Feature: Intercept downloads to transcode/decrypt payload
See original GitHub issueCurrently I am downloading encrypted payload and its stored on storage as a file. To display the data in the app After the download I have to read the whole file that was just written to storage back into memory (in chunks or as a whole), decrypt it, save it back to storage and removing the encrypted version of the file.
I wonder now if the library could allow the user to supply a file writing interceptor that this lib delegates the file writing to like this:
await BlobCourier
.onDownload({
blockSize: 16384 * 5,
transcode: (input: ArrayBuffer, last: boolean):Promise<ArrayBuffer> {
last ? return aes.finish(input) : aes.decrypt(input)
}
}
).fetch("https://example.org/encrypted.enc")
Some starting point maybe? https://medium.com/swlh/okhttp-interceptors-with-retrofit-2dcc322cc3f3
It would be crucial to operate on streams rather than having the whole response in memory.
Issue Analytics
- State:
- Created 3 years ago
- Reactions:1
- Comments:7 (4 by maintainers)
Top Results From Across the Web
Spring Cloud Gateway — Encryption/Decryption of Request ...
The request will be intercepted by the EncryptDecryptFilter . It's body will be extracted and decrypted. This request will then be handed over ......
Read more >An Encrypted Payload Protocol and Target-Side Scripting ...
Finally, the Stage 1 payload enters a loop repeatedly downloading, decrypting, and executing code from the payload server.
Read more >Burp Intruder payload types - PortSwigger
You can set the type of payload that you want to inject into the base request. Burp Intruder provides a range of options...
Read more >Deobfuscate/Decode Files or Information, Technique T1140
ID Name Description
S1025 Amadey Amadey has decoded antivirus name strings.
S0584 AppleJeus AppleJeus has decoded files received from a C2.
G0016 APT29 APT29 used 7‑Zip...
Read more >TransformationFeature - Apache CXF
Transformation Feature · Transformation Feature · Input Transformation and Redirection · Transform interceptors and phases · Default namespace on the output.
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
I’ve created feature requests #139 and #140 for this; first on I’ll work on will be #139.
Hi @pke , apologies for the late reply I was vacationing.
As for your question, I think you meant to refer to the new JSI architecture / Turbomodules or am I wrong? I have been working on migrating BlobCourier to it https://github.com/edeckers/react-native-blob-courier/pull/213. There’s two things holding it up for now:
NativeModules
but also theTurboModules
That being said, I don’t think react-native-vision-camera uses the TurboModules-architecture, but they do use JNI as you mentioned correctly. Although they seem to achieve it through this method: https://thebhwgroup.com/blog/react-native-jni. That fixes the problem only for specific plugins you’d write for BlobCourier though, you wouldn’t be able to hook-up react-native-simple-crypto as-is.
The way I understand TurboModules at this time - as I mentioned above, I’m not 100% confident yet - I think you’re right and they should solve our problem indeed. But only if both
BlobCourier
and react-native-simple-crypto migrate to it. There will be efforts to convince maintainers do migrate their libraries as soon as possible, so you might be in luck: https://reactnative.dev/blog/2022/03/15/an-update-on-the-new-architecture-rollout#the-3rd-party-libraries-ecosystem