From f93a8774060db532e1655971c782ae343026173f Mon Sep 17 00:00:00 2001
From: Tulir Asokan <tulir@maunium.net>
Date: Mon, 27 Jun 2022 11:14:29 +0300
Subject: [PATCH] Add new encryption settings for mautrix-go

---
 config/bridge.go    | 33 +++++++++++++++++++++++++++++++--
 config/upgrade.go   | 10 +++++++---
 example-config.yaml | 38 ++++++++++++++++++++++++++------------
 3 files changed, 64 insertions(+), 17 deletions(-)

diff --git a/config/bridge.go b/config/bridge.go
index 5fb86cb..bf03b68 100644
--- a/config/bridge.go
+++ b/config/bridge.go
@@ -17,6 +17,7 @@
 package config
 
 import (
+	"errors"
 	"fmt"
 	"strings"
 	"text/template"
@@ -31,8 +32,10 @@ type BridgeConfig struct {
 	DisplaynameTemplate string `yaml:"displayname_template"`
 	ChannelnameTemplate string `yaml:"channelname_template"`
 
-	DeliveryReceipts bool `yaml:"delivery_receipts"`
-	RestrictedRooms  bool `yaml:"restricted_rooms"`
+	DeliveryReceipts    bool `yaml:"delivery_receipts"`
+	MessageStatusEvents bool `yaml:"message_status_events"`
+	MessageErrorNotices bool `yaml:"message_error_notices"`
+	RestrictedRooms     bool `yaml:"restricted_rooms"`
 
 	CommandPrefix string `yaml:"command_prefix"`
 
@@ -62,6 +65,32 @@ type BridgeConfig struct {
 	channelnameTemplate *template.Template `yaml:"-"`
 }
 
+func (bc *BridgeConfig) EnableMessageStatusEvents() bool {
+	return bc.MessageStatusEvents
+}
+
+func (bc *BridgeConfig) EnableMessageErrorNotices() bool {
+	return bc.MessageErrorNotices
+}
+
+func boolToInt(val bool) int {
+	if val {
+		return 1
+	}
+	return 0
+}
+
+func (bc *BridgeConfig) Validate() error {
+	_, hasWildcard := bc.Permissions["*"]
+	_, hasExampleDomain := bc.Permissions["example.com"]
+	_, hasExampleUser := bc.Permissions["@admin:example.com"]
+	exampleLen := boolToInt(hasWildcard) + boolToInt(hasExampleUser) + boolToInt(hasExampleDomain)
+	if len(bc.Permissions) <= exampleLen {
+		return errors.New("bridge.permissions not configured")
+	}
+	return nil
+}
+
 type umBridgeConfig BridgeConfig
 
 func (bc *BridgeConfig) UnmarshalYAML(unmarshal func(interface{}) error) error {
diff --git a/config/upgrade.go b/config/upgrade.go
index 5f41141..fd6126d 100644
--- a/config/upgrade.go
+++ b/config/upgrade.go
@@ -30,6 +30,8 @@ func DoUpgrade(helper *up.Helper) {
 	helper.Copy(up.Str, "bridge", "channelname_template")
 	helper.Copy(up.Int, "bridge", "portal_message_buffer")
 	helper.Copy(up.Bool, "bridge", "delivery_receipts")
+	helper.Copy(up.Bool, "bridge", "message_status_events")
+	helper.Copy(up.Bool, "bridge", "message_error_notices")
 	helper.Copy(up.Bool, "bridge", "restricted_rooms")
 	helper.Copy(up.Bool, "bridge", "sync_with_custom_puppets")
 	helper.Copy(up.Bool, "bridge", "sync_direct_chat_list")
@@ -44,9 +46,11 @@ func DoUpgrade(helper *up.Helper) {
 	helper.Copy(up.Str|up.Null, "bridge", "management_room_text", "additional_help")
 	helper.Copy(up.Bool, "bridge", "encryption", "allow")
 	helper.Copy(up.Bool, "bridge", "encryption", "default")
-	helper.Copy(up.Bool, "bridge", "encryption", "key_sharing", "allow")
-	helper.Copy(up.Bool, "bridge", "encryption", "key_sharing", "require_cross_signing")
-	helper.Copy(up.Bool, "bridge", "encryption", "key_sharing", "require_verification")
+	helper.Copy(up.Bool, "bridge", "encryption", "require")
+	helper.Copy(up.Bool, "bridge", "encryption", "allow_key_sharing")
+	helper.Copy(up.Str, "bridge", "encryption", "verification_levels", "receive")
+	helper.Copy(up.Str, "bridge", "encryption", "verification_levels", "send")
+	helper.Copy(up.Str, "bridge", "encryption", "verification_levels", "share")
 	helper.Copy(up.Bool, "bridge", "encryption", "rotation", "enable_custom")
 	helper.Copy(up.Int, "bridge", "encryption", "rotation", "milliseconds")
 	helper.Copy(up.Int, "bridge", "encryption", "rotation", "messages")
diff --git a/example-config.yaml b/example-config.yaml
index 4b72106..b66281b 100644
--- a/example-config.yaml
+++ b/example-config.yaml
@@ -82,6 +82,10 @@ bridge:
 
     # Should the bridge send a read receipt from the bridge bot when a message has been sent to Discord?
     delivery_receipts: false
+    # Whether the bridge should send the message status as a custom com.beeper.message_send_status event.
+    message_status_events: true
+    # Whether the bridge should send error notices via m.notice events when a message fails to bridge.
+    message_error_notices: true
     # Should the bridge use space-restricted join rules instead of invite-only for guild rooms?
     # This can avoid unnecessary invite events in guild rooms when members are synced in.
     restricted_rooms: true
@@ -131,18 +135,28 @@ bridge:
         # This will cause the bridge bot to be in private chats for the encryption to work properly.
         # It is recommended to also set private_chat_portal_meta to true when using this.
         default: false
-        # Options for automatic key sharing.
-        key_sharing:
-            # Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled.
-            # You must use a client that supports requesting keys from other users to use this feature.
-            allow: false
-            # Require the requesting device to have a valid cross-signing signature?
-            # This doesn't require that the bridge has verified the device, only that the user has verified it.
-            # Not yet implemented.
-            require_cross_signing: false
-            # Require devices to be verified by the bridge?
-            # Verification by the bridge is not yet implemented.
-            require_verification: true
+        # Require encryption, drop any unencrypted messages.
+        require: false
+        # Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled.
+        # You must use a client that supports requesting keys from other users to use this feature.
+        allow_key_sharing: false
+        # What level of device verification should be required from users?
+        #
+        # Valid levels:
+        #   unverified - Send keys to all device in the room.
+        #   cross-signed-untrusted - Require valid cross-signing, but trust all cross-signing keys.
+        #   cross-signed-tofu - Require valid cross-signing, trust cross-signing keys on first use (and reject changes).
+        #   cross-signed-verified - Require valid cross-signing, plus a valid user signature from the bridge bot.
+        #                           Note that creating user signatures from the bridge bot is not currently possible.
+        #   verified - Require manual per-device verification
+        #              (currently only possible by modifying the `trust` column in the `crypto_device` database table).
+        verification_levels:
+            # Minimum level for which the bridge should send keys to when bridging messages from WhatsApp to Matrix.
+            receive: unverified
+            # Minimum level that the bridge should accept for incoming Matrix messages.
+            send: unverified
+            # Minimum level that the bridge should require for accepting key requests.
+            share: cross-signed
         # Options for Megolm room key rotation. These options allow you to
         # configure the m.room.encryption event content. See:
         # https://spec.matrix.org/v1.3/client-server-api/#mroomencryption for