diff --git a/Podfile b/Podfile index 96143a95f..15ad5ef81 100644 --- a/Podfile +++ b/Podfile @@ -9,9 +9,9 @@ def shared_pods pod 'SQLCipher', :git => 'https://github.com/sqlcipher/sqlcipher.git', :commit => 'd5c2bec' # pod 'YapDatabase/SQLCipher', path: '../YapDatabase' pod 'YapDatabase/SQLCipher', :git => 'https://github.com/WhisperSystems/YapDatabase.git', branch: 'release/unencryptedHeaders' - pod 'AxolotlKit', path: '../SignalProtocolKit' + # pod 'AxolotlKit', path: '../SignalProtocolKit' pod 'SignalServiceKit', path: '.' - # pod 'AxolotlKit', git: 'https://github.com/WhisperSystems/SignalProtocolKit.git', branch: 'mkirk/framework-friendly' + pod 'AxolotlKit', git: 'https://github.com/signalapp/SignalProtocolKit.git' #pod 'AxolotlKit', path: '../SignalProtocolKit' pod 'HKDFKit', git: 'https://github.com/WhisperSystems/HKDFKit.git', branch: 'mkirk/framework-friendly' #pod 'HKDFKit', path: '../HKDFKit' diff --git a/Podfile.lock b/Podfile.lock index f3f119eb0..3c11d1812 100644 --- a/Podfile.lock +++ b/Podfile.lock @@ -129,7 +129,7 @@ PODS: DEPENDENCIES: - AFNetworking - ATAppUpdater - - AxolotlKit (from `../SignalProtocolKit`) + - AxolotlKit (from `https://github.com/signalapp/SignalProtocolKit.git`) - Curve25519Kit (from `https://github.com/WhisperSystems/Curve25519Kit`, branch `mkirk/framework-friendly`) - GRKOpenSSLFramework (from `https://github.com/WhisperSystems/GRKOpenSSLFramework`) - HKDFKit (from `https://github.com/WhisperSystems/HKDFKit.git`, branch `mkirk/framework-friendly`) @@ -146,7 +146,7 @@ DEPENDENCIES: EXTERNAL SOURCES: AxolotlKit: - :path: ../SignalProtocolKit + :git: https://github.com/signalapp/SignalProtocolKit.git Curve25519Kit: :branch: mkirk/framework-friendly :git: https://github.com/WhisperSystems/Curve25519Kit @@ -170,6 +170,9 @@ EXTERNAL SOURCES: :git: https://github.com/WhisperSystems/YapDatabase.git CHECKOUT OPTIONS: + AxolotlKit: + :commit: b523c0b82e76295726ded8afec2715328d63213c + :git: https://github.com/signalapp/SignalProtocolKit.git Curve25519Kit: :commit: 03a19c80aafc10a3464f0c086b1eb38239c507ac :git: https://github.com/WhisperSystems/Curve25519Kit @@ -217,6 +220,6 @@ SPEC CHECKSUMS: YapDatabase: 299a32de9d350d37a9ac5b0532609d87d5d2a5de YYImage: 1e1b62a9997399593e4b9c4ecfbbabbf1d3f3b54 -PODFILE CHECKSUM: d1c081f5e8cda394caa2bfbb157d628f33352cff +PODFILE CHECKSUM: d424a8f153ae6e31631ed25ef5700e7e60234a79 COCOAPODS: 1.3.1 diff --git a/SignalServiceKit/src/Messages/OWSIdentityManager.m b/SignalServiceKit/src/Messages/OWSIdentityManager.m index 1a9715744..6f9cfc9b1 100644 --- a/SignalServiceKit/src/Messages/OWSIdentityManager.m +++ b/SignalServiceKit/src/Messages/OWSIdentityManager.m @@ -314,7 +314,6 @@ NSString *const kNSNotificationName_IdentityStateDidChange = @"kNSNotificationNa OWSAssert(recipientId.length > 0); OWSAssert(transaction); - // TODO: Remove all @synchronized // Ensure a remote identity exists for this key. We may be learning about // it for the first time. [self saveRemoteIdentity:identityKey recipientId:recipientId protocolContext:transaction]; @@ -449,36 +448,33 @@ NSString *const kNSNotificationName_IdentityStateDidChange = @"kNSNotificationNa OWSAssert(direction != TSMessageDirectionUnknown); OWSAssert(transaction); - @synchronized(self) - { - if ([[TSAccountManager localNumber] isEqualToString:recipientId]) { - ECKeyPair *_Nullable localIdentityKeyPair = [self identityKeyPair:transaction]; + if ([[TSAccountManager localNumber] isEqualToString:recipientId]) { + ECKeyPair *_Nullable localIdentityKeyPair = [self identityKeyPair:transaction]; - if ([localIdentityKeyPair.publicKey isEqualToData:identityKey]) { - return YES; - } else { - OWSFail(@"%@ Wrong identity: %@ for local key: %@, recipientId: %@", - self.logTag, - identityKey, - localIdentityKeyPair.publicKey, - recipientId); - return NO; - } + if ([localIdentityKeyPair.publicKey isEqualToData:identityKey]) { + return YES; + } else { + OWSFail(@"%@ Wrong identity: %@ for local key: %@, recipientId: %@", + self.logTag, + identityKey, + localIdentityKeyPair.publicKey, + recipientId); + return NO; } + } - switch (direction) { - case TSMessageDirectionIncoming: { - return YES; - } - case TSMessageDirectionOutgoing: { - OWSRecipientIdentity *existingIdentity = - [OWSRecipientIdentity fetchObjectWithUniqueID:recipientId transaction:transaction]; - return [self isTrustedKey:identityKey forSendingToIdentity:existingIdentity]; - } - default: { - OWSFail(@"%@ unexpected message direction: %ld", self.logTag, (long)direction); - return NO; - } + switch (direction) { + case TSMessageDirectionIncoming: { + return YES; + } + case TSMessageDirectionOutgoing: { + OWSRecipientIdentity *existingIdentity = + [OWSRecipientIdentity fetchObjectWithUniqueID:recipientId transaction:transaction]; + return [self isTrustedKey:identityKey forSendingToIdentity:existingIdentity]; + } + default: { + OWSFail(@"%@ unexpected message direction: %ld", self.logTag, (long)direction); + return NO; } } } @@ -577,56 +573,53 @@ NSString *const kNSNotificationName_IdentityStateDidChange = @"kNSNotificationNa - (void)syncQueuedVerificationStates { dispatch_async(dispatch_get_global_queue(DISPATCH_QUEUE_PRIORITY_DEFAULT, 0), ^{ - @synchronized(self) - { - NSMutableArray *recipientIds = [NSMutableArray new]; - [self.dbConnection readWithBlock:^(YapDatabaseReadTransaction *transaction) { - [transaction enumerateKeysAndObjectsInCollection:OWSIdentityManager_QueuedVerificationStateSyncMessages - usingBlock:^(NSString *_Nonnull recipientId, - id _Nonnull object, - BOOL *_Nonnull stop) { - [recipientIds addObject:recipientId]; - }]; - }]; - - NSMutableArray *messages = [NSMutableArray new]; - for (NSString *recipientId in recipientIds) { - OWSRecipientIdentity *recipientIdentity = [OWSRecipientIdentity fetchObjectWithUniqueID:recipientId]; - if (!recipientIdentity) { - OWSFail(@"Could not load recipient identity for recipientId: %@", recipientId); - continue; - } - if (recipientIdentity.recipientId.length < 1) { - OWSFail(@"Invalid recipient identity for recipientId: %@", recipientId); - continue; - } + NSMutableArray *recipientIds = [NSMutableArray new]; + [self.dbConnection readWithBlock:^(YapDatabaseReadTransaction *transaction) { + [transaction + enumerateKeysAndObjectsInCollection:OWSIdentityManager_QueuedVerificationStateSyncMessages + usingBlock:^( + NSString *_Nonnull recipientId, id _Nonnull object, BOOL *_Nonnull stop) { + [recipientIds addObject:recipientId]; + }]; + }]; - // Prepend key type for transit. - // TODO we should just be storing the key type so we don't have to juggle re-adding it. - NSData *identityKey = [recipientIdentity.identityKey prependKeyType]; - if (identityKey.length != kIdentityKeyLength) { - OWSFail(@"Invalid recipient identitykey for recipientId: %@ key: %@", recipientId, identityKey); - continue; - } - if (recipientIdentity.verificationState == OWSVerificationStateNoLongerVerified) { - // We don't want to sync "no longer verified" state. Other clients can - // figure this out from the /profile/ endpoint, and this can cause data - // loss as a user's devices overwrite each other's verification. - OWSFail(@"Queue verification state had unexpected value: %@ recipientId: %@", - OWSVerificationStateToString(recipientIdentity.verificationState), - recipientId); - continue; - } - OWSVerificationStateSyncMessage *message = [[OWSVerificationStateSyncMessage alloc] - initWithVerificationState:recipientIdentity.verificationState - identityKey:identityKey - verificationForRecipientId:recipientIdentity.recipientId]; - [messages addObject:message]; + NSMutableArray *messages = [NSMutableArray new]; + for (NSString *recipientId in recipientIds) { + OWSRecipientIdentity *recipientIdentity = [OWSRecipientIdentity fetchObjectWithUniqueID:recipientId]; + if (!recipientIdentity) { + OWSFail(@"Could not load recipient identity for recipientId: %@", recipientId); + continue; } - if (messages.count > 0) { - for (OWSVerificationStateSyncMessage *message in messages) { - [self sendSyncVerificationStateMessage:message]; - } + if (recipientIdentity.recipientId.length < 1) { + OWSFail(@"Invalid recipient identity for recipientId: %@", recipientId); + continue; + } + + // Prepend key type for transit. + // TODO we should just be storing the key type so we don't have to juggle re-adding it. + NSData *identityKey = [recipientIdentity.identityKey prependKeyType]; + if (identityKey.length != kIdentityKeyLength) { + OWSFail(@"Invalid recipient identitykey for recipientId: %@ key: %@", recipientId, identityKey); + continue; + } + if (recipientIdentity.verificationState == OWSVerificationStateNoLongerVerified) { + // We don't want to sync "no longer verified" state. Other clients can + // figure this out from the /profile/ endpoint, and this can cause data + // loss as a user's devices overwrite each other's verification. + OWSFail(@"Queue verification state had unexpected value: %@ recipientId: %@", + OWSVerificationStateToString(recipientIdentity.verificationState), + recipientId); + continue; + } + OWSVerificationStateSyncMessage *message = + [[OWSVerificationStateSyncMessage alloc] initWithVerificationState:recipientIdentity.verificationState + identityKey:identityKey + verificationForRecipientId:recipientIdentity.recipientId]; + [messages addObject:message]; + } + if (messages.count > 0) { + for (OWSVerificationStateSyncMessage *message in messages) { + [self sendSyncVerificationStateMessage:message]; } } }); diff --git a/SignalServiceKit/src/Security/OWSRecipientIdentity.m b/SignalServiceKit/src/Security/OWSRecipientIdentity.m index d5fd76f80..442851caa 100644 --- a/SignalServiceKit/src/Security/OWSRecipientIdentity.m +++ b/SignalServiceKit/src/Security/OWSRecipientIdentity.m @@ -109,7 +109,6 @@ OWSSignalServiceProtosVerifiedState OWSVerificationStateToProtoState(OWSVerifica [latest saveWithTransaction:transaction]; } -// TODO: Is this method obsolete? - (void)updateWithChangeBlock:(void (^)(OWSRecipientIdentity *obj))changeBlock { changeBlock(self); diff --git a/SignalServiceKit/src/Storage/AxolotlStore/TSStorageManager+SessionStore.m b/SignalServiceKit/src/Storage/AxolotlStore/TSStorageManager+SessionStore.m index d244bf8c1..1d682b490 100644 --- a/SignalServiceKit/src/Storage/AxolotlStore/TSStorageManager+SessionStore.m +++ b/SignalServiceKit/src/Storage/AxolotlStore/TSStorageManager+SessionStore.m @@ -33,7 +33,6 @@ NSString *const kSessionStoreDBConnectionKey = @"kSessionStoreDBConnectionKey"; return sessionStoreDBConnection; } -// TODO: Audit usage of this connection. - (YapDatabaseConnection *)sessionStoreDBConnection { return [[self class] sessionStoreDBConnection];