Merge branch 'release/0.26.5/master'

matrix-org · Mar 28, 2023 · 1f426ce · 1f426ce
2 parents 91dbe20 + 59abb53
commit 1f426ce
Show file tree

Hide file tree

Showing 9 changed files with 52 additions and 23 deletions.
diff --git a/CHANGES.md b/CHANGES.md
@@ -1,3 +1,10 @@
+## Changes in 0.26.5 (2023-03-28)
+
+🙌 Improvements
+
+- Crypto: Upgrade verification if necessary ([#1751](https://github.com/matrix-org/matrix-ios-sdk/pull/1751))
+
+
 ## Changes in 0.26.4 (2023-03-22)
 
 🐛 Bugfixes

diff --git a/MatrixSDK.podspec b/MatrixSDK.podspec
@@ -1,7 +1,7 @@
 Pod::Spec.new do |s|
 
   s.name         = "MatrixSDK"
-  s.version      = "0.26.4"
+  s.version      = "0.26.5"
   s.summary      = "The iOS SDK to build apps compatible with Matrix (https://www.matrix.org)"
 
   s.description  = <<-DESC

diff --git a/MatrixSDK/Crypto/CrossSigning/MXCrossSigningV2.swift b/MatrixSDK/Crypto/CrossSigning/MXCrossSigningV2.swift
@@ -123,6 +123,12 @@ class MXCrossSigningV2: NSObject, MXCrossSigning {
                 try await crossSigning.refreshCrossSigningStatus()
                 myUserCrossSigningKeys = infoSource.crossSigningInfo(userId: crossSigning.userId)
 
+                // If we are considered verified, there is no need for a verification upgrade
+                // after migrating from legacy crypto
+                if myUserCrossSigningKeys?.trustLevel.isVerified == true {
+                    MXSDKOptions.sharedInstance().cryptoSDKFeature?.needsVerificationUpgrade = false
+                }
+
                 log.debug("Cross signing state refreshed, new state: \(state)")
                 await MainActor.run {
                     success?(true)

diff --git a/MatrixSDK/Crypto/MXCryptoV2Factory.swift b/MatrixSDK/Crypto/MXCryptoV2Factory.swift
@@ -25,7 +25,7 @@ import Foundation
     private let log = MXNamedLog(name: "MXCryptoV2Factory")
 
     private var lastDeprecatedVersion: MXCryptoVersion {
-        .deprecated2
+        .deprecated3
     }
 
     @objc public func buildCrypto(
@@ -91,9 +91,6 @@ import Foundation
 
         log.debug("Legacy crypto store exists")
         try migrateIfNecessary(legacyStore: legacyStore, updateProgress: updateProgress)
-
-        log.debug("Deleting legacy store after successfull migration")
-        MXRealmCryptoStore.delete(with: credentials)
     }
 
     private func migrateIfNecessary(
@@ -109,16 +106,25 @@ import Foundation
         log.debug("Requires migration from legacy crypto version \(legacyVersion) to version \(lastDeprecatedVersion.rawValue)")
         let migration = MXCryptoMigrationV2(legacyStore: legacyStore)
 
+        // Full vs partial/room migration are mutually exclusive, only one should be run
         if legacyVersion < MXCryptoVersion.deprecated1.rawValue {
             log.debug("Full migration of crypto data")
             try migration.migrateAllData(updateProgress: updateProgress)
 
         } else if legacyVersion < MXCryptoVersion.deprecated2.rawValue {
             log.debug("Partial migration of room and global settings")
             try migration.migrateRoomAndGlobalSettingsOnly(updateProgress: updateProgress)
-
-        } else {
-            log.failure("Unhandled crypto version", context: legacyStore.cryptoVersion.rawValue)
         }
+
+        if legacyVersion < MXCryptoVersion.deprecated3.rawValue {
+            // The following flag will result in displaying a different UX when verifying current session,
+            // unless the rust-based crypto already considers the current session to be verified given
+            // the migration data
+            log.debug("Needs verification upgrade")
+            MXSDKOptions.sharedInstance().cryptoSDKFeature?.needsVerificationUpgrade = true
+        }
+
+        log.debug("Setting the latest deprecated version of legacy store")
+        legacyStore.cryptoVersion = lastDeprecatedVersion
     }
 }
diff --git a/MatrixSDK/Crypto/MXCryptoV2Feature.swift b/MatrixSDK/Crypto/MXCryptoV2Feature.swift
@@ -28,6 +28,12 @@ import Foundation
     /// as there is no way to migrate from from Crypto SDK back to legacy crypto.
     var isEnabled: Bool { get }
 
+    /// Flag indicating whether this account requires a re-verification after migrating to Crypto SDK
+    ///
+    /// This flag is set to true if the legacy account is considered verified but the rust account
+    /// does not consider the migrated data secure enough, as it applies stricter security conditions.
+    var needsVerificationUpgrade: Bool { get set }
+
     /// Manually enable the feature
     ///
     /// This is typically triggered by some user settings / Labs as an experimental feature. Once called

diff --git a/MatrixSDK/Crypto/Migration/MXCryptoVersion.h b/MatrixSDK/Crypto/Migration/MXCryptoVersion.h
@@ -46,6 +46,10 @@ typedef NS_ENUM(NSInteger, MXCryptoVersion)
     // Deprecated version that migrates room settings from the legacy store, which were
     // not included in the deprecated v1
     MXCryptoDeprecated2,
+
+    // Deprecated version that checks whether the verification state of the rust crypto
+    // needs to be upgraded after migrating from legacy crypto
+    MXCryptoDeprecated3,
 };
 
 // The current version of non-deprecated MXCrypto

diff --git a/MatrixSDK/MatrixSDKVersion.m b/MatrixSDK/MatrixSDKVersion.m
@@ -16,4 +16,4 @@
 
 #import <Foundation/Foundation.h>
 
-NSString *const MatrixSDKVersion = @"0.26.4";
+NSString *const MatrixSDKVersion = @"0.26.5";
diff --git a/MatrixSDKTests/Crypto/MXCryptoV2FactoryTests.swift b/MatrixSDKTests/Crypto/MXCryptoV2FactoryTests.swift
@@ -82,7 +82,7 @@ class MXCryptoV2FactoryTests: XCTestCase {
     func test_fullyMigratesLegacyUser() async throws {
         let env = try await e2eData.startE2ETest()
         let session = env.session
-        var legacyStore = session.legacyCrypto?.store
+        let legacyStore = session.legacyCrypto?.store
 
         // Assert that we have a legacy store that has not yet been deprecated
         XCTAssertNotNil(legacyStore)
@@ -93,9 +93,9 @@ class MXCryptoV2FactoryTests: XCTestCase {
         XCTAssertNotNil(crypto)
         XCTAssertTrue(hasMigrated)
 
-        // Assert that we no longer have a legacy store for this user
-        legacyStore = MXRealmCryptoStore.init(credentials: session.credentials)
-        XCTAssertNil(legacyStore)
+        // Assert we still have legacy store but it is now marked as deprecated
+        XCTAssertNotNil(legacyStore)
+        XCTAssertEqual(legacyStore?.cryptoVersion, .deprecated3)
 
         await env.close()
     }
@@ -105,7 +105,7 @@ class MXCryptoV2FactoryTests: XCTestCase {
         let session = env.session
 
         // We set the legacy store as partially deprecated
-        var legacyStore = session.legacyCrypto?.store
+        let legacyStore = session.legacyCrypto?.store
         XCTAssertNotNil(legacyStore)
         legacyStore?.cryptoVersion = .deprecated1
 
@@ -114,9 +114,9 @@ class MXCryptoV2FactoryTests: XCTestCase {
         XCTAssertNotNil(crypto)
         XCTAssertTrue(hasMigrated)
 
-        // Assert that we no longer have a legacy store for this user
-        legacyStore = MXRealmCryptoStore.init(credentials: session.credentials)
-        XCTAssertNil(legacyStore)
+        // Assert we still have legacy store but it is now marked as deprecated
+        XCTAssertNotNil(legacyStore)
+        XCTAssertEqual(legacyStore?.cryptoVersion, .deprecated3)
 
         await env.close()
     }
@@ -126,18 +126,18 @@ class MXCryptoV2FactoryTests: XCTestCase {
         let session = env.session
 
         // We set the legacy store as fully deprecated
-        var legacyStore = session.legacyCrypto?.store
+        let legacyStore = session.legacyCrypto?.store
         XCTAssertNotNil(legacyStore)
-        legacyStore?.cryptoVersion = .deprecated2
+        legacyStore?.cryptoVersion = .deprecated3
 
         // Build crypto and assert no migration has been performed
         let (crypto, hasMigrated) = try await buildCrypto(session: session)
         XCTAssertNotNil(crypto)
         XCTAssertFalse(hasMigrated)
 
-        // Assert that we no longer have a legacy store for this user
-        legacyStore = MXRealmCryptoStore.init(credentials: session.credentials)
-        XCTAssertNil(legacyStore)
+        // Assert we still have legacy store which is still marked as deprecated
+        XCTAssertNotNil(legacyStore)
+        XCTAssertEqual(legacyStore?.cryptoVersion, .deprecated3)
 
         await env.close()
     }

diff --git a/MatrixSDKTests/Crypto/Migration/MXCryptoMigrationV2Tests.swift b/MatrixSDKTests/Crypto/Migration/MXCryptoMigrationV2Tests.swift
@@ -233,7 +233,7 @@ class MXCryptoMigrationV2Tests: XCTestCase {
         await env2.close()
     }
 
-    func test_test_migratesGlobalSettingsInPartialMigration() async throws {
+    func test_migratesGlobalSettingsInPartialMigration() async throws {
         let env1 = try await e2eData.startE2ETest()
         env1.session.crypto.globalBlacklistUnverifiedDevices = true
         let machine1 = try partiallyMigratedOlmMachine(session: env1.session)