matrix-org · Anderas · Apr 26, 2022 · Apr 13, 2022 · Apr 21, 2022 · Apr 22, 2022
diff --git a/MatrixSDK.xcodeproj/project.pbxproj b/MatrixSDK.xcodeproj/project.pbxproj
@@ -1737,6 +1737,12 @@
 		ECF29BDF264195320053E6D6 /* MXAssertedIdentityModel.h in Headers */ = {isa = PBXBuildFile; fileRef = ECF29BDD264195320053E6D6 /* MXAssertedIdentityModel.h */; settings = {ATTRIBUTES = (Public, ); }; };
 		ECF29BE52641953C0053E6D6 /* MXAssertedIdentityModel.m in Sources */ = {isa = PBXBuildFile; fileRef = ECF29BE42641953C0053E6D6 /* MXAssertedIdentityModel.m */; };
 		ECF29BE62641953C0053E6D6 /* MXAssertedIdentityModel.m in Sources */ = {isa = PBXBuildFile; fileRef = ECF29BE42641953C0053E6D6 /* MXAssertedIdentityModel.m */; };
+		ED21F68528104DA2002FF83D /* MXMegolmEncryptionTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = ED21F68428104DA2002FF83D /* MXMegolmEncryptionTests.swift */; };
+		ED21F68628104DA2002FF83D /* MXMegolmEncryptionTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = ED21F68428104DA2002FF83D /* MXMegolmEncryptionTests.swift */; };
+		ED35652C281150310002BF6A /* MXOlmInboundGroupSessionTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = ED35652B281150310002BF6A /* MXOlmInboundGroupSessionTests.swift */; };
+		ED35652D281150310002BF6A /* MXOlmInboundGroupSessionTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = ED35652B281150310002BF6A /* MXOlmInboundGroupSessionTests.swift */; };
+		ED35652F281153480002BF6A /* MXMegolmSessionDataTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = ED35652E281153480002BF6A /* MXMegolmSessionDataTests.swift */; };
+		ED356530281153480002BF6A /* MXMegolmSessionDataTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = ED35652E281153480002BF6A /* MXMegolmSessionDataTests.swift */; };
 		ED88999127F2065D00718486 /* MXRoomAliasResolution.h in Headers */ = {isa = PBXBuildFile; fileRef = ED88998F27F2065C00718486 /* MXRoomAliasResolution.h */; settings = {ATTRIBUTES = (Public, ); }; };
 		ED88999227F2065D00718486 /* MXRoomAliasResolution.h in Headers */ = {isa = PBXBuildFile; fileRef = ED88998F27F2065C00718486 /* MXRoomAliasResolution.h */; settings = {ATTRIBUTES = (Public, ); }; };
 		ED88999327F2065D00718486 /* MXRoomAliasResolution.m in Sources */ = {isa = PBXBuildFile; fileRef = ED88999027F2065D00718486 /* MXRoomAliasResolution.m */; };
@@ -2720,7 +2726,10 @@
 		ECF29BD2264194BB0053E6D6 /* MXCallAssertedIdentityEventContent.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = MXCallAssertedIdentityEventContent.m; sourceTree = "<group>"; };
 		ECF29BDD264195320053E6D6 /* MXAssertedIdentityModel.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = MXAssertedIdentityModel.h; sourceTree = "<group>"; };
 		ECF29BE42641953C0053E6D6 /* MXAssertedIdentityModel.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = MXAssertedIdentityModel.m; sourceTree = "<group>"; };
+		ED21F68428104DA2002FF83D /* MXMegolmEncryptionTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = MXMegolmEncryptionTests.swift; sourceTree = "<group>"; };
 		ED2F344856EFFCA383E37B22 /* Pods-SDK-MatrixSDK.release.xcconfig */ = {isa = PBXFileReference; includeInIndex = 1; lastKnownFileType = text.xcconfig; name = "Pods-SDK-MatrixSDK.release.xcconfig"; path = "Target Support Files/Pods-SDK-MatrixSDK/Pods-SDK-MatrixSDK.release.xcconfig"; sourceTree = "<group>"; };
+		ED35652B281150310002BF6A /* MXOlmInboundGroupSessionTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = MXOlmInboundGroupSessionTests.swift; sourceTree = "<group>"; };
+		ED35652E281153480002BF6A /* MXMegolmSessionDataTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = MXMegolmSessionDataTests.swift; sourceTree = "<group>"; };
 		ED88998F27F2065C00718486 /* MXRoomAliasResolution.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = MXRoomAliasResolution.h; sourceTree = "<group>"; };
 		ED88999027F2065D00718486 /* MXRoomAliasResolution.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = MXRoomAliasResolution.m; sourceTree = "<group>"; };
 		ED8943D327E34762000FC39C /* MXMemoryRoomStoreTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = MXMemoryRoomStoreTests.swift; sourceTree = "<group>"; };
@@ -3839,6 +3848,7 @@
 		32C6F93919DD814400EA4E9C /* MatrixSDKTests */ = {
 			isa = PBXGroup;
 			children = (
+				ED21F67A28104B9A002FF83D /* Crypto */,
 				EDB4209727DF841A0036AF39 /* JSONModels */,
 				EDB4208E27DF76C60036AF39 /* Data */,
 				322985C526FA66FD001890BC /* Utils */,
@@ -4799,6 +4809,40 @@
 			path = Common;
 			sourceTree = "<group>";
 		};
+		ED21F67A28104B9A002FF83D /* Crypto */ = {
+			isa = PBXGroup;
+			children = (
+				ED35652A281150230002BF6A /* Data */,
+				ED21F67B28104BA1002FF83D /* Algorithms */,
+			);
+			path = Crypto;
+			sourceTree = "<group>";
+		};
+		ED21F67B28104BA1002FF83D /* Algorithms */ = {
+			isa = PBXGroup;
+			children = (
+				ED21F67C28104BA7002FF83D /* Megolm */,
+			);
+			path = Algorithms;
+			sourceTree = "<group>";
+		};
+		ED21F67C28104BA7002FF83D /* Megolm */ = {
+			isa = PBXGroup;
+			children = (
+				ED21F68428104DA2002FF83D /* MXMegolmEncryptionTests.swift */,
+			);
+			path = Megolm;
+			sourceTree = "<group>";
+		};
+		ED35652A281150230002BF6A /* Data */ = {
+			isa = PBXGroup;
+			children = (
+				ED35652B281150310002BF6A /* MXOlmInboundGroupSessionTests.swift */,
+				ED35652E281153480002BF6A /* MXMegolmSessionDataTests.swift */,
+			);
+			path = Data;
+			sourceTree = "<group>";
+		};
 		ED8943D127E3474A000FC39C /* Store */ = {
 			isa = PBXGroup;
 			children = (
@@ -6308,6 +6352,7 @@
 				32832B5E1BCC048300241108 /* MXStoreNoStoreTests.m in Sources */,
 				A816247C25F60C7700A46F05 /* MXDeviceListOperationsPoolUnitTests.swift in Sources */,
 				B1660F1C260A20B900C3AA12 /* MXSpaceServiceTest.swift in Sources */,
+				ED35652C281150310002BF6A /* MXOlmInboundGroupSessionTests.swift in Sources */,
 				32C9B71823E81A1C00C6F30A /* MXCrossSigningVerificationTests.m in Sources */,
 				323C5A081A70E53500FB0549 /* MXToolsUnitTests.m in Sources */,
 				3281E89E19E299C000976E1A /* MXErrorUnitTests.m in Sources */,
@@ -6365,10 +6410,12 @@
 				32D8CAC219DEE6ED002AF8A0 /* MXRestClientNoAuthAPITests.m in Sources */,
 				32FCAB4D19E578860049C555 /* MXRestClientTests.m in Sources */,
 				32C78BA7256D227D008130B1 /* MXCryptoMigrationTests.m in Sources */,
+				ED21F68528104DA2002FF83D /* MXMegolmEncryptionTests.swift in Sources */,
 				322985CB26FAF898001890BC /* MXSession.swift in Sources */,
 				EC131B192779D8D500712964 /* MXThreadEventTimelineUnitTests.swift in Sources */,
 				B135067427EB201E00BD3276 /* MXLocationServiceTests.swift in Sources */,
 				18C26C4F273C0EB300805154 /* MXPollAggregatorTests.swift in Sources */,
+				ED35652F281153480002BF6A /* MXMegolmSessionDataTests.swift in Sources */,
 				32EEA83F2603CA140041425B /* MXRestClientExtensionsTests.m in Sources */,
 				18121F7A273E6E4200B68ADF /* PollBuilder.swift in Sources */,
 				18121F7F273E837300B68ADF /* PollModels.swift in Sources */,
@@ -6837,6 +6884,7 @@
 				32C9B71923E81A1C00C6F30A /* MXCrossSigningVerificationTests.m in Sources */,
 				B1E09A1D2397FCE90057C069 /* MXCryptoKeyVerificationTests.m in Sources */,
 				B1E09A472397FD990057C069 /* MXEventScanStoreUnitTests.m in Sources */,
+				ED35652D281150310002BF6A /* MXOlmInboundGroupSessionTests.swift in Sources */,
 				B1E09A3D2397FD820057C069 /* MXStoreFileStoreTests.m in Sources */,
 				32CEEF3E23AD134A0039BA98 /* MXCrossSigningTests.m in Sources */,
 				32EEA8402603CA140041425B /* MXRestClientExtensionsTests.m in Sources */,
@@ -6894,10 +6942,12 @@
 				32B477902638133D00EA5800 /* MXAggregatedReferenceUnitTests.m in Sources */,
 				EC116598270FCA8B0089FA56 /* MXBackgroundTaskUnitTests.swift in Sources */,
 				B1E09A322397FD750057C069 /* MXRoomTests.m in Sources */,
+				ED21F68628104DA2002FF83D /* MXMegolmEncryptionTests.swift in Sources */,
 				322985CC26FAF898001890BC /* MXSession.swift in Sources */,
 				EC131B1A2779D8D500712964 /* MXThreadEventTimelineUnitTests.swift in Sources */,
 				B135067527EB201E00BD3276 /* MXLocationServiceTests.swift in Sources */,
 				18C26C50273C0EB400805154 /* MXPollAggregatorTests.swift in Sources */,
+				ED356530281153480002BF6A /* MXMegolmSessionDataTests.swift in Sources */,
 				32C78BA8256D227D008130B1 /* MXCryptoMigrationTests.m in Sources */,
 				18121F7B273E6E4200B68ADF /* PollBuilder.swift in Sources */,
 				18121F80273E837400B68ADF /* PollModels.swift in Sources */,

diff --git a/MatrixSDK/Background/MXBackgroundSyncService.swift b/MatrixSDK/Background/MXBackgroundSyncService.swift
@@ -579,13 +579,18 @@ public enum MXBackgroundSyncServiceError: Error {
             return
         }
 
-        olmDevice.addInboundGroupSession(sessionId,
-                                         sessionKey: sessionKey,
-                                         roomId: roomId,
-                                         senderKey: senderKey,
-                                         forwardingCurve25519KeyChain: forwardingKeyChain,
-                                         keysClaimed: keysClaimed,
-                                         exportFormat: exportFormat)
+        MXRoomState.load(from: store, withRoomId: roomId, matrixSession: nil) { [weak self] state in
+
+            let sharedHistory = state?.historyVisibility == .worldReadable || state?.historyVisibility == .shared
+            self?.olmDevice.addInboundGroupSession(sessionId,
+                                             sessionKey: sessionKey,
+                                             roomId: roomId,
+                                             senderKey: senderKey,
+                                             forwardingCurve25519KeyChain: forwardingKeyChain,
+                                             keysClaimed: keysClaimed,
+                                             exportFormat: exportFormat,
+                                             sharedHistory: sharedHistory)
+        }
     }
 
     private func updateBackgroundServiceStoresIfNeeded() {

diff --git a/MatrixSDK/Crypto/Algorithms/Megolm/MXMegolmDecryption.m b/MatrixSDK/Crypto/Algorithms/Megolm/MXMegolmDecryption.m
@@ -254,7 +254,15 @@ - (void)onRoomKeyEvent:(MXEvent *)event
 
     MXLogDebug(@"[MXMegolmDecryption] onRoomKeyEvent: Adding key for megolm session %@|%@ from %@ event", senderKey, sessionId, event.type);
 
-    [olmDevice addInboundGroupSession:sessionId sessionKey:sessionKey roomId:roomId senderKey:senderKey forwardingCurve25519KeyChain:forwardingKeyChain keysClaimed:keysClaimed exportFormat:exportFormat];
+    BOOL sharedHistory = [crypto isRoomSharingHistory:roomId];
+    [olmDevice addInboundGroupSession:sessionId
+                           sessionKey:sessionKey
+                               roomId:roomId
+                            senderKey:senderKey
+         forwardingCurve25519KeyChain:forwardingKeyChain
+                          keysClaimed:keysClaimed
+                         exportFormat:exportFormat
+                        sharedHistory:sharedHistory];
 
     [crypto.backup maybeSendKeyBackup];
 

diff --git a/MatrixSDK/Crypto/Algorithms/Megolm/MXMegolmEncryption.m b/MatrixSDK/Crypto/Algorithms/Megolm/MXMegolmEncryption.m
@@ -147,6 +147,15 @@ - (MXOutboundSessionInfo *)outboundSession
     return outboundSession;
 }
 
+- (BOOL)isSessionSharingHistory:(MXOutboundSessionInfo *)session
+{
+    // We only store the `sharedHistory` flag on inbound sessions. To see if the current outbound session shares history
+    // see a corresponding inbound session with the same identifier.
+    MXOlmInboundGroupSession *matchingInboundSession = [crypto.store inboundGroupSessionWithId:session.sessionId
+                                                                                  andSenderKey:crypto.olmDevice.deviceCurve25519Key];
+    return matchingInboundSession.sharedHistory;
+}
+
 /*
  Get the list of devices which can encrypt data to.
 
@@ -239,72 +248,82 @@ - (MXHTTPOperation *)ensureOutboundSession:(MXUsersDevicesMap<MXDeviceInfo *> *)
                                    success:(void (^)(MXOutboundSessionInfo *session))success
                                    failure:(void (^)(NSError *))failure
 {
-    __block MXOutboundSessionInfo *session = self.outboundSession;
-
-    // Need to make a brand new session?
-    if (session && [session needsRotation:sessionRotationPeriodMsgs rotationPeriodMs:sessionRotationPeriodMs])
+    MXOutboundSessionInfo *session = [self createOrReuseSessionWithDevices:devicesInRoom];
+    if (!session.shareOperation)
     {
-        [crypto.olmDevice discardOutboundGroupSessionForRoomWithRoomId:roomId];
-        session = nil;
-    }
+        NSMutableDictionary<NSString* /* userId */, NSMutableArray<MXDeviceInfo*>*> *shareMap = [NSMutableDictionary dictionary];
 
-    // Determine if we have shared with anyone we shouldn't have
-    if (session && [session sharedWithTooManyDevices:devicesInRoom])
-    {
-        [crypto.olmDevice discardOutboundGroupSessionForRoomWithRoomId:roomId];
-        session = nil;
-    }
-
-    if (!session)
-    {
-        session = [self prepareNewSession];
-    }
-
-    if (session.shareOperation)
-    {
-        // Prep already in progress
-        return session.shareOperation;
-    }
-
-    // No share in progress: Share the current setup
-
-    NSMutableDictionary<NSString* /* userId */, NSMutableArray<MXDeviceInfo*>*> *shareMap = [NSMutableDictionary dictionary];
-
-    for (NSString *userId in devicesInRoom.userIds)
-    {
-        for (NSString *deviceID in [devicesInRoom deviceIdsForUser:userId])
+        for (NSString *userId in devicesInRoom.userIds)
         {
-            MXDeviceInfo *deviceInfo = [devicesInRoom objectForDevice:deviceID forUser:userId];
-
-            if (![session.sharedWithDevices objectForDevice:deviceID forUser:userId])
+            for (NSString *deviceID in [devicesInRoom deviceIdsForUser:userId])
             {
-                if (!shareMap[userId])
+                MXDeviceInfo *deviceInfo = [devicesInRoom objectForDevice:deviceID forUser:userId];
+
+                if (![session.sharedWithDevices objectForDevice:deviceID forUser:userId])
                 {
-                    shareMap[userId] = [NSMutableArray array];
+                    if (!shareMap[userId])
+                    {
+                        shareMap[userId] = [NSMutableArray array];
+                    }
+                    [shareMap[userId] addObject:deviceInfo];
                 }
-                [shareMap[userId] addObject:deviceInfo];
             }
         }
-    }
-
-    session.shareOperation = [self shareKey:session withDevices:shareMap success:^{
 
-        session.shareOperation = nil;
-        success(session);
+        session.shareOperation = [self shareKey:session withDevices:shareMap success:^{
 
-    } failure:^(NSError *error) {
+            session.shareOperation = nil;
+            success(session);
 
-        session.shareOperation = nil;
-        failure(error);
-    }];
+        } failure:^(NSError *error) {
 
+            session.shareOperation = nil;
+            failure(error);
+        }];
+    }
+
     return session.shareOperation;
 }
 
+- (MXOutboundSessionInfo *)createOrReuseSessionWithDevices:(MXUsersDevicesMap<MXDeviceInfo *> *)devicesInRoom
+{
+    MXOutboundSessionInfo *existingSession = self.outboundSession;
+    if (!existingSession || [self shouldResetSession:existingSession devices:devicesInRoom])
+    {
+        return [self prepareNewSession];
+    }
+    return existingSession;
+}
+
+- (BOOL)shouldResetSession:(MXOutboundSessionInfo *)session
+                   devices:(MXUsersDevicesMap<MXDeviceInfo *> *)devicesInRoom
+{
+    // Check if need to rotate due to message count or age of the session
+    if ([session needsRotation:sessionRotationPeriodMsgs rotationPeriodMs:sessionRotationPeriodMs])
+    {
+        return YES;
+    }
+
+    // Determine if we have shared with anyone we shouldn't have
+    else if ([session sharedWithTooManyDevices:devicesInRoom])
+    {
+        return YES;
+    }
+
+    // Check if room's history visibility has changed
+    else if ([crypto isRoomSharingHistory:roomId] != [self isSessionSharingHistory:session])
+    {
+        return YES;
+    }
+
+    return NO;
+}
+
 - (MXOutboundSessionInfo*)prepareNewSession
 {
     MXOlmOutboundGroupSession *session = [crypto.olmDevice createOutboundGroupSessionForRoomWithRoomId:roomId];
-
+
+    BOOL sharedHistory = [crypto isRoomSharingHistory:roomId];
     [crypto.olmDevice addInboundGroupSession:session.sessionId
                                   sessionKey:session.sessionKey
                                       roomId:roomId
@@ -314,6 +333,7 @@ - (MXOutboundSessionInfo*)prepareNewSession
                                                @"ed25519": crypto.olmDevice.deviceEd25519Key
                                                }
                                 exportFormat:NO
+                               sharedHistory:sharedHistory
      ];
 
     [crypto.backup maybeSendKeyBackup];

diff --git a/MatrixSDK/Crypto/Data/MXMegolmSessionData.h b/MatrixSDK/Crypto/Data/MXMegolmSessionData.h
@@ -54,6 +54,14 @@
  */
 @property NSString *sessionKey;
 
+/**
+ Flag indicating whether the history of this room is considered as shared.
+ 
+ This is typically the case if room's `historyVisibility` is set to `world_readable` or `joined`.
+ In this case the keys are allowed to be shared with other users upon invite.
+ */
+@property BOOL sharedHistory;
+
 /**
  The algorithm used.
  */

diff --git a/MatrixSDK/Crypto/Data/MXMegolmSessionData.m b/MatrixSDK/Crypto/Data/MXMegolmSessionData.m
@@ -28,6 +28,7 @@ + (id)modelFromJSON:(NSDictionary *)JSONDictionary
         MXJSONModelSetString(sessionData.roomId, JSONDictionary[@"room_id"]);
         MXJSONModelSetString(sessionData.sessionId, JSONDictionary[@"session_id"]);
         MXJSONModelSetString(sessionData.sessionKey, JSONDictionary[@"session_key"]);
+        MXJSONModelSetBoolean(sessionData.sharedHistory, JSONDictionary[@"shared_history"]);
         MXJSONModelSetString(sessionData.algorithm, JSONDictionary[@"algorithm"]);
         MXJSONModelSetArray(sessionData.forwardingCurve25519KeyChain, JSONDictionary[@"forwarding_curve25519_key_chain"])
     }
@@ -43,6 +44,7 @@ - (NSDictionary *)JSONDictionary
       @"room_id": _roomId,
       @"session_id": _sessionId,
       @"session_key":_sessionKey,
+      @"shared_history": @(_sharedHistory),
       @"algorithm": _algorithm,
       @"forwarding_curve25519_key_chain": _forwardingCurve25519KeyChain ? _forwardingCurve25519KeyChain : @[]
       };

diff --git a/MatrixSDK/Crypto/Data/MXOlmInboundGroupSession.h b/MatrixSDK/Crypto/Data/MXOlmInboundGroupSession.h
@@ -66,6 +66,14 @@
  */
 @property (nonatomic) NSDictionary<NSString*, NSString*> *keysClaimed;
 
+/**
+ Flag indicating whether the history of this room is considered as shared.
+ 
+ This is typically the case if room's `historyVisibility` is set to `world_readable` or `joined`.
+ In this case the keys are allowed to be shared with other users upon invite.
+ */
+@property (nonatomic) BOOL sharedHistory;
+
 
 #pragma mark - import/export
 

diff --git a/MatrixSDK/Crypto/Data/MXOlmInboundGroupSession.m b/MatrixSDK/Crypto/Data/MXOlmInboundGroupSession.m
@@ -57,6 +57,7 @@ - (MXMegolmSessionData *)exportSessionDataAtMessageIndex:(NSUInteger)messageInde
         sessionData.sessionId = _session.sessionIdentifier;
         sessionData.sessionKey = sessionKey;
         sessionData.algorithm = kMXCryptoMegolmAlgorithm;
+        sessionData.sharedHistory = _sharedHistory;
     }
     else
     {
@@ -97,6 +98,7 @@ - (instancetype)initWithImportedSessionData:(MXMegolmSessionData *)data
         _forwardingCurve25519KeyChain = data.forwardingCurve25519KeyChain;
         _keysClaimed = data.senderClaimedKeys;
         _roomId = data.roomId;
+        _sharedHistory = data.sharedHistory;
     }
     return self;
 }
@@ -113,6 +115,7 @@ - (instancetype)initWithCoder:(NSCoder *)aDecoder
         _senderKey = [aDecoder decodeObjectForKey:@"senderKey"];
         _forwardingCurve25519KeyChain = [aDecoder decodeObjectForKey:@"forwardingCurve25519KeyChain"];
         _keysClaimed = [aDecoder decodeObjectForKey:@"keysClaimed"];
+        _sharedHistory = [[aDecoder decodeObjectForKey:@"sharedHistory"] boolValue];
     }
     return self;
 }
@@ -124,6 +127,7 @@ - (void)encodeWithCoder:(NSCoder *)aCoder
     [aCoder encodeObject:_senderKey forKey:@"senderKey"];
     [aCoder encodeObject:_keysClaimed forKey:@"keysClaimed"];
     [aCoder encodeObject:_forwardingCurve25519KeyChain forKey:@"forwardingCurve25519KeyChain"];
+    [aCoder encodeObject:@(_sharedHistory) forKey:@"sharedHistory"];
 }
 
 @end