keejef
/
session-desktop
mirror of https://github.com/oxen-io/session-desktop
2
0
Fork 0
Code Issues 8 Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
unstable
feature/update-crowdin-translations
master
audit2
show
audit
v1.9.1
v1.9.0
v1.8.6
v1.8.5
v1.8.4
v1.8.3
v1.8.2
v1.8.1
v1.8.0
v1.7.9
v1.7.8
v1.7.7
v1.7.6
v1.7.5
v1.7.4
v1.7.3
v1.7.2
v1.7.1
v1.7.0
v1.6.9
v1.6.8
v1.6.7
v1.6.6
v1.6.5
v1.6.4
v1.6.3
v1.6.2
v1.6.11
v1.6.10
v1.6.1
v1.6.0
v1.5.5
v1.5.4
v1.5.3
v1.5.2
v1.5.1
v1.5.0
v1.4.9
v1.4.8
v1.4.7
v1.4.6
v1.4.5
v1.4.4
v1.4.3
v1.4.2
v1.4.11
v1.4.10
v1.4.1
v1.4.0
v1.3.1
v1.3.0
v1.2.1
v1.2.0
v1.14.3
v1.14.2
v1.14.1
v1.14.0
v1.13.2
v1.13.1
v1.13.0
v1.12.5
v1.12.4
v1.12.3
v1.12.2
v1.12.1
v1.12.0
v1.11.5
v1.11.4
v1.11.3
v1.11.2
v1.11.1
v1.11.0
v1.10.8
v1.10.7
v1.10.6
v1.10.5
v1.10.4
v1.10.3
v1.10.2
v1.10.1
v1.10.0
v1.1.2
v1.1.1
v1.0.9
v1.0.8
v1.0.7
v1.0.6
v1.0.5
v1.0.4
v1.0.3
v1.0.2
v1.0.1
v1.0.0
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'cf6a5b3446'
${ noResults }
session-desktop/ts/session/crypto/DecryptedAttachmentsManager.ts

151 lines
5.0 KiB
TypeScript
Raw Blame History

/**
* This file handles attachments for us.
* If the attachment filepath is an encrypted one. It will decrypt it, cache it, and return the blob url to it.
* An interval is run from time to time to cleanup old blobs loaded and not needed anymore (based on last access timestamp).
*
*
*/
import * as fse from 'fs-extra';
import { decryptAttachmentBuffer } from '../../types/Attachment';
import { DURATION } from '../constants';
import { makeObjectUrl, urlToBlob } from '../../types/attachments/VisualAttachment';
import { getAttachmentPath } from '../../types/MessageAttachment';
const urlToDecryptedBlobMap = new Map<
string,
{ decrypted: string; lastAccessTimestamp: number; forceRetain: boolean }
>();
const urlToDecryptingPromise = new Map<string, Promise<string>>();
export const cleanUpOldDecryptedMedias = () => {
const currentTimestamp = Date.now();
let countCleaned = 0;
let countKept = 0;
let keptAsAvatars = 0;
window?.log?.info('Starting cleaning of medias blobs...');
for (const iterator of urlToDecryptedBlobMap) {
if (
iterator[1].forceRetain &&
iterator[1].lastAccessTimestamp < currentTimestamp - DURATION.DAYS * 7
) {
// keep forceRetained items for at most 7 days
keptAsAvatars++;
} else if (iterator[1].lastAccessTimestamp < currentTimestamp - DURATION.HOURS * 1) {
// if the last access is older than one hour, revoke the url and remove it.
URL.revokeObjectURL(iterator[1].decrypted);
urlToDecryptedBlobMap.delete(iterator[0]);
countCleaned++;
} else {
countKept++;
}
}
window?.log?.info(
`Clean medias blobs: cleaned/kept/keptAsAvatars: ${countCleaned}:${countKept}:${keptAsAvatars}`
);
};
export const getDecryptedMediaUrl = async (
url: string,
contentType: string,
isAvatar: boolean
): Promise<string> => {
if (!url) {
return url;
}
if (url.startsWith('blob:')) {
return url;
} else if (getAttachmentPath() && url.startsWith(getAttachmentPath())) {
// this is a file encoded by session on our current attachments path.
// we consider the file is encrypted.
// if it's not, the hook caller has to fallback to setting the img src as an url to the file instead and load it
if (urlToDecryptedBlobMap.has(url)) {
// refresh the last access timestamp so we keep the one being currently in use
const existing = urlToDecryptedBlobMap.get(url);
const existingObjUrl = existing?.decrypted as string;
urlToDecryptedBlobMap.set(url, {
decrypted: existingObjUrl,
lastAccessTimestamp: Date.now(),
forceRetain: existing?.forceRetain || false,
});
// typescript does not realize that the has above makes sure the get is not undefined
return existingObjUrl;
} else {
if (urlToDecryptingPromise.has(url)) {
return urlToDecryptingPromise.get(url) as Promise<string>;
}
urlToDecryptingPromise.set(
url,
new Promise(async resolve => {
window.log.info('about to read and decrypt file :', url);
try {
const encryptedFileContent = await fse.readFile(url);
const decryptedContent = await decryptAttachmentBuffer(encryptedFileContent.buffer);
if (decryptedContent?.length) {
const arrayBuffer = decryptedContent.buffer;
const obj = makeObjectUrl(arrayBuffer, contentType);
if (!urlToDecryptedBlobMap.has(url)) {
urlToDecryptedBlobMap.set(url, {
decrypted: obj,
lastAccessTimestamp: Date.now(),
forceRetain: isAvatar,
});
}
window.log.info(' file decrypted :', url, ' as ', obj);
urlToDecryptingPromise.delete(url);
resolve(obj);
return;
} else {
// failed to decrypt, fallback to url image loading
// it might be a media we received before the update encrypting attachments locally.
urlToDecryptingPromise.delete(url);
window.log.info('error decrypting file :', url);
resolve(url);
return;
}
} catch (e) {
window.log.warn(e);
}
})
);
return urlToDecryptingPromise.get(url) as Promise<string>;
}
} else {
// Not sure what we got here. Just return the file.
return url;
}
};
/**
*
* Returns the already decrypted URL or null
*/
export const getAlreadyDecryptedMediaUrl = (url: string): string | null => {
if (!url) {
return null;
}
if (url.startsWith('blob:')) {
return url;
} else if (getAttachmentPath() && url.startsWith(getAttachmentPath())) {
if (urlToDecryptedBlobMap.has(url)) {
const existingObjUrl = urlToDecryptedBlobMap.get(url)?.decrypted as string;
return existingObjUrl;
}
}
return null;
};
export const getDecryptedBlob = async (url: string, contentType: string): Promise<Blob> => {
const decryptedUrl = await getDecryptedMediaUrl(url, contentType, false);
return urlToBlob(decryptedUrl);
};
Reference in New Issue View Git Blame Copy Permalink