From 9e12a88e03255ee09ec2a6df0620c155490e6f87 Mon Sep 17 00:00:00 2001
From: Doug <6060466+pixlwave@users.noreply.github.com>
Date: Wed, 18 Jan 2023 06:45:21 +0000
Subject: [PATCH] feat(bindings): Allow setting the store passphrase in the
 bindings
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Co-authored-by: Damir Jelić <poljar@termina.org.uk>
---
 Cargo.lock                                          |  1 +
 bindings/matrix-sdk-ffi/Cargo.toml                  |  1 +
 bindings/matrix-sdk-ffi/src/api.udl                 |  2 +-
 .../matrix-sdk-ffi/src/authentication_service.rs    | 13 ++++++++++++-
 bindings/matrix-sdk-ffi/src/client_builder.rs       | 11 ++++++++++-
 5 files changed, 25 insertions(+), 3 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index e26a5ecdf..33cb108ed 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -2830,6 +2830,7 @@ dependencies = [
  "uniffi",
  "uniffi_build",
  "uniffi_macros",
+ "zeroize",
 ]
 
 [[package]]
diff --git a/bindings/matrix-sdk-ffi/Cargo.toml b/bindings/matrix-sdk-ffi/Cargo.toml
index ac7188f29..82d2e4135 100644
--- a/bindings/matrix-sdk-ffi/Cargo.toml
+++ b/bindings/matrix-sdk-ffi/Cargo.toml
@@ -32,6 +32,7 @@ tokio = { version = "1", features = ["rt-multi-thread", "macros"] }
 tokio-stream = "0.1.8"
 uniffi = { workspace = true }
 uniffi_macros = { workspace = true }
+zeroize = { workspace = true }
 
 
 [target.'cfg(target_os = "android")'.dependencies]
diff --git a/bindings/matrix-sdk-ffi/src/api.udl b/bindings/matrix-sdk-ffi/src/api.udl
index bd9d6935d..f640a50ff 100644
--- a/bindings/matrix-sdk-ffi/src/api.udl
+++ b/bindings/matrix-sdk-ffi/src/api.udl
@@ -304,7 +304,7 @@ interface MediaSource {
 };
 
 interface AuthenticationService {
-    constructor(string base_path);
+    constructor(string base_path, string? passphrase);
 };
 
 interface SessionVerificationEmoji {};
diff --git a/bindings/matrix-sdk-ffi/src/authentication_service.rs b/bindings/matrix-sdk-ffi/src/authentication_service.rs
index b9687f828..6a9ebfe22 100644
--- a/bindings/matrix-sdk-ffi/src/authentication_service.rs
+++ b/bindings/matrix-sdk-ffi/src/authentication_service.rs
@@ -5,15 +5,23 @@ use matrix_sdk::{
     ruma::{OwnedDeviceId, UserId},
     Session,
 };
+use zeroize::Zeroize;
 
 use super::{client::Client, client_builder::ClientBuilder, RUNTIME};
 
 pub struct AuthenticationService {
     base_path: String,
+    passphrase: Option<String>,
     client: RwLock<Option<Arc<Client>>>,
     homeserver_details: RwLock<Option<Arc<HomeserverLoginDetails>>>,
 }
 
+impl Drop for AuthenticationService {
+    fn drop(&mut self) {
+        self.passphrase.zeroize();
+    }
+}
+
 #[derive(Debug, thiserror::Error, uniffi::Error)]
 #[uniffi(flat_error)]
 pub enum AuthenticationError {
@@ -59,9 +67,10 @@ impl HomeserverLoginDetails {
 
 impl AuthenticationService {
     /// Creates a new service to authenticate a user with.
-    pub fn new(base_path: String) -> Self {
+    pub fn new(base_path: String, passphrase: Option<String>) -> Self {
         AuthenticationService {
             base_path,
+            passphrase,
             client: RwLock::new(None),
             homeserver_details: RwLock::new(None),
         }
@@ -140,6 +149,7 @@ impl AuthenticationService {
         let session = client.client.session().ok_or(AuthenticationError::SessionMissing)?;
         let client = Arc::new(ClientBuilder::new())
             .base_path(self.base_path.clone())
+            .passphrase(self.passphrase.clone())
             .homeserver_url(homeserver_url)
             .username(whoami.user_id.to_string())
             .build()
@@ -192,6 +202,7 @@ impl AuthenticationService {
         };
         let client = Arc::new(ClientBuilder::new())
             .base_path(self.base_path.clone())
+            .passphrase(self.passphrase.clone())
             .homeserver_url(homeserver_url)
             .username(whoami.user_id.to_string())
             .build()
diff --git a/bindings/matrix-sdk-ffi/src/client_builder.rs b/bindings/matrix-sdk-ffi/src/client_builder.rs
index b665633b7..49d419028 100644
--- a/bindings/matrix-sdk-ffi/src/client_builder.rs
+++ b/bindings/matrix-sdk-ffi/src/client_builder.rs
@@ -6,6 +6,7 @@ use matrix_sdk::{
     Client as MatrixClient, ClientBuilder as MatrixClientBuilder,
 };
 use sanitize_filename_reader_friendly::sanitize;
+use zeroize::Zeroizing;
 
 use super::{client::Client, ClientState, RUNTIME};
 use crate::helpers::unwrap_or_clone_arc;
@@ -16,6 +17,7 @@ pub struct ClientBuilder {
     username: Option<String>,
     server_name: Option<String>,
     homeserver_url: Option<String>,
+    passphrase: Zeroizing<Option<String>>,
     user_agent: Option<String>,
     inner: MatrixClientBuilder,
 }
@@ -46,6 +48,12 @@ impl ClientBuilder {
         Arc::new(builder)
     }
 
+    pub fn passphrase(self: Arc<Self>, passphrase: Option<String>) -> Arc<Self> {
+        let mut builder = unwrap_or_clone_arc(self);
+        builder.passphrase = Zeroizing::new(passphrase);
+        Arc::new(builder)
+    }
+
     pub fn user_agent(self: Arc<Self>, user_agent: String) -> Arc<Self> {
         let mut builder = unwrap_or_clone_arc(self);
         builder.user_agent = Some(user_agent);
@@ -60,6 +68,7 @@ impl ClientBuilder {
             username: None,
             server_name: None,
             homeserver_url: None,
+            passphrase: Zeroizing::new(None),
             user_agent: None,
             inner: MatrixClient::builder(),
         }
@@ -74,7 +83,7 @@ impl ClientBuilder {
             let data_path = PathBuf::from(base_path).join(sanitize(username));
             fs::create_dir_all(&data_path)?;
 
-            inner_builder = inner_builder.sled_store(data_path, None);
+            inner_builder = inner_builder.sled_store(data_path, builder.passphrase.as_deref());
         }
 
         // Determine server either from URL, server name or user ID.