Fix wrong sha256 conversion and add unit test.

element-hq · Sep 16, 2024 · f726d16 · f726d16
1 parent 51c20b4
commit f726d16
Show file tree

Hide file tree

Showing 4 changed files with 70 additions and 10 deletions.
diff --git a/matrix-sdk-android/build.gradle b/matrix-sdk-android/build.gradle
@@ -233,6 +233,7 @@ dependencies {
     testImplementation 'net.lachlanmckee:timber-junit-rule:1.0.1'
     // Transitively required for mocking realm as monarchy doesn't expose Rx
     testImplementation libs.rx.rxKotlin
+    testImplementation libs.tests.robolectric
 
     kaptAndroidTest libs.dagger.daggerCompiler
     androidTestImplementation libs.androidx.testCore

diff --git a/.../src/main/java/org/matrix/android/sdk/internal/session/identity/IdentityBulkLookupTask.kt b/.../src/main/java/org/matrix/android/sdk/internal/session/identity/IdentityBulkLookupTask.kt
@@ -30,7 +30,6 @@ import org.matrix.android.sdk.internal.session.identity.model.IdentityLookUpPara
 import org.matrix.android.sdk.internal.session.identity.model.IdentityLookUpResponse
 import org.matrix.android.sdk.internal.task.Task
 import org.matrix.android.sdk.internal.util.base64ToBase64Url
-import java.security.MessageDigest
 import java.util.Locale
 import javax.inject.Inject
 
@@ -43,7 +42,8 @@ internal interface IdentityBulkLookupTask : Task<IdentityBulkLookupTask.Params,
 internal class DefaultIdentityBulkLookupTask @Inject constructor(
         private val identityApiProvider: IdentityApiProvider,
         private val identityStore: IdentityStore,
-        @UserId private val userId: String
+        @UserId private val userId: String,
+        private val sha256Converter: Sha256Converter,
 ) : IdentityBulkLookupTask {
 
     override suspend fun execute(params: IdentityBulkLookupTask.Params): List<FoundThreePid> {
@@ -120,7 +120,9 @@ internal class DefaultIdentityBulkLookupTask @Inject constructor(
     private fun getHashedAddresses(threePids: List<ThreePid>, pepper: String): List<String> {
         return threePids.map { threePid ->
             base64ToBase64Url(
-                    (threePid.value.lowercase(Locale.ROOT) + " " + threePid.toMedium() + " " + pepper).toSha256()
+                    sha256Converter.convertToSha256(
+                            str = threePid.value.lowercase(Locale.ROOT) + " " + threePid.toMedium() + " " + pepper
+                    )
             )
         }
     }
@@ -139,11 +141,4 @@ internal class DefaultIdentityBulkLookupTask @Inject constructor(
             )
         }
     }
-
-    private val sha256 by lazy { MessageDigest.getInstance("SHA-256") }
-
-    @OptIn(ExperimentalStdlibApi::class)
-    private fun String.toSha256(): String {
-        return sha256.digest(toByteArray()).toHexString()
-    }
 }
diff --git a/...android/src/main/java/org/matrix/android/sdk/internal/session/identity/Sha256Converter.kt b/...android/src/main/java/org/matrix/android/sdk/internal/session/identity/Sha256Converter.kt
@@ -0,0 +1,29 @@
+/*
+ * Copyright (c) 2024 New Vector Ltd
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.matrix.android.sdk.internal.session.identity
+
+import org.matrix.android.sdk.api.util.toBase64NoPadding
+import java.security.MessageDigest
+import javax.inject.Inject
+
+class Sha256Converter @Inject constructor() {
+    private val sha256 by lazy { MessageDigest.getInstance("SHA-256") }
+
+    fun convertToSha256(str: String): String {
+        return sha256.digest(str.toByteArray()).toBase64NoPadding()
+    }
+}
diff --git a/...-sdk-android/src/test/java/org/matrix/android/sdk/internal/session/identity/Sha256Test.kt b/...-sdk-android/src/test/java/org/matrix/android/sdk/internal/session/identity/Sha256Test.kt
@@ -0,0 +1,35 @@
+/*
+ * Copyright (c) 2024 New Vector Ltd
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.matrix.android.sdk.internal.session.identity
+
+import org.amshove.kluent.shouldBeEqualTo
+import org.junit.Test
+import org.junit.runner.RunWith
+import org.robolectric.RobolectricTestRunner
+
+@RunWith(RobolectricTestRunner::class)
+class Sha256Test {
+    /**
+     * Check that the behavior is the same than what is done in the Olm library.
+     * https://gitlab.matrix.org/matrix-org/olm/-/blob/master/tests/test_olm_sha256.cpp#L16
+     */
+    @Test
+    fun testSha256() {
+        val sut = Sha256Converter()
+        sut.convertToSha256("Hello, World") shouldBeEqualTo "A2daxT/5zRU1zMffzfosRYxSGDcfQY3BNvLRmsH76KU"
+    }
+}