signal-desktop/ts/util/uploadAttachment.ts

163 lines
4.5 KiB
TypeScript
Raw Normal View History

// Copyright 2023 Signal Messenger, LLC
// SPDX-License-Identifier: AGPL-3.0-only
2024-05-20 19:29:20 +00:00
import { createReadStream } from 'fs';
import type {
AttachmentWithHydratedData,
UploadedAttachmentType,
} from '../types/Attachment';
import { MIMETypeToString, supportsIncrementalMac } from '../types/MIME';
2024-05-20 19:29:20 +00:00
import { getRandomBytes } from '../Crypto';
import { strictAssert } from './assert';
2024-05-20 19:29:20 +00:00
import { backupsService } from '../services/backups';
import { tusUpload } from './uploads/tusProtocol';
import { defaultFileReader } from './uploads/uploads';
import type { AttachmentUploadFormResponseType } from '../textsecure/WebAPI';
2024-05-20 19:29:20 +00:00
import {
type EncryptedAttachmentV2,
encryptAttachmentV2ToDisk,
2024-08-19 20:05:35 +00:00
safeUnlink,
2024-05-20 19:29:20 +00:00
type PlaintextSourceType,
2024-05-29 23:46:43 +00:00
type HardcodedIVForEncryptionType,
2024-05-20 19:29:20 +00:00
} from '../AttachmentCrypto';
import { missingCaseError } from './missingCaseError';
import { uuidToBytes } from './uuidToBytes';
2024-05-20 19:29:20 +00:00
const CDNS_SUPPORTING_TUS = new Set([3]);
export async function uploadAttachment(
attachment: AttachmentWithHydratedData
): Promise<UploadedAttachmentType> {
const { server } = window.textsecure;
strictAssert(server, 'WebAPI must be initialized');
2024-05-20 19:29:20 +00:00
const keys = getRandomBytes(64);
const needIncrementalMac = supportsIncrementalMac(attachment.contentType);
2024-05-20 19:29:20 +00:00
const { cdnKey, cdnNumber, encrypted } = await encryptAndUploadAttachment({
keys,
needIncrementalMac,
plaintext: { data: attachment.data },
2024-05-20 19:29:20 +00:00
uploadType: 'standard',
});
const { blurHash, caption, clientUuid, fileName, flags, height, width } =
attachment;
return {
2023-05-04 20:58:53 +00:00
cdnKey,
2024-05-20 19:29:20 +00:00
cdnNumber,
clientUuid: clientUuid ? uuidToBytes(clientUuid) : undefined,
key: keys,
iv: encrypted.iv,
2024-05-20 19:29:20 +00:00
size: attachment.data.byteLength,
digest: encrypted.digest,
plaintextHash: encrypted.plaintextHash,
incrementalMac: encrypted.incrementalMac,
chunkSize: encrypted.chunkSize,
contentType: MIMETypeToString(attachment.contentType),
fileName,
flags,
width,
height,
caption,
blurHash,
isReencryptableToSameDigest: true,
};
}
2024-05-20 19:29:20 +00:00
export async function encryptAndUploadAttachment({
2024-05-29 23:46:43 +00:00
dangerousIv,
keys,
needIncrementalMac,
plaintext,
2024-05-20 19:29:20 +00:00
uploadType,
}: {
2024-05-29 23:46:43 +00:00
dangerousIv?: HardcodedIVForEncryptionType;
keys: Uint8Array;
needIncrementalMac: boolean;
plaintext: PlaintextSourceType;
2024-05-20 19:29:20 +00:00
uploadType: 'standard' | 'backup';
}): Promise<{
cdnKey: string;
cdnNumber: number;
encrypted: EncryptedAttachmentV2;
}> {
const { server } = window.textsecure;
strictAssert(server, 'WebAPI must be initialized');
let uploadForm: AttachmentUploadFormResponseType;
2024-05-20 19:29:20 +00:00
let absoluteCiphertextPath: string | undefined;
try {
switch (uploadType) {
case 'standard':
uploadForm = await server.getAttachmentUploadForm();
break;
case 'backup':
2024-10-10 17:29:33 +00:00
uploadForm = await backupsService.api.getMediaUploadForm();
2024-05-20 19:29:20 +00:00
break;
default:
throw missingCaseError(uploadType);
}
const encrypted = await encryptAttachmentV2ToDisk({
2024-05-29 23:46:43 +00:00
dangerousIv,
2024-07-11 19:44:09 +00:00
getAbsoluteAttachmentPath:
window.Signal.Migrations.getAbsoluteAttachmentPath,
keys,
needIncrementalMac,
plaintext,
2024-05-20 19:29:20 +00:00
});
absoluteCiphertextPath = window.Signal.Migrations.getAbsoluteAttachmentPath(
encrypted.path
);
await uploadFile({
absoluteCiphertextPath,
ciphertextFileSize: encrypted.ciphertextSize,
uploadForm,
});
return { cdnKey: uploadForm.key, cdnNumber: uploadForm.cdn, encrypted };
} finally {
if (absoluteCiphertextPath) {
2024-08-19 20:05:35 +00:00
await safeUnlink(absoluteCiphertextPath);
2024-05-20 19:29:20 +00:00
}
}
}
export async function uploadFile({
absoluteCiphertextPath,
ciphertextFileSize,
uploadForm,
}: {
absoluteCiphertextPath: string;
ciphertextFileSize: number;
uploadForm: AttachmentUploadFormResponseType;
2024-05-20 19:29:20 +00:00
}): Promise<void> {
const { server } = window.textsecure;
strictAssert(server, 'WebAPI must be initialized');
if (CDNS_SUPPORTING_TUS.has(uploadForm.cdn)) {
const fetchFn = server.createFetchForAttachmentUpload(uploadForm);
await tusUpload({
endpoint: uploadForm.signedUploadLocation,
// the upload form headers are already included in the created fetch function
headers: {},
fileName: uploadForm.key,
filePath: absoluteCiphertextPath,
fileSize: ciphertextFileSize,
reader: defaultFileReader,
fetchFn,
});
} else {
await server.putEncryptedAttachment(
2024-07-17 02:25:07 +00:00
(start, end) => createReadStream(absoluteCiphertextPath, { start, end }),
ciphertextFileSize,
2024-05-20 19:29:20 +00:00
uploadForm
);
}
}