Enable database encryption for new logins on Nightly/PR builds.

[pixlwave]

This PR essentially closes #441, although we're going to test on Nightly first to measure any potential performance impact. The following approach has been taken:

• The RestorationToken now contains an optional passphrase string which is given to the SDK when restoring a session. Existing users won't have one set, so their accounts will continue to operate without encryption on the db.
• When running a dev build (inc Nightly and PRs) the AuthenticationServiceProxy will generate a passphrase in the init (which we do for each login so a fresh key will be generated for each login). This passphrase is handed to the SDK which will create the stores, and when a sucessfull login is made, it is handed to the session store to add to the RestorationToken
• OIDC sessions update the RestorationToken each time the restoration token is refreshed. We now need to fetch the token to preserve the passphrase and if it is missing the app will crash (which will likely result in the user being signed out on next launch but if this happened there wouldn't be much we could do app-side to fix it anyway).
• I've tweaked the location where the pusherNotificationClientIdentifier is generated, as getting it from the ClientProxy through the restoration token is no longer possible, due to the proxy not knowing what the passphrase is.

[github-actions]

	Warnings
⚠️	Some of the commits are missing ticket numbers. Please consider squashing all commits that don't have a tracking number.
⚠️	ElementX/Sources/Services/UserSession/UserSessionStore.swift#L126 - FIXMEs should be resolved (Quick and dirty fix for stoppi...). (todo)

Generated by 🚫 Danger Swift against 9e97be8

[codecov]

Codecov Report

Attention: 43 lines in your changes are missing coverage. Please review.

Comparison is base (1001b5d) 72.53% compared to head (9e97be8) 72.44%.
Report is 1 commits behind head on develop.

Files	Patch %	Lines
...ources/Services/UserSession/UserSessionStore.swift	0.00%	23 Missing ⚠️
...Sources/Services/Keychain/KeychainController.swift	0.00%	8 Missing ⚠️
ElementX/Sources/Application/AppCoordinator.swift	0.00%	6 Missing ⚠️
...rces/Services/Keychain/EncryptionKeyProvider.swift	0.00%	5 Missing ⚠️
...eens/RoomScreen/RoomScreenInteractionHandler.swift	0.00%	1 Missing ⚠️

Additional details and impacted files

@@             Coverage Diff             @@
##           develop    #2328      +/-   ##
===========================================
- Coverage    72.53%   72.44%   -0.10%     
===========================================
  Files          512      513       +1     
  Lines        35327    35334       +7     
  Branches     16998    16988      -10     
===========================================
- Hits         25626    25599      -27     
- Misses        9077     9113      +36     
+ Partials       624      622       -2     

Flag	Coverage Δ
unittests	57.82% <6.52%> (-0.14%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[Velin92]

I don't understand a lot of the new passphrase system works but... if we restore the encrypted db from the NSE... how does the NSE decrypt such db? I think we should decrypt it also in the NSE

[Velin92]

NOICE

[pixlwave]

I don't understand a lot of the new passphrase system works but... if we restore the encrypted db from the NSE... how does the NSE decrypt such db? I think we should decrypt it also in the NSE

Thank you 🙌 - I totally forgot about the NSE 🤦‍♂️

[sonarqubecloud]

Quality Gate passed

Kudos, no new issues were introduced!

0 New issues
0 Security Hotspots
No data about Coverage
0.0% Duplication on New Code

See analysis details on SonarCloud

[github-actions]

📱 Scan the QR code below to install the build for this PR.
🔒 This build is for internal testing purpose. Only devices listed in the ad-hoc provisioning profile can install Element Alpha.

If you can't scan the QR code you can install the build via this link: https://i.diawi.com/26waWp