From 38c38bc9f07cca1ff94eb6ce389ba5e892cbb04f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Damir=20Jeli=C4=87?= <poljar@termina.org.uk>
Date: Fri, 18 Nov 2022 12:41:26 +0100
Subject: [PATCH] feat!(bindings): Expose the improved result of the
 verify_backup method

---
 bindings/matrix-sdk-crypto-ffi/src/lib.rs     |  3 +-
 bindings/matrix-sdk-crypto-ffi/src/machine.rs | 59 +++++++++++++++++--
 bindings/matrix-sdk-crypto-ffi/src/olm.udl    | 16 ++++-
 3 files changed, 71 insertions(+), 7 deletions(-)

diff --git a/bindings/matrix-sdk-crypto-ffi/src/lib.rs b/bindings/matrix-sdk-crypto-ffi/src/lib.rs
index cc6c7e57c..06d82f8be 100644
--- a/bindings/matrix-sdk-crypto-ffi/src/lib.rs
+++ b/bindings/matrix-sdk-crypto-ffi/src/lib.rs
@@ -27,9 +27,10 @@ pub use error::{
 };
 use js_int::UInt;
 pub use logger::{set_logger, Logger};
-pub use machine::{KeyRequestPair, OlmMachine};
+pub use machine::{KeyRequestPair, OlmMachine, SignatureCheckResult};
 use matrix_sdk_common::deserialized_responses::VerificationState;
 use matrix_sdk_crypto::{
+    backups::SignatureState,
     types::{EventEncryptionAlgorithm as RustEventEncryptionAlgorithm, SigningKey},
     EncryptionSettings as RustEncryptionSettings, LocalTrust,
 };
diff --git a/bindings/matrix-sdk-crypto-ffi/src/machine.rs b/bindings/matrix-sdk-crypto-ffi/src/machine.rs
index 223eabb44..11c55dd27 100644
--- a/bindings/matrix-sdk-crypto-ffi/src/machine.rs
+++ b/bindings/matrix-sdk-crypto-ffi/src/machine.rs
@@ -10,9 +10,15 @@ use base64::{decode_config, encode, STANDARD_NO_PAD};
 use js_int::UInt;
 use matrix_sdk_common::deserialized_responses::AlgorithmInfo;
 use matrix_sdk_crypto::{
-    backups::MegolmV1BackupKey as RustBackupKey, decrypt_room_key_export, encrypt_room_key_export,
-    matrix_sdk_qrcode::QrVerificationData, olm::ExportedRoomKey, store::RecoveryKey, LocalTrust,
-    OlmMachine as InnerMachine, UserIdentities, Verification as RustVerification,
+    backups::{
+        MegolmV1BackupKey as RustBackupKey, SignatureCheckResult as RustSignatureCheckResult,
+        SignatureState,
+    },
+    decrypt_room_key_export, encrypt_room_key_export,
+    matrix_sdk_qrcode::QrVerificationData,
+    olm::ExportedRoomKey,
+    store::RecoveryKey,
+    LocalTrust, OlmMachine as InnerMachine, UserIdentities, Verification as RustVerification,
 };
 use ruma::{
     api::{
@@ -66,6 +72,46 @@ pub struct KeyRequestPair {
     pub key_request: Request,
 }
 
+/// The result of a signature check of a signed JSON object.
+#[derive(Clone, Debug, PartialEq, Eq)]
+pub struct SignatureCheckResult {
+    /// The result of the signature check using the public key of our own
+    /// device.
+    pub device_signature: SignatureState,
+    /// The result of the signature check using the public key of our own
+    /// user identity.
+    pub user_identity_signature: SignatureState,
+    /// The result of signature checks using public keys of other devices we
+    /// own.
+    pub other_signatures: HashMap<String, SignatureState>,
+    /// Is the signed JSON object trusted.
+    ///
+    /// This flag tells us if the result has a valid signature from any of the
+    /// following:
+    ///
+    /// * Our own device
+    /// * Our own user identity, provided the identity is trusted as well
+    /// * Any of our own devices, provided the device is trusted as well
+    pub trusted: bool,
+}
+
+impl From<RustSignatureCheckResult> for SignatureCheckResult {
+    fn from(r: RustSignatureCheckResult) -> Self {
+        let trusted = r.trusted();
+
+        Self {
+            device_signature: r.device_signature,
+            user_identity_signature: r.user_identity_signature,
+            other_signatures: r
+                .other_signatures
+                .into_iter()
+                .map(|(k, v)| (k.to_string(), v))
+                .collect(),
+            trusted,
+        }
+    }
+}
+
 #[uniffi::export]
 impl OlmMachine {
     /// Get the user ID of the owner of this `OlmMachine`.
@@ -1461,12 +1507,15 @@ impl OlmMachine {
     ///     }
     /// }
     /// ```
-    pub fn verify_backup(&self, backup_info: &str) -> Result<bool, CryptoStoreError> {
+    pub fn verify_backup(
+        &self,
+        backup_info: &str,
+    ) -> Result<SignatureCheckResult, CryptoStoreError> {
         let backup_info = serde_json::from_str(backup_info)?;
 
         Ok(self
             .runtime
             .block_on(self.inner.backup_machine().verify_backup(backup_info, false))?
-            .trusted())
+            .into())
     }
 }
diff --git a/bindings/matrix-sdk-crypto-ffi/src/olm.udl b/bindings/matrix-sdk-crypto-ffi/src/olm.udl
index 59397eda0..2f0bc43a8 100644
--- a/bindings/matrix-sdk-crypto-ffi/src/olm.udl
+++ b/bindings/matrix-sdk-crypto-ffi/src/olm.udl
@@ -431,7 +431,7 @@ interface OlmMachine {
     BackupKeys? get_backup_keys();
     boolean backup_enabled();
     [Throws=CryptoStoreError]
-    boolean verify_backup([ByRef] string auth_data);
+    SignatureCheckResult verify_backup([ByRef] string auth_data);
 };
 
 dictionary PassphraseInfo {
@@ -439,6 +439,20 @@ dictionary PassphraseInfo {
     i32 private_key_iterations;
 };
 
+dictionary SignatureCheckResult {
+    SignatureState device_signature;
+    SignatureState user_identity_signature;
+    record<DOMString, SignatureState> other_signatures;
+    boolean trusted;
+};
+
+enum SignatureState {
+    "Missing",
+    "Invalid",
+    "ValidButNotTrusted",
+    "ValidAndTrusted",
+};
+
 dictionary MegolmV1BackupKey {
     string public_key;
     record<DOMString, record<DOMString, string>> signatures;