matrix-org · florianduros · Jun 9, 2023 · Jun 6, 2023 · Jun 7, 2023 · Jun 7, 2023
@@ -19,7 +19,7 @@ import "fake-indexeddb/auto";
 import { IDBFactory } from "fake-indexeddb";
 
 import { CRYPTO_BACKENDS, InitCrypto } from "../../test-utils/test-utils";
-import { createClient, MatrixClient, UIAuthCallback } from "../../../src";
+import { createClient, MatrixClient, IAuthDict, UIAuthCallback } from "../../../src";
 
 afterEach(() => {
     // reset fake-indexeddb after each test, to make sure we don't leak connections
@@ -61,34 +61,46 @@ describe.each(Object.entries(CRYPTO_BACKENDS))("cross-signing (%s)", (backend: s
         fetchMock.mockReset();
     });
 
-    describe("bootstrapCrossSigning (before initialsync completes)", () => {
-        it("publishes keys if none were yet published", async () => {
-            // have account_data requests return an empty object
-            fetchMock.get("express:/_matrix/client/r0/user/:userId/account_data/:type", {});
-
-            // we expect a request to upload signatures for our device ...
-            fetchMock.post({ url: "path:/_matrix/client/v3/keys/signatures/upload", name: "upload-sigs" }, {});
-
-            // ... and one to upload the cross-signing keys (with UIA)
-            fetchMock.post(
-                // legacy crypto uses /unstable/; /v3/ is correct
-                {
-                    url: new RegExp("/_matrix/client/(unstable|v3)/keys/device_signing/upload"),
-                    name: "upload-keys",
-                },
-                {},
-            );
+    /**
+     * Create cross-signing keys, publish the keys
+     * Mock and bootstrap all the required steps
+     *
+     * @return the IAuthDict
+     */
+    async function setupCrossSigning(): Promise<IAuthDict> {
+        // have account_data requests return an empty object
+        fetchMock.get("express:/_matrix/client/r0/user/:userId/account_data/:type", {});
+
+        // we expect a request to upload signatures for our device ...
+        fetchMock.post({ url: "path:/_matrix/client/v3/keys/signatures/upload", name: "upload-sigs" }, {});
+
+        // ... and one to upload the cross-signing keys (with UIA)
+        fetchMock.post(
+            // legacy crypto uses /unstable/; /v3/ is correct
+            {
+                url: new RegExp("/_matrix/client/(unstable|v3)/keys/device_signing/upload"),
+                name: "upload-keys",
+            },
+            {},
+        );
+
+        // provide a UIA callback, so that the cross-signing keys are uploaded
+        const authDict = { type: "test" };
+        const uiaCallback: UIAuthCallback<void> = async (makeRequest) => {
+            await makeRequest(authDict);
+        };
+
+        // now bootstrap cross signing, and check it resolves successfully
+        await aliceClient.getCrypto()?.bootstrapCrossSigning({
+            authUploadDeviceSigningKeys: uiaCallback,
+        });
 
-            // provide a UIA callback, so that the cross-signing keys are uploaded
-            const authDict = { type: "test" };
-            const uiaCallback: UIAuthCallback<void> = async (makeRequest) => {
-                await makeRequest(authDict);
-            };
+        return authDict;
+    }
 
-            // now bootstrap cross signing, and check it resolves successfully
-            await aliceClient.bootstrapCrossSigning({
-                authUploadDeviceSigningKeys: uiaCallback,
-            });
+    describe("bootstrapCrossSigning (before initialsync completes)", () => {
+        it("publishes keys if none were yet published", async () => {
+            const authDict = await setupCrossSigning();
 
             // check the cross-signing keys upload
             expect(fetchMock.called("upload-keys")).toBeTruthy();
@@ -114,4 +126,17 @@ describe.each(Object.entries(CRYPTO_BACKENDS))("cross-signing (%s)", (backend: s
             );
         });
     });
+
+    it("Get cross signing status for Alice", async () => {
+        await setupCrossSigning();
+
+        const crossSigningStatus = await aliceClient.getCrypto()!.getCrossSigningStatus();
+
+        // Expect the cross signing keys to be available
+        expect(crossSigningStatus).toStrictEqual({
+            publicKeyOnDevice: true,
+            privateKeysInSecretStorage: false,
+            privateKeysCachedLocally: { masterKey: true, userSigningKey: true, selfSigningKey: true },
+        });
+    });
 });
diff --git a/src/@types/crypto.ts b/src/@types/crypto.ts
@@ -97,3 +97,16 @@ export interface IOneTimeKey {
     fallback?: boolean;
     signatures?: ISignatures;
 }
+
+/**
+ * The result of a call to {@link Crypto.getCrossSigningStatus}
+ */
+export interface ICrossSigningStatus {
+    publicKeyOnDevice: boolean;
+    privateKeysInSecretStorage: boolean;
+    privateKeysCachedLocally: {
+        masterKey: boolean;
+        selfSigningKey: boolean;
+        userSigningKey: boolean;
+    };
+}
@@ -18,6 +18,7 @@ import type { IMegolmSessionData } from "./@types/crypto";
 import { Room } from "./models/room";
 import { DeviceMap } from "./models/device";
 import { UIAuthCallback } from "./interactive-auth";
+import { ICrossSigningStatus } from "./@types/crypto";
 
 /** Types of cross-signing key */
 export enum CrossSigningKey {
@@ -185,6 +186,17 @@ export interface CryptoApi {
      * @returns True if secret storage is ready to be used on this device
      */
     isSecretStorageReady(): Promise<boolean>;
+
+    /**
+     * Check the cross signing status of this device
+     *
+     * - if there is a public key on this device
+     * - if the private master, userSigning and selfSigning keys are store in the SecretStorage
+     * - if the private master, userSigning and selfSigning keys are cached locally
+
+     * @returns the current cross signing status of this device
+     */
+    getCrossSigningStatus(): Promise<ICrossSigningStatus>;
 }
 
 /**

@@ -20,7 +20,13 @@ limitations under the License.
 import anotherjson from "another-json";
 import { v4 as uuidv4 } from "uuid";
 
-import type { IDeviceKeys, IEventDecryptionResult, IMegolmSessionData, IOneTimeKey } from "../@types/crypto";
+import type {
+    ICrossSigningStatus,
+    IDeviceKeys,
+    IEventDecryptionResult,
+    IMegolmSessionData,
+    IOneTimeKey,
+} from "../@types/crypto";
 import type { PkDecryption, PkSigning } from "@matrix-org/olm";
 import { EventType, ToDeviceMessageId } from "../@types/event";
 import { TypedReEmitter } from "../ReEmitter";
@@ -744,6 +750,30 @@ export class Crypto extends TypedEventEmitter<CryptoEvent, CryptoEventHandlerMap
         return !!(secretStorageKeyInAccount && privateKeysInStorage && sessionBackupInStorage);
     }
 
+    /**
+     * Implementation of {@link CryptoApi#getCrossSigningStatus}
+     */
+    public async getCrossSigningStatus(): Promise<ICrossSigningStatus> {
+        const publicKeyOnDevice = Boolean(this.crossSigningInfo.getId());
+        const privateKeysInSecretStorage = Boolean(
+            await this.crossSigningInfo.isStoredInSecretStorage(this.secretStorage),
+        );
+        const cacheCallbacks = this.crossSigningInfo.getCacheCallbacks();
+        const masterKey = Boolean(await cacheCallbacks.getCrossSigningKeyCache?.("master"));
+        const selfSigningKey = Boolean(await cacheCallbacks.getCrossSigningKeyCache?.("self_signing"));
+        const userSigningKey = Boolean(await cacheCallbacks.getCrossSigningKeyCache?.("user_signing"));
+
+        return {
+            publicKeyOnDevice,
+            privateKeysInSecretStorage,
+            privateKeysCachedLocally: {
+                masterKey,
+                selfSigningKey,
+                userSigningKey,
+            },
+        };
+    }
+
     /**
      * Bootstrap cross-signing by creating keys if needed. If everything is already
      * set up, then no changes are made, so this is safe to run to ensure

@@ -16,7 +16,7 @@ limitations under the License.
 
 import * as RustSdkCryptoJs from "@matrix-org/matrix-sdk-crypto-js";
 
-import type { IEventDecryptionResult, IMegolmSessionData } from "../@types/crypto";
+import type { ICrossSigningStatus, IEventDecryptionResult, IMegolmSessionData } from "../@types/crypto";
 import type { IDeviceLists, IToDeviceEvent } from "../sync-accumulator";
 import type { IEncryptedEventInfo } from "../crypto/api";
 import { MatrixEvent } from "../models/event";
@@ -34,7 +34,7 @@ import { BootstrapCrossSigningOpts, DeviceVerificationStatus } from "../crypto-a
 import { deviceKeysToDeviceMap, rustDeviceToJsDevice } from "./device-converter";
 import { IDownloadKeyResult, IQueryKeysRequest } from "../client";
 import { Device, DeviceMap } from "../models/device";
-import { ServerSideSecretStorage } from "../secret-storage";
+import { SecretStorageKeyDescription, ServerSideSecretStorage } from "../secret-storage";
 import { CrossSigningKey } from "../crypto/api";
 import { CrossSigningIdentity } from "./CrossSigningIdentity";
 
@@ -71,13 +71,13 @@ export class RustCrypto implements CryptoBackend {
         private readonly http: MatrixHttpApi<IHttpOpts & { onlyData: true }>,
 
         /** The local user's User ID. */
-        _userId: string,
+        private readonly userId: string,
 
         /** The local user's Device ID. */
         _deviceId: string,
 
         /** Interface to server-side secret storage */
-        _secretStorage: ServerSideSecretStorage,
+        private readonly secretStorage: ServerSideSecretStorage,
     ) {
         this.outgoingRequestProcessor = new OutgoingRequestProcessor(olmMachine, http);
         this.keyClaimManager = new KeyClaimManager(olmMachine, this.outgoingRequestProcessor);
@@ -350,6 +350,60 @@ export class RustCrypto implements CryptoBackend {
         return false;
     }
 
+    /**
+     * Implementation of {@link CryptoApi#getCrossSigningStatus}
+     */
+    public async getCrossSigningStatus(): Promise<ICrossSigningStatus> {
+        const userIdentity: RustSdkCryptoJs.OwnUserIdentity = await this.olmMachine.getIdentity(
+            new RustSdkCryptoJs.UserId(this.userId),
+        );
+        const publicKeyOnDevice =
+            Boolean(userIdentity.masterKey) &&
+            Boolean(userIdentity.selfSigningKey) &&
+            Boolean(userIdentity.userSigningKey);
+        const privateKeysInSecretStorage = Boolean(await this.isStoredInSecretStorage(this.secretStorage));
+        const crossSigningStatus: RustSdkCryptoJs.CrossSigningStatus = await this.olmMachine.crossSigningStatus();
+
+        return {
+            publicKeyOnDevice,
+            privateKeysInSecretStorage,
+            privateKeysCachedLocally: {
+                masterKey: crossSigningStatus.hasMaster,
+                userSigningKey: crossSigningStatus.hasUserSigning,
+                selfSigningKey: crossSigningStatus.hasSelfSigning,
+            },
+        };
+    }
+
+    /**
+     * Check whether the private keys exist in secret storage.
+     * XXX: This could be static, be we often seem to have an instance when we
+     * want to know this anyway...
+     *
+     * @param secretStorage - The secret store using account data
+     * @returns map of key name to key info the secret is encrypted
+     *     with, or null if it is not present or not encrypted with a trusted
+     *     key
+     */
+    private async isStoredInSecretStorage(
+        secretStorage: ServerSideSecretStorage,
+    ): Promise<Record<string, object> | null> {
+        // check what SSSS keys have encrypted the master key (if any)
+        const stored = (await secretStorage.isStored("m.cross_signing.master")) || {};
+        // then check which of those SSSS keys have also encrypted the SSK and USK
+        function intersect(s: Record<string, SecretStorageKeyDescription>): void {
+            for (const k of Object.keys(stored)) {
+                if (!s[k]) {
+                    delete stored[k];
+                }
+            }
+        }
+        for (const type of ["self_signing", "user_signing"]) {
+            intersect((await secretStorage.isStored(`m.cross_signing.${type}`)) || {});
+        }
+        return Object.keys(stored).length ? stored : null;
+    }
+
     ///////////////////////////////////////////////////////////////////////////////////////////////////////////////////
     //
     // SyncCryptoCallbacks implementation