Merge pull request #1879 from matrix-org/mauroromito/update_crypto_sd…

…k__and_replace_content_scanner
matrix-org · Sep 13, 2024 · 8a65ea1 · 8a65ea1
2 parents c01960c + 1a3927f
commit 8a65ea1
Show file tree

Hide file tree

Showing 17 changed files with 100 additions and 37 deletions.
diff --git a/.github/workflows/ci-integration-tests.yml b/.github/workflows/ci-integration-tests.yml
@@ -70,17 +70,17 @@ jobs:
         run: bundle exec fastlane test testplan:AllWorkingTests
 
       # Store artifacts
-      - uses: actions/upload-artifact@v2
+      - uses: actions/upload-artifact@v4
         if: always()
         with:
           name: report.html
           path: build/test/report.html
-      - uses: actions/upload-artifact@v2
+      - uses: actions/upload-artifact@v4
         if: always()
         with:
           name: report.junit
           path: build/test/report.junit
-      - uses: actions/upload-artifact@v2
+      - uses: actions/upload-artifact@v4
         if: always()
         with:
           name: MatrixSDK-macOS.xcresult

diff --git a/.github/workflows/ci-unit-tests.yml b/.github/workflows/ci-unit-tests.yml
@@ -50,15 +50,15 @@ jobs:
         run: bundle exec fastlane test testplan:UnitTests
 
       # Store artifacts
-      - uses: actions/upload-artifact@v2
+      - uses: actions/upload-artifact@v4
         with:
           name: report.html
           path: build/test/report.html
-      - uses: actions/upload-artifact@v2
+      - uses: actions/upload-artifact@v4
         with:
           name: report.junit
           path: build/test/report.junit
-      - uses: actions/upload-artifact@v2
+      - uses: actions/upload-artifact@v4
         with:
           name: MatrixSDK-macOS.xcresult
           path: build/test/MatrixSDK-macOS.xcresult/

diff --git a/MatrixSDK.podspec b/MatrixSDK.podspec
@@ -45,7 +45,7 @@ Pod::Spec.new do |s|
       ss.dependency 'OLMKit', '~> 3.2.5'
       ss.dependency 'Realm', '10.27.0'
       ss.dependency 'libbase58', '~> 0.1.4'
-      ss.dependency 'MatrixSDKCrypto', '0.4.2', :configurations => ["DEBUG", "RELEASE"], :inhibit_warnings => true
+      ss.dependency 'MatrixSDKCrypto', '0.4.3', :configurations => ["DEBUG", "RELEASE"], :inhibit_warnings => true
   end
 
   s.subspec 'JingleCallStack' do |ss|

diff --git a/MatrixSDK.xcodeproj/project.pbxproj b/MatrixSDK.xcodeproj/project.pbxproj
@@ -752,6 +752,8 @@
 		A780624F27B2CE74005780C0 /* FileManager+Backup.swift in Sources */ = {isa = PBXBuildFile; fileRef = A780624C27B2CE74005780C0 /* FileManager+Backup.swift */; };
 		A780625027B2CE74005780C0 /* FileManager+AppGroupContainer.swift in Sources */ = {isa = PBXBuildFile; fileRef = A780624D27B2CE74005780C0 /* FileManager+AppGroupContainer.swift */; };
 		A780625127B2CE74005780C0 /* FileManager+AppGroupContainer.swift in Sources */ = {isa = PBXBuildFile; fileRef = A780624D27B2CE74005780C0 /* FileManager+AppGroupContainer.swift */; };
+		A7BB11982C933677002F7FA5 /* PKMessageWrapper.swift in Sources */ = {isa = PBXBuildFile; fileRef = A7BB11972C933677002F7FA5 /* PKMessageWrapper.swift */; };
+		A7BB11992C933677002F7FA5 /* PKMessageWrapper.swift in Sources */ = {isa = PBXBuildFile; fileRef = A7BB11972C933677002F7FA5 /* PKMessageWrapper.swift */; };
 		A816247C25F60C7700A46F05 /* MXDeviceListOperationsPoolUnitTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = A816247B25F60C7700A46F05 /* MXDeviceListOperationsPoolUnitTests.swift */; };
 		A816248525F60D0300A46F05 /* MXDeviceListOperationsPoolUnitTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = A816247B25F60C7700A46F05 /* MXDeviceListOperationsPoolUnitTests.swift */; };
 		B105CD9D261E0B70006EB204 /* MXSpaceChildrenSummary.swift in Sources */ = {isa = PBXBuildFile; fileRef = B105CD9C261E0B70006EB204 /* MXSpaceChildrenSummary.swift */; };
@@ -2713,6 +2715,7 @@
 		A75CAD6B2A97970500F06072 /* MXWellKnownAuthentication.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = MXWellKnownAuthentication.h; sourceTree = "<group>"; };
 		A780624C27B2CE74005780C0 /* FileManager+Backup.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = "FileManager+Backup.swift"; sourceTree = "<group>"; };
 		A780624D27B2CE74005780C0 /* FileManager+AppGroupContainer.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = "FileManager+AppGroupContainer.swift"; sourceTree = "<group>"; };
+		A7BB11972C933677002F7FA5 /* PKMessageWrapper.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = PKMessageWrapper.swift; sourceTree = "<group>"; };
 		A816247B25F60C7700A46F05 /* MXDeviceListOperationsPoolUnitTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = MXDeviceListOperationsPoolUnitTests.swift; sourceTree = "<group>"; };
 		B105CD9C261E0B70006EB204 /* MXSpaceChildrenSummary.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = MXSpaceChildrenSummary.swift; sourceTree = "<group>"; };
 		B105CDD4261F54C8006EB204 /* MXSpaceChildContent.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = MXSpaceChildContent.h; sourceTree = "<group>"; };
@@ -3290,6 +3293,7 @@
 				02CAD435217DD12F0074700B /* Data */,
 				B146D50021A5C6D600D8C2C6 /* MXScanManager.h */,
 				B146D50121A5C6D600D8C2C6 /* MXScanManager.m */,
+				A7BB11972C933677002F7FA5 /* PKMessageWrapper.swift */,
 			);
 			path = ContentScan;
 			sourceTree = "<group>";
@@ -7292,6 +7296,7 @@
 				EC8A53AF25B1BC77004E0802 /* MXCallAnswerEventContent.m in Sources */,
 				B1432B51282AB29A00737CA6 /* MXBeaconInfoSummaryAllRoomListener.swift in Sources */,
 				32A30B191FB4813400C8309E /* MXIncomingRoomKeyRequestManager.m in Sources */,
+				A7BB11982C933677002F7FA5 /* PKMessageWrapper.swift in Sources */,
 				323F3F9320D3F0C700D26D6A /* MXRoomEventFilter.m in Sources */,
 				3275FD9921A6B53300B9C13D /* MXLoginPolicyData.m in Sources */,
 				EC1848C92686176D00865E16 /* MXiOSAudioOutputRouterDelegate.swift in Sources */,
@@ -7964,6 +7969,7 @@
 				B14EF25C2397E90400758AF0 /* MXRoomTombStoneContent.m in Sources */,
 				B1432B52282AB29A00737CA6 /* MXBeaconInfoSummaryAllRoomListener.swift in Sources */,
 				B14EF25D2397E90400758AF0 /* MXImage.swift in Sources */,
+				A7BB11992C933677002F7FA5 /* PKMessageWrapper.swift in Sources */,
 				B14EF25E2397E90400758AF0 /* (null) in Sources */,
 				32B090E3261F709B002924AA /* MXAsyncTaskQueue.swift in Sources */,
 				B14EF25F2397E90400758AF0 /* MXServerNoticeContent.m in Sources */,

diff --git a/MatrixSDK/ContentScan/Data/MXContentScanEncryptedBody.h b/MatrixSDK/ContentScan/Data/MXContentScanEncryptedBody.h
@@ -16,7 +16,7 @@
 
 #import "MXJSONModel.h"
 
-@class OLMPkMessage;
+@class PKMessageWrapper;
 
 /**
  `MXContentScanEncryptedBody` contains the encrypted body use to scan an encrypted content.
@@ -39,11 +39,11 @@
 @property (nonatomic) NSString *ephemeral;
 
 /**
- Create a model instance from a OLMPkMessage instance.
+ Create a model instance from a PKMessageWrapper instance.
  
- @param OLMPkMessage the encrypted message.
+ @param PKMessageWrapper the encrypted message.
  @return the newly created instance.
  */
-+ (id)modelFromOLMPkMessage:(OLMPkMessage *)OLMPkMessage;
++ (id)modelFromPKMessage:(PKMessageWrapper *)pkMessage;
 
 @end
diff --git a/MatrixSDK/ContentScan/Data/MXContentScanEncryptedBody.m b/MatrixSDK/ContentScan/Data/MXContentScanEncryptedBody.m
@@ -15,7 +15,8 @@
  */
 
 #import "MXContentScanEncryptedBody.h"
-#import <OLMKit/OLMKit.h>
+
+#import "MatrixSDKSwiftHeader.h"
 
 @implementation MXContentScanEncryptedBody
 
@@ -31,14 +32,14 @@ + (id)modelFromJSON:(NSDictionary *)JSONDictionary
     return contentScanEncryptedBody;
 }
 
-+ (id)modelFromOLMPkMessage:(OLMPkMessage *)OLMPkMessage
++ (id)modelFromPKMessage:(PKMessageWrapper *)pkMessage
 {
     MXContentScanEncryptedBody *contentScanEncryptedBody = [[MXContentScanEncryptedBody alloc] init];
     if (contentScanEncryptedBody)
     {
-        contentScanEncryptedBody.ciphertext = OLMPkMessage.ciphertext;
-        contentScanEncryptedBody.mac = OLMPkMessage.mac;
-        contentScanEncryptedBody.ephemeral = OLMPkMessage.ephemeralKey;
+        contentScanEncryptedBody.ciphertext = pkMessage.ciphertext;
+        contentScanEncryptedBody.mac = pkMessage.mac;
+        contentScanEncryptedBody.ephemeral = pkMessage.ephemeralKey;
     }
     return contentScanEncryptedBody;
 }

diff --git a/MatrixSDK/ContentScan/MXScanManager.m b/MatrixSDK/ContentScan/MXScanManager.m
@@ -15,7 +15,6 @@
  */
 
 #import "MXScanManager.h"
-#import <OLMKit/OLMKit.h>
 
 #import "MXMediaScanStore.h"
 #import "MXRealmMediaScanStore.h"
@@ -29,6 +28,8 @@
 #import "MXTools.h"
 #import "MXScanRealmFileProvider.h"
 
+#import "MatrixSDKSwiftHeader.h"
+
 #pragma mark - Defines & Constants
 
 NSString *const MXScanManagerEventScanDidChangeNotification = @"MXScanManagerEventScanDidChangeNotification";
@@ -331,11 +332,17 @@ - (void)encryptRequestBody:(nonnull NSDictionary *)requestBody completion:(void
     [self getAntivirusServerPublicKey:^(NSString * _Nullable publicKey) {
         if (publicKey.length)
         {
-            OLMPkEncryption *olmPkEncryption = [OLMPkEncryption new];
-            [olmPkEncryption setRecipientKey:publicKey];
+
             NSString *message = [MXTools serialiseJSONObject:requestBody];
-            OLMPkMessage *olmPkMessage = [olmPkEncryption encryptMessage:message error:nil];
-            completion([MXContentScanEncryptedBody modelFromOLMPkMessage:olmPkMessage]);
+            PKMessageWrapper *pkMessage = [PKMessageWrapper encryptMessage:message usingKey:publicKey];
+            if (pkMessage)
+            {
+                completion([MXContentScanEncryptedBody modelFromPKMessage:pkMessage]);
+            }
+            else
+            {
+                completion(nil);
+            }
         }
         else
         {

diff --git a/MatrixSDK/ContentScan/PKMessageWrapper.swift b/MatrixSDK/ContentScan/PKMessageWrapper.swift
@@ -0,0 +1,48 @@
+// 
+// Copyright 2024 The Matrix.org Foundation C.I.C
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+import Foundation
+import MatrixSDKCrypto
+
+@objc public class PKMessageWrapper: NSObject {
+    private let pkMessage: PkMessage
+
+    @objc public var ciphertext: String {
+        pkMessage.ciphertext
+    }
+
+    @objc public var mac: String {
+        pkMessage.mac
+    }
+
+    @objc public var ephemeralKey: String {
+        pkMessage.ephemeralKey
+    }
+
+    @objc public static func encryptMessage(_ message: String, usingKey key: String) -> PKMessageWrapper? {
+        do {
+            let pkEncryption = try PkEncryption.fromBase64(key: key)
+            return PKMessageWrapper(pkMessage: pkEncryption.encrypt(plaintext: message))
+        } catch {
+            MXLog.error("[PKMessageWrapper] failed to create pkEncryption", context: error)
+            return nil
+        }
+    }
+
+    private init(pkMessage: PkMessage) {
+        self.pkMessage = pkMessage
+    }
+}
diff --git a/MatrixSDK/Crypto/Algorithms/RoomEvent/MXRoomEventEncryption.swift b/MatrixSDK/Crypto/Algorithms/RoomEvent/MXRoomEventEncryption.swift
@@ -184,7 +184,8 @@ struct MXRoomEventEncryption: MXRoomEventEncrypting {
             rotationPeriodMsgs: UInt64(Self.keyRotationPeriodMsgs),
             // If not set, history visibility defaults to `joined` as the most restrictive setting
             historyVisibility: state.historyVisibility?.visibility ?? .joined,
-            onlyAllowTrustedDevices: onlyTrustedDevices(in: roomId)
+            onlyAllowTrustedDevices: onlyTrustedDevices(in: roomId),
+            errorOnVerifiedUserProblem: false
         )
     }
 

diff --git a/MatrixSDK/Crypto/CryptoMachine/MXCryptoMachine.swift b/MatrixSDK/Crypto/CryptoMachine/MXCryptoMachine.swift
@@ -116,10 +116,6 @@ class MXCryptoMachine {
         }
     }
 
-    func invalidateCache() async {
-        await machine.clearCryptoCache()
-    }
-
     // MARK: - Private
 
     private static func createMachine(userId: String, deviceId: String, log: MXNamedLog) throws -> OlmMachine {

diff --git a/MatrixSDK/Crypto/MXCryptoV2.swift b/MatrixSDK/Crypto/MXCryptoV2.swift
@@ -724,8 +724,7 @@ class MXCryptoV2: NSObject, MXCrypto {
 
     func invalidateCache(_ done: @escaping () -> Void) {
         Task {
-            log.debug("Invalidating Olm Machine crypto store cache.")
-            await machine.invalidateCache()
+            // invalidating cache is not required for crypto v2 and is just here for conformance with the original crypto protocol
             await MainActor.run {
                 done()
             }

diff --git a/MatrixSDK/Crypto/Verification/Transactions/SAS/MXSASTransactionV2.swift b/MatrixSDK/Crypto/Verification/Transactions/SAS/MXSASTransactionV2.swift
@@ -150,7 +150,7 @@ extension MXSASTransactionV2: SasListener {
 
         switch state {
         case .started:
-            self.state = isIncoming ? MXSASTransactionStateIncomingShowAccept : MXSASTransactionStateOutgoingWaitForPartnerToAccept
+            self.state = MXSASTransactionStateIncomingShowAccept
         case .accepted:
             self.state = MXSASTransactionStateWaitForPartnerKey
         case .keysExchanged(let emojis, let decimals):
@@ -172,6 +172,8 @@ extension MXSASTransactionV2: SasListener {
                 humanReadable: cancelInfo.reason
             )
             self.state = cancelInfo.cancelledByUs == true ? MXSASTransactionStateCancelledByMe : MXSASTransactionStateCancelled
+        case .created:
+            self.state = MXSASTransactionStateOutgoingWaitForPartnerToAccept
         }
     }
 }

diff --git a/MatrixSDKTests/Crypto/CryptoMachine/DecryptedEvent+Stub.swift b/MatrixSDKTests/Crypto/CryptoMachine/DecryptedEvent+Stub.swift
@@ -28,6 +28,7 @@ extension DecryptedEvent {
             forwardingCurve25519Chain: [],
             shieldState: .init(
                 color: .none,
+                code: nil,
                 message: nil
             )
         )

diff --git a/MatrixSDKTests/Crypto/Verification/Transactions/SAS/MXSASTransactionV2UnitTests.swift b/MatrixSDKTests/Crypto/Verification/Transactions/SAS/MXSASTransactionV2UnitTests.swift
@@ -71,13 +71,13 @@ class MXSASTransactionV2UnitTests: XCTestCase {
 
     // MARK: - Test State
 
-    func test_startedState() {
+    func test_startedAndCreatedState() {
         let incoming = makeTransaction(isIncoming: true)
         incoming.onChange(state: .started)
         XCTAssertEqual(incoming.state, MXSASTransactionStateIncomingShowAccept)
 
         let outgoing = makeTransaction(isIncoming: false)
-        outgoing.onChange(state: .started)
+        outgoing.onChange(state: .created)
         XCTAssertEqual(outgoing.state, MXSASTransactionStateOutgoingWaitForPartnerToAccept)
     }
 

diff --git a/MatrixSDKTests/MXSelfSignedHomeserverTests.m b/MatrixSDKTests/MXSelfSignedHomeserverTests.m
@@ -283,7 +283,7 @@ - (void)testMediaWithNotTrustedCertificate
                     NSString *contentURL = event.content[@"url"];
                     XCTAssert(contentURL);
 
-                    MXMediaManager *mediaManager = [[MXMediaManager alloc] initWithHomeServer:mxSession.matrixRestClient.homeserver];
+                    MXMediaManager *mediaManager = [[MXMediaManager alloc] initWithRestClient:mxSession.matrixRestClient];
                     XCTAssert(mediaManager);
 
                     [mxSession close];

diff --git a/Podfile b/Podfile
@@ -1,3 +1,5 @@
+source 'https://cdn.cocoapods.org/'
+
 # Uncomment this line to define a global platform for your project
 
 # Expose Objective-C frameworks to Swift
@@ -16,7 +18,7 @@ abstract_target 'MatrixSDK' do
 
     pod 'Realm', '10.27.0'
     pod 'libbase58', '~> 0.1.4'
-    pod 'MatrixSDKCrypto', '0.4.2', :inhibit_warnings => true
+    pod 'MatrixSDKCrypto', '0.4.3', :inhibit_warnings => true
 
     target 'MatrixSDK-iOS' do
         platform :ios, '13.0'

diff --git a/Podfile.lock b/Podfile.lock
@@ -16,7 +16,7 @@ PODS:
     - AFNetworking/NSURLSession
   - GZIP (1.3.2)
   - libbase58 (0.1.4)
-  - MatrixSDKCrypto (0.4.2)
+  - MatrixSDKCrypto (0.4.3)
   - OHHTTPStubs (9.1.0):
     - OHHTTPStubs/Default (= 9.1.0)
   - OHHTTPStubs/Core (9.1.0)
@@ -44,7 +44,7 @@ DEPENDENCIES:
   - AFNetworking (~> 4.0.0)
   - GZIP (~> 1.3.0)
   - libbase58 (~> 0.1.4)
-  - MatrixSDKCrypto (= 0.4.2)
+  - MatrixSDKCrypto (= 0.4.3)
   - OHHTTPStubs (~> 9.1.0)
   - OLMKit (~> 3.2.5)
   - Realm (= 10.27.0)
@@ -65,12 +65,12 @@ SPEC CHECKSUMS:
   AFNetworking: 3bd23d814e976cd148d7d44c3ab78017b744cd58
   GZIP: 3c0abf794bfce8c7cb34ea05a1837752416c8868
   libbase58: 7c040313537b8c44b6e2d15586af8e21f7354efd
-  MatrixSDKCrypto: 736069ee0a5ec12852ab3498bf2242acecc443fc
+  MatrixSDKCrypto: 27bee960e0e8b3a3039f3f3e93dd2ec88299c77e
   OHHTTPStubs: 90eac6d8f2c18317baeca36698523dc67c513831
   OLMKit: da115f16582e47626616874e20f7bb92222c7a51
   Realm: 9ca328bd7e700cc19703799785e37f77d1a130f2
   SwiftyBeaver: 84069991dd5dca07d7069100985badaca7f0ce82
 
-PODFILE CHECKSUM: 37ab0de0200808bcd3335a637e31736df60fc62e
+PODFILE CHECKSUM: cb51affdced38356ae06d1eb0f8f4526e203e1cd
 
 COCOAPODS: 1.15.2