add attachment decryption

Author: martgil

extension/js/common/browser/browser-msg.ts

@@ -20,6 +20,7 @@ import { Ui } from './ui.js';
 import { AuthRes } from '../api/authentication/generic/oauth.js';
 import { GlobalStore } from '../platform/store/global-store.js';
 import { BgUtils } from '../../service_worker/bgutils.js';
+import { Attachment } from '../core/attachment.js';
 
 export type GoogleAuthWindowResult$result = 'Success' | 'Denied' | 'Error' | 'Closed';
 export type ScreenDimensions = { width: number; height: number; availLeft: number; availTop: number };
@@ -98,7 +99,7 @@ export namespace Bm {
   export type PgpBlockRetry = { frameId: string; messageSender: Dest };
   export type PgpBlockReady = { frameId: string; messageSender: Dest };
   export type ThunderbirdOpenPassphraseDialog = { acctEmail: string; longids: string };
-  export type ThunderbirdAttachmentDownload = { attachment: messenger.messages.MessageAttachment };
+  export type ThunderbirdGetDownloadableAttachment = { attachment: messenger.messages.MessageAttachment };
 
   export namespace Res {
     export type GetActiveTabInfo = {
@@ -115,7 +116,7 @@ export namespace Bm {
     export type ExpirationCacheGet<V> = Promise<V | undefined>;
     export type ExpirationCacheSet = Promise<void>;
     export type ExpirationCacheDeleteExpired = Promise<void>;
-    export type ThunderbirdAttachmentDownload = Promise<void>;
+    export type ThunderbirdGetDownloadableAttachment = Attachment | undefined;
     export type ThunderbirdGetCurrentUser = string | undefined;
     export type ThunderbirdMsgGet = { attachments: messenger.messages.MessageAttachment[]; messagePart: messenger.messages.MessagePart };
     export type ThunderbirdOpenPassphraseDialog = Promise<void>;
@@ -136,7 +137,7 @@ export namespace Bm {
       | ExpirationCacheDeleteExpired
       | AjaxGmailAttachmentGetChunk
       | ConfirmationResult
-      | ThunderbirdAttachmentDownload
+      | ThunderbirdGetDownloadableAttachment
       | ThunderbirdMsgGet;
   }
 
@@ -178,7 +179,7 @@ export namespace Bm {
     | PgpBlockReady
     | PgpBlockRetry
     | ConfirmationResult
-    | ThunderbirdAttachmentDownload
+    | ThunderbirdGetDownloadableAttachment
     | ThunderbirdOpenPassphraseDialog
     | Ajax;
 
@@ -243,8 +244,8 @@ export class BrowserMsg {
           BrowserMsg.sendAwait(undefined, 'expirationCacheSet', bm, true) as Promise<Bm.Res.ExpirationCacheSet>,
         expirationCacheDeleteExpired: (bm: Bm.ExpirationCacheDeleteExpired) =>
           BrowserMsg.sendAwait(undefined, 'expirationCacheDeleteExpired', bm, true) as Promise<Bm.Res.ExpirationCacheDeleteExpired>,
-        thunderbirdAttachmentDownload: (bm: Bm.ThunderbirdAttachmentDownload) =>
-          BrowserMsg.sendAwait(undefined, 'thunderbirdAttachmentDownload', bm, true) as Promise<Bm.Res.ThunderbirdAttachmentDownload>,
+        thunderbirdGetDownloadableAttachment: (bm: Bm.ThunderbirdGetDownloadableAttachment) =>
+          BrowserMsg.sendAwait(undefined, 'thunderbirdGetDownloadableAttachment', bm, true) as Promise<Bm.Res.ThunderbirdGetDownloadableAttachment>,
         thunderbirdGetCurrentUser: () =>
           BrowserMsg.sendAwait(undefined, 'thunderbirdGetCurrentUser', undefined, true) as Promise<Bm.Res.ThunderbirdGetCurrentUser>,
         thunderbirdMsgGet: () => BrowserMsg.sendAwait(undefined, 'thunderbirdMsgGet', undefined, true) as Promise<Bm.Res.ThunderbirdMsgGet>,

extension/js/content_scripts/webmail/thunderbird/thunderbird-element-replacer.ts

@@ -19,6 +19,7 @@ export class ThunderbirdElementReplacer extends WebmailElementReplacer {
   public reinsertReplyBox: (replyMsgId: string) => void;
   public scrollToReplyBox: (replyMsgId: string) => void;
   public scrollToCursorInReplyBox: (replyMsgId: string, cursorOffsetTop: number) => void;
+  private acctEmail: string;
   private emailBodyFromThunderbirdMail: string;
   private thunderbirdEmailSelector = $('div.moz-text-plain');
 
@@ -32,12 +33,13 @@ export class ThunderbirdElementReplacer extends WebmailElementReplacer {
       if (!messagePart) {
         return;
       } else {
-        const acctEmail = await BrowserMsg.send.bg.await.thunderbirdGetCurrentUser();
-        const parsedPubs = (await ContactStore.getOneWithAllPubkeys(undefined, String(acctEmail)))?.sortedPubkeys ?? [];
+        // eslint-disable-next-line @typescript-eslint/no-non-null-assertion
+        this.acctEmail = (await BrowserMsg.send.bg.await.thunderbirdGetCurrentUser())!;
+        const parsedPubs = (await ContactStore.getOneWithAllPubkeys(undefined, this.acctEmail))?.sortedPubkeys ?? [];
         const signerKeys = parsedPubs.map(key => KeyUtil.armor(key.pubkey));
         if (this.isPublicKeyEncryptedMsg()) {
           const result = await MsgUtil.decryptMessage({
-            kisWithPp: await KeyStore.getAllWithOptionalPassPhrase(String(acctEmail)),
+            kisWithPp: await KeyStore.getAllWithOptionalPassPhrase(this.acctEmail),
             encryptedData: this.emailBodyFromThunderbirdMail,
             verificationPubs: signerKeys,
           });
@@ -70,6 +72,15 @@ export class ThunderbirdElementReplacer extends WebmailElementReplacer {
             const pgpBlock = this.generatePgpBlockTemplate(decryptionErrorMsg, 'not signed', this.emailBodyFromThunderbirdMail);
             $('body').html(pgpBlock); // xss-sanitized
           }
+          if (!attachments.length) {
+            return;
+          } else {
+            for (const attachment of attachments) {
+              const generatedPgpTemplate = this.generatePgpAttachmentTemplate(attachment);
+              $('.pgp_attachments_block').append(generatedPgpTemplate); // xss-sanitized
+              // todo: detached signed message via https://github.com/FlowCrypt/flowcrypt-browser/issues/5668
+            }
+          }
         } else if (this.isCleartextMsg()) {
           const message = await openpgp.readCleartextMessage({ cleartextMessage: this.emailBodyFromThunderbirdMail });
           const result = await OpenPGPKey.verify(message, await ContactStore.getPubkeyInfos(undefined, signerKeys));
@@ -85,15 +96,6 @@ export class ThunderbirdElementReplacer extends WebmailElementReplacer {
           $('body').html(pgpBlock); // xss-sanitized
         }
       }
-      if (!attachments.length) {
-        return;
-      } else {
-        for (const attachment of attachments) {
-          const generatedPgpTemplate = this.generatePgpAttachmentTemplate(attachment);
-          $('.pgp_attachments_block').append(generatedPgpTemplate); // xss-sanitized
-          // todo: detached signed message via https://github.com/FlowCrypt/flowcrypt-browser/issues/5668
-        }
-      }
     }
   };
 
@@ -129,7 +131,25 @@ export class ThunderbirdElementReplacer extends WebmailElementReplacer {
   };
 
   private downloadThunderbirdAttachmentHandler = async (attachment: messenger.messages.MessageAttachment) => {
-    await BrowserMsg.send.bg.await.thunderbirdAttachmentDownload({ attachment });
+    const flowCryptAttachment = await BrowserMsg.send.bg.await.thunderbirdGetDownloadableAttachment({ attachment });
+    if (flowCryptAttachment) {
+      const result = await MsgUtil.decryptMessage({
+        kisWithPp: await KeyStore.getAllWithOptionalPassPhrase(this.acctEmail),
+        encryptedData: this.emailBodyFromThunderbirdMail,
+        verificationPubs: [], // todo: #4158 signature verification of attachments
+      });
+      if (result.success && result.content) {
+        console.log('debug: download me');
+        // todo - create separate background message for download prompt and file download
+        // const fileUrl = URL.createObjectURL(rawAttachment);
+        // await browser.downloads.download({
+        //   url: fileUrl,
+        //   filename: r.attachment.name,
+        //   saveAs: true,
+        // });
+        // URL.revokeObjectURL(fileUrl);
+      }
+    }
   };
 
   private isCleartextMsg = (): boolean => {

extension/js/service_worker/background.ts

@@ -75,7 +75,7 @@ console.info('background.js service worker starting');
     await BgHandlers.thunderbirdContentScriptRegistration();
     BrowserMsg.bgAddListener('thunderbirdGetCurrentUser', BgHandlers.thunderbirdGetCurrentUserHandler);
     BrowserMsg.bgAddListener('thunderbirdMsgGet', BgHandlers.thunderbirdMsgGetHandler);
-    BrowserMsg.bgAddListener('thunderbirdAttachmentDownload', BgHandlers.thunderbirdAttachmentDownload);
+    BrowserMsg.bgAddListener('thunderbirdGetDownloadableAttachment', BgHandlers.thunderbirdGetDownloadableAttachment);
     BrowserMsg.bgAddListener('thunderbirdOpenPassphraseDialog', BgHandlers.thunderbirdOpenPassphraseDialog);
   }
 })().catch(Catch.reportErr);

extension/js/service_worker/bg-handlers.ts

@@ -13,6 +13,7 @@ import { GoogleOAuth } from '../common/api/authentication/google/google-oauth.js
 import { AcctStore } from '../common/platform/store/acct-store.js';
 import { ConfiguredIdpOAuth } from '../common/api/authentication/configured-idp-oauth.js';
 import { Url, Str } from '../common/core/common.js';
+import { Attachment } from '../common/core/attachment.js';
 
 export class BgHandlers {
   public static openSettingsPageHandler: Bm.AsyncResponselessHandler = async ({ page, path, pageUrlParams, addNewAcct, acctEmail }: Bm.Settings) => {
@@ -162,18 +163,16 @@ export class BgHandlers {
     });
   };
 
-  public static thunderbirdAttachmentDownload = async (r: Bm.ThunderbirdAttachmentDownload): Promise<Bm.Res.ThunderbirdAttachmentDownload> => {
+  public static thunderbirdGetDownloadableAttachment = async (
+    r: Bm.ThunderbirdGetDownloadableAttachment
+  ): Promise<Bm.Res.ThunderbirdGetDownloadableAttachment> => {
     const [tab] = await messenger.mailTabs.query({ active: true, currentWindow: true });
     if (tab.id) {
-      const downloadableAttachment = await messenger.messages.getAttachmentFile(tab.id, r.attachment.partName);
-      const fileUrl = URL.createObjectURL(downloadableAttachment);
-      await browser.downloads.download({
-        url: fileUrl,
-        filename: r.attachment.name,
-        saveAs: true,
-      });
-      URL.revokeObjectURL(fileUrl);
+      const rawAttachment = await messenger.messages.getAttachmentFile(tab.id, r.attachment.partName);
+      const data = new Uint8Array(await rawAttachment.arrayBuffer());
+      return new Attachment({ data });
     }
+    return;
   };
 
   public static thunderbirdGetCurrentUserHandler = async (): Promise<Bm.Res.ThunderbirdGetCurrentUser> => {