avoid using the SDK to decrypt attachments for emergency access (#16293)

- The SDK does not have emergency access functionality built in at this point.
2025-12-21 02:33:46 +00:00 · 2025-09-04 14:31:52 -05:00
parent bff18a8cd2
commit ca9b531571
3 changed files with 11 additions and 1 deletions
--- a/libs/common/src/vault/services/cipher.service.ts
+++ b/libs/common/src/vault/services/cipher.service.ts
@@ -1544,11 +1544,13 @@ export class CipherService implements CipherServiceAbstraction {
    return encryptedCiphers;
  }

+  /** @inheritdoc */
  async getDecryptedAttachmentBuffer(
    cipherId: CipherId,
    attachment: AttachmentView,
    response: Response,
    userId: UserId,
+    useLegacyDecryption?: boolean,
  ): Promise<Uint8Array> {
    const useSdkDecryption = await this.configService.getFeatureFlag(
      FeatureFlag.PM19941MigrateCipherDomainToSdk,
@@ -1558,7 +1560,7 @@ export class CipherService implements CipherServiceAbstraction {
      this.ciphers$(userId).pipe(map((ciphersData) => new Cipher(ciphersData[cipherId]))),
    );

-    if (useSdkDecryption) {
+    if (useSdkDecryption && !useLegacyDecryption) {
      const encryptedContent = await response.arrayBuffer();
      return this.cipherEncryptionService.decryptAttachmentContent(
        cipherDomain,