bump dependency on rust-sdk-crypto-wasm

package.json

@@ -50,7 +50,7 @@
     ],
     "dependencies": {
         "@babel/runtime": "^7.12.5",
-        "@matrix-org/matrix-sdk-crypto-wasm": "^7.0.0",
+        "@matrix-org/matrix-sdk-crypto-wasm": "^8.0.0",
         "@matrix-org/olm": "3.2.15",
         "another-json": "^0.2.0",
         "bs58": "^6.0.0",

src/crypto-api/index.ts

@@ -589,6 +589,11 @@ export enum DecryptionFailureCode {
      */
     HISTORICAL_MESSAGE_USER_NOT_JOINED = "HISTORICAL_MESSAGE_USER_NOT_JOINED",
 
+    /**
+     * The sender does not satisfy the requested trust requirement.
+     */
+    SENDER_IDENTITY_NOT_TRUSTED = "SENDER_IDENTITY_NOT_TRUSTED",
+
     /** Unknown or unclassified error. */
     UNKNOWN_ERROR = "UNKNOWN_ERROR",
 

src/rust-crypto/RoomEncryptor.ts

@@ -254,9 +254,9 @@ export class RoomEncryptor {
         // When this.room.getBlacklistUnverifiedDevices() === null, the global settings should be used
         // See Room#getBlacklistUnverifiedDevices
         if (this.room.getBlacklistUnverifiedDevices() ?? globalBlacklistUnverifiedDevices) {
-            rustEncryptionSettings.sharingStrategy = CollectStrategy.DeviceBasedStrategyOnlyTrustedDevices;
+            rustEncryptionSettings.sharingStrategy = CollectStrategy.deviceBasedStrategy(true, false);
         } else {
-            rustEncryptionSettings.sharingStrategy = CollectStrategy.DeviceBasedStrategyAllDevices;
+            rustEncryptionSettings.sharingStrategy = CollectStrategy.deviceBasedStrategy(false, false);
         }
 
         await logDuration(this.prefixedLogger, "shareRoomKey", async () => {

src/rust-crypto/rust-crypto.ts

@@ -1741,6 +1741,7 @@ class EventDecryptor {
             const res = (await this.olmMachine.decryptRoomEvent(
                 stringifyEvent(event),
                 new RustSdkCryptoJs.RoomId(event.getRoomId()!),
+                new RustSdkCryptoJs.DecryptionSettings(RustSdkCryptoJs.TrustRequirement.Untrusted),
             )) as RustSdkCryptoJs.DecryptedRoomEvent;
 
             // Success. We can remove the event from the pending list, if
@@ -1848,6 +1849,9 @@ class EventDecryptor {
                     errorDetails,
                 );
 
+            case RustSdkCryptoJs.DecryptionErrorCode.SenderIdentityNotTrusted:
+                throw new DecryptionError(DecryptionFailureCode.SENDER_IDENTITY_NOT_TRUSTED, "The sender identity is not trusted.");
+
             // We don't map MismatchedIdentityKeys for now, as there is no equivalent in legacy.
             // Just put it on the `UNKNOWN_ERROR` bucket.
             default:

yarn.lock

@@ -1453,10 +1453,10 @@
     "@jridgewell/resolve-uri" "^3.1.0"
     "@jridgewell/sourcemap-codec" "^1.4.14"
 
-"@matrix-org/matrix-sdk-crypto-wasm@^7.0.0":
-  version "7.0.0"
-  resolved "https://registry.yarnpkg.com/@matrix-org/matrix-sdk-crypto-wasm/-/matrix-sdk-crypto-wasm-7.0.0.tgz#8d6abdb9ded8656cc9e2a7909913a34bf3fc9b3a"
-  integrity sha512-MOencXiW/gI5MuTtCNsuojjwT5DXCrjMqv9xOslJC9h2tPdLFFFMGr58dY5Lis4DRd9MRWcgrGowUIHOqieWTA==
+"@matrix-org/matrix-sdk-crypto-wasm@^8.0.0":
+  version "8.0.0"
+  resolved "https://registry.yarnpkg.com/@matrix-org/matrix-sdk-crypto-wasm/-/matrix-sdk-crypto-wasm-8.0.0.tgz#6ddc0e63538e821a2efbc5c1a2f0fa0f71d489ff"
+  integrity sha512-s0q3O2dK8b6hOJ+SZFz+s/IiMabmVsNue6r17sTwbrRD8liBkCrpjYnxoMYvtC01GggJ9TZLQbeqpt8hQSPHAg==
 
 "@matrix-org/olm@3.2.15":
   version "3.2.15"