use SQLCipher (#981)

* use SQLCipher

* pass encryption key via CLI options

* update dependencies to use git

* add CONTRIBUTING.md

* move flag, enable build in sqlcipher branch

* update dependencies

src/Simplex/Chat/Core.hs

@@ -23,7 +23,7 @@ simplexChatCore cfg@ChatConfig {yesToMigrations} opts sendToast chat
   where
     initRun = do
       let f = chatStoreFile $ dbFilePrefix opts
-      st <- createStore f yesToMigrations
+      st <- createStore f (dbKey opts) yesToMigrations
       u <- getCreateActiveUser st
       cc <- newChatController st (Just u) cfg opts sendToast
       runSimplexChat opts u cc chat

src/Simplex/Chat/Mobile.hs

@@ -31,6 +31,8 @@ import System.Timeout (timeout)
 
 foreign export ccall "chat_init" cChatInit :: CString -> IO (StablePtr ChatController)
 
+foreign export ccall "chat_init_key" cChatInitKey :: CString -> CString -> IO (StablePtr ChatController)
+
 foreign export ccall "chat_send_cmd" cChatSendCmd :: StablePtr ChatController -> CString -> IO CJSONString
 
 foreign export ccall "chat_recv_msg" cChatRecvMsg :: StablePtr ChatController -> IO CJSONString
@@ -44,6 +46,12 @@ foreign export ccall "chat_parse_markdown" cChatParseMarkdown :: CString -> IO C
 cChatInit :: CString -> IO (StablePtr ChatController)
 cChatInit fp = peekCAString fp >>= chatInit >>= newStablePtr
 
+-- | initialize chat controller with encrypted database
+-- The active user has to be created and the chat has to be started before most commands can be used.
+cChatInitKey :: CString -> CString -> IO (StablePtr ChatController)
+cChatInitKey fp key =
+  ((,) <$> peekCAString fp <*> peekCAString key) >>= uncurry chatInitKey >>= newStablePtr
+
 -- | send command to chat (same syntax as in terminal for now)
 cChatSendCmd :: StablePtr ChatController -> CString -> IO CJSONString
 cChatSendCmd cPtr cCmd = do
@@ -67,6 +75,7 @@ mobileChatOpts :: ChatOpts
 mobileChatOpts =
   ChatOpts
     { dbFilePrefix = undefined,
+      dbKey = "",
       smpServers = [],
       networkConfig = defaultNetworkConfig,
       logConnections = False,
@@ -91,9 +100,12 @@ getActiveUser_ :: SQLiteStore -> IO (Maybe User)
 getActiveUser_ st = find activeUser <$> withTransaction st getUsers
 
 chatInit :: String -> IO ChatController
-chatInit dbFilePrefix = do
+chatInit = (`chatInitKey` "")
+
+chatInitKey :: String -> String -> IO ChatController
+chatInitKey dbFilePrefix dbKey = do
   let f = chatStoreFile dbFilePrefix
-  chatStore <- createStore f (yesToMigrations (defaultMobileConfig :: ChatConfig))
+  chatStore <- createStore f dbKey (yesToMigrations (defaultMobileConfig :: ChatConfig))
   user_ <- getActiveUser_ chatStore
   newChatController chatStore user_ defaultMobileConfig mobileChatOpts {dbFilePrefix} Nothing
 

src/Simplex/Chat/Options.hs

@@ -25,6 +25,7 @@ import System.FilePath (combine)
 
 data ChatOpts = ChatOpts
   { dbFilePrefix :: String,
+    dbKey :: String,
     smpServers :: [SMPServer],
     networkConfig :: NetworkConfig,
     logConnections :: Bool,
@@ -47,6 +48,14 @@ chatOpts appDir defaultDbFileName = do
           <> value defaultDbFilePath
           <> showDefault
       )
+  dbKey <-
+    strOption
+      ( long "key"
+          <> short 'k'
+          <> metavar "KEY"
+          <> help "Database encryption key/pass-phrase"
+          <> value ""
+      )
   smpServers <-
     option
       parseSMPServers
@@ -126,6 +135,7 @@ chatOpts appDir defaultDbFileName = do
   pure
     ChatOpts
       { dbFilePrefix,
+        dbKey,
         smpServers,
         networkConfig = fullNetworkConfig socksProxy $ useTcpTimeout socksProxy t,
         logConnections,

src/Simplex/Chat/Store.hs

@@ -276,8 +276,8 @@ migrations = sortBy (compare `on` name) $ map migration schemaMigrations
   where
     migration (name, query) = Migration {name = name, up = fromQuery query}
 
-createStore :: FilePath -> Bool -> IO SQLiteStore
-createStore dbFilePath = createSQLiteStore dbFilePath migrations
+createStore :: FilePath -> String -> Bool -> IO SQLiteStore
+createStore dbFilePath dbKey = createSQLiteStore dbFilePath dbKey migrations
 
 chatStoreFile :: FilePath -> FilePath
 chatStoreFile = (<> "_chat.db")