From 99523d2bef53152a5746008cdc3ea9374ae7f216 Mon Sep 17 00:00:00 2001 From: Richard van der Hoff Date: Fri, 4 Jul 2025 10:12:26 +0100 Subject: [PATCH 1/2] test: add a flushPromises this seems to be needed because `initRustCrypto` now ends up doing slightly less awaiting --- spec/unit/rust-crypto/rust-crypto.spec.ts | 3 +++ 1 file changed, 3 insertions(+) diff --git a/spec/unit/rust-crypto/rust-crypto.spec.ts b/spec/unit/rust-crypto/rust-crypto.spec.ts index 36387e6cfc..195b021a1f 100644 --- a/spec/unit/rust-crypto/rust-crypto.spec.ts +++ b/spec/unit/rust-crypto/rust-crypto.spec.ts @@ -77,6 +77,7 @@ import encryptAESSecretStorageItem from "../../../src/utils/encryptAESSecretStor import { type CryptoStore, type SecretStorePrivateKeys } from "../../../src/crypto/store/base"; import { CryptoEvent } from "../../../src/crypto-api/index.ts"; import { RustBackupManager } from "../../../src/rust-crypto/backup.ts"; +import { flushPromises } from "../../test-utils/flushPromises.ts"; const TEST_USER = "@alice:example.com"; const TEST_DEVICE_ID = "TEST_DEVICE"; @@ -2302,6 +2303,8 @@ describe("RustCrypto", () => { }); const rustCrypto = await makeTestRustCrypto(makeMatrixHttpApi(), undefined, undefined, secretStorage); + await flushPromises(); + // We have a key backup expect(await rustCrypto.getActiveSessionBackupVersion()).not.toBeNull(); From b59fd95ba4d1d0820b180fa12f8a78d58a5e6a75 Mon Sep 17 00:00:00 2001 From: Richard van der Hoff Date: Tue, 1 Jul 2025 13:35:00 +0100 Subject: [PATCH 2/2] Support new `ShieldStateCode.MismatchedSender` --- spec/unit/rust-crypto/rust-crypto.spec.ts | 5 +++++ src/crypto-api/index.ts | 6 ++++++ src/rust-crypto/rust-crypto.ts | 6 ++++++ 3 files changed, 17 insertions(+) diff --git a/spec/unit/rust-crypto/rust-crypto.spec.ts b/spec/unit/rust-crypto/rust-crypto.spec.ts index 195b021a1f..48be04ea37 100644 --- a/spec/unit/rust-crypto/rust-crypto.spec.ts +++ b/spec/unit/rust-crypto/rust-crypto.spec.ts @@ -1140,6 +1140,11 @@ describe("RustCrypto", () => { RustSdkCryptoJs.ShieldStateCode.VerificationViolation, EventShieldReason.VERIFICATION_VIOLATION, ], + [ + "Mismatched sender", + RustSdkCryptoJs.ShieldStateCode.MismatchedSender, + EventShieldReason.MISMATCHED_SENDER, + ], ])("gets the right shield reason (%s)", async (rustReason, rustCode, expectedReason) => { // suppress the warning from the unknown shield reason jest.spyOn(console, "warn").mockImplementation(() => {}); diff --git a/src/crypto-api/index.ts b/src/crypto-api/index.ts index 173ff31764..a7acbf90af 100644 --- a/src/crypto-api/index.ts +++ b/src/crypto-api/index.ts @@ -1355,6 +1355,12 @@ export enum EventShieldReason { * The sender was previously verified but changed their identity. */ VERIFICATION_VIOLATION, + + /** + * The `sender` field on the event does not match the owner of the device + * that established the Megolm session. + */ + MISMATCHED_SENDER, } /** The result of a call to {@link CryptoApi.getOwnDeviceKeys} */ diff --git a/src/rust-crypto/rust-crypto.ts b/src/rust-crypto/rust-crypto.ts index 9cb8522d38..863a0e8e93 100644 --- a/src/rust-crypto/rust-crypto.ts +++ b/src/rust-crypto/rust-crypto.ts @@ -2277,6 +2277,12 @@ function rustEncryptionInfoToJsEncryptionInfo( case RustSdkCryptoJs.ShieldStateCode.VerificationViolation: shieldReason = EventShieldReason.VERIFICATION_VIOLATION; break; + case RustSdkCryptoJs.ShieldStateCode.MismatchedSender: + shieldReason = EventShieldReason.MISMATCHED_SENDER; + break; + default: + shieldReason = EventShieldReason.UNKNOWN; + break; } return { shieldColour, shieldReason };