Revert "refactor(crypto): minor refactor of decryptWithAttachments"

opengovsg · Jun 2, 2021 · 96bbe73 · 96bbe73
1 parent 884cd83
commit 96bbe73
Show file tree

Hide file tree

Showing 4 changed files with 25 additions and 102 deletions.
diff --git a/spec/util.spec.ts b/spec/util.spec.ts
diff --git a/src/crypto.ts b/src/crypto.ts
@@ -12,11 +12,9 @@ import {
   encryptMessage,
   generateKeypair,
   verifySignedMessage,
-  areAttachmentFieldIdsValid,
-  convertEncryptedAttachmentToFileContent,
 } from './util/crypto'
 import { determineIsFormFields } from './util/validate'
-import { MissingPublicKeyError, AttachmentDecryptionError } from './errors'
+import { MissingPublicKeyError } from './errors'
 import {
   DecryptedAttachments,
   DecryptedContent,
@@ -229,42 +227,40 @@ export default class Crypto {
       }
     })
 
-    const fieldIds = Object.keys(attachmentRecords)
-    // Check if all fieldIds are within filenames
-    if (!areAttachmentFieldIdsValid(fieldIds, filenames)) {
-      return null
-    }
+    const downloadPromises: Array<Promise<void>> = []
+    for (const fieldId in attachmentRecords) {
+      // Original name for the file is not found
+      if (filenames[fieldId] === undefined) return null
 
-    const downloadPromises = fieldIds.map((fieldId) => {
-      return (
+      downloadPromises.push(
         axios
-          // Retrieve all the attachments as JSON
-          .get<EncryptedAttachmentContent>(attachmentRecords[fieldId], {
-            responseType: 'json',
-          })
-          // Decrypt all the attachments
-          .then(({ data: downloadResponse }) => {
-            const encryptedFile =
-              convertEncryptedAttachmentToFileContent(downloadResponse)
+          .get(attachmentRecords[fieldId], { responseType: 'json' })
+          .then((downloadResponse) => {
+            const encryptedAttachment: EncryptedAttachmentContent =
+              downloadResponse.data
+            const encryptedFile: EncryptedFileContent = {
+              submissionPublicKey:
+                encryptedAttachment.encryptedFile.submissionPublicKey,
+              nonce: encryptedAttachment.encryptedFile.nonce,
+              binary: decodeBase64(encryptedAttachment.encryptedFile.binary),
+            }
+
             return this.decryptFile(formSecretKey, encryptedFile)
           })
           .then((decryptedFile) => {
-            // Check if the file exists and set the filename accordingly; otherwise, throw an error
-            if (decryptedFile) {
-              decryptedRecords[fieldId] = {
-                filename: filenames[fieldId],
-                content: decryptedFile,
-              }
-            } else {
-              throw new AttachmentDecryptionError()
+            if (decryptedFile === null)
+              throw new Error('Attachment decryption failed')
+            decryptedRecords[fieldId] = {
+              filename: filenames[fieldId],
+              content: decryptedFile,
             }
           })
       )
-    })
+    }
 
     try {
       await Promise.all(downloadPromises)
-    } catch {
+    } catch (e) {
       return null
     }
 

diff --git a/src/errors.ts b/src/errors.ts
@@ -33,16 +33,8 @@ class WebhookAuthenticateError extends Error {
   }
 }
 
-class AttachmentDecryptionError extends Error {
-  constructor(message = 'Attachment decryption with the given nonce failed.') {
-    super(message)
-    this.name = this.constructor.name
-  }
-}
-
 export {
   MissingSecretKeyError,
   MissingPublicKeyError,
   WebhookAuthenticateError,
-  AttachmentDecryptionError,
 }
diff --git a/src/util/crypto.ts b/src/util/crypto.ts
@@ -1,12 +1,7 @@
 import nacl from 'tweetnacl'
 import { decodeBase64, encodeBase64, encodeUTF8 } from 'tweetnacl-util'
 
-import {
-  Keypair,
-  EncryptedContent,
-  EncryptedAttachmentContent,
-  EncryptedFileContent,
-} from '../types'
+import { EncryptedContent, Keypair } from '../types'
 
 /**
  * Helper method to generate a new keypair for encryption.
@@ -84,29 +79,3 @@ export const verifySignedMessage = (
     throw new Error('Failed to open signed message with given public key')
   return JSON.parse(encodeUTF8(openedMessage))
 }
-
-/**
- * Helper method to check if all the field IDs given are within the filenames
- * @param fieldIds the list of fieldIds to check
- * @param filenames the filenames that should contain the fields
- * @returns boolean indicating whether the fields are valid
- */
-export const areAttachmentFieldIdsValid = (
-  fieldIds: string[],
-  filenames: Record<string, string>
-): boolean => {
-  return fieldIds.every((fieldId) => filenames[fieldId])
-}
-
-/**
- * Converts an encrypted attachment to encrypted file content
- * @param encryptedAttachment The encrypted attachment
- * @returns EncryptedFileContent The encrypted file content
- */
-export const convertEncryptedAttachmentToFileContent = (
-  encryptedAttachment: EncryptedAttachmentContent
-): EncryptedFileContent => ({
-  submissionPublicKey: encryptedAttachment.encryptedFile.submissionPublicKey,
-  nonce: encryptedAttachment.encryptedFile.nonce,
-  binary: decodeBase64(encryptedAttachment.encryptedFile.binary),
-})