crypto: Add a method to check if our own device has been signed by our identity

2021-08-04 16:40:55 +02:00 · 2021-08-04 16:40:55 +02:00 · 8d7fe5e575
commit 8d7fe5e575
parent 0598bdebc7
2 changed files with 29 additions and 2 deletions
--- a/matrix_sdk_crypto/src/identities/user.rs
+++ b/matrix_sdk_crypto/src/identities/user.rs
@ -124,6 +124,19 @@ impl OwnUserIdentity {
        self.request_verification_helper(Some(methods)).await
    }

+    /// Does our user identity trust our own device, i.e. have we signed  our
+    /// own device keys with our self-signing key.
+    pub async fn trusts_our_own_device(&self) -> Result<bool, CryptoStoreError> {
+        Ok(if let Some(signatures) = self.verification_machine.store.device_signatures().await? {
+            let mut device_keys = self.verification_machine.store.account.device_keys().await;
+            device_keys.signatures = signatures;
+
+            self.inner.self_signing_key().verify_device_keys(device_keys).is_ok()
+        } else {
+            false
+        })
+    }
+
    async fn request_verification_helper(
        &self,
        methods: Option<Vec<VerificationMethod>>,
--- a/matrix_sdk_crypto/src/verification/mod.rs
+++ b/matrix_sdk_crypto/src/verification/mod.rs
@ -19,7 +19,10 @@ mod qrcode;
 mod requests;
 mod sas;

-use std::{collections::HashMap, sync::Arc};
+use std::{
+    collections::{BTreeMap, HashMap},
+    sync::Arc,
+};

 use event_enums::OutgoingContent;
 pub use machine::VerificationMachine;
@ -36,7 +39,7 @@ use ruma::{
        },
        AnyMessageEventContent, AnyToDeviceEventContent,
    },
-    DeviceId, DeviceIdBox, EventId, RoomId, UserId,
+    DeviceId, DeviceIdBox, DeviceKeyId, EventId, RoomId, UserId,
 };
 pub use sas::{AcceptSettings, Sas};
 use tracing::{error, info, trace, warn};
@ -91,6 +94,17 @@ impl VerificationStore {
        self.inner.get_sessions(sender_key).await
    }

+    /// Get the signatures that have signed our own device.
+    pub async fn device_signatures(
+        &self,
+    ) -> Result<Option<BTreeMap<UserId, BTreeMap<DeviceKeyId, String>>>, CryptoStoreError> {
+        Ok(self
+            .inner
+            .get_device(self.account.user_id(), self.account.device_id())
+            .await?
+            .map(|d| d.signatures().to_owned()))
+    }
+
    pub fn inner(&self) -> &dyn CryptoStore {
        &*self.inner
    }