crypto: move some logic from SenderDataFinder to SenderData

create a new method `SenderData::from_device` which does the last few steps of
`SenderDataFinder`: turns out we want it elsewhere. Add some tests to test that
functionality in isolation.

Author: richvdh

crates/matrix-sdk-crypto/src/machine/test_helpers.rs

@@ -332,6 +332,36 @@ pub async fn create_signed_device_of_unverified_user(
     device
 }
 
+/// Sign the given [`DeviceKeys`] with a cross-signing identity, then sign the
+/// identity with our own identity, and wrap both up as a [`Device`].
+pub async fn create_signed_device_of_verified_user(
+    mut device_keys: DeviceKeys,
+    device_owner_identity: &PrivateCrossSigningIdentity,
+    own_identity: &PrivateCrossSigningIdentity,
+) -> Device {
+    // Sign the device keys with the owner's identity.
+    {
+        let self_signing = device_owner_identity.self_signing_key.lock().await;
+        let self_signing = self_signing.as_ref().unwrap();
+        self_signing.sign_device(&mut device_keys).unwrap();
+    }
+
+    let mut public_identity = OtherUserIdentityData::from_private(device_owner_identity).await;
+
+    // Sign the public identity of the owner with our own identity.
+    sign_user_identity_data(own_identity, &mut public_identity).await;
+
+    let device = Device {
+        inner: DeviceData::try_from(&device_keys).unwrap(),
+        verification_machine: dummy_verification_machine(),
+        own_identity: Some(own_identity.to_public_identity().await.unwrap()),
+        device_owner_identity: Some(public_identity.into()),
+    };
+    assert!(device.is_cross_signed_by_owner());
+    assert!(device.is_cross_signing_trusted());
+    device
+}
+
 /// Sign a public user identity with our own user-signing key.
 pub async fn sign_user_identity_data(
     signer_private_identity: &PrivateCrossSigningIdentity,

crates/matrix-sdk-crypto/src/olm/group_sessions/sender_data.rs

@@ -16,9 +16,13 @@ use std::{cmp::Ordering, fmt};
 
 use ruma::{DeviceId, OwnedDeviceId, OwnedUserId, UserId};
 use serde::{de, de::Visitor, Deserialize, Deserializer, Serialize};
+use tracing::error;
 use vodozemac::Ed25519PublicKey;
 
-use crate::types::{serialize_ed25519_key, DeviceKeys};
+use crate::{
+    types::{serialize_ed25519_key, DeviceKeys},
+    Device,
+};
 
 /// Information about the sender of a megolm session where we know the
 /// cross-signing identity of the sender.
@@ -216,6 +220,61 @@ impl SenderData {
         Self::UnknownDevice { legacy_session: true, owner_check_failed: false }
     }
 
+    /// Create a [`SenderData`] representing the current verification state of
+    /// the given device.
+    ///
+    /// Depending on whether the device is correctly cross-signed or not, and
+    /// whether the user has been verified or not, this can return
+    /// [`SenderData::DeviceInfo`], [`SenderData::VerificationViolation`],
+    /// [`SenderData::SenderUnverified`] or [`SenderData::SenderVerified`]
+    pub fn from_device(sender_device: &Device) -> Self {
+        // Is the device cross-signed?
+        // Does the cross-signing key match that used to sign the device?
+        // And is the signature in the device valid?
+        let cross_signed = sender_device.is_cross_signed_by_owner();
+
+        if cross_signed {
+            Self::from_cross_signed_device(sender_device)
+        } else {
+            // We have device keys, but they are not signed by the sender
+            SenderData::device_info(sender_device.as_device_keys().clone())
+        }
+    }
+
+    fn from_cross_signed_device(sender_device: &Device) -> Self {
+        let user_id = sender_device.user_id().to_owned();
+        let device_id = Some(sender_device.device_id().to_owned());
+
+        let master_key = sender_device
+            .device_owner_identity
+            .as_ref()
+            .and_then(|i| i.master_key().get_first_key());
+
+        if let Some(master_key) = master_key {
+            // We have user_id and master_key for the user sending the to-device message.
+            let master_key = Box::new(master_key);
+            let known_sender_data = KnownSenderData { user_id, device_id, master_key };
+            if sender_device.is_cross_signing_trusted() {
+                Self::SenderVerified(known_sender_data)
+            } else if sender_device
+                .device_owner_identity
+                .as_ref()
+                .expect("User with master key must have identity")
+                .was_previously_verified()
+            {
+                Self::VerificationViolation(known_sender_data)
+            } else {
+                Self::SenderUnverified(known_sender_data)
+            }
+        } else {
+            // Surprisingly, there was no key in the MasterPubkey. We did not expect this:
+            // treat it as if the device was not signed by this master key.
+            //
+            error!("MasterPubkey for user {user_id} does not contain any keys!");
+            Self::device_info(sender_device.as_device_keys().clone())
+        }
+    }
+
     /// Returns `Greater` if this `SenderData` represents a greater level of
     /// trust than the supplied one, `Equal` if they have the same level, and
     /// `Less` if the supplied one has a greater level of trust.
@@ -344,10 +403,11 @@ pub enum SenderDataType {
 
 #[cfg(test)]
 mod tests {
-    use std::{cmp::Ordering, collections::BTreeMap};
+    use std::{cmp::Ordering, collections::BTreeMap, ops::Deref};
 
     use assert_matches2::assert_let;
     use insta::assert_json_snapshot;
+    use matrix_sdk_test::async_test;
     use ruma::{
         device_id, owned_device_id, owned_user_id, user_id, DeviceKeyAlgorithm, DeviceKeyId,
     };
@@ -356,8 +416,13 @@ mod tests {
 
     use super::SenderData;
     use crate::{
-        olm::{KnownSenderData, PickledInboundGroupSession},
+        machine::test_helpers::{
+            create_signed_device_of_unverified_user, create_signed_device_of_verified_user,
+            create_unsigned_device,
+        },
+        olm::{KnownSenderData, PickledInboundGroupSession, PrivateCrossSigningIdentity},
         types::{DeviceKey, DeviceKeys, EventEncryptionAlgorithm, Signatures},
+        Account,
     };
 
     #[test]
@@ -648,4 +713,111 @@ mod tests {
 
         assert_eq!(master_key.to_base64(), "kOp9s4ClyQujYD7rRZA8xgE6kvYlqKSNnMrQNmSrcuE");
     }
+
+    #[async_test]
+    async fn test_from_device_for_unsigned_device() {
+        let bob_account =
+            Account::with_device_id(user_id!("@bob:example.com"), device_id!("BOB_DEVICE"));
+        let bob_device = create_unsigned_device(bob_account.device_keys().clone());
+
+        let sender_data = SenderData::from_device(&bob_device);
+
+        assert_eq!(
+            sender_data,
+            SenderData::DeviceInfo {
+                device_keys: bob_device.device_keys.deref().clone(),
+                legacy_session: false
+            }
+        );
+    }
+
+    #[async_test]
+    async fn test_from_device_for_unverified_user() {
+        let bob_identity =
+            PrivateCrossSigningIdentity::new(user_id!("@bob:example.com").to_owned());
+        let bob_account =
+            Account::with_device_id(user_id!("@bob:example.com"), device_id!("BOB_DEVICE"));
+        let bob_device = create_signed_device_of_unverified_user(
+            bob_account.device_keys().clone(),
+            &bob_identity,
+        )
+        .await;
+
+        let sender_data = SenderData::from_device(&bob_device);
+
+        assert_eq!(
+            sender_data,
+            SenderData::SenderUnverified(KnownSenderData {
+                user_id: bob_account.user_id().to_owned(),
+                device_id: Some(bob_account.device_id().to_owned()),
+                master_key: Box::new(
+                    bob_identity.master_public_key().await.unwrap().get_first_key().unwrap()
+                ),
+            })
+        );
+    }
+
+    #[async_test]
+    async fn test_from_device_for_verified_user() {
+        let alice_account =
+            Account::with_device_id(user_id!("@alice:example.com"), device_id!("ALICE_DEVICE"));
+        let alice_identity = PrivateCrossSigningIdentity::with_account(&alice_account).await.0;
+
+        let bob_identity =
+            PrivateCrossSigningIdentity::new(user_id!("@bob:example.com").to_owned());
+        let bob_account =
+            Account::with_device_id(user_id!("@bob:example.com"), device_id!("BOB_DEVICE"));
+        let bob_device = create_signed_device_of_verified_user(
+            bob_account.device_keys().clone(),
+            &bob_identity,
+            &alice_identity,
+        )
+        .await;
+
+        let sender_data = SenderData::from_device(&bob_device);
+
+        assert_eq!(
+            sender_data,
+            SenderData::SenderVerified(KnownSenderData {
+                user_id: bob_account.user_id().to_owned(),
+                device_id: Some(bob_account.device_id().to_owned()),
+                master_key: Box::new(
+                    bob_identity.master_public_key().await.unwrap().get_first_key().unwrap()
+                ),
+            })
+        );
+    }
+
+    #[async_test]
+    async fn test_from_device_for_verification_violation_user() {
+        let bob_identity =
+            PrivateCrossSigningIdentity::new(user_id!("@bob:example.com").to_owned());
+        let bob_account =
+            Account::with_device_id(user_id!("@bob:example.com"), device_id!("BOB_DEVICE"));
+        let bob_device = create_signed_device_of_unverified_user(
+            bob_account.device_keys().clone(),
+            &bob_identity,
+        )
+        .await;
+        bob_device
+            .device_owner_identity
+            .as_ref()
+            .unwrap()
+            .other()
+            .unwrap()
+            .mark_as_previously_verified();
+
+        let sender_data = SenderData::from_device(&bob_device);
+
+        assert_eq!(
+            sender_data,
+            SenderData::VerificationViolation(KnownSenderData {
+                user_id: bob_account.user_id().to_owned(),
+                device_id: Some(bob_account.device_id().to_owned()),
+                master_key: Box::new(
+                    bob_identity.master_public_key().await.unwrap().get_first_key().unwrap()
+                ),
+            })
+        );
+    }
 }

crates/matrix-sdk-crypto/src/olm/group_sessions/sender_data_finder.rs

@@ -13,10 +13,9 @@
 // limitations under the License.
 
 use ruma::UserId;
-use tracing::error;
 use vodozemac::Curve25519PublicKey;
 
-use super::{InboundGroupSession, KnownSenderData, SenderData};
+use super::{InboundGroupSession, SenderData};
 use crate::{
     error::MismatchedIdentityKeysError, store::Store, types::events::olm_v1::DecryptedRoomKeyEvent,
     CryptoStoreError, Device, DeviceData, MegolmError, OlmError, SignatureError,
@@ -229,57 +228,14 @@ impl<'a> SenderDataFinder<'a> {
         // Is the session owned by the device?
         let device_is_owner = sender_device.is_owner_of_session(self.session)?;
 
-        // Is the device cross-signed?
-        // Does the cross-signing key match that used to sign the device?
-        // And is the signature in the device valid?
-        let cross_signed = sender_device.is_cross_signed_by_owner();
-
-        Ok(match (device_is_owner, cross_signed) {
-            (true, true) => self.device_is_cross_signed_by_sender(sender_device),
-            (true, false) => {
-                // F (we have device keys, but they are not signed by the sender)
-                SenderData::device_info(sender_device.as_device_keys().clone())
-            }
-            (false, _) => {
-                // Step E (the device does not own the session)
-                // Give up: something is wrong with the session.
-                SenderData::UnknownDevice { legacy_session: false, owner_check_failed: true }
-            }
-        })
-    }
-
-    /// Step G (device is cross-signed by the sender)
-    fn device_is_cross_signed_by_sender(&self, sender_device: Device) -> SenderData {
-        // H (cross-signing key matches that used to sign the device!)
-        let user_id = sender_device.user_id().to_owned();
-        let device_id = Some(sender_device.device_id().to_owned());
-
-        let master_key = sender_device
-            .device_owner_identity
-            .as_ref()
-            .and_then(|i| i.master_key().get_first_key());
-
-        if let Some(master_key) = master_key {
-            // We have user_id and master_key for the user sending the to-device message.
-            let master_key = Box::new(master_key);
-            let known_sender_data = KnownSenderData { user_id, device_id, master_key };
-            if sender_device.is_cross_signing_trusted() {
-                SenderData::SenderVerified(known_sender_data)
-            } else if sender_device
-                .device_owner_identity
-                .expect("User with master key must have identity")
-                .was_previously_verified()
-            {
-                SenderData::VerificationViolation(known_sender_data)
-            } else {
-                SenderData::SenderUnverified(known_sender_data)
-            }
+        if !device_is_owner {
+            // Step E (the device does not own the session)
+            // Give up: something is wrong with the session.
+            Ok(SenderData::UnknownDevice { legacy_session: false, owner_check_failed: true })
         } else {
-            // Surprisingly, there was no key in the MasterPubkey. We did not expect this:
-            // treat it as if the device was not signed by this master key.
-            //
-            error!("MasterPubkey for user {user_id} does not contain any keys!",);
-            SenderData::device_info(sender_device.as_device_keys().clone())
+            // Steps F, G, and H: we have a device, which may or may not be signed by the
+            // sender.
+            Ok(SenderData::from_device(&sender_device))
         }
     }
 }