From a4f88b960e7af2eaa95aed6240eaf6232fda362a Mon Sep 17 00:00:00 2001
From: Andrew Bulhak <andrew.bulhak@mullvad.net>
Date: Fri, 9 Feb 2024 11:17:43 +0100
Subject: [PATCH] Backport TunnelSettingsV4 from quantum resistance exploratory
 branch

---
 .../QuantumResistanceSettings.swift           | 15 +++++++
 ios/MullvadSettings/TunnelSettings.swift      | 10 +++--
 ios/MullvadSettings/TunnelSettingsV3.swift    |  7 +++-
 ios/MullvadSettings/TunnelSettingsV4.swift    | 40 +++++++++++++++++++
 ios/MullvadVPN.xcodeproj/project.pbxproj      |  8 ++++
 5 files changed, 76 insertions(+), 4 deletions(-)
 create mode 100644 ios/MullvadSettings/QuantumResistanceSettings.swift
 create mode 100644 ios/MullvadSettings/TunnelSettingsV4.swift

diff --git a/ios/MullvadSettings/QuantumResistanceSettings.swift b/ios/MullvadSettings/QuantumResistanceSettings.swift
new file mode 100644
index 000000000000..b5c12ae703b5
--- /dev/null
+++ b/ios/MullvadSettings/QuantumResistanceSettings.swift
@@ -0,0 +1,15 @@
+//
+//  QuantumResistanceSettings.swift
+//  MullvadSettings
+//
+//  Created by Andrew Bulhak on 2024-02-08.
+//  Copyright © 2024 Mullvad VPN AB. All rights reserved.
+//
+
+import Foundation
+
+public enum TunnelQuantumResistance: Codable {
+    case automatic
+    case on
+    case off
+}
diff --git a/ios/MullvadSettings/TunnelSettings.swift b/ios/MullvadSettings/TunnelSettings.swift
index c72d03c4b796..b8a276cb7cbc 100644
--- a/ios/MullvadSettings/TunnelSettings.swift
+++ b/ios/MullvadSettings/TunnelSettings.swift
@@ -9,7 +9,7 @@
 import Foundation
 
 /// Alias to the latest version of the `TunnelSettings`.
-public typealias LatestTunnelSettings = TunnelSettingsV3
+public typealias LatestTunnelSettings = TunnelSettingsV4
 
 /// Protocol all TunnelSettings must adhere to, for upgrade purposes.
 public protocol TunnelSettings: Codable {
@@ -27,11 +27,14 @@ public enum SchemaVersion: Int, Equatable {
     /// V2 format with WireGuard obfuscation options, stored as `TunnelSettingsV3`.
     case v3 = 3
 
+    case v4 = 4
+
     var settingsType: any TunnelSettings.Type {
         switch self {
         case .v1: return TunnelSettingsV1.self
         case .v2: return TunnelSettingsV2.self
         case .v3: return TunnelSettingsV3.self
+        case .v4: return TunnelSettingsV4.self
         }
     }
 
@@ -39,10 +42,11 @@ public enum SchemaVersion: Int, Equatable {
         switch self {
         case .v1: return .v2
         case .v2: return .v3
-        case .v3: return .v3
+        case .v3: return .v4
+        case .v4: return .v4
         }
     }
 
     /// Current schema version.
-    public static let current = SchemaVersion.v3
+    public static let current = SchemaVersion.v4
 }
diff --git a/ios/MullvadSettings/TunnelSettingsV3.swift b/ios/MullvadSettings/TunnelSettingsV3.swift
index c91fbfe0b93f..8ce6290802d7 100644
--- a/ios/MullvadSettings/TunnelSettingsV3.swift
+++ b/ios/MullvadSettings/TunnelSettingsV3.swift
@@ -30,6 +30,11 @@ public struct TunnelSettingsV3: Codable, Equatable, TunnelSettings {
     }
 
     public func upgradeToNextVersion() -> any TunnelSettings {
-        self
+        TunnelSettingsV4(
+            relayConstraints: relayConstraints,
+            dnsSettings: dnsSettings,
+            wireGuardObfuscation: wireGuardObfuscation,
+            tunnelQuantumResistance: .automatic
+        )
     }
 }
diff --git a/ios/MullvadSettings/TunnelSettingsV4.swift b/ios/MullvadSettings/TunnelSettingsV4.swift
new file mode 100644
index 000000000000..0d938bc27974
--- /dev/null
+++ b/ios/MullvadSettings/TunnelSettingsV4.swift
@@ -0,0 +1,40 @@
+//
+//  TunnelSettingsV4.swift
+//  MullvadSettings
+//
+//  Created by Marco Nikic on 2024-02-06.
+//  Copyright © 2024 Mullvad VPN AB. All rights reserved.
+//
+
+import Foundation
+import MullvadTypes
+
+public struct TunnelSettingsV4: Codable, Equatable, TunnelSettings {
+    /// Relay constraints.
+    public var relayConstraints: RelayConstraints
+
+    /// DNS settings.
+    public var dnsSettings: DNSSettings
+
+    /// WireGuard obfuscation settings
+    public var wireGuardObfuscation: WireGuardObfuscationSettings
+
+    /// Whether Post Quantum exchanges are enabled.
+    public var tunnelQuantumResistance: TunnelQuantumResistance
+
+    public init(
+        relayConstraints: RelayConstraints = RelayConstraints(),
+        dnsSettings: DNSSettings = DNSSettings(),
+        wireGuardObfuscation: WireGuardObfuscationSettings = WireGuardObfuscationSettings(),
+        tunnelQuantumResistance: TunnelQuantumResistance = .automatic
+    ) {
+        self.relayConstraints = relayConstraints
+        self.dnsSettings = dnsSettings
+        self.wireGuardObfuscation = wireGuardObfuscation
+        self.tunnelQuantumResistance = tunnelQuantumResistance
+    }
+
+    public func upgradeToNextVersion() -> any TunnelSettings {
+        self
+    }
+}
diff --git a/ios/MullvadVPN.xcodeproj/project.pbxproj b/ios/MullvadVPN.xcodeproj/project.pbxproj
index 683962d1d36e..c8d3db4fa11b 100644
--- a/ios/MullvadVPN.xcodeproj/project.pbxproj
+++ b/ios/MullvadVPN.xcodeproj/project.pbxproj
@@ -38,6 +38,7 @@
 		06799AFC28F98EE300ACD94E /* AddressCache.swift in Sources */ = {isa = PBXBuildFile; fileRef = 06AC114128F8413A0037AF9A /* AddressCache.swift */; };
 		0697D6E728F01513007A9E99 /* TransportMonitor.swift in Sources */ = {isa = PBXBuildFile; fileRef = 0697D6E628F01513007A9E99 /* TransportMonitor.swift */; };
 		06AC116228F94C450037AF9A /* ApplicationConfiguration.swift in Sources */ = {isa = PBXBuildFile; fileRef = 58BFA5CB22A7CE1F00A6173D /* ApplicationConfiguration.swift */; };
+		44DD7D2D2B74E44A0005F67F /* QuantumResistanceSettings.swift in Sources */ = {isa = PBXBuildFile; fileRef = 44DD7D2C2B74E44A0005F67F /* QuantumResistanceSettings.swift */; };
 		44DD7D242B6CFFD70005F67F /* StartTunnelOperationTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = 44DD7D232B6CFFD70005F67F /* StartTunnelOperationTests.swift */; };
 		44DD7D272B6D18FB0005F67F /* MockTunnelInteractor.swift in Sources */ = {isa = PBXBuildFile; fileRef = 44DD7D262B6D18FB0005F67F /* MockTunnelInteractor.swift */; };
 		44DD7D292B7113CA0005F67F /* MockTunnel.swift in Sources */ = {isa = PBXBuildFile; fileRef = 44DD7D282B7113CA0005F67F /* MockTunnel.swift */; };
@@ -627,6 +628,7 @@
 		A917352129FAAA5200D5DCFD /* TransportStrategyTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = A917352029FAAA5200D5DCFD /* TransportStrategyTests.swift */; };
 		A91D78E32B03BDF200FCD5D3 /* TunnelObfuscation.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 5840231F2A406BF5007B27AC /* TunnelObfuscation.framework */; };
 		A91D78E42B03C01600FCD5D3 /* MullvadSettings.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 58B2FDD32AA71D2A003EB5C6 /* MullvadSettings.framework */; };
+		A93181A12B727ED700E341D2 /* TunnelSettingsV4.swift in Sources */ = {isa = PBXBuildFile; fileRef = A93181A02B727ED700E341D2 /* TunnelSettingsV4.swift */; };
 		A932D9EF2B5ADD0700999395 /* ProxyConfigurationTransportProvider.swift in Sources */ = {isa = PBXBuildFile; fileRef = A932D9EE2B5ADD0700999395 /* ProxyConfigurationTransportProvider.swift */; };
 		A932D9F32B5EB61100999395 /* HeadRequestTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = A932D9F22B5EB61100999395 /* HeadRequestTests.swift */; };
 		A932D9F52B5EBB9D00999395 /* RESTTransportStub.swift in Sources */ = {isa = PBXBuildFile; fileRef = A932D9F42B5EBB9D00999395 /* RESTTransportStub.swift */; };
@@ -1241,6 +1243,7 @@
 		06FAE67A28F83CA50033DD93 /* RESTDevicesProxy.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = RESTDevicesProxy.swift; sourceTree = "<group>"; };
 		06FAE67B28F83CA50033DD93 /* REST.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = REST.swift; sourceTree = "<group>"; };
 		06FAE67D28F83CA50033DD93 /* RESTTransport.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = RESTTransport.swift; sourceTree = "<group>"; };
+		44DD7D2C2B74E44A0005F67F /* QuantumResistanceSettings.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = QuantumResistanceSettings.swift; sourceTree = "<group>"; };
 		44DD7D232B6CFFD70005F67F /* StartTunnelOperationTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = StartTunnelOperationTests.swift; sourceTree = "<group>"; };
 		44DD7D262B6D18FB0005F67F /* MockTunnelInteractor.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = MockTunnelInteractor.swift; sourceTree = "<group>"; };
 		44DD7D282B7113CA0005F67F /* MockTunnel.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = MockTunnel.swift; sourceTree = "<group>"; };
@@ -1809,6 +1812,7 @@
 		A92ECC232A7802520052F1B1 /* StoredAccountData.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = StoredAccountData.swift; sourceTree = "<group>"; };
 		A92ECC272A7802AB0052F1B1 /* StoredDeviceData.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = StoredDeviceData.swift; sourceTree = "<group>"; };
 		A92ECC2B2A7803A50052F1B1 /* DeviceState.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = DeviceState.swift; sourceTree = "<group>"; };
+		A93181A02B727ED700E341D2 /* TunnelSettingsV4.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = TunnelSettingsV4.swift; sourceTree = "<group>"; };
 		A932D9EE2B5ADD0700999395 /* ProxyConfigurationTransportProvider.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ProxyConfigurationTransportProvider.swift; sourceTree = "<group>"; };
 		A932D9F22B5EB61100999395 /* HeadRequestTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = HeadRequestTests.swift; sourceTree = "<group>"; };
 		A932D9F42B5EBB9D00999395 /* RESTTransportStub.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = RESTTransportStub.swift; sourceTree = "<group>"; };
@@ -2839,6 +2843,7 @@
 				A9D96B192A8247C100A5C673 /* MigrationManager.swift */,
 				58B2FDD52AA71D2A003EB5C6 /* MullvadSettings.h */,
 				586C0D962B04E0AC00E7CDD7 /* PersistentAccessMethod.swift */,
+				44DD7D2C2B74E44A0005F67F /* QuantumResistanceSettings.swift */,
 				58FF2C02281BDE02009EF542 /* SettingsManager.swift */,
 				06410E03292D0F7100AFC18C /* SettingsParser.swift */,
 				06410E06292D108E00AFC18C /* SettingsStore.swift */,
@@ -2850,6 +2855,7 @@
 				587AD7C523421D7000E93A53 /* TunnelSettingsV1.swift */,
 				580F8B8228197881002E0998 /* TunnelSettingsV2.swift */,
 				A988DF282ADE880300D807EF /* TunnelSettingsV3.swift */,
+				A93181A02B727ED700E341D2 /* TunnelSettingsV4.swift */,
 				A988DF252ADE86ED00D807EF /* WireGuardObfuscationSettings.swift */,
 			);
 			path = MullvadSettings;
@@ -4687,6 +4693,7 @@
 				58B2FDE42AA71D5C003EB5C6 /* SettingsManager.swift in Sources */,
 				F0164EBC2B482E430020268D /* AppStorage.swift in Sources */,
 				58B2FDE62AA71D5C003EB5C6 /* DeviceState.swift in Sources */,
+				A93181A12B727ED700E341D2 /* TunnelSettingsV4.swift in Sources */,
 				58FE25BF2AA72311003D1918 /* MigrationManager.swift in Sources */,
 				58B2FDEF2AA720C4003EB5C6 /* ApplicationTarget.swift in Sources */,
 				A988DF272ADE86ED00D807EF /* WireGuardObfuscationSettings.swift in Sources */,
@@ -4694,6 +4701,7 @@
 				F0D7FF8F2B31DF5900E0FDE5 /* AccessMethodRepository.swift in Sources */,
 				58B2FDE12AA71D5C003EB5C6 /* TunnelSettingsV1.swift in Sources */,
 				58B2FDE72AA71D5C003EB5C6 /* SettingsStore.swift in Sources */,
+				44DD7D2D2B74E44A0005F67F /* QuantumResistanceSettings.swift in Sources */,
 				F08827872B318C840020A383 /* ShadowsocksCipherOptions.swift in Sources */,
 				58B2FDE92AA71D5C003EB5C6 /* SettingsParser.swift in Sources */,
 				F08827892B3192110020A383 /* AccessMethodRepositoryProtocol.swift in Sources */,