signal-desktop/ts/textsecure/downloadAttachment.ts

181 lines
4.8 KiB
TypeScript
Raw Normal View History

2023-01-03 19:55:46 +00:00
// Copyright 2020 Signal Messenger, LLC
// SPDX-License-Identifier: AGPL-3.0-only
2024-02-05 23:17:28 +00:00
import { createWriteStream } from 'fs';
2024-03-18 18:38:52 +00:00
import { isNumber } from 'lodash';
import type { Readable } from 'stream';
import { Transform } from 'stream';
import { pipeline } from 'stream/promises';
import { ensureFile } from 'fs-extra';
import * as log from '../logging/log';
import * as Errors from '../types/errors';
import { strictAssert } from '../util/assert';
import { dropNull } from '../util/dropNull';
import {
AttachmentSizeError,
type AttachmentType,
type DownloadedAttachmentType,
} from '../types/Attachment';
import * as MIME from '../types/MIME';
import * as Bytes from '../Bytes';
2024-02-05 23:17:28 +00:00
import { getFirstBytes, decryptAttachmentV1 } from '../Crypto';
import {
decryptAttachmentV2,
2024-02-05 23:17:28 +00:00
getAttachmentDownloadSize,
safeUnlinkSync,
} from '../AttachmentCrypto';
import type { ProcessedAttachment } from './Types.d';
import type { WebAPIType } from './WebAPI';
import { createName, getRelativePath } from '../windows/attachments';
2024-03-21 20:02:12 +00:00
import { redactCdnKey } from '../util/privacy';
export function getCdn(attachment: ProcessedAttachment): string {
2024-02-05 23:17:28 +00:00
const { cdnId, cdnKey } = attachment;
const cdn = cdnId || cdnKey;
strictAssert(cdn, 'Attachment was missing cdnId or cdnKey');
return cdn;
}
export async function downloadAttachmentV1(
server: WebAPIType,
attachment: ProcessedAttachment,
options?: {
disableRetries?: boolean;
timeout?: number;
}
): Promise<DownloadedAttachmentType> {
2024-02-05 23:17:28 +00:00
const { cdnNumber, key, digest, size, contentType } = attachment;
const cdn = getCdn(attachment);
const encrypted = await server.getAttachment(
2024-02-05 23:17:28 +00:00
cdn,
dropNull(cdnNumber),
options
);
2024-02-05 23:17:28 +00:00
strictAssert(digest, 'Failure: Ask sender to update Signal and resend.');
strictAssert(key, 'attachment has no key');
const paddedData = decryptAttachmentV1(
encrypted,
2021-09-24 00:49:05 +00:00
Bytes.fromBase64(key),
Bytes.fromBase64(digest)
);
if (!isNumber(size)) {
throw new Error(
`downloadAttachment: Size was not provided, actual size was ${paddedData.byteLength}`
);
}
2021-09-24 00:49:05 +00:00
const data = getFirstBytes(paddedData, size);
return {
2023-10-04 00:09:31 +00:00
...attachment,
size,
contentType: contentType
2021-08-09 20:06:21 +00:00
? MIME.stringToMIMEType(contentType)
: MIME.APPLICATION_OCTET_STREAM,
data,
};
}
export async function downloadAttachmentV2(
server: WebAPIType,
attachment: ProcessedAttachment,
options?: {
disableRetries?: boolean;
timeout?: number;
}
): Promise<AttachmentType> {
2024-02-05 23:17:28 +00:00
const { cdnNumber, contentType, digest, key, size } = attachment;
const cdn = getCdn(attachment);
2024-03-21 20:02:12 +00:00
const logId = `downloadAttachmentV2(${redactCdnKey(cdn)}:`;
strictAssert(digest, `${logId}: missing digest`);
strictAssert(key, `${logId}: missing key`);
strictAssert(isNumber(size), `${logId}: missing size`);
const downloadStream = await server.getAttachmentV2(
cdn,
dropNull(cdnNumber),
options
);
const cipherTextRelativePath = await downloadToDisk({ downloadStream, size });
const cipherTextAbsolutePath =
window.Signal.Migrations.getAbsoluteAttachmentPath(cipherTextRelativePath);
const { path, plaintextHash } = await decryptAttachmentV2({
ciphertextPath: cipherTextAbsolutePath,
id: cdn,
keys: Bytes.fromBase64(key),
size,
theirDigest: Bytes.fromBase64(digest),
});
2024-02-05 23:17:28 +00:00
safeUnlinkSync(cipherTextAbsolutePath);
return {
2024-03-18 18:38:52 +00:00
...attachment,
path,
size,
contentType: contentType
? MIME.stringToMIMEType(contentType)
: MIME.APPLICATION_OCTET_STREAM,
plaintextHash,
};
}
async function downloadToDisk({
downloadStream,
size,
}: {
downloadStream: Readable;
size: number;
}): Promise<string> {
const relativeTargetPath = getRelativePath(createName());
const absoluteTargetPath =
window.Signal.Migrations.getAbsoluteAttachmentPath(relativeTargetPath);
await ensureFile(absoluteTargetPath);
const writeStream = createWriteStream(absoluteTargetPath);
2024-02-05 23:17:28 +00:00
const targetSize = getAttachmentDownloadSize(size);
try {
2024-02-05 23:17:28 +00:00
await pipeline(downloadStream, checkSize(targetSize), writeStream);
} catch (error) {
try {
2024-02-05 23:17:28 +00:00
safeUnlinkSync(absoluteTargetPath);
} catch (cleanupError) {
log.error(
'downloadToDisk: Error while cleaning up',
Errors.toLogFormat(cleanupError)
);
}
throw error;
}
return relativeTargetPath;
}
// A simple transform that throws if it sees more than maxBytes on the stream.
2024-02-05 23:17:28 +00:00
function checkSize(expectedBytes: number) {
let totalBytes = 0;
return new Transform({
transform(chunk, encoding, callback) {
totalBytes += chunk.byteLength;
if (totalBytes > expectedBytes) {
callback(
new AttachmentSizeError(
2024-02-05 23:17:28 +00:00
`checkSize: Received ${totalBytes} bytes, max is ${expectedBytes}, `
)
);
return;
}
2024-02-05 23:17:28 +00:00
this.push(chunk, encoding);
callback();
},
});
}