Element R: fix isCrossSigningReady not checking identity trust (#4156)

* Fix inconsistency between rust and legacy * Add tests * Review: better comment Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com> * review: Better doc Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com> * Simplify test data and some comments --------- Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
2025-08-09 10:22:46 +03:00 · 2024-04-17 15:36:52 +02:00
parent 4fc6ba884e
commit d22a39f5d7
2 changed files with 67 additions and 4 deletions
--- a/src/rust-crypto/rust-crypto.ts
+++ b/src/rust-crypto/rust-crypto.ts
@@ -610,15 +610,17 @@ export class RustCrypto extends TypedEventEmitter<RustCryptoEvents, RustCryptoEv
     * Implementation of {@link CryptoApi#isCrossSigningReady}
     */
    public async isCrossSigningReady(): Promise<boolean> {
-        const { publicKeysOnDevice, privateKeysInSecretStorage, privateKeysCachedLocally } =
-            await this.getCrossSigningStatus();
+        const { privateKeysInSecretStorage, privateKeysCachedLocally } = await this.getCrossSigningStatus();
        const hasKeysInCache =
            Boolean(privateKeysCachedLocally.masterKey) &&
            Boolean(privateKeysCachedLocally.selfSigningKey) &&
            Boolean(privateKeysCachedLocally.userSigningKey);

-        // The cross signing is ready if the public and private keys are available
-        return publicKeysOnDevice && (hasKeysInCache || privateKeysInSecretStorage);
+        const identity = await this.getOwnIdentity();
+
+        // Cross-signing is ready if the public identity is trusted, and the private keys
+        // are either cached, or accessible via secret-storage.
+        return !!identity?.isVerified() && (hasKeysInCache || privateKeysInSecretStorage);
    }

    /**