Store encryption settings

[Anderas]

Resolves #1578

Add encryption settings to the crypto store that are currently still persisted in legacy client database. These include:

• room encryption algorithm
• settings to block unverified devices per room and globally

This is achieved by a new RoomSettings struct as well as generic get/set_custom_value for global flags.

Note that the higher-level non-crypto rust-sdk already stores these values as state events, which is now duplicated by the crypto store. This should be fully migrated to the crypto store because these settings are critical for the cryptographic functionality (e.g. no API to reset room encryption) and are used by clients that only integrate crypto-sdk.

[poljar]

One thing I mentioned already, but it is still my main concern with this patch is that this is expanding the CryptoStore trait. I prefer to avoid this if possible, especially since this functionality is not something the matrix-sdk crate will use.

The idea here is that we might want to reuse the existing get/set value methods the crypto stores have. This would also allow people to store other custom things.

[Anderas]

Yea that makes sense, I'll rework it as a separate commit so we can compare it

[Anderas]

The idea here is that we might want to reuse the existing get/set value methods the crypto stores have. This would also allow people to store other custom things.

To be clear, we would still need to expose something like async fn set_value(&self, key: &str, value: &impl Serialize) -> Result<()>; (and getter equivalent) in the CryptoStore trait, at which point the compiler becomes unhappy about the use of generics when trying to make an object from the trait. Is this what you are suggesting?

[poljar]

Yep, the state store already has such an interface, though it puts the responsibility of serializing onto the caller:

matrix-rust-sdk/crates/matrix-sdk-sled/src/state_store.rs

Line 1245 in 7e64c15

async fn get_custom_value(&self, key: &[u8]) -> Result<Option<Vec<u8>>> {

Of course the interface of the CryptoStore needs to be exposed on the OlmMachine where you can put the generic impl Serialize argument if you prefer the Rust side to take care of the serialization.

[Anderas]

@poljar I have restructured this PR to only expose generic get/set_custom_value, similar to the API exposed in state store. I have then added another pair of get/set_value methods using generics into the Store struct, making it easier to use. Encryption works as expected (stretching single boolean into a massive cipertext)

If a viable approach, I'd still need to extract the raw-string keys into some kind of enum or so to ensure type safety

[poljar]

Could we either keep those just in the bindings or if you disagree, let's expose the Store struct and let users use those methods directly on the store.

Of course we need to make sure we don't expose something we don't want.

[poljar]

@poljar I have restructured this PR to only expose generic get/set_custom_value, similar to the API exposed in state store. I have then added another pair of get/set_value methods using generics into the Store struct, making it easier to use. Encryption works as expected (stretching single boolean into a massive cipertext)

If a viable approach, I'd still need to extract the raw-string keys into some kind of enum or so to ensure type safety

Yup, this seems nicer than extending the CryptoStore trait with value specific setters and getters.

[Anderas]

After some discussions I decided to create a new table for room settings after all. This is because room settings are sufficiently important concept to warrant the expansion of the CryptoStore trait, and should be used by all clients (legacy as well as rust-sdk).

I have also decided to not change the share_room_key method (by removing EncryptionSettings) and instead let the clients continue passing them as a parameter. This is because at least history_visibility is still stored on the client side, and either way that change can be dealt with in a separate PR.

[Anderas]

How can I flatten the possible error from try_into and return as CryptoStoreError?

[poljar]

You could change the error type that the TryFrom implementation uses from a string to a serde_json error, which supports custom error strings and then do something like:

let settings = self
    .runtime
    .block_on(self.inner.store().get_room_settings(&room_id))?
    .map(|v| v.try_into())
    .transpose()?;

[Anderas]

The mapped error should ideally be CryptoStoreError::Serialization, but this is typed to serde_json instead of rmp_serde and I dont think adding another Serialization case is a good approach. Can we make that serialization error more generic?

[jplatte]

Yeah, error handling in the stores is messy... I have an idea on how it may be fixable, will post a separate PR.

[codecov]

Codecov Report

Patch coverage: 71.54% and project coverage change: -0.06 ⚠️

Comparison is base (0f7d839) 75.49% compared to head (d226738) 75.44%.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #1460      +/-   ##
==========================================
- Coverage   75.49%   75.44%   -0.06%     
==========================================
  Files         137      137              
  Lines       14788    14883      +95     
==========================================
+ Hits        11164    11228      +64     
- Misses       3624     3655      +31     

Impacted Files	Coverage Δ
crates/matrix-sdk-crypto/src/machine.rs	75.58% <0.00%> (-0.40%)	⬇️
crates/matrix-sdk-crypto/src/store/memorystore.rs	79.04% <0.00%> (-6.52%)	⬇️
crates/matrix-sdk-crypto/src/store/traits.rs	62.71% <0.00%> (-7.10%)	⬇️
crates/matrix-sdk-crypto/src/store/mod.rs	68.25% <60.00%> (-4.63%)	⬇️
crates/matrix-sdk-sled/src/crypto_store.rs	89.36% <90.90%> (+0.07%)	⬆️
crates/matrix-sdk-sqlite/src/crypto_store.rs	93.01% <97.43%> (+0.38%)	⬆️
...s/matrix-sdk-crypto/src/store/integration_tests.rs	100.00% <100.00%> (ø)

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

☔ View full report in Codecov by Sentry.
📢 Do you have feedback about the report comment? Let us know in this issue.

[poljar]

I think this looks fine, as long as the unwrap is gone and some more methods are made pub(crate)

[poljar]

You could change the error type that the TryFrom implementation uses from a string to a serde_json error, which supports custom error strings and then do something like:

let settings = self
    .runtime
    .block_on(self.inner.store().get_room_settings(&room_id))?
    .map(|v| v.try_into())
    .transpose()?;

[Anderas]

@poljar this should now be ready for review. the recent uniffi changes caused some conflicts but all should be resolved against main now

[poljar]

Alright, I think this looks good. There's a missing newline and a merge conflict, after this is resolved we can merge.

[poljar]

Missing newline:

Suggested change

	};
	};