From ab233540cbdd1aea61419df2663e4919a8da1a91 Mon Sep 17 00:00:00 2001 From: Valere Date: Tue, 24 Sep 2024 15:26:26 +0200 Subject: [PATCH 1/6] crypto: Replace cryptoMode with DeviceIsolationMode concept --- spec/integ/crypto/crypto.spec.ts | 60 +++++++++++++---------- src/crypto-api/index.ts | 83 ++++++++++++++++++++++---------- src/crypto/index.ts | 7 ++- src/rust-crypto/rust-crypto.ts | 30 ++++++------ 4 files changed, 111 insertions(+), 69 deletions(-) diff --git a/spec/integ/crypto/crypto.spec.ts b/spec/integ/crypto/crypto.spec.ts index 41b52dd53cb..13fe1dfda9b 100644 --- a/spec/integ/crypto/crypto.spec.ts +++ b/spec/integ/crypto/crypto.spec.ts @@ -82,11 +82,13 @@ import { SecretStorageKeyDescription } from "../../../src/secret-storage"; import { CrossSigningKey, CryptoCallbacks, - CryptoMode, DecryptionFailureCode, + DeviceIsolationMode, EventShieldColour, EventShieldReason, KeyBackupInfo, + NoIsolation, + OnlySignedIsolation, } from "../../../src/crypto-api"; import { E2EKeyResponder } from "../../test-utils/E2EKeyResponder"; import { IKeyBackup } from "../../../src/crypto/backup"; @@ -747,9 +749,34 @@ describe.each(Object.entries(CRYPTO_BACKENDS))("crypto (%s)", (backend: string, ); }); - newBackendOnly( - "fails with an error when cross-signed sender is required but sender is not cross-signed", - async () => { + describe("IsolationMode decryption tests", () => { + newBackendOnly( + "OnlySigned mode - fails with an error when cross-signed sender is required but sender is not cross-signed", + async () => { + const decryptedEvent = await setUpTestAndDecrypt(new OnlySignedIsolation()); + + // It will error as an unknown device because we haven't fetched + // the sender's device keys. + expect(decryptedEvent.isDecryptionFailure()).toBe(true); + expect(decryptedEvent.decryptionFailureReason).toEqual(DecryptionFailureCode.UNKNOWN_SENDER_DEVICE); + }, + ); + + newBackendOnly( + "NoIsolation mode - Decrypts with warning when cross-signed sender is required but sender is not cross-signed", + async () => { + const decryptedEvent = await setUpTestAndDecrypt(new NoIsolation(false)); + + expect(decryptedEvent.isDecryptionFailure()).toBe(false); + + expect(await aliceClient.getCrypto()!.getEncryptionInfoForEvent(decryptedEvent)).toEqual({ + shieldColour: EventShieldColour.RED, + shieldReason: EventShieldReason.UNKNOWN_DEVICE, + }); + }, + ); + + async function setUpTestAndDecrypt(isolationMode: DeviceIsolationMode): Promise { // This tests that a message will not be decrypted if the sender // is not sufficiently trusted according to the selected crypto // mode. @@ -760,7 +787,7 @@ describe.each(Object.entries(CRYPTO_BACKENDS))("crypto (%s)", (backend: string, expectAliceKeyQuery({ device_keys: { "@alice:localhost": {} }, failures: {} }); // Start by using Invisible crypto mode - aliceClient.getCrypto()!.setCryptoMode(CryptoMode.Invisible); + aliceClient.getCrypto()!.setDeviceIsolationMode(isolationMode); await startClientAndAwaitFirstSync(); @@ -807,26 +834,9 @@ describe.each(Object.entries(CRYPTO_BACKENDS))("crypto (%s)", (backend: string, expect(event.isEncrypted()).toBe(true); // it probably won't be decrypted yet, because it takes a while to process the olm keys - const decryptedEvent = await testUtils.awaitDecryption(event); - // It will error as an unknown device because we haven't fetched - // the sender's device keys. - expect(decryptedEvent.decryptionFailureReason).toEqual(DecryptionFailureCode.UNKNOWN_SENDER_DEVICE); - - // Next, try decrypting in transition mode, which should also - // fail for the same reason - aliceClient.getCrypto()!.setCryptoMode(CryptoMode.Transition); - - await event.attemptDecryption(aliceClient["cryptoBackend"]!); - expect(decryptedEvent.decryptionFailureReason).toEqual(DecryptionFailureCode.UNKNOWN_SENDER_DEVICE); - - // Decrypting in legacy mode should succeed since it doesn't - // care about device trust. - aliceClient.getCrypto()!.setCryptoMode(CryptoMode.Legacy); - - await event.attemptDecryption(aliceClient["cryptoBackend"]!); - expect(decryptedEvent.decryptionFailureReason).toEqual(null); - }, - ); + return await testUtils.awaitDecryption(event); + } + }); it("Decryption fails with Unable to decrypt for other errors", async () => { expectAliceKeyQuery({ device_keys: { "@alice:localhost": {} }, failures: {} }); diff --git a/src/crypto-api/index.ts b/src/crypto-api/index.ts index 35e4a689762..757b8876014 100644 --- a/src/crypto-api/index.ts +++ b/src/crypto-api/index.ts @@ -41,11 +41,11 @@ export interface CryptoApi { globalBlacklistUnverifiedDevices: boolean; /** - * The cryptography mode to use. + * The {@link DeviceIsolationMode} mode to use. * - * @see CryptoMode + * @see DeviceIsolationMode */ - setCryptoMode(cryptoMode: CryptoMode): void; + setDeviceIsolationMode(isolationMode: DeviceIsolationMode): void; /** * Return the current version of the crypto module. @@ -658,37 +658,68 @@ export enum DecryptionFailureCode { } /** - * The cryptography mode. Affects how messages are encrypted and decrypted. + * A type of device isolation mode used when encrypting or decrypting messages. * Only supported by Rust crypto. + * + * Message encryption keys are shared with all devices in the room, except in case of + * verified user problems (see {@link errorOnVerifiedUserProblems}). + * + * Events from all senders are always decrypted (and should be decorated with message shields in case + * of authenticity warnings, see {@link EventEncryptionInfo}). */ -export enum CryptoMode { - /** - * Message encryption keys are shared with all devices in the room, except for - * blacklisted devices, or unverified devices if - * `globalBlacklistUnverifiedDevices` is set. Events from all senders are - * decrypted. - */ - Legacy, +export class NoIsolation { + // Discriminated Union + public readonly kind: "NoIsolation"; /** - * Events are encrypted as with `Legacy` mode, but encryption will throw an error if a - * verified user has an unsigned device, or if a verified user replaces - * their identity. Events are decrypted only if they come from cross-signed - * devices, or devices that existed before the Rust crypto SDK started - * tracking device trust: other events will result in a decryption failure. (To access the failure - * reason, see {@link MatrixEvent.decryptionFailureReason}.) + * Optional behavior when sharing keys to remote devices. + * If set to true, sharing keys will fail (i.e. message sending will fail) with an error if: + * - The user was previously verified but is not anymore. + * - A verified user has some unverified devices (not cross-signed). + * If false, the keys will be distributed as usual. + * If set to false the client UX should display warnings to inform the user. */ - Transition, + public errorOnVerifiedUserProblems: boolean; - /** - * Message encryption keys are only shared with devices that have been cross-signed by their owner. - * Encryption will throw an error if a verified user replaces their identity. Events are - * decrypted only if they come from a cross-signed device other events will result in a decryption - * failure. (To access the failure reason, see {@link MatrixEvent.decryptionFailureReason}.) - */ - Invisible, + public constructor(errorOnVerifiedUserProblems: boolean) { + this.kind = "NoIsolation"; + this.errorOnVerifiedUserProblems = errorOnVerifiedUserProblems; + } } +/** + * A type of device isolation mode used when encrypting or decrypting messages. + * Only supported by Rust crypto. + * + * Message encryption keys are only shared with devices that have been cross-signed by their owner. + * Encryption will throw an error if a verified user replaces their identity. + * + * Events are decrypted only if they come from a cross-signed device other events will result in a decryption + * failure. (To access the failure reason, see {@link MatrixEvent.decryptionFailureReason}.) + */ +export class OnlySignedIsolation { + // Discriminated Union + public readonly kind: "OnlySignedIsolation"; + + public constructor() { + this.kind = "OnlySignedIsolation"; + } +} + +/** + * DeviceIsolationMode represents the mode of device isolation used when encrypting or decrypting messages. + * It can be one of two types: NoIsolation or OnlySignedIsolation. + * + * {@link NoIsolation}: In this mode, message encryption keys are shared with all devices in the room, + * except for blacklisted devices or unverified devices if certain conditions are met. + * Events from all senders are always decrypted. + * + * {@link OnlySignedIsolation}: In this mode, message encryption keys are only shared with devices + * that have been cross-signed by their owner. Events will be decrypted only if they come from + * a cross-signed device, other events will result in a decryption failure. + */ +export type DeviceIsolationMode = NoIsolation | OnlySignedIsolation; + /** * Options object for `CryptoApi.bootstrapCrossSigning`. */ diff --git a/src/crypto/index.ts b/src/crypto/index.ts index 90638aea1a0..81ac9c0f1f1 100644 --- a/src/crypto/index.ts +++ b/src/crypto/index.ts @@ -88,9 +88,9 @@ import { BootstrapCrossSigningOpts, CrossSigningKeyInfo, CrossSigningStatus, - CryptoMode, decodeRecoveryKey, DecryptionFailureCode, + DeviceIsolationMode, DeviceVerificationStatus, encodeRecoveryKey, EventEncryptionInfo, @@ -650,12 +650,11 @@ export class Crypto extends TypedEventEmitter { + public async attemptEventDecryption( + event: MatrixEvent, + isolationMode: DeviceIsolationMode, + ): Promise { // add the event to the pending list *before* attempting to decrypt. // then, if the key turns up while decryption is in progress (and // decryption fails), we will schedule a retry. @@ -1762,15 +1766,13 @@ class EventDecryptor { this.addEventToPendingList(event); let trustRequirement; - switch (cryptoMode) { - case CryptoMode.Legacy: - trustRequirement = RustSdkCryptoJs.TrustRequirement.Untrusted; - break; - case CryptoMode.Transition: + + switch (isolationMode.kind) { + case "OnlySignedIsolation": trustRequirement = RustSdkCryptoJs.TrustRequirement.CrossSignedOrLegacy; break; - case CryptoMode.Invisible: - trustRequirement = RustSdkCryptoJs.TrustRequirement.CrossSigned; + case "NoIsolation": + trustRequirement = RustSdkCryptoJs.TrustRequirement.Untrusted; break; } From a7e16e83c4f8869c65181f4ba224185d470394ed Mon Sep 17 00:00:00 2001 From: Valere Date: Tue, 24 Sep 2024 16:40:27 +0200 Subject: [PATCH 2/6] use enum instead of string for the IsolationMode kind --- src/crypto-api/index.ts | 14 ++++++++++---- src/rust-crypto/rust-crypto.ts | 9 +++++---- 2 files changed, 15 insertions(+), 8 deletions(-) diff --git a/src/crypto-api/index.ts b/src/crypto-api/index.ts index 757b8876014..7f4a73562e2 100644 --- a/src/crypto-api/index.ts +++ b/src/crypto-api/index.ts @@ -657,6 +657,12 @@ export enum DecryptionFailureCode { UNKNOWN_ENCRYPTION_ALGORITHM = "UNKNOWN_ENCRYPTION_ALGORITHM", } +/** Enum kind for isolation mode, used to discriminate union.*/ +export enum IsolationModeKind { + None, + OnlySigned, +} + /** * A type of device isolation mode used when encrypting or decrypting messages. * Only supported by Rust crypto. @@ -669,7 +675,7 @@ export enum DecryptionFailureCode { */ export class NoIsolation { // Discriminated Union - public readonly kind: "NoIsolation"; + public readonly kind: IsolationModeKind.None; /** * Optional behavior when sharing keys to remote devices. @@ -682,7 +688,7 @@ export class NoIsolation { public errorOnVerifiedUserProblems: boolean; public constructor(errorOnVerifiedUserProblems: boolean) { - this.kind = "NoIsolation"; + this.kind = IsolationModeKind.None; this.errorOnVerifiedUserProblems = errorOnVerifiedUserProblems; } } @@ -699,10 +705,10 @@ export class NoIsolation { */ export class OnlySignedIsolation { // Discriminated Union - public readonly kind: "OnlySignedIsolation"; + public readonly kind: IsolationModeKind.OnlySigned; public constructor() { - this.kind = "OnlySignedIsolation"; + this.kind = IsolationModeKind.OnlySigned; } } diff --git a/src/rust-crypto/rust-crypto.ts b/src/rust-crypto/rust-crypto.ts index 2f32a782f79..ba8108ce95d 100644 --- a/src/rust-crypto/rust-crypto.ts +++ b/src/rust-crypto/rust-crypto.ts @@ -62,6 +62,7 @@ import { deriveRecoveryKeyFromPassphrase, DeviceIsolationMode, NoIsolation, + IsolationModeKind, } from "../crypto-api/index.ts"; import { deviceKeysToDeviceMap, rustDeviceToJsDevice } from "./device-converter.ts"; import { IDownloadKeyResult, IQueryKeysRequest } from "../client.ts"; @@ -1768,12 +1769,12 @@ class EventDecryptor { let trustRequirement; switch (isolationMode.kind) { - case "OnlySignedIsolation": - trustRequirement = RustSdkCryptoJs.TrustRequirement.CrossSignedOrLegacy; - break; - case "NoIsolation": + case IsolationModeKind.None: trustRequirement = RustSdkCryptoJs.TrustRequirement.Untrusted; break; + case IsolationModeKind.OnlySigned: + trustRequirement = RustSdkCryptoJs.TrustRequirement.CrossSignedOrLegacy; + break; } try { From 1fe8ebc80cd50a895a48d9763bf71f6b3d96b1c9 Mon Sep 17 00:00:00 2001 From: Valere Date: Tue, 24 Sep 2024 22:11:13 +0200 Subject: [PATCH 3/6] Code review - Cleaning, renaming --- src/crypto-api/index.ts | 55 +++++++++++++--------------------- src/rust-crypto/rust-crypto.ts | 6 ++-- 2 files changed, 24 insertions(+), 37 deletions(-) diff --git a/src/crypto-api/index.ts b/src/crypto-api/index.ts index 7f4a73562e2..66983403d7f 100644 --- a/src/crypto-api/index.ts +++ b/src/crypto-api/index.ts @@ -657,15 +657,14 @@ export enum DecryptionFailureCode { UNKNOWN_ENCRYPTION_ALGORITHM = "UNKNOWN_ENCRYPTION_ALGORITHM", } -/** Enum kind for isolation mode, used to discriminate union.*/ -export enum IsolationModeKind { - None, - OnlySigned, +/** Base {@link DeviceIsolationMode} kind. */ +export enum DeviceIsolationModeKind { + NoIsolation, + OnlySignedIsolation, } /** - * A type of device isolation mode used when encrypting or decrypting messages. - * Only supported by Rust crypto. + * A type of {@link DeviceIsolationMode}. * * Message encryption keys are shared with all devices in the room, except in case of * verified user problems (see {@link errorOnVerifiedUserProblems}). @@ -674,55 +673,43 @@ export enum IsolationModeKind { * of authenticity warnings, see {@link EventEncryptionInfo}). */ export class NoIsolation { - // Discriminated Union - public readonly kind: IsolationModeKind.None; + public readonly kind = DeviceIsolationModeKind.NoIsolation; /** - * Optional behavior when sharing keys to remote devices. - * If set to true, sharing keys will fail (i.e. message sending will fail) with an error if: - * - The user was previously verified but is not anymore. - * - A verified user has some unverified devices (not cross-signed). - * If false, the keys will be distributed as usual. - * If set to false the client UX should display warnings to inform the user. + * + * @param errorOnVerifiedUserProblems - Behavior when sharing keys to remote devices. + * If set to `true`, sharing keys will fail (i.e. message sending will fail) with an error if: + * - The user was previously verified but is not anymore, or: + * - A verified user has some unverified devices (not cross-signed). + * + * If `false`, the keys will be distributed as usual. In this case, the client UX should display + * warnings to inform the user about problematic devices/users, and stop them hitting this case. */ - public errorOnVerifiedUserProblems: boolean; - - public constructor(errorOnVerifiedUserProblems: boolean) { - this.kind = IsolationModeKind.None; + public constructor(public readonly errorOnVerifiedUserProblems: boolean) { this.errorOnVerifiedUserProblems = errorOnVerifiedUserProblems; } } /** - * A type of device isolation mode used when encrypting or decrypting messages. - * Only supported by Rust crypto. + * A type of {@link DeviceIsolationMode}. * * Message encryption keys are only shared with devices that have been cross-signed by their owner. * Encryption will throw an error if a verified user replaces their identity. * - * Events are decrypted only if they come from a cross-signed device other events will result in a decryption + * Events are decrypted only if they come from a cross-signed device. Other events will result in a decryption * failure. (To access the failure reason, see {@link MatrixEvent.decryptionFailureReason}.) */ export class OnlySignedIsolation { - // Discriminated Union - public readonly kind: IsolationModeKind.OnlySigned; + public readonly kind = DeviceIsolationModeKind.OnlySignedIsolation; - public constructor() { - this.kind = IsolationModeKind.OnlySigned; - } + public constructor() {} } /** * DeviceIsolationMode represents the mode of device isolation used when encrypting or decrypting messages. - * It can be one of two types: NoIsolation or OnlySignedIsolation. - * - * {@link NoIsolation}: In this mode, message encryption keys are shared with all devices in the room, - * except for blacklisted devices or unverified devices if certain conditions are met. - * Events from all senders are always decrypted. + * It can be one of two types: {@link NoIsolation} or {@link OnlySignedIsolation}. * - * {@link OnlySignedIsolation}: In this mode, message encryption keys are only shared with devices - * that have been cross-signed by their owner. Events will be decrypted only if they come from - * a cross-signed device, other events will result in a decryption failure. + * Only supported by rust Crypto. */ export type DeviceIsolationMode = NoIsolation | OnlySignedIsolation; diff --git a/src/rust-crypto/rust-crypto.ts b/src/rust-crypto/rust-crypto.ts index ba8108ce95d..484aa889f20 100644 --- a/src/rust-crypto/rust-crypto.ts +++ b/src/rust-crypto/rust-crypto.ts @@ -62,7 +62,7 @@ import { deriveRecoveryKeyFromPassphrase, DeviceIsolationMode, NoIsolation, - IsolationModeKind, + DeviceIsolationModeKind, } from "../crypto-api/index.ts"; import { deviceKeysToDeviceMap, rustDeviceToJsDevice } from "./device-converter.ts"; import { IDownloadKeyResult, IQueryKeysRequest } from "../client.ts"; @@ -1769,10 +1769,10 @@ class EventDecryptor { let trustRequirement; switch (isolationMode.kind) { - case IsolationModeKind.None: + case DeviceIsolationModeKind.NoIsolation: trustRequirement = RustSdkCryptoJs.TrustRequirement.Untrusted; break; - case IsolationModeKind.OnlySigned: + case DeviceIsolationModeKind.OnlySignedIsolation: trustRequirement = RustSdkCryptoJs.TrustRequirement.CrossSignedOrLegacy; break; } From df36facc37862ef0bd02c6a5709ad338becfe4d4 Mon Sep 17 00:00:00 2001 From: Valere Date: Wed, 25 Sep 2024 09:43:41 +0200 Subject: [PATCH 4/6] review: unneeded @see in doc --- src/crypto-api/index.ts | 2 -- 1 file changed, 2 deletions(-) diff --git a/src/crypto-api/index.ts b/src/crypto-api/index.ts index 66983403d7f..71840cb106d 100644 --- a/src/crypto-api/index.ts +++ b/src/crypto-api/index.ts @@ -42,8 +42,6 @@ export interface CryptoApi { /** * The {@link DeviceIsolationMode} mode to use. - * - * @see DeviceIsolationMode */ setDeviceIsolationMode(isolationMode: DeviceIsolationMode): void; From 20f5882b00f05cbef2fd51e7e1bd18c985262447 Mon Sep 17 00:00:00 2001 From: Valere Date: Wed, 25 Sep 2024 13:32:35 +0200 Subject: [PATCH 5/6] review: Rename IsolationMode with better names --- spec/integ/crypto/crypto.spec.ts | 8 ++++---- src/crypto-api/index.ts | 16 ++++++++-------- src/rust-crypto/rust-crypto.ts | 8 ++++---- 3 files changed, 16 insertions(+), 16 deletions(-) diff --git a/spec/integ/crypto/crypto.spec.ts b/spec/integ/crypto/crypto.spec.ts index 13fe1dfda9b..4631f8e4add 100644 --- a/spec/integ/crypto/crypto.spec.ts +++ b/spec/integ/crypto/crypto.spec.ts @@ -87,8 +87,8 @@ import { EventShieldColour, EventShieldReason, KeyBackupInfo, - NoIsolation, - OnlySignedIsolation, + AllDevicesIsolationMode, + OnlySignedDevicesIsolationMode, } from "../../../src/crypto-api"; import { E2EKeyResponder } from "../../test-utils/E2EKeyResponder"; import { IKeyBackup } from "../../../src/crypto/backup"; @@ -753,7 +753,7 @@ describe.each(Object.entries(CRYPTO_BACKENDS))("crypto (%s)", (backend: string, newBackendOnly( "OnlySigned mode - fails with an error when cross-signed sender is required but sender is not cross-signed", async () => { - const decryptedEvent = await setUpTestAndDecrypt(new OnlySignedIsolation()); + const decryptedEvent = await setUpTestAndDecrypt(new OnlySignedDevicesIsolationMode()); // It will error as an unknown device because we haven't fetched // the sender's device keys. @@ -765,7 +765,7 @@ describe.each(Object.entries(CRYPTO_BACKENDS))("crypto (%s)", (backend: string, newBackendOnly( "NoIsolation mode - Decrypts with warning when cross-signed sender is required but sender is not cross-signed", async () => { - const decryptedEvent = await setUpTestAndDecrypt(new NoIsolation(false)); + const decryptedEvent = await setUpTestAndDecrypt(new AllDevicesIsolationMode(false)); expect(decryptedEvent.isDecryptionFailure()).toBe(false); diff --git a/src/crypto-api/index.ts b/src/crypto-api/index.ts index 71840cb106d..68a236a7d3f 100644 --- a/src/crypto-api/index.ts +++ b/src/crypto-api/index.ts @@ -657,8 +657,8 @@ export enum DecryptionFailureCode { /** Base {@link DeviceIsolationMode} kind. */ export enum DeviceIsolationModeKind { - NoIsolation, - OnlySignedIsolation, + AllDevicesIsolationMode, + OnlySignedDevicesIsolationMode, } /** @@ -670,8 +670,8 @@ export enum DeviceIsolationModeKind { * Events from all senders are always decrypted (and should be decorated with message shields in case * of authenticity warnings, see {@link EventEncryptionInfo}). */ -export class NoIsolation { - public readonly kind = DeviceIsolationModeKind.NoIsolation; +export class AllDevicesIsolationMode { + public readonly kind = DeviceIsolationModeKind.AllDevicesIsolationMode; /** * @@ -697,19 +697,19 @@ export class NoIsolation { * Events are decrypted only if they come from a cross-signed device. Other events will result in a decryption * failure. (To access the failure reason, see {@link MatrixEvent.decryptionFailureReason}.) */ -export class OnlySignedIsolation { - public readonly kind = DeviceIsolationModeKind.OnlySignedIsolation; +export class OnlySignedDevicesIsolationMode { + public readonly kind = DeviceIsolationModeKind.OnlySignedDevicesIsolationMode; public constructor() {} } /** * DeviceIsolationMode represents the mode of device isolation used when encrypting or decrypting messages. - * It can be one of two types: {@link NoIsolation} or {@link OnlySignedIsolation}. + * It can be one of two types: {@link AllDevicesIsolationMode} or {@link OnlySignedDevicesIsolationMode}. * * Only supported by rust Crypto. */ -export type DeviceIsolationMode = NoIsolation | OnlySignedIsolation; +export type DeviceIsolationMode = AllDevicesIsolationMode | OnlySignedDevicesIsolationMode; /** * Options object for `CryptoApi.bootstrapCrossSigning`. diff --git a/src/rust-crypto/rust-crypto.ts b/src/rust-crypto/rust-crypto.ts index 484aa889f20..8816a3cb23f 100644 --- a/src/rust-crypto/rust-crypto.ts +++ b/src/rust-crypto/rust-crypto.ts @@ -61,7 +61,7 @@ import { encodeRecoveryKey, deriveRecoveryKeyFromPassphrase, DeviceIsolationMode, - NoIsolation, + AllDevicesIsolationMode, DeviceIsolationModeKind, } from "../crypto-api/index.ts"; import { deviceKeysToDeviceMap, rustDeviceToJsDevice } from "./device-converter.ts"; @@ -109,7 +109,7 @@ export class RustCrypto extends TypedEventEmitter Date: Wed, 25 Sep 2024 13:35:17 +0200 Subject: [PATCH 6/6] review: quick cleaning and doc --- src/crypto-api/index.ts | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/src/crypto-api/index.ts b/src/crypto-api/index.ts index 68a236a7d3f..dc764e03223 100644 --- a/src/crypto-api/index.ts +++ b/src/crypto-api/index.ts @@ -676,6 +676,7 @@ export class AllDevicesIsolationMode { /** * * @param errorOnVerifiedUserProblems - Behavior when sharing keys to remote devices. + * * If set to `true`, sharing keys will fail (i.e. message sending will fail) with an error if: * - The user was previously verified but is not anymore, or: * - A verified user has some unverified devices (not cross-signed). @@ -683,9 +684,7 @@ export class AllDevicesIsolationMode { * If `false`, the keys will be distributed as usual. In this case, the client UX should display * warnings to inform the user about problematic devices/users, and stop them hitting this case. */ - public constructor(public readonly errorOnVerifiedUserProblems: boolean) { - this.errorOnVerifiedUserProblems = errorOnVerifiedUserProblems; - } + public constructor(public readonly errorOnVerifiedUserProblems: boolean) {} } /** @@ -699,8 +698,6 @@ export class AllDevicesIsolationMode { */ export class OnlySignedDevicesIsolationMode { public readonly kind = DeviceIsolationModeKind.OnlySignedDevicesIsolationMode; - - public constructor() {} } /**