chore(cryptobox): remove proteusViaCoreCrypto flag - WPB-14604

wire-ios-data-model/Source/ManagedObjectContext/CoreDataStack.swift

@@ -369,7 +369,7 @@
 
     func configureViewContext(_ context: NSManagedObjectContext) async {
         context.markAsUIContext()
         await context.perform {
             context.localDomain = self.localDomain
             context.isFederationEnabled = self.isFederationEnabled
             context.createDispatchGroups()
@@ -381,17 +381,17 @@
     }
 
     func configureContextReferences() async {
         await viewContext.perform {
             self.viewContext.zm_sync = self.syncContext
         }
         await syncContext.perform {
             self.syncContext.zm_userInterface = self.viewContext
         }
     }
 
     func configureSyncContext(_ context: NSManagedObjectContext) async {
         context.markAsSyncContext()
         await context.perform {
             context.localDomain = self.localDomain
             context.isFederationEnabled = self.isFederationEnabled
             context.createDispatchGroups()
@@ -401,13 +401,6 @@
             context.accountDirectoryURL = self.accountContainer
             context.applicationContainerURL = self.applicationContainer
 
-            if !DeveloperFlag.proteusViaCoreCrypto.isOn {
-                context.setupUserKeyStore(
-                    accountDirectory: self.accountContainer,
-                    applicationContainer: self.applicationContainer
-                )
-            }
-
             context.undoManager = nil
             context.mergePolicy = NSMergePolicy(merge: .mergeByPropertyObjectTrumpMergePolicyType)
 
@@ -417,7 +410,7 @@
 
     func configureSearchContext(_ context: NSManagedObjectContext) async {
         context.markAsSearch()
         await context.perform {
             context.localDomain = self.localDomain
             context.isFederationEnabled = self.isFederationEnabled
             context.createDispatchGroups()
@@ -430,7 +423,7 @@
 
     func configureEventContext(_ context: NSManagedObjectContext) async {
         await context.perform {
             context.createDispatchGroups()
             self.dispatchGroup.map(context.addGroup(_:))
         }
     }
@@ -559,7 +552,7 @@
 }
 
 // MARK: -
 
 public class PersistentContainer: NSPersistentContainer {
 
     var storeURL: URL? {

wire-ios-data-model/Source/Model/User/ZMUser+LegalHoldRequest.swift

@@ -17,9 +17,9 @@
 //
 
 import Foundation
-import WireCryptobox
+import WireLogging
 
-private let log = ZMSLog(tag: "UserClient")
+private let log = WireLogger.userClient
 
 public typealias SelfUserLegalHoldable = EditableUserType & SelfLegalHoldSubject & UserType
 
@@ -227,8 +227,8 @@
 
     public func addLegalHoldClient(from request: LegalHoldRequest) async -> UserClient? {
         guard
             let context = managedObjectContext,
             let selfClient = await context.perform({ self.selfClient() }),
             let legalHoldClient = await context.perform({ self.insertLegalHoldClient(from: request, in: context) })
         else { return nil }
 
@@ -236,7 +236,7 @@
             legalHoldClient,
             usingPreKey: request.lastPrekey.key.base64String()
         ) else {
             log.error("Could not establish session with new legal hold device.")
             await context.perform { context.delete(legalHoldClient) }
             return nil
         }
@@ -285,37 +285,25 @@
 
     public var fingerprint: String? {
         get async {
-            guard let (syncContext, prekey) = await managedObjectContext?.perform({
-                (self.managedObjectContext?.zm_sync, self.legalHoldRequest?.lastPrekey)
-            }), let syncContext, let prekey else { return nil }
-
-            let proteusProvider = await syncContext.perform { syncContext.proteusProvider }
-            return await proteusProvider.performAsync { proteusService in
-                await fetchFingerprint(for: prekey, through: proteusService)
-            } withKeyStore: { keyStore in
-                fetchFingerprint(for: prekey, through: keyStore)
+            let syncContext = await managedObjectContext?.perform {  [managedObjectContext] in
+                managedObjectContext?.zm_sync
             }
-        }
-    }
 
-    private func fetchFingerprint(
-        for prekey: LegalHoldRequest.Prekey,
-        through proteusService: ProteusServiceInterface
-    ) async -> String? {
-        do {
-            return try await proteusService.fingerprint(fromPrekey: prekey.key.base64EncodedString())
-        } catch {
-            log.error("Could not fetch fingerprint for \(self)")
-            return nil
-        }
-    }
+            guard
+                let syncContext,
+                let prekey = legalHoldRequest?.lastPrekey,
+                let proteusService = await syncContext.perform({ syncContext.proteusService })
+            else {
+                return nil
+            }
 
-    private func fetchFingerprint(
-        for prekey: LegalHoldRequest.Prekey,
-        through keystore: UserClientKeysStore
-    ) -> String? {
-        guard let fingerprintData = EncryptionSessionsDirectory.fingerprint(fromPrekey: prekey.key) else { return nil }
-        return String(decoding: fingerprintData, as: UTF8.self)
+            do {
+                return try await proteusService.fingerprint(fromPrekey: prekey.key.base64EncodedString())
+            } catch {
+                log.error("Could not fetch fingerprint for \(self)")
+                return nil
+            }
+        }
     }
 
 }

wire-ios-data-model/Source/Model/UserClient/UserClient.swift

@@ -235,7 +235,7 @@
             try await deleteSession()
         } catch {
             WireLogger.userClient.error("error deleting session: \(String(reflecting: error))")
         }
         await managedObjectContext?.perform { self.deleteClient() }
     }
 
@@ -278,30 +278,15 @@
 
     public var hasSessionWithSelfClient: Bool {
         get async {
             guard
                 let sessionID = await managedObjectContext?.perform({ self.proteusSessionID }),
-                let proteusProvider = await managedObjectContext?
-                .perform({ self.managedObjectContext?.proteusProvider })
+                let proteusService = await managedObjectContext?
+                .perform({ [managedObjectContext] in managedObjectContext?.proteusService })
             else {
                 return false
             }
 
-            var hasSession = false
-
-            await proteusProvider.performAsync(
-                withProteusService: { proteusService in
-                    hasSession = await proteusService.sessionExists(id: sessionID)
-                },
-                withKeyStore: { keyStore in
-                    managedObjectContext?.performAndWait {
-                        keyStore.encryptionContext.perform { sessionsDirectory in
-                            hasSession = sessionsDirectory.hasSession(for: sessionID.mapToEncryptionSessionID())
-                        }
-                    }
-                }
-            )
-
-            return hasSession
+            return await proteusService.sessionExists(id: sessionID)
         }
     }
 
@@ -317,7 +302,7 @@
         }
 
         WaitingGroupTask(context: syncMOC) {
             guard let syncClient = await syncMOC.perform({
                 (try? syncMOC.existingObject(with: self.objectID)) as? UserClient
             }) else {
                 return
@@ -328,7 +313,7 @@
 
             // Delete should happen on sync context since the cryptobox could be accessed only from there
             await syncMOC.perform {
                 // Mark that we need notify the other party about the session reset
                 syncClient.needsToNotifyOtherUserAboutSessionReset = true
 
                 syncMOC.saveOrRollback()
@@ -570,121 +555,40 @@
     /// If there is no session it does nothing
     func deleteSession() async throws {
         guard
             let context = managedObjectContext,
             await context.perform({ !self.isSelfClient() }),
-            let sessionID = await context.perform({ self.proteusSessionID })
+            let sessionID = await context.perform({ self.proteusSessionID }),
+            let proteusService = await context.perform({ context.proteusService })
         else {
             return
         }
-        let proteusProvider = await context.perform { context.proteusProvider }
-        try await proteusProvider.performAsync(
-            withProteusService: { proteusService in
-                try await proteusService.deleteSession(id: sessionID)
-            },
-            withKeyStore: { keyStore in
-                keyStore.encryptionContext.perform { sessionsDirectory in
-                    sessionsDirectory.delete(sessionID.mapToEncryptionSessionID())
-                }
-            }
-        )
+        try await proteusService.deleteSession(id: sessionID)
     }
 
     func establishSessionWithClient(
         _ client: UserClient,
         usingPreKey preKey: String
     ) async -> Bool {
         guard
-            let proteusProvider = await managedObjectContext?.perform({ self.managedObjectContext?.proteusProvider }),
-            let sessionId = await managedObjectContext?.perform({ client.sessionIdentifier })
+            let context = managedObjectContext,
+            let proteusService = await context.perform({ context.proteusService }),
+            let sessionId = await context.perform({ client.proteusSessionID })
         else {
             return false
         }
 
-        return await establishSessionWithClient(
-            sessionId: sessionId,
-            usingPreKey: preKey,
-            proteusProviding: proteusProvider
-        )
-    }
-
-    /// Creates a session between the selfClient and the given userClient
-    /// Returns false if the session could not be established
-    /// Use this method only for the selfClient
-    func establishSessionWithClient(
-        sessionId: EncryptionSessionIdentifier,
-        usingPreKey preKey: String,
-        proteusProviding: ProteusProviding
-    ) async -> Bool {
-        await proteusProviding.performAsync { proteusService in
-            await establishSession(
-                through: proteusService,
-                sessionId: sessionId,
-                preKey: preKey
-            )
-        } withKeyStore: { keystore in
-            establishSession(
-                through: keystore,
-                sessionId: sessionId,
-                preKey: preKey
-            )
-        }
-    }
-
-    private func establishSession(
-        through proteusService: ProteusServiceInterface,
-        sessionId: EncryptionSessionIdentifier,
-        preKey: String
-    ) async -> Bool {
         do {
             // swiftlint:disable:next todo_requires_jira_link
             // TODO: check if we should delete session if it exists before creating new one
-            let proteusSessionId = ProteusSessionID(
-                domain: sessionId.domain,
-                userID: sessionId.userId,
-                clientID: sessionId.clientId
-            )
-            try await proteusService.establishSession(id: proteusSessionId, fromPrekey: preKey)
+
+            try await proteusService.establishSession(id: sessionId, fromPrekey: preKey)
             return true
         } catch {
             zmLog.error("Cannot create session for prekey \(preKey): \(String(describing: error))")
             return false
         }
     }
 
-    func establishSession(
-        through keystore: UserClientKeysStore,
-        sessionId: EncryptionSessionIdentifier,
-        preKey: String
-    ) -> Bool {
-        var didEstablishSession = false
-        managedObjectContext?.performAndWait {
-
-            keystore.encryptionContext.perform { sessionsDirectory in
-
-                // Session is already established?
-                if sessionsDirectory.hasSession(for: sessionId) {
-                    zmLog.debug("Session with \(sessionId) was already established, re-creating")
-                    sessionsDirectory.delete(sessionId)
-                }
-            }
-
-            // Because of caching within the `perform` block, it commits to disk only at the end of a block.
-            // I don't think the cache is smart enough to perform the sum of operations (delete + recreate)
-            // if at the end of the block the session is still there. Just to be safe, I split the operations
-            // in two separate `perform` blocks.
-
-            keystore.encryptionContext.perform { sessionsDirectory in
-                do {
-                    try sessionsDirectory.createClientSession(sessionId, base64PreKeyString: preKey)
-                    didEstablishSession = true
-                } catch {
-                    zmLog.error("Cannot create session for prekey \(preKey)")
-                }
-            }
-        }
-        return didEstablishSession
-    }
-
     /// Use this method only for the selfClient
     @objc
     func decrementNumberOfRemainingProteusKeys() {

wire-ios-data-model/Source/Notifications/ObjectObserverTokens/UserClientChangeInfo.swift

@@ -20,7 +20,7 @@ import Foundation
 
 public extension UserClient {
     override var description: String {
-        "Client: \(String(describing: sessionIdentifier?.rawValue)), user name: \(String(describing: user?.name)) email: \(String(describing: user?.emailAddress)) platform: \(String(describing: deviceClass)), label: \(String(describing: label)), model: \(String(describing: model))"
+        "Client: \(String(describing: proteusSessionID?.rawValue)), user name: \(String(describing: user?.name)) email: \(String(describing: user?.emailAddress)) platform: \(String(describing: deviceClass)), label: \(String(describing: label)), model: \(String(describing: model))"
     }
 
 }

wire-ios-data-model/Source/Proteus/CryptoboxMigrationManager.swift

@@ -60,7 +60,6 @@ public class CryptoboxMigrationManager: CryptoboxMigrationManagerInterface {
     // MARK: - Methods
 
     public func isMigrationNeeded(accountDirectory: URL) -> Bool {
-        guard DeveloperFlag.proteusViaCoreCrypto.isOn else { return false }
         let cryptoboxDirectory = fileManager.cryptoboxDirectory(in: accountDirectory)
         return fileManager.fileExists(atPath: cryptoboxDirectory.path)
     }