feat: ✨ e2ee support

[HarHarLinks]

supersedes #79

I rebased this on current-ish (~ last week's) master because the situation got a bit messy with half a year of changes

todos transfered from original PR:

• warn when message can't be decrypted
  • ignore messages older than joining
  • notify + log when the crypto session broke incl hint to reset access_token and crypto store: compare access_token -> session ID -> crypto db not sure how to detect this broken state
• prefer (loaded) access_token over password login, to keep session. necessary since session must correspond to e2e session
• settings to handle unverified devices
  • do/not encrypt to unverified
    • auto-blacklist in device store
  • do/not listen to unverified? deferred to #150
  • by mxid (regex?) deferred to #151
    • list of users to automatically verify
    • list of users to automatically "ignore" i.e. send without verification
  • verification support https://spec.matrix.org/v1.3/client-server-api/#device-verification
    • SAS emoji as mentioned in #76
    • print fingerprint for "Session key" verification (manually by comparing text hashes, one sided)
    • SAS decimal? supported in nio, but deferred to #152
    • QR code? doesn't look like nio supports it, deferred to later
    • nio supports only "to-device" verification today
      • which isn't possible with android Ability to verify a single device using SAS or session key fingerprint element-hq/element-android#6832
• expose some config options to user/config file
  • test coverage
  • encryption enabled
  • emoji verify
  • store path
  • ignore unverified devices
• include safeguards: must create a new session to use e2ee, i.e. can't log in with access token when not already owning the session and associated e2e data
• add simplematrixbotlib[e2e] extra which pulls in matrix-nio[e2e] poetry currently can't specify extras to pull in extras Change dependency's extras through own extras python-poetry/poetry#6053
• don't modify poetry/dependency stuff
• update docs with the above and
  • install libolm (as per nio docs!) and simplematrixbotlib[e2e] to enable e2e support
  • mention on main readme + doc page that e2e is supported

[HarHarLinks]

How do you want to handle the dependency problem in the CI?

[imbev]

We should check if encryption dependencies are installed either through something involving https://github.com/poljar/matrix-nio/blob/20ac350d015b9fb1363482661a1d9d26e28914c1/nio/crypto/__init__.py#L41, or through an try-except ImportError check.

[imbev]

If that check is false, then changes such as setting https://github.com/HarHarLinks/simple-matrix-bot-lib/blob/182f30e608ac379eacb64e14e6b57904eda88000/simplematrixbotlib/api.py#L56 to false should be made.

[HarHarLinks]

Don't we need to adapt the CI to also run with e2e deps installed as to properly test the e2e stuff just the same? At this point I'm not familiar with how to do that.

[imbev]

I"m not familiar either. Perhaps we could create an e2e-specific github action test.

[imbev]

pip install python-olm --extra-index-url https://gitlab.matrix.org/api/v4/projects/27/packages/pypi/simple

This might be a convenient way to install olm (from the maubot docs)

[HarHarLinks]

From https://docs.mau.fi/maubot/usage/encryption.html to be precise, although there is a warning

However, this method has not been tested properly, so it might not work at all.

I don't think this should be the preferred option, because the distro-packaged library would (maybe automatically) get updated if and when a security patch releases

[imbev]

HarHarLinks#1