verification status by user, sign manually verified keys

lib/src/utils/device_keys_list.dart

@@ -8,6 +8,8 @@ import '../database/database.dart'
 import '../event.dart';
 import 'key_verification.dart';
 
+enum UserVerifiedStatus { verified, unknown, unknownDevice }
+
 class DeviceKeysList {
   Client client;
   String userId;
@@ -25,18 +27,27 @@ class DeviceKeysList {
     return null;
   }
 
-  CrossSigningKey getCrossSigningKey(String type) {
+  CrossSigningKey getCrossSigningKey(String type) => crossSigningKeys.values.firstWhere((k) => k.usage.contains(type));
-    final keys = crossSigningKeys.values.where((k) => k.usage.contains(type));
-    if (keys.isEmpty) {
-      return null;
-    }
-    return keys.first;
-  }
 
   CrossSigningKey get masterKey => getCrossSigningKey('master');
   CrossSigningKey get selfSigningKey => getCrossSigningKey('self_signing');
   CrossSigningKey get userSigningKey => getCrossSigningKey('user_signing');
 
+  UserVerifiedStatus get verified {
+    if (masterKey == null) {
+      return UserVerifiedStatus.unknown;
+    }
+    if (masterKey.verified) {
+      for (final key in deviceKeys.values) {
+        if (!key.verified) {
+          return UserVerifiedStatus.unknownDevice;
+        }
+      }
+      return UserVerifiedStatus.verified;
+    }
+    return UserVerifiedStatus.unknown;
+  }
+
   DeviceKeysList.fromDb(
       DbUserDeviceKey dbEntry,
       List<DbUserDeviceKeysKey> childEntries,
@@ -226,7 +237,13 @@ abstract class SignedKey {
     return false;
   }
 
-  Future<void> setVerified(bool newVerified);
+  Future<void> setVerified(bool newVerified, [bool sign = true]) {
+    _verified = newVerified;
+    if (sign && client.crossSigning.signable([this])) {
+      // sign the key!
+      client.crossSigning.sign([this]);
+    }
+  }
 
   Future<void> setBlocked(bool newBlocked);
 
@@ -250,8 +267,8 @@ class CrossSigningKey extends SignedKey {
       userId != null && publicKey != null && keys != null && ed25519Key != null;
 
   @override
-  Future<void> setVerified(bool newVerified) {
+  Future<void> setVerified(bool newVerified, [bool sign = true]) {
-    _verified = newVerified;
+    super.setVerified(newVerified, sign);
     return client.database?.setVerifiedUserCrossSigningKey(
         newVerified, client.id, userId, publicKey);
   }
@@ -310,8 +327,8 @@ class DeviceKeys extends SignedKey {
       ed25519Key != null;
 
   @override
-  Future<void> setVerified(bool newVerified) {
+  Future<void> setVerified(bool newVerified, [bool sign = true]) {
-    _verified = newVerified;
+    super.setVerified(newVerified, sign);
     return client.database
         ?.setVerifiedUserDeviceKey(newVerified, client.id, userId, deviceId);
   }

lib/src/utils/key_verification.dart

@@ -358,7 +358,7 @@ class KeyVerification {
     var verifiedMasterKey = false;
     final wasUnknownSession = client.isUnknownSession;
     for (final key in _verifiedDevices) {
-      await key.setVerified(true);
+      await key.setVerified(true, false); // we don't want to sign the keys juuuust yet
       if (key is CrossSigningKey && key.usage.contains('master')) {
         verifiedMasterKey = true;
       }

lib/src/utils/room_key_request.dart

@@ -22,7 +22,6 @@ class RoomKeyRequest extends ToDeviceEvent {
     for (final key in session.forwardingCurve25519KeyChain) {
       forwardedKeys.add(key);
     }
-    await requestingDevice.setVerified(true);
     var message = session.content;
     message['forwarding_curve25519_key_chain'] = forwardedKeys;