UNPKG

matrix-react-sdk

Version:

SDK for matrix.org using React

github.com/element-hq/matrix-react-sdk

element-hq/matrix-react-sdk

83 lines (77 loc) 9.54 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
"use strict"; var _interopRequireDefault = require("@babel/runtime/helpers/interopRequireDefault"); Object.defineProperty(exports, "__esModule", { value: true }); exports.DownloadError = exports.DecryptError = void 0; exports.decryptFile = decryptFile; var _matrixEncryptAttachment = _interopRequireDefault(require("matrix-encrypt-attachment")); var _matrix = require("matrix-js-sdk/src/matrix"); var _Media = require("../customisations/Media"); var _blobs = require("./blobs"); /* Copyright 2024 New Vector Ltd. Copyright 2016-2018 , 2021 The Matrix.org Foundation C.I.C. SPDX-License-Identifier: AGPL-3.0-only OR GPL-3.0-only Please see LICENSE files in the repository root for full details. */ // Pull in the encryption lib so that we can decrypt attachments. class DownloadError extends Error { constructor(e) { super(e.message); this.name = "DownloadError"; this.stack = e.stack; } } exports.DownloadError = DownloadError; class DecryptError extends Error { constructor(e) { super(e.message); this.name = "DecryptError"; this.stack = e.stack; } } /** * Decrypt a file attached to a matrix event. * @param {EncryptedFile} file The encrypted file information taken from the matrix event. * This passed to [link]{@link https://github.com/matrix-org/matrix-encrypt-attachment} * as the encryption info object, so will also have the those keys in addition to * the keys below. * @param {MediaEventInfo} info The info parameter taken from the matrix event. * @returns {Promise<Blob>} Resolves to a Blob of the file. */ exports.DecryptError = DecryptError; async function decryptFile(file, info) { // throws if file is falsy const media = (0, _Media.mediaFromContent)({ file }); let responseData; try { // Download the encrypted file as an array buffer. const response = await media.downloadSource(); if (!response.ok) { throw (0, _matrix.parseErrorResponse)(response, await response.text()); } responseData = await response.arrayBuffer(); } catch (e) { throw new DownloadError(e); } try { // Decrypt the array buffer using the information taken from the event content. const dataArray = await _matrixEncryptAttachment.default.decryptAttachment(responseData, file); // Turn the array into a Blob and give it the correct MIME-type. // IMPORTANT: we must not allow scriptable mime-types into Blobs otherwise // they introduce XSS attacks if the Blob URI is viewed directly in the // browser (e.g. by copying the URI into a new tab or window.) // See warning at top of file. let mimetype = info?.mimetype ? info.mimetype.split(";")[0].trim() : ""; mimetype = (0, _blobs.getBlobSafeMimeType)(mimetype); return new Blob([dataArray], { type: mimetype }); } catch (e) { throw new DecryptError(e); } } //# sourceMappingURL=data:application/json;charset=utf-8;base64,eyJ2ZXJzaW9uIjozLCJuYW1lcyI6WyJfbWF0cml4RW5jcnlwdEF0dGFjaG1lbnQiLCJfaW50ZXJvcFJlcXVpcmVEZWZhdWx0IiwicmVxdWlyZSIsIl9tYXRyaXgiLCJfTWVkaWEiLCJfYmxvYnMiLCJEb3dubG9hZEVycm9yIiwiRXJyb3IiLCJjb25zdHJ1Y3RvciIsImUiLCJtZXNzYWdlIiwibmFtZSIsInN0YWNrIiwiZXhwb3J0cyIsIkRlY3J5cHRFcnJvciIsImRlY3J5cHRGaWxlIiwiZmlsZSIsImluZm8iLCJtZWRpYSIsIm1lZGlhRnJvbUNvbnRlbnQiLCJyZXNwb25zZURhdGEiLCJyZXNwb25zZSIsImRvd25sb2FkU291cmNlIiwib2siLCJwYXJzZUVycm9yUmVzcG9uc2UiLCJ0ZXh0IiwiYXJyYXlCdWZmZXIiLCJkYXRhQXJyYXkiLCJlbmNyeXB0IiwiZGVjcnlwdEF0dGFjaG1lbnQiLCJtaW1ldHlwZSIsInNwbGl0IiwidHJpbSIsImdldEJsb2JTYWZlTWltZVR5cGUiLCJCbG9iIiwidHlwZSJdLCJzb3VyY2VzIjpbIi4uLy4uL3NyYy91dGlscy9EZWNyeXB0RmlsZS50cyJdLCJzb3VyY2VzQ29udGVudCI6WyIvKlxuQ29weXJpZ2h0IDIwMjQgTmV3IFZlY3RvciBMdGQuXG5Db3B5cmlnaHQgMjAxNi0yMDE4ICwgMjAyMSBUaGUgTWF0cml4Lm9yZyBGb3VuZGF0aW9uIEMuSS5DLlxuXG5TUERYLUxpY2Vuc2UtSWRlbnRpZmllcjogQUdQTC0zLjAtb25seSBPUiBHUEwtMy4wLW9ubHlcblBsZWFzZSBzZWUgTElDRU5TRSBmaWxlcyBpbiB0aGUgcmVwb3NpdG9yeSByb290IGZvciBmdWxsIGRldGFpbHMuXG4qL1xuXG4vLyBQdWxsIGluIHRoZSBlbmNyeXB0aW9uIGxpYiBzbyB0aGF0IHdlIGNhbiBkZWNyeXB0IGF0dGFjaG1lbnRzLlxuaW1wb3J0IGVuY3J5cHQgZnJvbSBcIm1hdHJpeC1lbmNyeXB0LWF0dGFjaG1lbnRcIjtcbmltcG9ydCB7IHBhcnNlRXJyb3JSZXNwb25zZSB9IGZyb20gXCJtYXRyaXgtanMtc2RrL3NyYy9tYXRyaXhcIjtcbmltcG9ydCB7IEVuY3J5cHRlZEZpbGUsIE1lZGlhRXZlbnRJbmZvIH0gZnJvbSBcIm1hdHJpeC1qcy1zZGsvc3JjL3R5cGVzXCI7XG5cbmltcG9ydCB7IG1lZGlhRnJvbUNvbnRlbnQgfSBmcm9tIFwiLi4vY3VzdG9taXNhdGlvbnMvTWVkaWFcIjtcbmltcG9ydCB7IGdldEJsb2JTYWZlTWltZVR5cGUgfSBmcm9tIFwiLi9ibG9ic1wiO1xuXG5leHBvcnQgY2xhc3MgRG93bmxvYWRFcnJvciBleHRlbmRzIEVycm9yIHtcbiAgICBwdWJsaWMgY29uc3RydWN0b3IoZTogRXJyb3IpIHtcbiAgICAgICAgc3VwZXIoZS5tZXNzYWdlKTtcbiAgICAgICAgdGhpcy5uYW1lID0gXCJEb3dubG9hZEVycm9yXCI7XG4gICAgICAgIHRoaXMuc3RhY2sgPSBlLnN0YWNrO1xuICAgIH1cbn1cblxuZXhwb3J0IGNsYXNzIERlY3J5cHRFcnJvciBleHRlbmRzIEVycm9yIHtcbiAgICBwdWJsaWMgY29uc3RydWN0b3IoZTogRXJyb3IpIHtcbiAgICAgICAgc3VwZXIoZS5tZXNzYWdlKTtcbiAgICAgICAgdGhpcy5uYW1lID0gXCJEZWNyeXB0RXJyb3JcIjtcbiAgICAgICAgdGhpcy5zdGFjayA9IGUuc3RhY2s7XG4gICAgfVxufVxuXG4vKipcbiAqIERlY3J5cHQgYSBmaWxlIGF0dGFjaGVkIHRvIGEgbWF0cml4IGV2ZW50LlxuICogQHBhcmFtIHtFbmNyeXB0ZWRGaWxlfSBmaWxlIFRoZSBlbmNyeXB0ZWQgZmlsZSBpbmZvcm1hdGlvbiB0YWtlbiBmcm9tIHRoZSBtYXRyaXggZXZlbnQuXG4gKiAgIFRoaXMgcGFzc2VkIHRvIFtsaW5rXXtAbGluayBodHRwczovL2dpdGh1Yi5jb20vbWF0cml4LW9yZy9tYXRyaXgtZW5jcnlwdC1hdHRhY2htZW50fVxuICogICBhcyB0aGUgZW5jcnlwdGlvbiBpbmZvIG9iamVjdCwgc28gd2lsbCBhbHNvIGhhdmUgdGhlIHRob3NlIGtleXMgaW4gYWRkaXRpb24gdG9cbiAqICAgdGhlIGtleXMgYmVsb3cuXG4gKiBAcGFyYW0ge01lZGlhRXZlbnRJbmZvfSBpbmZvIFRoZSBpbmZvIHBhcmFtZXRlciB0YWtlbiBmcm9tIHRoZSBtYXRyaXggZXZlbnQuXG4gKiBAcmV0dXJucyB7UHJvbWlzZTxCbG9iPn0gUmVzb2x2ZXMgdG8gYSBCbG9iIG9mIHRoZSBmaWxlLlxuICovXG5leHBvcnQgYXN5bmMgZnVuY3Rpb24gZGVjcnlwdEZpbGUoZmlsZT86IEVuY3J5cHRlZEZpbGUsIGluZm8/OiBNZWRpYUV2ZW50SW5mbyk6IFByb21pc2U8QmxvYj4ge1xuICAgIC8vIHRocm93cyBpZiBmaWxlIGlzIGZhbHN5XG4gICAgY29uc3QgbWVkaWEgPSBtZWRpYUZyb21Db250ZW50KHsgZmlsZSB9KTtcblxuICAgIGxldCByZXNwb25zZURhdGE6IEFycmF5QnVmZmVyO1xuICAgIHRyeSB7XG4gICAgICAgIC8vIERvd25sb2FkIHRoZSBlbmNyeXB0ZWQgZmlsZSBhcyBhbiBhcnJheSBidWZmZXIuXG4gICAgICAgIGNvbnN0IHJlc3BvbnNlID0gYXdhaXQgbWVkaWEuZG93bmxvYWRTb3VyY2UoKTtcbiAgICAgICAgaWYgKCFyZXNwb25zZS5vaykge1xuICAgICAgICAgICAgdGhyb3cgcGFyc2VFcnJvclJlc3BvbnNlKHJlc3BvbnNlLCBhd2FpdCByZXNwb25zZS50ZXh0KCkpO1xuICAgICAgICB9XG4gICAgICAgIHJlc3BvbnNlRGF0YSA9IGF3YWl0IHJlc3BvbnNlLmFycmF5QnVmZmVyKCk7XG4gICAgfSBjYXRjaCAoZSkge1xuICAgICAgICB0aHJvdyBuZXcgRG93bmxvYWRFcnJvcihlIGFzIEVycm9yKTtcbiAgICB9XG5cbiAgICB0cnkge1xuICAgICAgICAvLyBEZWNyeXB0IHRoZSBhcnJheSBidWZmZXIgdXNpbmcgdGhlIGluZm9ybWF0aW9uIHRha2VuIGZyb20gdGhlIGV2ZW50IGNvbnRlbnQuXG4gICAgICAgIGNvbnN0IGRhdGFBcnJheSA9IGF3YWl0IGVuY3J5cHQuZGVjcnlwdEF0dGFjaG1lbnQocmVzcG9uc2VEYXRhLCBmaWxlISk7XG4gICAgICAgIC8vIFR1cm4gdGhlIGFycmF5IGludG8gYSBCbG9iIGFuZCBnaXZlIGl0IHRoZSBjb3JyZWN0IE1JTUUtdHlwZS5cblxuICAgICAgICAvLyBJTVBPUlRBTlQ6IHdlIG11c3Qgbm90IGFsbG93IHNjcmlwdGFibGUgbWltZS10eXBlcyBpbnRvIEJsb2JzIG90aGVyd2lzZVxuICAgICAgICAvLyB0aGV5IGludHJvZHVjZSBYU1MgYXR0YWNrcyBpZiB0aGUgQmxvYiBVUkkgaXMgdmlld2VkIGRpcmVjdGx5IGluIHRoZVxuICAgICAgICAvLyBicm93c2VyIChlLmcuIGJ5IGNvcHlpbmcgdGhlIFVSSSBpbnRvIGEgbmV3IHRhYiBvciB3aW5kb3cuKVxuICAgICAgICAvLyBTZWUgd2FybmluZyBhdCB0b3Agb2YgZmlsZS5cbiAgICAgICAgbGV0IG1pbWV0eXBlID0gaW5mbz8ubWltZXR5cGUgPyBpbmZvLm1pbWV0eXBlLnNwbGl0KFwiO1wiKVswXS50cmltKCkgOiBcIlwiO1xuICAgICAgICBtaW1ldHlwZSA9IGdldEJsb2JTYWZlTWltZVR5cGUobWltZXR5cGUpO1xuXG4gICAgICAgIHJldHVybiBuZXcgQmxvYihbZGF0YUFycmF5XSwgeyB0eXBlOiBtaW1ldHlwZSB9KTtcbiAgICB9IGNhdGNoIChlKSB7XG4gICAgICAgIHRocm93IG5ldyBEZWNyeXB0RXJyb3IoZSBhcyBFcnJvcik7XG4gICAgfVxufVxuIl0sIm1hcHBpbmdzIjoiOzs7Ozs7OztBQVNBLElBQUFBLHdCQUFBLEdBQUFDLHNCQUFBLENBQUFDLE9BQUE7QUFDQSxJQUFBQyxPQUFBLEdBQUFELE9BQUE7QUFHQSxJQUFBRSxNQUFBLEdBQUFGLE9BQUE7QUFDQSxJQUFBRyxNQUFBLEdBQUFILE9BQUE7QUFkQTtBQUNBO0FBQ0E7QUFDQTtBQUNBO0FBQ0E7QUFDQTs7QUFFQTs7QUFRTyxNQUFNSSxhQUFhLFNBQVNDLEtBQUssQ0FBQztFQUM5QkMsV0FBV0EsQ0FBQ0MsQ0FBUSxFQUFFO0lBQ3pCLEtBQUssQ0FBQ0EsQ0FBQyxDQUFDQyxPQUFPLENBQUM7SUFDaEIsSUFBSSxDQUFDQyxJQUFJLEdBQUcsZUFBZTtJQUMzQixJQUFJLENBQUNDLEtBQUssR0FBR0gsQ0FBQyxDQUFDRyxLQUFLO0VBQ3hCO0FBQ0o7QUFBQ0MsT0FBQSxDQUFBUCxhQUFBLEdBQUFBLGFBQUE7QUFFTSxNQUFNUSxZQUFZLFNBQVNQLEtBQUssQ0FBQztFQUM3QkMsV0FBV0EsQ0FBQ0MsQ0FBUSxFQUFFO0lBQ3pCLEtBQUssQ0FBQ0EsQ0FBQyxDQUFDQyxPQUFPLENBQUM7SUFDaEIsSUFBSSxDQUFDQyxJQUFJLEdBQUcsY0FBYztJQUMxQixJQUFJLENBQUNDLEtBQUssR0FBR0gsQ0FBQyxDQUFDRyxLQUFLO0VBQ3hCO0FBQ0o7O0FBRUE7QUFDQTtBQUNBO0FBQ0E7QUFDQTtBQUNBO0FBQ0E7QUFDQTtBQUNBO0FBUkFDLE9BQUEsQ0FBQUMsWUFBQSxHQUFBQSxZQUFBO0FBU08sZUFBZUMsV0FBV0EsQ0FBQ0MsSUFBb0IsRUFBRUMsSUFBcUIsRUFBaUI7RUFDMUY7RUFDQSxNQUFNQyxLQUFLLEdBQUcsSUFBQUMsdUJBQWdCLEVBQUM7SUFBRUg7RUFBSyxDQUFDLENBQUM7RUFFeEMsSUFBSUksWUFBeUI7RUFDN0IsSUFBSTtJQUNBO0lBQ0EsTUFBTUMsUUFBUSxHQUFHLE1BQU1ILEtBQUssQ0FBQ0ksY0FBYyxDQUFDLENBQUM7SUFDN0MsSUFBSSxDQUFDRCxRQUFRLENBQUNFLEVBQUUsRUFBRTtNQUNkLE1BQU0sSUFBQUMsMEJBQWtCLEVBQUNILFFBQVEsRUFBRSxNQUFNQSxRQUFRLENBQUNJLElBQUksQ0FBQyxDQUFDLENBQUM7SUFDN0Q7SUFDQUwsWUFBWSxHQUFHLE1BQU1DLFFBQVEsQ0FBQ0ssV0FBVyxDQUFDLENBQUM7RUFDL0MsQ0FBQyxDQUFDLE9BQU9qQixDQUFDLEVBQUU7SUFDUixNQUFNLElBQUlILGFBQWEsQ0FBQ0csQ0FBVSxDQUFDO0VBQ3ZDO0VBRUEsSUFBSTtJQUNBO0lBQ0EsTUFBTWtCLFNBQVMsR0FBRyxNQUFNQyxnQ0FBTyxDQUFDQyxpQkFBaUIsQ0FBQ1QsWUFBWSxFQUFFSixJQUFLLENBQUM7SUFDdEU7O0lBRUE7SUFDQTtJQUNBO0lBQ0E7SUFDQSxJQUFJYyxRQUFRLEdBQUdiLElBQUksRUFBRWEsUUFBUSxHQUFHYixJQUFJLENBQUNhLFFBQVEsQ0FBQ0MsS0FBSyxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDQyxJQUFJLENBQUMsQ0FBQyxHQUFHLEVBQUU7SUFDdkVGLFFBQVEsR0FBRyxJQUFBRywwQkFBbUIsRUFBQ0gsUUFBUSxDQUFDO0lBRXhDLE9BQU8sSUFBSUksSUFBSSxDQUFDLENBQUNQLFNBQVMsQ0FBQyxFQUFFO01BQUVRLElBQUksRUFBRUw7SUFBUyxDQUFDLENBQUM7RUFDcEQsQ0FBQyxDQUFDLE9BQU9yQixDQUFDLEVBQUU7SUFDUixNQUFNLElBQUlLLFlBQVksQ0FBQ0wsQ0FBVSxDQUFDO0VBQ3RDO0FBQ0oiLCJpZ25vcmVMaXN0IjpbXX0=