep 17 00:00:00 2001
From: Audric Ackermann <audric@loki.network>
Date: Fri, 11 Sep 2020 16:32:26 +1000
Subject: [PATCH] use source from decoded content and not envelope on ssk

---
 ts/receiver/contentMessage.ts       | 19 +++++++++++++++----
 ts/session/sending/MessageSender.ts | 13 +++++++++++--
 2 files changed, 26 insertions(+), 6 deletions(-)

diff --git a/ts/receiver/contentMessage.ts b/ts/receiver/contentMessage.ts
index 87439cb82..4425a528c 100644
--- a/ts/receiver/contentMessage.ts
+++ b/ts/receiver/contentMessage.ts
@@ -18,6 +18,7 @@ import ByteBuffer from 'bytebuffer';
 import { BlockedNumberController } from '../util/blockedNumberController';
 import { decryptWithSenderKey } from '../session/medium_group/ratchet';
 import { StringUtils } from '../session/utils';
+import { UserUtil } from '../util';
 
 export async function handleContentMessage(envelope: EnvelopePlus) {
   const plaintext = await decrypt(envelope, envelope.content);
@@ -46,8 +47,6 @@ async function decryptForMediumGroup(
     throw new Error(`Secret key is empty for group ${groupId}!`);
   }
 
-  const { senderIdentity } = envelope;
-
   const {
     ciphertext: outerCiphertext,
     ephemeralKey,
@@ -64,15 +63,27 @@ async function decryptForMediumGroup(
     outerCiphertext
   );
 
-  const { ciphertext, keyIdx } = SignalService.MediumGroupCiphertext.decode(
+  const {
+    source,
+    ciphertext,
+    keyIdx,
+  } = SignalService.MediumGroupCiphertext.decode(
     new Uint8Array(mediumGroupCiphertext)
   );
+  const ourNumber = (await UserUtil.getCurrentDevicePubKey()) as string;
+
+  if (source === ourNumber) {
+    window.console.info(
+      'Dropping message from ourself after decryptForMediumGroup'
+    );
+    return;
+  }
 
   const plaintext = await decryptWithSenderKey(
     ciphertext,
     keyIdx,
     groupId,
-    senderIdentity
+    source
   );
 
   return plaintext;
diff --git a/ts/session/sending/MessageSender.ts b/ts/session/sending/MessageSender.ts
index 1477e25ce..6d28cbcb9 100644
--- a/ts/session/sending/MessageSender.ts
+++ b/ts/session/sending/MessageSender.ts
@@ -39,7 +39,12 @@ export async function send(
     plainTextBuffer,
     encryption
   );
-  const envelope = await buildEnvelope(envelopeType, timestamp, cipherText);
+  const envelope = await buildEnvelope(
+    envelopeType,
+    device.key,
+    timestamp,
+    cipherText
+  );
   const data = wrapEnvelope(envelope);
 
   return pRetry(
@@ -54,11 +59,15 @@ export async function send(
 
 async function buildEnvelope(
   type: SignalService.Envelope.Type,
+  sskSource: string | undefined,
   timestamp: number,
   content: Uint8Array
 ): Promise<SignalService.Envelope> {
   let source: string | undefined;
-  if (type !== SignalService.Envelope.Type.UNIDENTIFIED_SENDER) {
+
+  if (type === SignalService.Envelope.Type.MEDIUM_GROUP_CIPHERTEXT) {
+    source = sskSource;
+  } else if (type !== SignalService.Envelope.Type.UNIDENTIFIED_SENDER) {
     source = await UserUtil.getCurrentDevicePubKey();
   }