From bb83176b23ba337db3af8a14751f6b4775eab644 Mon Sep 17 00:00:00 2001 From: Hubert Chathi Date: Fri, 6 Sep 2024 16:34:56 -0400 Subject: [PATCH 1/2] bump dependency on rust-sdk-crypto-wasm --- package.json | 2 +- src/crypto-api/index.ts | 5 +++++ src/rust-crypto/RoomEncryptor.ts | 4 ++-- src/rust-crypto/rust-crypto.ts | 7 +++++++ yarn.lock | 8 ++++---- 5 files changed, 19 insertions(+), 7 deletions(-) diff --git a/package.json b/package.json index 9ac783ff7e7..9ed0c0800d3 100644 --- a/package.json +++ b/package.json @@ -50,7 +50,7 @@ ], "dependencies": { "@babel/runtime": "^7.12.5", - "@matrix-org/matrix-sdk-crypto-wasm": "^7.0.0", + "@matrix-org/matrix-sdk-crypto-wasm": "^8.0.0", "@matrix-org/olm": "3.2.15", "another-json": "^0.2.0", "bs58": "^6.0.0", diff --git a/src/crypto-api/index.ts b/src/crypto-api/index.ts index 6b9db3811dc..8f6fb91e1ed 100644 --- a/src/crypto-api/index.ts +++ b/src/crypto-api/index.ts @@ -589,6 +589,11 @@ export enum DecryptionFailureCode { */ HISTORICAL_MESSAGE_USER_NOT_JOINED = "HISTORICAL_MESSAGE_USER_NOT_JOINED", + /** + * The sender does not satisfy the requested trust requirement. + */ + SENDER_IDENTITY_NOT_TRUSTED = "SENDER_IDENTITY_NOT_TRUSTED", + /** Unknown or unclassified error. */ UNKNOWN_ERROR = "UNKNOWN_ERROR", diff --git a/src/rust-crypto/RoomEncryptor.ts b/src/rust-crypto/RoomEncryptor.ts index 3b6a6c80cc0..fcda295eb89 100644 --- a/src/rust-crypto/RoomEncryptor.ts +++ b/src/rust-crypto/RoomEncryptor.ts @@ -254,9 +254,9 @@ export class RoomEncryptor { // When this.room.getBlacklistUnverifiedDevices() === null, the global settings should be used // See Room#getBlacklistUnverifiedDevices if (this.room.getBlacklistUnverifiedDevices() ?? globalBlacklistUnverifiedDevices) { - rustEncryptionSettings.sharingStrategy = CollectStrategy.DeviceBasedStrategyOnlyTrustedDevices; + rustEncryptionSettings.sharingStrategy = CollectStrategy.deviceBasedStrategy(true, false); } else { - rustEncryptionSettings.sharingStrategy = CollectStrategy.DeviceBasedStrategyAllDevices; + rustEncryptionSettings.sharingStrategy = CollectStrategy.deviceBasedStrategy(false, false); } await logDuration(this.prefixedLogger, "shareRoomKey", async () => { diff --git a/src/rust-crypto/rust-crypto.ts b/src/rust-crypto/rust-crypto.ts index c43b3911c26..0a9ff4822c0 100644 --- a/src/rust-crypto/rust-crypto.ts +++ b/src/rust-crypto/rust-crypto.ts @@ -1741,6 +1741,7 @@ class EventDecryptor { const res = (await this.olmMachine.decryptRoomEvent( stringifyEvent(event), new RustSdkCryptoJs.RoomId(event.getRoomId()!), + new RustSdkCryptoJs.DecryptionSettings(RustSdkCryptoJs.TrustRequirement.Untrusted), )) as RustSdkCryptoJs.DecryptedRoomEvent; // Success. We can remove the event from the pending list, if @@ -1848,6 +1849,12 @@ class EventDecryptor { errorDetails, ); + case RustSdkCryptoJs.DecryptionErrorCode.SenderIdentityNotTrusted: + throw new DecryptionError( + DecryptionFailureCode.SENDER_IDENTITY_NOT_TRUSTED, + "The sender identity is not trusted.", + ); + // We don't map MismatchedIdentityKeys for now, as there is no equivalent in legacy. // Just put it on the `UNKNOWN_ERROR` bucket. default: diff --git a/yarn.lock b/yarn.lock index ef354a7116e..643111f73a3 100644 --- a/yarn.lock +++ b/yarn.lock @@ -1453,10 +1453,10 @@ "@jridgewell/resolve-uri" "^3.1.0" "@jridgewell/sourcemap-codec" "^1.4.14" -"@matrix-org/matrix-sdk-crypto-wasm@^7.0.0": - version "7.0.0" - resolved "https://registry.yarnpkg.com/@matrix-org/matrix-sdk-crypto-wasm/-/matrix-sdk-crypto-wasm-7.0.0.tgz#8d6abdb9ded8656cc9e2a7909913a34bf3fc9b3a" - integrity sha512-MOencXiW/gI5MuTtCNsuojjwT5DXCrjMqv9xOslJC9h2tPdLFFFMGr58dY5Lis4DRd9MRWcgrGowUIHOqieWTA== +"@matrix-org/matrix-sdk-crypto-wasm@^8.0.0": + version "8.0.0" + resolved "https://registry.yarnpkg.com/@matrix-org/matrix-sdk-crypto-wasm/-/matrix-sdk-crypto-wasm-8.0.0.tgz#6ddc0e63538e821a2efbc5c1a2f0fa0f71d489ff" + integrity sha512-s0q3O2dK8b6hOJ+SZFz+s/IiMabmVsNue6r17sTwbrRD8liBkCrpjYnxoMYvtC01GggJ9TZLQbeqpt8hQSPHAg== "@matrix-org/olm@3.2.15": version "3.2.15" From 86b235919b4e6bc930e252a635f425ec9470a1b8 Mon Sep 17 00:00:00 2001 From: Hubert Chathi Date: Tue, 10 Sep 2024 22:39:20 -0400 Subject: [PATCH 2/2] remove sender identity not trusted error, since it can't be triggered yet --- src/crypto-api/index.ts | 5 ----- src/rust-crypto/rust-crypto.ts | 6 ------ 2 files changed, 11 deletions(-) diff --git a/src/crypto-api/index.ts b/src/crypto-api/index.ts index 8f6fb91e1ed..6b9db3811dc 100644 --- a/src/crypto-api/index.ts +++ b/src/crypto-api/index.ts @@ -589,11 +589,6 @@ export enum DecryptionFailureCode { */ HISTORICAL_MESSAGE_USER_NOT_JOINED = "HISTORICAL_MESSAGE_USER_NOT_JOINED", - /** - * The sender does not satisfy the requested trust requirement. - */ - SENDER_IDENTITY_NOT_TRUSTED = "SENDER_IDENTITY_NOT_TRUSTED", - /** Unknown or unclassified error. */ UNKNOWN_ERROR = "UNKNOWN_ERROR", diff --git a/src/rust-crypto/rust-crypto.ts b/src/rust-crypto/rust-crypto.ts index 0a9ff4822c0..c1d1c8424d5 100644 --- a/src/rust-crypto/rust-crypto.ts +++ b/src/rust-crypto/rust-crypto.ts @@ -1849,12 +1849,6 @@ class EventDecryptor { errorDetails, ); - case RustSdkCryptoJs.DecryptionErrorCode.SenderIdentityNotTrusted: - throw new DecryptionError( - DecryptionFailureCode.SENDER_IDENTITY_NOT_TRUSTED, - "The sender identity is not trusted.", - ); - // We don't map MismatchedIdentityKeys for now, as there is no equivalent in legacy. // Just put it on the `UNKNOWN_ERROR` bucket. default: