Add easy way to determine if the decryption failure is due to "DecryptionError: The sender has disabled encrypting to unverified devices." (#3167)

* Add isEncryptedDisabledForUnverifiedDevices in event.ts * Add Tests * Add isEncryptedDisabledForUnverifiedDevices properties to event * Use WITHHELD_MESSAGES instead of hardcoded string * Use getter instead of function * Add documentation
2025-09-12 04:51:50 +03:00 · 2023-02-21 17:13:43 +01:00
parent 937f370655
commit 1f0c6a6dc9
3 changed files with 40 additions and 0 deletions
--- a/spec/unit/models/event.spec.ts
+++ b/spec/unit/models/event.spec.ts
@@ -126,12 +126,31 @@ describe("MatrixEvent", () => {
            expect(encryptedEvent.isEncrypted()).toBeTruthy();
            expect(encryptedEvent.isBeingDecrypted()).toBeFalsy();
            expect(encryptedEvent.isDecryptionFailure()).toBeTruthy();
+            expect(encryptedEvent.isEncryptedDisabledForUnverifiedDevices).toBeFalsy();
            expect(encryptedEvent.getContent()).toEqual({
                msgtype: "m.bad.encrypted",
                body: "** Unable to decrypt: Error: test error **",
            });
        });

+        it(`should report "DecryptionError: The sender has disabled encrypting to unverified devices."`, async () => {
+            const crypto = {
+                decryptEvent: jest
+                    .fn()
+                    .mockRejectedValue("DecryptionError: The sender has disabled encrypting to unverified devices."),
+            } as unknown as Crypto;
+
+            await encryptedEvent.attemptDecryption(crypto);
+            expect(encryptedEvent.isEncrypted()).toBeTruthy();
+            expect(encryptedEvent.isBeingDecrypted()).toBeFalsy();
+            expect(encryptedEvent.isDecryptionFailure()).toBeTruthy();
+            expect(encryptedEvent.isEncryptedDisabledForUnverifiedDevices).toBeTruthy();
+            expect(encryptedEvent.getContent()).toEqual({
+                msgtype: "m.bad.encrypted",
+                body: "** Unable to decrypt: DecryptionError: The sender has disabled encrypting to unverified devices. **",
+            });
+        });
+
        it("should retry decryption if a retry is queued", async () => {
            const eventAttemptDecryptionSpy = jest.spyOn(encryptedEvent, "attemptDecryption");

--- a/src/@types/crypto.ts
+++ b/src/@types/crypto.ts
@@ -44,6 +44,10 @@ export interface IEventDecryptionResult {
     */
    claimedEd25519Key?: string;
    untrusted?: boolean;
+    /**
+     * The sender doesn't authorize the unverified devices to decrypt his messages
+     */
+    encryptedDisabledForUnverifiedDevices?: boolean;
 }

 interface Extensible {
--- a/src/models/event.ts
+++ b/src/models/event.ts
@@ -36,6 +36,7 @@ import { TypedEventEmitter } from "./typed-event-emitter";
 import { EventStatus } from "./event-status";
 import { DecryptionError } from "../crypto/algorithms";
 import { CryptoBackend } from "../common-crypto/CryptoBackend";
+import { WITHHELD_MESSAGES } from "../crypto/OlmDevice";

 export { EventStatus } from "./event-status";

@@ -272,6 +273,12 @@ export class MatrixEvent extends TypedEventEmitter<MatrixEventEmittedEvents, Mat
    private thread?: Thread;
    private threadId?: string;

+    /*
+     * True if this event is an encrypted event which we failed to decrypt, the receiver's device is unverified and
+     * the sender has disabled encrypting to unverified devices.
+     */
+    private encryptedDisabledForUnverifiedDevices = false;
+
    /* Set an approximate timestamp for the event relative the local clock.
     * This will inherently be approximate because it doesn't take into account
     * the time between the server putting the 'age' field on the event as it sent
@@ -704,6 +711,14 @@ export class MatrixEvent extends TypedEventEmitter<MatrixEventEmittedEvents, Mat
        return this.clearEvent?.content?.msgtype === "m.bad.encrypted";
    }

+    /*
+     * True if this event is an encrypted event which we failed to decrypt, the receiver's device is unverified and
+     * the sender has disabled encrypting to unverified devices.
+     */
+    public get isEncryptedDisabledForUnverifiedDevices(): boolean {
+        return this.isDecryptionFailure() && this.encryptedDisabledForUnverifiedDevices;
+    }
+
    public shouldAttemptDecryption(): boolean {
        if (this.isRedacted()) return false;
        if (this.isBeingDecrypted()) return false;
@@ -899,6 +914,7 @@ export class MatrixEvent extends TypedEventEmitter<MatrixEventEmittedEvents, Mat
                    body: "** Unable to decrypt: " + reason + " **",
                },
            },
+            encryptedDisabledForUnverifiedDevices: reason === `DecryptionError: ${WITHHELD_MESSAGES["m.unverified"]}`,
        };
    }

@@ -920,6 +936,7 @@ export class MatrixEvent extends TypedEventEmitter<MatrixEventEmittedEvents, Mat
        this.claimedEd25519Key = decryptionResult.claimedEd25519Key ?? null;
        this.forwardingCurve25519KeyChain = decryptionResult.forwardingCurve25519KeyChain || [];
        this.untrusted = decryptionResult.untrusted || false;
+        this.encryptedDisabledForUnverifiedDevices = decryptionResult.encryptedDisabledForUnverifiedDevices || false;
        this.invalidateExtensibleEvent();
    }