chore: Update to Wire JVM SDK v0.2.0

[alexandreferris]

---

PR Submission Checklist for internal contributors

• The PR Title

  • conforms to the style of semantic commits messages¹ supported in Wire's Github Workflow²
  • contains a reference JIRA issue number like SQPIT-764
  • answers the question: If merged, this PR will: ... ³

• The PR Description

  • is free of optional paragraphs and you have filled the relevant parts to the best of your ability

---

What's new in this PR?

Issues

The project was still running JVM SDK v0.0.18

Solutions

Update JVM SDK to v0.2.0

[claude]

PR Review: chore: Update to Wire JVM SDK v0.2.0

Thanks for keeping the SDK current — this is a clean, well-scoped upgrade (version bump + the two API renames it forces). A few things worth a look before merge:

1. Correctness / potential runtime bug — cryptographyStorageKey byte length

cryptographyStorageKey = ENV_VAR_CRYPTOGRAPHY_STORAGE_PASSWORD.toByteArray()

The SDK changed this parameter from a String password (cryptographyStoragePassword) to a ByteArray key. The doc comment on ENV_VAR_CRYPTOGRAPHY_STORAGE_PASSWORD still says Must be exactly 32 characters. With UTF-8 encoding, 32 ASCII characters map to 32 bytes, but any multi-byte (non-ASCII) character would produce more than 32 bytes. If the new SDK expects a key of an exact byte length (e.g. 32 bytes for AES-256), a previously-valid password could now silently fail or change the derived key.

Worth confirming against the SDK docs whether cryptographyStorageKey expects (a) raw key bytes of a fixed length — in which case validate/enforce the byte length, not character count — or (b) arbitrary password bytes that the SDK still derives a key from. Either way, the comment around lines 92-96 of EnvironmentVariables.kt should be updated to reflect key semantics rather than password.

2. Use the Kotlin stdlib toByteArray() instead of the ktor one

The new import io.ktor.utils.io.core.toByteArray is inconsistent — SignatureValidator.kt already uses the plain Kotlin stdlib String.toByteArray() (no import needed). The ktor variant couples this config code to ktor internals for no benefit (both default to UTF-8). Suggest dropping the import and relying on the stdlib extension.

3. Naming consistency (minor)

The env var (ENV_VAR_CRYPTOGRAPHY_STORAGE_PASSWORD / WIRE_SDK_CRYPTOGRAPHY_STORAGE_PASSWORD) still reads password while the SDK now calls it a key. Not blocking, but renaming/aliasing in a follow-up would reduce confusion.

4. Tests

The Conversation rename in EventsHandler.kt is mechanical and safe. No new tests are needed for a version bump, and existing tests mock WireAppSdk so they will not exercise the key-conversion path — just be sure the app has been smoke-tested against a real SDK 0.2.0 instance, since the cryptographyStorageKey change is the one part not covered by the suite.

5. Other

A JIRA reference is still unchecked in the PR checklist — add one if your workflow requires it.

Nice work overall — the bulk of this is a straightforward, necessary upgrade. The main thing to nail down is the byte-length semantics of the new key parameter.

🤖 Generated with Claude Code