Skip to content

Commit

Permalink
Merge pull request #3569 from element-hq/feature/valere/only_signed_d…
Browse files Browse the repository at this point in the history
…ecryption_mode

crypto: Use OnlySigned isolation flag to setup decryption trust req.
  • Loading branch information
BillCarsonFr authored Oct 4, 2024
2 parents 779c6db + 3259539 commit 4319a42
Show file tree
Hide file tree
Showing 2 changed files with 9 additions and 1 deletion.
Original file line number Diff line number Diff line change
Expand Up @@ -125,7 +125,7 @@ enum class FeatureFlags(
),
OnlySignedDeviceIsolationMode(
key = "feature.onlySignedDeviceIsolationMode",
title = "Exclude not secure devices when sending/receiving messages",
title = "Exclude insecure devices when sending/receiving messages",
description = "This setting controls how end-to-end encryption (E2E) keys are shared." +
" Enabling it will prevent the inclusion of devices that have not been explicitly verified by their owners." +
" You'll have to stop and re-open the app manually for that setting to take effect.",
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,7 @@ import org.matrix.rustcomponents.sdk.SlidingSyncVersionBuilder
import org.matrix.rustcomponents.sdk.use
import timber.log.Timber
import uniffi.matrix_sdk_crypto.CollectStrategy
import uniffi.matrix_sdk_crypto.TrustRequirement
import java.io.File
import javax.inject.Inject

Expand Down Expand Up @@ -108,6 +109,13 @@ class RustMatrixClientFactory @Inject constructor(
CollectStrategy.DeviceBasedStrategy(onlyAllowTrustedDevices = false, errorOnVerifiedUserProblem = true)
}
)
.roomDecryptionTrustRequirement(
trustRequirement = if (featureFlagService.isFeatureEnabled(FeatureFlags.OnlySignedDeviceIsolationMode)) {
TrustRequirement.CROSS_SIGNED_OR_LEGACY
} else {
TrustRequirement.UNTRUSTED
}
)
.run {
// Apply sliding sync version settings
when (slidingSyncType) {
Expand Down

0 comments on commit 4319a42

Please sign in to comment.