From ab48dd9fd5bbe505ab21ce7c7f0977f996fb7bda Mon Sep 17 00:00:00 2001
From: Virgile <78490891+V-Gira@users.noreply.github.com>
Date: Fri, 13 Dec 2024 12:04:36 +0100
Subject: [PATCH 1/2] runfix(api-client/core): use v7 endpoint for setting
 member conversation roles [WPB-15024] (#18488)

* chore(deps): bump core to 46.15.0

* feat(api-client/core): use v7 endpoint for setting member conversation roles [WPB-15024]

* runfix: use conversation's qualified id

* chore(deps): bump core to 46.15.1

* chore(deps): bump core to 46.15.3
---
 package.json                                  |  2 +-
 .../ConversationRoleRepository.ts             |  5 +++--
 .../conversation/ConversationService.ts       |  2 +-
 .../GroupParticipantUser.tsx                  |  2 +-
 yarn.lock                                     | 20 +++++++++----------
 5 files changed, 16 insertions(+), 15 deletions(-)

diff --git a/package.json b/package.json
index 0a5ff3a8390..e9cb44f60e4 100644
--- a/package.json
+++ b/package.json
@@ -8,7 +8,7 @@
     "@mediapipe/tasks-vision": "0.10.18",
     "@wireapp/avs": "9.10.16",
     "@wireapp/commons": "5.4.0",
-    "@wireapp/core": "46.14.1",
+    "@wireapp/core": "46.15.3",
     "@wireapp/react-ui-kit": "9.28.0",
     "@wireapp/store-engine-dexie": "2.1.15",
     "@wireapp/telemetry": "0.1.3",
diff --git a/src/script/conversation/ConversationRoleRepository.ts b/src/script/conversation/ConversationRoleRepository.ts
index 73361c11b9e..35205298a8a 100644
--- a/src/script/conversation/ConversationRoleRepository.ts
+++ b/src/script/conversation/ConversationRoleRepository.ts
@@ -18,6 +18,7 @@
  */
 
 import {DefaultConversationRoleName as DefaultRole, ConversationRole} from '@wireapp/api-client/lib/conversation/';
+import {QualifiedId} from '@wireapp/api-client/lib/user';
 import {container} from 'tsyringe';
 
 import {Logger, getLogger} from 'Util/Logger';
@@ -108,10 +109,10 @@ export class ConversationRoleRepository {
 
   readonly setMemberConversationRole = (
     conversation: Conversation,
-    userId: string,
+    userId: QualifiedId,
     conversationRole: string,
   ): Promise<void> => {
-    return this.conversationService.putMembers(conversation.id, userId, {
+    return this.conversationService.putMembers(conversation.qualifiedId, userId, {
       conversation_role: conversationRole,
     });
   };
diff --git a/src/script/conversation/ConversationService.ts b/src/script/conversation/ConversationService.ts
index 03134d469c7..9f5fec495c2 100644
--- a/src/script/conversation/ConversationService.ts
+++ b/src/script/conversation/ConversationService.ts
@@ -303,7 +303,7 @@ export class ConversationService {
     return this.apiClient.api.conversation.deleteMember(conversationId, userId);
   }
 
-  putMembers(conversationId: string, userId: string, data: ConversationOtherMemberUpdateData): Promise<void> {
+  putMembers(conversationId: QualifiedId, userId: QualifiedId, data: ConversationOtherMemberUpdateData): Promise<void> {
     return this.apiClient.api.conversation.putOtherMember(userId, conversationId, data);
   }
 
diff --git a/src/script/page/RightSidebar/GroupParticipantUser/GroupParticipantUser.tsx b/src/script/page/RightSidebar/GroupParticipantUser/GroupParticipantUser.tsx
index 11f15e25090..0f5438396f8 100644
--- a/src/script/page/RightSidebar/GroupParticipantUser/GroupParticipantUser.tsx
+++ b/src/script/page/RightSidebar/GroupParticipantUser/GroupParticipantUser.tsx
@@ -95,7 +95,7 @@ const GroupParticipantUser: FC<GroupParticipantUserProps> = ({
     }
 
     const newRole = isAdmin ? DefaultRole.WIRE_MEMBER : DefaultRole.WIRE_ADMIN;
-    await conversationRoleRepository.setMemberConversationRole(activeConversation, currentUser.id, newRole);
+    await conversationRoleRepository.setMemberConversationRole(activeConversation, currentUser.qualifiedId, newRole);
 
     roles[currentUser.id] = newRole;
     activeConversation.roles(roles);
diff --git a/yarn.lock b/yarn.lock
index 863752cecdc..45e04848d24 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -5941,9 +5941,9 @@ __metadata:
   languageName: node
   linkType: hard
 
-"@wireapp/api-client@npm:^27.14.0":
-  version: 27.14.0
-  resolution: "@wireapp/api-client@npm:27.14.0"
+"@wireapp/api-client@npm:^27.16.1":
+  version: 27.16.1
+  resolution: "@wireapp/api-client@npm:27.16.1"
   dependencies:
     "@wireapp/commons": "npm:^5.4.0"
     "@wireapp/priority-queue": "npm:^2.1.11"
@@ -5958,7 +5958,7 @@ __metadata:
     tough-cookie: "npm:4.1.4"
     ws: "npm:8.18.0"
     zod: "npm:3.23.8"
-  checksum: 10/8f03bc24e21b8a1b2c78e4aa663115eb910d2cb5acbf3e4603e25ed860b72a1c2342db4cf02d2f853413386b3d6b91128d0baf72cb4c6f3237dc75f49b4a4151
+  checksum: 10/d9965829f8264dbc0317cbf2addca0eb3ef08f958ebf2422be60985de8254d777b24edbe89e98112dbe0a7096bea3b41b9cc246602404aa72b8e4b07ffabd57e
   languageName: node
   linkType: hard
 
@@ -6012,11 +6012,11 @@ __metadata:
   languageName: node
   linkType: hard
 
-"@wireapp/core@npm:46.14.1":
-  version: 46.14.1
-  resolution: "@wireapp/core@npm:46.14.1"
+"@wireapp/core@npm:46.15.3":
+  version: 46.15.3
+  resolution: "@wireapp/core@npm:46.15.3"
   dependencies:
-    "@wireapp/api-client": "npm:^27.14.0"
+    "@wireapp/api-client": "npm:^27.16.1"
     "@wireapp/commons": "npm:^5.4.0"
     "@wireapp/core-crypto": "npm:3.0.0"
     "@wireapp/cryptobox": "npm:12.8.0"
@@ -6034,7 +6034,7 @@ __metadata:
     long: "npm:^5.2.0"
     uuid: "npm:9.0.1"
     zod: "npm:3.23.8"
-  checksum: 10/11a5fbedddc1c5be8218935f4b1f1ec9c7824c4261e6d189ad3708f8edcdcfaea143fd121fd57c05a790c0392e9e5757c5a82742c1c8a85fb3ff9f8360a4c650
+  checksum: 10/ec2f4f32606367e6a8d94341b8f528a0cf90c4b0cb05f40b0e972605557a9d97ae5891cfd8338cdecb615515240dfcfbbe2b4c1faf7d3f79ee2d37b1ad248e07
   languageName: node
   linkType: hard
 
@@ -18683,7 +18683,7 @@ __metadata:
     "@wireapp/avs": "npm:9.10.16"
     "@wireapp/commons": "npm:5.4.0"
     "@wireapp/copy-config": "npm:2.2.10"
-    "@wireapp/core": "npm:46.14.1"
+    "@wireapp/core": "npm:46.15.3"
     "@wireapp/eslint-config": "npm:3.0.7"
     "@wireapp/prettier-config": "npm:0.6.4"
     "@wireapp/react-ui-kit": "npm:9.28.0"

From 8288f2c6aea5b5443cb1e9818962c2046cf4a17c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Adrian=20Wei=C3=9F?=
 <77456193+aweiss-dev@users.noreply.github.com>
Date: Fri, 13 Dec 2024 17:39:42 +0100
Subject: [PATCH 2/2] fix: dont show E2EI shield and correct ciphersuite
 (#18489)

---
 src/script/client/ClientEntity.ts             | 22 +++++++++++++++----
 .../VerificationBadges/VerificationBadges.tsx |  4 +++-
 .../DeviceDetails/DeviceDetails.tsx           |  4 +++-
 src/script/hooks/useDeviceIdentities.ts       |  2 --
 .../components/DetailedDevice.tsx             | 14 +++++++++---
 .../MLSDeviceDetails/MLSDeviceDetails.tsx     | 14 +++++++++---
 6 files changed, 46 insertions(+), 14 deletions(-)

diff --git a/src/script/client/ClientEntity.ts b/src/script/client/ClientEntity.ts
index d3f61569510..b95b4fb2865 100644
--- a/src/script/client/ClientEntity.ts
+++ b/src/script/client/ClientEntity.ts
@@ -24,11 +24,19 @@ import {splitFingerprint} from 'Util/StringUtil';
 
 import {ClientMapper} from './ClientMapper';
 
+import {isObject} from '../guards/common';
 import {ClientRecord} from '../storage';
 
-export enum MLSPublicKeys {
-  ED25519 = 'ed25519',
-}
+export const MLSPublicKeys = {
+  ed25519: 'ED25519',
+  ed448: 'ED448',
+  ecdsa_secp521r1_sha512: 'EDCSA_SECP521R1_SHA512',
+  ecdsa_secp384r1_sha384: 'EDCSA_SECP384R1_SHA384',
+  ecdsa_secp256r1_sha256: 'EDCSA_SECP256R1_SHA256',
+} as const;
+
+export const isKnownSignature = (signature: unknown): signature is keyof typeof MLSPublicKeys =>
+  signature !== undefined && typeof signature === 'string' && Object.keys(MLSPublicKeys).includes(signature);
 
 export class ClientEntity {
   static CONFIG = {
@@ -51,7 +59,7 @@ export class ClientEntity {
   model?: string;
   time?: string;
   type?: ClientType.PERMANENT | ClientType.TEMPORARY;
-  mlsPublicKeys?: Partial<Record<MLSPublicKeys, string>>;
+  mlsPublicKeys?: Partial<Record<keyof typeof MLSPublicKeys, string>>;
 
   constructor(isSelfClient: boolean, domain: string | null, id = '') {
     this.isSelfClient = isSelfClient;
@@ -101,6 +109,12 @@ export class ClientEntity {
     return hasModel ? this.model : this.class.toUpperCase();
   }
 
+  getCipherSuite(): string | undefined {
+    return isObject(this.mlsPublicKeys) && Object.keys(this.mlsPublicKeys).length > 0
+      ? Object.keys(this.mlsPublicKeys).at(0)
+      : undefined;
+  }
+
   /**
    * This method returns an object which can be stored in our local database.
    */
diff --git a/src/script/components/Badge/components/VerificationBadges/VerificationBadges.tsx b/src/script/components/Badge/components/VerificationBadges/VerificationBadges.tsx
index 091755b6164..2c374332cb0 100644
--- a/src/script/components/Badge/components/VerificationBadges/VerificationBadges.tsx
+++ b/src/script/components/Badge/components/VerificationBadges/VerificationBadges.tsx
@@ -126,9 +126,11 @@ export const UserVerificationBadges = ({
 export const DeviceVerificationBadges = ({
   device,
   getIdentity,
+  isE2EIEnabled = false,
 }: {
   device: ClientEntity;
   getIdentity?: (deviceId: string) => WireIdentity | undefined;
+  isE2EIEnabled?: boolean;
 }) => {
   const userState = useRef(container.resolve(UserState));
   const identity = useMemo(() => getIdentity?.(device.id), [device, getIdentity]);
@@ -159,7 +161,7 @@ export const DeviceVerificationBadges = ({
   }, [identity]);
 
   let status: MLSStatuses | undefined = undefined;
-  if (identity && user) {
+  if (isE2EIEnabled && identity && user) {
     const mlsStatuses = getMLSStatuses({identities: [identity], user});
     status = mlsStatuses?.[0];
   }
diff --git a/src/script/components/UserDevices/components/DeviceDetails/DeviceDetails.tsx b/src/script/components/UserDevices/components/DeviceDetails/DeviceDetails.tsx
index 6c5bf7fb1a5..41f6f9707b3 100644
--- a/src/script/components/UserDevices/components/DeviceDetails/DeviceDetails.tsx
+++ b/src/script/components/UserDevices/components/DeviceDetails/DeviceDetails.tsx
@@ -112,7 +112,9 @@ export const DeviceDetails = ({
 
   return (
     <div className={cx('participant-devices__header', {'participant-devices__header--padding': !noPadding})}>
-      {deviceIdentity && <MLSDeviceDetails identity={deviceIdentity} isSelfUser={user.isMe} />}
+      {deviceIdentity && (
+        <MLSDeviceDetails identity={deviceIdentity} isSelfUser={user.isMe} cipherSuite={device.getCipherSuite()} />
+      )}
 
       <div className="device-proteus-details">
         <h3 className="device-details-title paragraph-body-3">{t('participantDevicesProteusDeviceVerification')}</h3>
diff --git a/src/script/hooks/useDeviceIdentities.ts b/src/script/hooks/useDeviceIdentities.ts
index 0481f96e597..e9b7c6081d2 100644
--- a/src/script/hooks/useDeviceIdentities.ts
+++ b/src/script/hooks/useDeviceIdentities.ts
@@ -59,13 +59,11 @@ export const useUserIdentity = (userId: QualifiedId, groupId?: string, updateAft
 
   return {
     deviceIdentities,
-
     status: !deviceIdentities
       ? undefined
       : deviceIdentities.length > 0 && deviceIdentities.every(identity => identity.status === MLSStatuses.VALID)
         ? MLSStatuses.VALID
         : MLSStatuses.NOT_ACTIVATED,
-
     getDeviceIdentity,
   };
 };
diff --git a/src/script/page/MainContent/panels/preferences/DevicesPreferences/components/DetailedDevice.tsx b/src/script/page/MainContent/panels/preferences/DevicesPreferences/components/DetailedDevice.tsx
index d1e18b1f56a..4d341dd8540 100644
--- a/src/script/page/MainContent/panels/preferences/DevicesPreferences/components/DetailedDevice.tsx
+++ b/src/script/page/MainContent/panels/preferences/DevicesPreferences/components/DetailedDevice.tsx
@@ -21,7 +21,7 @@ import React from 'react';
 
 import {DeviceVerificationBadges} from 'Components/Badge';
 import {ClientEntity} from 'src/script/client/ClientEntity';
-import {WireIdentity} from 'src/script/E2EIdentity';
+import {E2EIHandler, WireIdentity} from 'src/script/E2EIdentity';
 
 import {MLSDeviceDetails} from './MLSDeviceDetails';
 import {ProteusDeviceDetails} from './ProteusDeviceDetails';
@@ -41,16 +41,24 @@ export const DetailedDevice: React.FC<DeviceProps> = ({
   getDeviceIdentity,
   isProteusVerified,
 }) => {
+  const isE2eiEnabled = E2EIHandler.getInstance().isE2EIEnabled();
   const getIdentity = () => getDeviceIdentity?.(device.id);
 
   return (
     <>
       <h3 className="preferences-devices-model preferences-devices-model-name" data-uie-name="device-model">
         <span>{device.model}</span>
-        <DeviceVerificationBadges device={device} getIdentity={getIdentity} />
+        <DeviceVerificationBadges device={device} getIdentity={getIdentity} isE2EIEnabled={isE2eiEnabled} />
       </h3>
 
-      {getIdentity && <MLSDeviceDetails isCurrentDevice={isCurrentDevice} identity={getIdentity()} isSelfUser />}
+      {getIdentity() !== undefined && (
+        <MLSDeviceDetails
+          isCurrentDevice={isCurrentDevice}
+          identity={getIdentity()}
+          isSelfUser
+          cipherSuite={device.getCipherSuite()}
+        />
+      )}
 
       <ProteusDeviceDetails device={device} fingerprint={fingerprint} isProteusVerified={isProteusVerified} />
     </>
diff --git a/src/script/page/MainContent/panels/preferences/DevicesPreferences/components/MLSDeviceDetails/MLSDeviceDetails.tsx b/src/script/page/MainContent/panels/preferences/DevicesPreferences/components/MLSDeviceDetails/MLSDeviceDetails.tsx
index 8f15e7da6be..e5f32a70976 100644
--- a/src/script/page/MainContent/panels/preferences/DevicesPreferences/components/MLSDeviceDetails/MLSDeviceDetails.tsx
+++ b/src/script/page/MainContent/panels/preferences/DevicesPreferences/components/MLSDeviceDetails/MLSDeviceDetails.tsx
@@ -23,17 +23,23 @@ import {splitFingerprint} from 'Util/StringUtil';
 
 import {styles} from './MLSDeviceDetails.styles';
 
-import {MLSPublicKeys} from '../../../../../../../client';
+import {isKnownSignature, MLSPublicKeys} from '../../../../../../../client';
 import {E2EICertificateDetails} from '../E2EICertificateDetails';
 import {FormattedId} from '../FormattedId';
 
 interface MLSDeviceDetailsProps {
+  cipherSuite?: string;
   isCurrentDevice?: boolean;
   identity?: WireIdentity;
   isSelfUser?: boolean;
 }
 
-export const MLSDeviceDetails = ({isCurrentDevice, identity, isSelfUser = false}: MLSDeviceDetailsProps) => {
+export const MLSDeviceDetails = ({
+  cipherSuite,
+  isCurrentDevice,
+  identity,
+  isSelfUser = false,
+}: MLSDeviceDetailsProps) => {
   if (!isCurrentDevice && !identity) {
     return null;
   }
@@ -53,7 +59,9 @@ export const MLSDeviceDetails = ({isCurrentDevice, identity, isSelfUser = false}
 
   return (
     <div css={styles.wrapper}>
-      <h4 className="paragraph-body-3">{t('mlsSignature', {signature: MLSPublicKeys.ED25519.toUpperCase()})}</h4>
+      {isKnownSignature(cipherSuite) && (
+        <h4 className="paragraph-body-3">{t('mlsSignature', {signature: MLSPublicKeys[cipherSuite]})}</h4>
+      )}
 
       {identity?.thumbprint && (
         <>