Use shield status codes from Rust rather than string matching (#4529)

spec/unit/rust-crypto/rust-crypto.spec.ts

@@ -991,23 +991,41 @@ describe("RustCrypto", () => {
         });
 
         it.each([
-            [undefined, null],
+            [undefined, undefined, null],
-            ["Encrypted by an unverified user.", EventShieldReason.UNVERIFIED_IDENTITY],
+            [
-            ["Encrypted by a device not verified by its owner.", EventShieldReason.UNSIGNED_DEVICE],
+                "Encrypted by an unverified user.",
+                RustSdkCryptoJs.ShieldStateCode.UnverifiedIdentity,
+                EventShieldReason.UNVERIFIED_IDENTITY,
+            ],
+            [
+                "Encrypted by a device not verified by its owner.",
+                RustSdkCryptoJs.ShieldStateCode.UnsignedDevice,
+                EventShieldReason.UNSIGNED_DEVICE,
+            ],
             [
                 "The authenticity of this encrypted message can't be guaranteed on this device.",
+                RustSdkCryptoJs.ShieldStateCode.AuthenticityNotGuaranteed,
                 EventShieldReason.AUTHENTICITY_NOT_GUARANTEED,
             ],
-            ["Encrypted by an unknown or deleted device.", EventShieldReason.UNKNOWN_DEVICE],
+            [
-            ["bloop", EventShieldReason.UNKNOWN],
+                "Encrypted by an unknown or deleted device.",
-        ])("gets the right shield reason (%s)", async (rustReason, expectedReason) => {
+                RustSdkCryptoJs.ShieldStateCode.UnknownDevice,
+                EventShieldReason.UNKNOWN_DEVICE,
+            ],
+            ["Not encrypted.", RustSdkCryptoJs.ShieldStateCode.SentInClear, EventShieldReason.SENT_IN_CLEAR],
+            [
+                "Encrypted by a previously-verified user who is no longer verified.",
+                RustSdkCryptoJs.ShieldStateCode.PreviouslyVerified,
+                EventShieldReason.VERIFICATION_VIOLATION,
+            ],
+        ])("gets the right shield reason (%s)", async (rustReason, rustCode, expectedReason) => {
             // suppress the warning from the unknown shield reason
             jest.spyOn(console, "warn").mockImplementation(() => {});
 
             const mockEncryptionInfo = {
                 shieldState: jest
                     .fn()
-                    .mockReturnValue({ color: RustSdkCryptoJs.ShieldColor.None, message: rustReason }),
+                    .mockReturnValue({ color: RustSdkCryptoJs.ShieldColor.None, code: rustCode, message: rustReason }),
             } as unknown as RustSdkCryptoJs.EncryptionInfo;
             olmMachine.getRoomEventEncryptionInfo.mockResolvedValue(mockEncryptionInfo);
 

src/crypto-api/index.ts

@@ -1157,6 +1157,16 @@ export enum EventShieldReason {
      * decryption keys.
      */
     MISMATCHED_SENDER_KEY,
+
+    /**
+     * The event was sent unencrypted in an encrypted room.
+     */
+    SENT_IN_CLEAR,
+
+    /**
+     * The sender was previously verified but changed their identity.
+     */
+    VERIFICATION_VIOLATION,
 }
 
 /** The result of a call to {@link CryptoApi.getOwnDeviceKeys} */

src/rust-crypto/rust-crypto.ts

@@ -2180,22 +2180,29 @@ function rustEncryptionInfoToJsEncryptionInfo(
     }
 
     let shieldReason: EventShieldReason | null;
-    if (shieldState.message === undefined) {
+    switch (shieldState.code) {
-        shieldReason = null;
+        case undefined:
-    } else if (shieldState.message === "Encrypted by an unverified user.") {
+        case null:
-        // this case isn't actually used with lax shield semantics.
+            shieldReason = null;
-        shieldReason = EventShieldReason.UNVERIFIED_IDENTITY;
+            break;
-    } else if (shieldState.message === "Encrypted by a device not verified by its owner.") {
+        case RustSdkCryptoJs.ShieldStateCode.AuthenticityNotGuaranteed:
-        shieldReason = EventShieldReason.UNSIGNED_DEVICE;
+            shieldReason = EventShieldReason.AUTHENTICITY_NOT_GUARANTEED;
-    } else if (
+            break;
-        shieldState.message === "The authenticity of this encrypted message can't be guaranteed on this device."
+        case RustSdkCryptoJs.ShieldStateCode.UnknownDevice:
-    ) {
+            shieldReason = EventShieldReason.UNKNOWN_DEVICE;
-        shieldReason = EventShieldReason.AUTHENTICITY_NOT_GUARANTEED;
+            break;
-    } else if (shieldState.message === "Encrypted by an unknown or deleted device.") {
+        case RustSdkCryptoJs.ShieldStateCode.UnsignedDevice:
-        shieldReason = EventShieldReason.UNKNOWN_DEVICE;
+            shieldReason = EventShieldReason.UNSIGNED_DEVICE;
-    } else {
+            break;
-        logger.warn(`Unknown shield state message '${shieldState.message}'`);
+        case RustSdkCryptoJs.ShieldStateCode.UnverifiedIdentity:
-        shieldReason = EventShieldReason.UNKNOWN;
+            shieldReason = EventShieldReason.UNVERIFIED_IDENTITY;
+            break;
+        case RustSdkCryptoJs.ShieldStateCode.SentInClear:
+            shieldReason = EventShieldReason.SENT_IN_CLEAR;
+            break;
+        case RustSdkCryptoJs.ShieldStateCode.PreviouslyVerified:
+            shieldReason = EventShieldReason.VERIFICATION_VIOLATION;
+            break;
     }
 
     return { shieldColour, shieldReason };