Support encrypted communication with HA

[robbiet480]

Just for that extra bit of security, we should implement encrypted communication with HA over the webhook like iOS supports.

[robbiet480]

Some notes on this:

• We need to use an updated and peer reviewed library to do this. @JBassett says he looked at https://github.com/terl/lazysodium-android, one option I suggested. The other option is https://github.com/joshjdevl/libsodium-jni. Sadly, both are Java. The only Kotlin option hasn't been updated in 2+ years.
• Initial support has been added to HA Core to enable encryption on existing registrations (at Add new webhook action to allow enabling encryption in an existing registration core#31743). Call webhook action enable_encryption on HA Core 0.106+, receive a JSON body with secret as the response. HA version can be derived via get_config webhook action. The logic in app should look like this (psuedocode):

  if app_has_no_encryption_key and ha_version > 0.106:
      attempt_to_enable_encryption()
  

• If enabling encryption fails due to older HA version, then we should either keep doing that check every so often (whenever app starts?) or have a button in settings to allow users to manually enable encryption.

[balloob]

Do we know the HA version that we talk to ? Seems like something we should know in the app to be able to enable/disable functionality.

[robbiet480]

@balloob We can get that info from the get_config webhook action.

[JBassett]

Initial work https://github.com/home-assistant/home-assistant-android/tree/feature/webhookEncryption

I am running into issues with HA decrypting my requests... If anyone wants to take a crack at it please do! I have the sodium library pulled and the ability to easily encrypt/decrypt done. But I must be doing something incorrectly...