fix: update inbound message validation

packages/core/src/agent/MessageReceiver.ts

@@ -11,6 +11,7 @@ import { AriesFrameworkError } from '../error'
 import { ConnectionRepository } from '../modules/connections'
 import { DidRepository } from '../modules/dids/repository/DidRepository'
 import { ProblemReportError, ProblemReportMessage, ProblemReportReason } from '../modules/problem-reports'
+import { isValidJweStructure } from '../utils/JWE'
 import { JsonTransformer } from '../utils/JsonTransformer'
 import { MessageValidator } from '../utils/MessageValidator'
 import { replaceLegacyDidSovPrefixOnMessage } from '../utils/messageType'
@@ -66,11 +67,12 @@ export class MessageReceiver {
    */
   public async receiveMessage(inboundMessage: unknown, session?: TransportSession) {
     this.logger.debug(`Agent ${this.config.label} received message`)
-
-    if (this.isPlaintextMessage(inboundMessage)) {
+    if (this.isEncryptedMessage(inboundMessage)) {
+      await this.receiveEncryptedMessage(inboundMessage as EncryptedMessage, session)
+    } else if (this.isPlaintextMessage(inboundMessage)) {
       await this.receivePlaintextMessage(inboundMessage)
     } else {
-      await this.receiveEncryptedMessage(inboundMessage as EncryptedMessage, session)
+      throw new AriesFrameworkError('Unable to parse incoming message: unrecognized format')
     }
   }
 
@@ -143,12 +145,17 @@ export class MessageReceiver {
 
   private isPlaintextMessage(message: unknown): message is PlaintextMessage {
     if (typeof message !== 'object' || message == null) {
-      throw new AriesFrameworkError('Invalid message received. Message should be object')
+      return false
     }
-    // If the message does have an @type field we assume the message is in plaintext and it is not encrypted.
+    // If the message has a @type field we assume the message is in plaintext and it is not encrypted.
     return '@type' in message
   }
 
+  private isEncryptedMessage(message: unknown): message is EncryptedMessage {
+    // If the message does has valid JWE structure, we can assume the message is encrypted.
+    return isValidJweStructure(message)
+  }
+
   private async transformAndValidate(
     plaintextMessage: PlaintextMessage,
     connection?: ConnectionRecord | null

packages/core/src/transport/HttpOutboundTransport.ts

@@ -8,7 +8,7 @@ import { AbortController } from 'abort-controller'
 
 import { AgentConfig } from '../agent/AgentConfig'
 import { AriesFrameworkError } from '../error/AriesFrameworkError'
-import { isValidJweStucture, JsonEncoder } from '../utils'
+import { isValidJweStructure, JsonEncoder } from '../utils'
 
 export class HttpOutboundTransport implements OutboundTransport {
   private agent!: Agent
@@ -78,7 +78,7 @@ export class HttpOutboundTransport implements OutboundTransport {
 
         try {
           const encryptedMessage = JsonEncoder.fromString(responseMessage)
-          if (!isValidJweStucture(encryptedMessage)) {
+          if (!isValidJweStructure(encryptedMessage)) {
             this.logger.error(
               `Received a response from the other agent but the structure of the incoming message is not a DIDComm message: ${responseMessage}`
             )

packages/core/src/transport/WsOutboundTransport.ts

@@ -8,7 +8,7 @@ import type WebSocket from 'ws'
 import { AgentConfig } from '../agent/AgentConfig'
 import { EventEmitter } from '../agent/EventEmitter'
 import { AriesFrameworkError } from '../error/AriesFrameworkError'
-import { isValidJweStucture, JsonEncoder } from '../utils'
+import { isValidJweStructure, JsonEncoder } from '../utils'
 import { Buffer } from '../utils/buffer'
 
 import { TransportEventTypes } from './TransportEventTypes'
@@ -103,7 +103,7 @@ export class WsOutboundTransport implements OutboundTransport {
   private handleMessageEvent = (event: any) => {
     this.logger.trace('WebSocket message event received.', { url: event.target.url, data: event.data })
     const payload = JsonEncoder.fromBuffer(event.data)
-    if (!isValidJweStucture(payload)) {
+    if (!isValidJweStructure(payload)) {
       throw new Error(
         `Received a response from the other agent but the structure of the incoming message is not a DIDComm message: ${payload}`
       )

packages/core/src/utils/JWE.ts

@@ -1,6 +1,6 @@
 import type { EncryptedMessage } from '../types'
 
 // eslint-disable-next-line @typescript-eslint/no-explicit-any
-export function isValidJweStucture(message: any): message is EncryptedMessage {
+export function isValidJweStructure(message: any): message is EncryptedMessage {
   return message && typeof message === 'object' && message.protected && message.iv && message.ciphertext && message.tag
 }

packages/core/src/utils/__tests__/JWE.test.ts

@@ -1,9 +1,9 @@
-import { isValidJweStucture } from '../JWE'
+import { isValidJweStructure } from '../JWE'
 
 describe('ValidJWEStructure', () => {
   test('throws error when the response message has an invalid JWE structure', async () => {
     const responseMessage = 'invalid JWE structure'
-    await expect(isValidJweStucture(responseMessage)).toBeFalsy()
+    await expect(isValidJweStructure(responseMessage)).toBeFalsy()
   })
 
   test('valid JWE structure', async () => {
@@ -14,6 +14,6 @@ describe('ValidJWEStructure', () => {
       ciphertext: 'mwRMpVg9wkF4rIZcBeWLcc0fWhs=',
       tag: '0yW0Lx8-vWevj3if91R06g==',
     }
-    await expect(isValidJweStucture(responseMessage)).toBeTruthy()
+    await expect(isValidJweStructure(responseMessage)).toBeTruthy()
   })
 })