crypto: Expose a method to pin a user's identity

bindings/matrix-sdk-ffi/CHANGELOG.md

@@ -31,4 +31,5 @@ Breaking changes:
 
 Additions:
 
+- Add `Room::pin_user_identity`
 - Add `ClientBuilder::room_key_recipient_strategy`

bindings/matrix-sdk-ffi/src/room.rs

@@ -609,6 +609,10 @@ impl Room {
         })))
     }
 
+    pub fn pin_user_identity(&self, user_id: &str) -> Result<(), ClientError> {
+        Ok(self.inner.pin_user_identity(user_id.try_into()?))
+    }
+
     /// Set (or unset) a flag on the room to indicate that the user has
     /// explicitly marked it as unread.
     pub async fn set_unread_flag(&self, new_value: bool) -> Result<(), ClientError> {

crates/matrix-sdk-crypto/src/identities/user.rs

@@ -125,6 +125,22 @@ impl UserIdentity {
         }
     }
 
+    /// Consider this identity to be trusted.
+    ///
+    /// Resets this identity to the same "pinned" state assigned the first time
+    /// a user is encountered, where we follow "trust on first use" and
+    /// consider it trusted.
+    pub async fn pin(&self) -> Result<(), CryptoStoreError> {
+        match self {
+            UserIdentity::Own(_) => {
+                // Nothing to be done for our own identity: we already
+                // consider it trusted in this sense.
+                Ok(())
+            }
+            UserIdentity::Other(u) => u.pin_current_master_key().await,
+        }
+    }
+
     /// Was this identity previously verified, and is no longer?
     pub fn has_verification_violation(&self) -> bool {
         match self {

crates/matrix-sdk/CHANGELOG.md

@@ -28,6 +28,7 @@ Breaking changes:
 
 Additions:
 
+- new `Room::pin_user_identity` method.
 - new `ClientBuilder::with_decryption_trust_requirement` method.
 - new `ClientBuilder::with_room_key_recipient_strategy` method
 - new `Room.set_account_data` and `Room.set_account_data_raw` RoomAccountData setters, analogous to the GlobalAccountData

crates/matrix-sdk/src/encryption/identities/users.rs

@@ -422,6 +422,15 @@ impl UserIdentity {
         self.inner.withdraw_verification().await
     }
 
+    /// Consider this identity to be trusted.
+    ///
+    /// Resets this identity to the same "pinned" state assigned the first time
+    /// a user is encountered, where we follow "trust on first use" and
+    /// consider it trusted.
+    pub async fn pin(&self) -> Result<(), CryptoStoreError> {
+        self.inner.pin().await
+    }
+
     /// Get the public part of the Master key of this user identity.
     ///
     /// The public part of the Master key is usually used to uniquely identify

crates/matrix-sdk/src/error.rs

@@ -379,6 +379,10 @@ pub enum Error {
     /// Backups are not enabled
     #[error("backups are not enabled")]
     BackupNotEnabled,
+
+    /// The user was not found
+    #[error("user was not found")]
+    UserNotFound,
 }
 
 #[rustfmt::skip] // stop rustfmt breaking the `<code>` in docs across multiple lines

crates/matrix-sdk/src/room/identity_status_changes.rs

@@ -430,9 +430,8 @@ mod tests {
                     );
 
                     // Pin it
-                    self.crypto_other_identity()
-                        .await
-                        .pin_current_master_key()
+                    self.room
+                        .pin_user_identity(self.user_id())
                         .await
                         .expect("Should not fail to pin");
                 } else {

crates/matrix-sdk/src/room/mod.rs

@@ -403,6 +403,20 @@ impl Room {
         IdentityStatusChanges::create_stream(self.clone()).await
     }
 
+    /// Mark this user as "pinned" meaning that we have seen their cryptographic
+    /// identity before.
+    #[cfg(feature = "e2e-encryption")]
+    pub async fn pin_user_identity(&self, user_id: &UserId) -> Result<()> {
+        Ok(self
+            .client
+            .encryption()
+            .get_user_identity(user_id)
+            .await?
+            .ok_or(Error::UserNotFound)?
+            .pin()
+            .await?)
+    }
+
     /// Returns a wrapping `TimelineEvent` for the input `AnyTimelineEvent`,
     /// decrypted if needs be.
     ///