matrix-org · stefanceriu · Oct 3, 2023 · Sep 29, 2023 · Oct 2, 2023 · Oct 3, 2023
diff --git a/MatrixSDK.podspec b/MatrixSDK.podspec
@@ -45,7 +45,7 @@ Pod::Spec.new do |s|
  ss.dependency 'OLMKit', '~> 3.2.5'
  ss.dependency 'Realm', '10.27.0'
  ss.dependency 'libbase58', '~> 0.1.4'
- ss.dependency 'MatrixSDKCrypto', '0.3.12', :configurations => ["DEBUG", "RELEASE"], :inhibit_warnings => true
+ ss.dependency 'MatrixSDKCrypto', '0.3.13', :configurations => ["DEBUG", "RELEASE"], :inhibit_warnings => true
  end
 
  s.subspec 'JingleCallStack' do |ss|

diff --git a/MatrixSDK/Crypto/CryptoMachine/MXCryptoMachine.swift b/MatrixSDK/Crypto/CryptoMachine/MXCryptoMachine.swift
@@ -613,6 +613,23 @@ extension MXCryptoMachine: MXCryptoCrossSigning {
  log.error("Failed importing cross signing keys", context: error)
  }
  }
+
+ func queryMissingSecretsFromOtherSessions() async throws {
+ let has_missing = try machine.queryMissingSecretsFromOtherSessions()
+
+ if (has_missing) {
+ // Out-of-sync check if there are any secret request to sent out as a result of
+ // the missing secret request
+ for request in try machine.outgoingRequests() {
+ if case .toDevice(_, let eventType, _) = request {
+ if (eventType == kMXEventTypeStringSecretRequest) {
+ try await handleRequest(request)
+ }
+ }
+ }
+ }
+ }
+
 }
 
 extension MXCryptoMachine: MXCryptoVerifying {

diff --git a/MatrixSDK/Crypto/CryptoMachine/MXCryptoProtocols.swift b/MatrixSDK/Crypto/CryptoMachine/MXCryptoProtocols.swift
@@ -90,6 +90,8 @@ protocol MXCryptoCrossSigning: MXCryptoUserIdentitySource, MXCryptoDevicesSource
  func bootstrapCrossSigning(authParams: [AnyHashable: Any]) async throws
  func exportCrossSigningKeys() -> CrossSigningKeyExport?
  func importCrossSigningKeys(export: CrossSigningKeyExport)
+
+ func queryMissingSecretsFromOtherSessions() async throws
 }
 
 /// Verification functionality

diff --git a/MatrixSDK/Crypto/MXCryptoV2.swift b/MatrixSDK/Crypto/MXCryptoV2.swift
@@ -387,18 +387,39 @@ class MXCryptoV2: NSObject, MXCrypto {
  case .verified:
  // If we want to set verified status, we will manually verify the device,
  // including uploading relevant signatures
+ try? machine.setLocalTrust(userId: machine.userId, deviceId: deviceId, trust: .verified)
 
- Task {
- do {
- try await machine.verifyDevice(userId: userId, deviceId: deviceId)
- log.debug("Successfully marked device as verified")
- await MainActor.run {
- success?()
+ if (userId == machine.userId) {
+ if (machine.crossSigningStatus().hasSelfSigning) {
+ // if we can cross sign, upload a new signature for that device
+ Task {
+ do {
+ // This method will always fail if the device belongs to someone else.
+ // XXX Should update API? and remove the userId?
+ try await machine.verifyDevice(userId: userId, deviceId: deviceId)
+ log.debug("Successfully marked device as verified")
+ await MainActor.run {
+ success?()
+ }
+ } catch {
+ log.error("Failed marking device as verified", context: error)
+ await MainActor.run {
+ failure?(error)
+ }
+ }
  }
- } catch {
- log.error("Failed marking device as verified", context: error)
- await MainActor.run {
- failure?(error)
+ } else {
+ // It's a good time to request secrets
+ Task {
+ do {
+ try await machine.queryMissingSecretsFromOtherSessions()
+ await MainActor.run {
+ success?()
+ }
+ } catch {
+ log.error("Failed to query missing secrets", context: error)
+ failure?(error)
+ }
  }
  }
  }
@@ -409,6 +430,7 @@ class MXCryptoV2: NSObject, MXCrypto {
  do {
  try machine.setLocalTrust(userId: userId, deviceId: deviceId, trust: localTrust)
  log.debug("Successfully set local trust to \(localTrust)")
+ // XXX: Why no MainActor.run here?
  success?()
  } catch {
  log.error("Failed setting local trust", context: error)

diff --git a/Podfile b/Podfile
@@ -16,7 +16,7 @@ abstract_target 'MatrixSDK' do
 
  pod 'Realm', '10.27.0'
  pod 'libbase58', '~> 0.1.4'
- pod 'MatrixSDKCrypto', "0.3.12", :inhibit_warnings => true
+ pod 'MatrixSDKCrypto', "0.3.13", :inhibit_warnings => true
 
  target 'MatrixSDK-iOS' do
  platform :ios, '11.0'

diff --git a/Podfile.lock b/Podfile.lock
@@ -16,7 +16,7 @@ PODS:
  - AFNetworking/NSURLSession
  - GZIP (1.3.0)
  - libbase58 (0.1.4)
- - MatrixSDKCrypto (0.3.12)
+ - MatrixSDKCrypto (0.3.13)
  - OHHTTPStubs (9.1.0):
  - OHHTTPStubs/Default (= 9.1.0)
  - OHHTTPStubs/Core (9.1.0)
@@ -44,7 +44,7 @@ DEPENDENCIES:
  - AFNetworking (~> 4.0.0)
  - GZIP (~> 1.3.0)
  - libbase58 (~> 0.1.4)
- - MatrixSDKCrypto (= 0.3.12)
+ - MatrixSDKCrypto (= 0.3.13)
  - OHHTTPStubs (~> 9.1.0)
  - OLMKit (~> 3.2.5)
  - Realm (= 10.27.0)
@@ -65,12 +65,12 @@ SPEC CHECKSUMS:
  AFNetworking: 3bd23d814e976cd148d7d44c3ab78017b744cd58
  GZIP: 416858efbe66b41b206895ac6dfd5493200d95b3
  libbase58: 7c040313537b8c44b6e2d15586af8e21f7354efd
- MatrixSDKCrypto: 25929a40733b4ab54f659aaf6a730552a0a06504
+ MatrixSDKCrypto: bf08b72f2cd015d8749420a2b8b92fc0536bedf4
  OHHTTPStubs: 90eac6d8f2c18317baeca36698523dc67c513831
  OLMKit: da115f16582e47626616874e20f7bb92222c7a51
  Realm: 9ca328bd7e700cc19703799785e37f77d1a130f2
  SwiftyBeaver: 84069991dd5dca07d7069100985badaca7f0ce82
 
-PODFILE CHECKSUM: e70d3694981265116ff81a851fb0c1c9654995cd
+PODFILE CHECKSUM: 1bf28f5a19566c567d265232f60ee19a3ae86ed3
 
 COCOAPODS: 1.13.0