Merge pull request #3326 from matrix-org/andybalaam/allow-setting-encryption-settings

ffi: Expose encryption settings via FFI
2026-05-13 18:45:44 -04:00 · 2024-04-25 08:55:43 +01:00
parent 8f5e1f3dfc ebcf1c434c
commit 2c7afc201f
3 changed files with 44 additions and 20 deletions
--- a/bindings/matrix-sdk-ffi/src/authentication_service.rs
+++ b/bindings/matrix-sdk-ffi/src/authentication_service.rs
@@ -4,6 +4,7 @@ use std::{
 };

 use matrix_sdk::{
+    encryption::BackupDownloadStrategy,
    oidc::{
        registrations::{ClientId, OidcRegistrations, OidcRegistrationsError},
        types::{
@@ -621,12 +622,9 @@ impl AuthenticationService {
            .passphrase(self.passphrase.clone())
            .homeserver_url(homeserver_url)
            .sliding_sync_proxy(sliding_sync_proxy)
-            .with_encryption_settings(matrix_sdk::encryption::EncryptionSettings {
-                auto_enable_cross_signing: true,
-                backup_download_strategy:
-                    matrix_sdk::encryption::BackupDownloadStrategy::AfterDecryptionFailure,
-                auto_enable_backups: true,
-            })
+            .auto_enable_cross_signing(true)
+            .backup_download_strategy(BackupDownloadStrategy::AfterDecryptionFailure)
+            .auto_enable_backups(true)
            .username(user_id.to_string());

        if let Some(proxy) = &self.proxy {
--- a/bindings/matrix-sdk-ffi/src/client_builder.rs
+++ b/bindings/matrix-sdk-ffi/src/client_builder.rs
@@ -76,6 +76,7 @@ pub struct ClientBuilder {
    cross_process_refresh_lock_id: Option<String>,
    session_delegate: Option<Arc<dyn ClientSessionDelegate>>,
    additional_root_certificates: Vec<Vec<u8>>,
+    encryption_settings: EncryptionSettings,
 }

 #[uniffi::export(async_runtime = "tokio")]
@@ -93,14 +94,16 @@ impl ClientBuilder {
            proxy: None,
            disable_ssl_verification: false,
            disable_automatic_token_refresh: false,
-            inner: MatrixClient::builder().with_encryption_settings(EncryptionSettings {
-                auto_enable_cross_signing: false,
-                backup_download_strategy: BackupDownloadStrategy::AfterDecryptionFailure,
-                auto_enable_backups: false,
-            }),
+            inner: MatrixClient::builder(),
            cross_process_refresh_lock_id: None,
            session_delegate: None,
            additional_root_certificates: Default::default(),
+            encryption_settings: EncryptionSettings {
+                auto_enable_cross_signing: false,
+                backup_download_strategy:
+                    matrix_sdk::encryption::BackupDownloadStrategy::AfterDecryptionFailure,
+                auto_enable_backups: false,
+            },
        })
    }

@@ -203,21 +206,41 @@ impl ClientBuilder {
        Arc::new(builder)
    }

+    pub fn auto_enable_cross_signing(
+        self: Arc<Self>,
+        auto_enable_cross_signing: bool,
+    ) -> Arc<Self> {
+        let mut builder = unwrap_or_clone_arc(self);
+        builder.encryption_settings.auto_enable_cross_signing = auto_enable_cross_signing;
+        Arc::new(builder)
+    }
+
+    /// Select a strategy to download room keys from the backup. By default
+    /// we download after a decryption failure.
+    ///
+    /// Take a look at the [`BackupDownloadStrategy`] enum for more options.
+    pub fn backup_download_strategy(
+        self: Arc<Self>,
+        backup_download_strategy: BackupDownloadStrategy,
+    ) -> Arc<Self> {
+        let mut builder = unwrap_or_clone_arc(self);
+        builder.encryption_settings.backup_download_strategy = backup_download_strategy;
+        Arc::new(builder)
+    }
+
+    /// Automatically create a backup version if no backup exists.
+    pub fn auto_enable_backups(self: Arc<Self>, auto_enable_backups: bool) -> Arc<Self> {
+        let mut builder = unwrap_or_clone_arc(self);
+        builder.encryption_settings.auto_enable_backups = auto_enable_backups;
+        Arc::new(builder)
+    }
+
    pub async fn build(self: Arc<Self>) -> Result<Arc<Client>, ClientBuildError> {
        Ok(Arc::new(self.build_inner().await?))
    }
 }

 impl ClientBuilder {
-    pub(crate) fn with_encryption_settings(
-        self: Arc<Self>,
-        settings: EncryptionSettings,
-    ) -> Arc<Self> {
-        let mut builder = unwrap_or_clone_arc(self);
-        builder.inner = builder.inner.with_encryption_settings(settings);
-        Arc::new(builder)
-    }
-
    pub(crate) fn enable_cross_process_refresh_lock_inner(
        self: Arc<Self>,
        process_id: String,
@@ -316,6 +339,8 @@ impl ClientBuilder {
            );
        }

+        inner_builder = inner_builder.with_encryption_settings(builder.encryption_settings);
+
        let sdk_client = inner_builder.build().await?;

        // At this point, `sdk_client` might contain a `sliding_sync_proxy` that has
--- a/crates/matrix-sdk/src/encryption/mod.rs
+++ b/crates/matrix-sdk/src/encryption/mod.rs
@@ -161,6 +161,7 @@ pub struct EncryptionSettings {

 /// Settings for end-to-end encryption features.
 #[derive(Clone, Copy, Debug, Default, PartialEq, Eq)]
+#[cfg_attr(feature = "uniffi", derive(uniffi::Enum))]
 pub enum BackupDownloadStrategy {
    /// Automatically download all room keys from the backup when the backup
    /// recovery key has been received. The backup recovery key can be received