From eb254290961400dbbe43553863796b4d86620ae9 Mon Sep 17 00:00:00 2001 From: Valere Date: Fri, 24 May 2024 16:15:33 +0200 Subject: [PATCH 1/4] Invalidate crypto store cache when entering foreground --- .../Crypto/CryptoMachine/MXCryptoMachine.swift | 4 ++++ MatrixSDK/Crypto/MXCrypto.h | 2 ++ MatrixSDK/Crypto/MXCryptoV2.swift | 12 +++++++++++- MatrixSDK/MXSession.m | 15 ++++++++++++--- 4 files changed, 29 insertions(+), 4 deletions(-) diff --git a/MatrixSDK/Crypto/CryptoMachine/MXCryptoMachine.swift b/MatrixSDK/Crypto/CryptoMachine/MXCryptoMachine.swift index 3b384051d..effbd238b 100644 --- a/MatrixSDK/Crypto/CryptoMachine/MXCryptoMachine.swift +++ b/MatrixSDK/Crypto/CryptoMachine/MXCryptoMachine.swift @@ -116,6 +116,10 @@ class MXCryptoMachine { } } + func invalidateCache() async { + await machine.clearCryptoCache() + } + // MARK: - Private private static func createMachine(userId: String, deviceId: String, log: MXNamedLog) throws -> OlmMachine { diff --git a/MatrixSDK/Crypto/MXCrypto.h b/MatrixSDK/Crypto/MXCrypto.h index 348edddd0..4b7f1f311 100644 --- a/MatrixSDK/Crypto/MXCrypto.h +++ b/MatrixSDK/Crypto/MXCrypto.h @@ -378,6 +378,8 @@ extern NSString *const MXDeviceListDidUpdateUsersDevicesNotification; */ - (void)setBlacklistUnverifiedDevicesInRoom:(NSString *)roomId blacklist:(BOOL)blacklist; +- (void) invalidateCache:(void (^)(void))done; + @end NS_ASSUME_NONNULL_END diff --git a/MatrixSDK/Crypto/MXCryptoV2.swift b/MatrixSDK/Crypto/MXCryptoV2.swift index adea4ac92..b7fdef4e9 100644 --- a/MatrixSDK/Crypto/MXCryptoV2.swift +++ b/MatrixSDK/Crypto/MXCryptoV2.swift @@ -20,6 +20,7 @@ import MatrixSDKCrypto /// An implementation of `MXCrypto` which uses [matrix-rust-sdk](https://github.com/matrix-org/matrix-rust-sdk/tree/main/crates/matrix-sdk-crypto) /// under the hood. class MXCryptoV2: NSObject, MXCrypto { + enum Error: Swift.Error { case cannotUnsetTrust case backupNotEnabled @@ -720,4 +721,13 @@ class MXCryptoV2: NSObject, MXCrypto { return dict[info.userId] = info } } -} + + func invalidateCache(_ done: @escaping () -> Void) { + Task { + log.debug("Invalidating Olm Machine crypto store cache.") + await machine.invalidateCache() + await MainActor.run { + done() + } + } + }} diff --git a/MatrixSDK/MXSession.m b/MatrixSDK/MXSession.m index 7f4ae3d2e..728825386 100644 --- a/MatrixSDK/MXSession.m +++ b/MatrixSDK/MXSession.m @@ -1150,9 +1150,18 @@ - (void)pause - (void)resume:(void (^)(void))resumeDone { - [self handleBackgroundSyncCacheIfRequiredWithCompletion:^{ - [self _resume:resumeDone]; - }]; + // The app has resumed there might have been a NSE run that have invalidated the cache + if (self.crypto) { + [self.crypto invalidateCache:^{ + [self handleBackgroundSyncCacheIfRequiredWithCompletion:^{ + [self _resume:resumeDone]; + }]; + }]; + } else { + [self handleBackgroundSyncCacheIfRequiredWithCompletion:^{ + [self _resume:resumeDone]; + }]; + } } - (void)_resume:(void (^)(void))resumeDone From 468247e34474bca35bb39e64b4dddb2ad3c221a8 Mon Sep 17 00:00:00 2001 From: Valere Date: Tue, 28 May 2024 16:47:53 +0200 Subject: [PATCH 2/4] Bump crypto sdk to 0.4.2 --- Podfile | 2 +- Podfile.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/Podfile b/Podfile index 1350a8443..c2b1b2bc0 100644 --- a/Podfile +++ b/Podfile @@ -16,7 +16,7 @@ abstract_target 'MatrixSDK' do pod 'Realm', '10.27.0' pod 'libbase58', '~> 0.1.4' - pod 'MatrixSDKCrypto', '0.4.1', :inhibit_warnings => true + pod 'MatrixSDKCrypto', '0.4.2', :inhibit_warnings => true target 'MatrixSDK-iOS' do platform :ios, '13.0' diff --git a/Podfile.lock b/Podfile.lock index c9bcf60e6..43b858bef 100644 --- a/Podfile.lock +++ b/Podfile.lock @@ -16,7 +16,7 @@ PODS: - AFNetworking/NSURLSession - GZIP (1.3.2) - libbase58 (0.1.4) - - MatrixSDKCrypto (0.4.1) + - MatrixSDKCrypto (0.4.2) - OHHTTPStubs (9.1.0): - OHHTTPStubs/Default (= 9.1.0) - OHHTTPStubs/Core (9.1.0) @@ -44,7 +44,7 @@ DEPENDENCIES: - AFNetworking (~> 4.0.0) - GZIP (~> 1.3.0) - libbase58 (~> 0.1.4) - - MatrixSDKCrypto (= 0.4.1) + - MatrixSDKCrypto (= 0.4.2) - OHHTTPStubs (~> 9.1.0) - OLMKit (~> 3.2.5) - Realm (= 10.27.0) @@ -65,12 +65,12 @@ SPEC CHECKSUMS: AFNetworking: 3bd23d814e976cd148d7d44c3ab78017b744cd58 GZIP: 3c0abf794bfce8c7cb34ea05a1837752416c8868 libbase58: 7c040313537b8c44b6e2d15586af8e21f7354efd - MatrixSDKCrypto: da2b8a81f7e1989fc61ff85ed6aad92332beeb40 + MatrixSDKCrypto: 736069ee0a5ec12852ab3498bf2242acecc443fc OHHTTPStubs: 90eac6d8f2c18317baeca36698523dc67c513831 OLMKit: da115f16582e47626616874e20f7bb92222c7a51 Realm: 9ca328bd7e700cc19703799785e37f77d1a130f2 SwiftyBeaver: 84069991dd5dca07d7069100985badaca7f0ce82 -PODFILE CHECKSUM: bce6f6e7af7aa0ac9a50d4f6594d923fc00ed168 +PODFILE CHECKSUM: 37ab0de0200808bcd3335a637e31736df60fc62e COCOAPODS: 1.15.2 From eb3f5b40fe6b71a27fdfa7c89a64afcda832b581 Mon Sep 17 00:00:00 2001 From: Valere Date: Wed, 29 May 2024 09:53:13 +0200 Subject: [PATCH 3/4] Fix warnings --- .../Crypto/Algorithms/RoomEvent/MXRoomEventDecryption.swift | 3 ++- MatrixSDK/Crypto/Dehydration/DehydrationService.swift | 5 +++-- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/MatrixSDK/Crypto/Algorithms/RoomEvent/MXRoomEventDecryption.swift b/MatrixSDK/Crypto/Algorithms/RoomEvent/MXRoomEventDecryption.swift index 39545956d..624afbeee 100644 --- a/MatrixSDK/Crypto/Algorithms/RoomEvent/MXRoomEventDecryption.swift +++ b/MatrixSDK/Crypto/Algorithms/RoomEvent/MXRoomEventDecryption.swift @@ -227,12 +227,13 @@ actor MXRoomEventDecryption: MXRoomEventDecrypting { ]) return trackedDecryptionResult(for: event, error: error) - case .MissingRoomKey(let message): + case .MissingRoomKey(let message, let withheldCode): if undecryptedEvents[sessionId] == nil { log.error("Failed to decrypt event(s) due to missing room keys", context: [ "session_id": sessionId, "message": message, "error": error, + "withheldCode": withheldCode ?? "N/A", "details": "further errors for the same key will be supressed", ]) } diff --git a/MatrixSDK/Crypto/Dehydration/DehydrationService.swift b/MatrixSDK/Crypto/Dehydration/DehydrationService.swift index eab9aad36..43770fb06 100644 --- a/MatrixSDK/Crypto/Dehydration/DehydrationService.swift +++ b/MatrixSDK/Crypto/Dehydration/DehydrationService.swift @@ -89,8 +89,9 @@ public class DehydrationService: NSObject { try await dehydrateDevice(pickleKeyData: pickleKeyData) } else { // Otherwise, generate a new dehydration pickle key, store it and dehydrate a device // Generate a new dehydration pickle key - var pickleKeyData = Data(count: 32) - _ = SecRandomCopyBytes(kSecRandomDefault, 32, &pickleKeyData) + var pickleKeyRaw = [UInt8](repeating: 0, count: 32) + _ = SecRandomCopyBytes(kSecRandomDefault, 32, &pickleKeyRaw) + let pickleKeyData = Data(bytes: pickleKeyRaw, count: 32) // Convert it to unpadded base 64 let base64PickleKey = MXBase64Tools.unpaddedBase64(from: pickleKeyData) From 758e1af136adcf29bfc2739e605af719339c5503 Mon Sep 17 00:00:00 2001 From: Stefan Ceriu Date: Wed, 29 May 2024 12:13:55 +0300 Subject: [PATCH 4/4] Bump the Crypto version in the podspec as well --- MatrixSDK.podspec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/MatrixSDK.podspec b/MatrixSDK.podspec index cdad34df9..65fdb01fa 100644 --- a/MatrixSDK.podspec +++ b/MatrixSDK.podspec @@ -45,7 +45,7 @@ Pod::Spec.new do |s| ss.dependency 'OLMKit', '~> 3.2.5' ss.dependency 'Realm', '10.27.0' ss.dependency 'libbase58', '~> 0.1.4' - ss.dependency 'MatrixSDKCrypto', '0.4.1', :configurations => ["DEBUG", "RELEASE"], :inhibit_warnings => true + ss.dependency 'MatrixSDKCrypto', '0.4.2', :configurations => ["DEBUG", "RELEASE"], :inhibit_warnings => true end s.subspec 'JingleCallStack' do |ss|