Refactoring and simplification in decryption error handling (#4138)

* Clean up decryption failure integ tests * Fix the names * Stop waiting as soon as the event is decrypted, even if code is wrong (so tests fail rather than time out if the code is wrong) * Bump timeouts on some tests These tend to fail due to slow init of wasm artifacts * Factor out `onDecryptionKeyMissingError` call * Factor out `onMegolmDecryptionError`
2025-11-23 17:02:25 +03:00 · 2024-04-02 14:39:49 +01:00
parent cfcd191cbf
commit dbab185f9d
4 changed files with 102 additions and 106 deletions
--- a/src/rust-crypto/rust-crypto.ts
+++ b/src/rust-crypto/rust-crypto.ts
@@ -1683,52 +1683,50 @@ class EventDecryptor {
                forwardingCurve25519KeyChain: res.forwardingCurve25519KeyChain,
            };
        } catch (err) {
-            // We need to map back to regular decryption errors (used for analytics for example)
-            // The DecryptionErrors are used by react-sdk so is implicitly part of API, but poorly typed
            if (err instanceof RustSdkCryptoJs.MegolmDecryptionError) {
-                const content = event.getWireContent();
-                let jsError;
-                switch (err.code) {
-                    case RustSdkCryptoJs.DecryptionErrorCode.MissingRoomKey: {
-                        jsError = new DecryptionError(
-                            DecryptionFailureCode.MEGOLM_UNKNOWN_INBOUND_SESSION_ID,
-                            "The sender's device has not sent us the keys for this message.",
-                            {
-                                session: content.sender_key + "|" + content.session_id,
-                            },
-                        );
-                        this.perSessionBackupDownloader.onDecryptionKeyMissingError(
-                            event.getRoomId()!,
-                            event.getWireContent().session_id!,
-                        );
-                        break;
-                    }
-                    case RustSdkCryptoJs.DecryptionErrorCode.UnknownMessageIndex: {
-                        jsError = new DecryptionError(
-                            DecryptionFailureCode.OLM_UNKNOWN_MESSAGE_INDEX,
-                            "The sender's device has not sent us the keys for this message at this index.",
-                            {
-                                session: content.sender_key + "|" + content.session_id,
-                            },
-                        );
-                        this.perSessionBackupDownloader.onDecryptionKeyMissingError(
-                            event.getRoomId()!,
-                            event.getWireContent().session_id!,
-                        );
-                        break;
-                    }
-                    // We don't map MismatchedIdentityKeys for now, as there is no equivalent in legacy.
-                    // Just put it on the `UNKNOWN_ERROR` bucket.
-                    default: {
-                        jsError = new DecryptionError(DecryptionFailureCode.UNKNOWN_ERROR, err.description, {
-                            session: content.sender_key + "|" + content.session_id,
-                        });
-                        break;
-                    }
-                }
-                throw jsError;
+                this.onMegolmDecryptionError(event, err);
+            } else {
+                throw new DecryptionError(DecryptionFailureCode.UNKNOWN_ERROR, "Unknown error");
            }
-            throw new DecryptionError(DecryptionFailureCode.UNKNOWN_ERROR, "Unknown error");
+        }
+    }
+
+    /**
+     * Handle a `MegolmDecryptionError` returned by the rust SDK.
+     *
+     * Fires off a request to the `perSessionBackupDownloader`, if appropriate, and then throws a `DecryptionError`.
+     */
+    private onMegolmDecryptionError(event: MatrixEvent, err: RustSdkCryptoJs.MegolmDecryptionError): never {
+        const content = event.getWireContent();
+
+        // If the error looks like it might be recoverable from backup, queue up a request to try that.
+        if (
+            err.code === RustSdkCryptoJs.DecryptionErrorCode.MissingRoomKey ||
+            err.code === RustSdkCryptoJs.DecryptionErrorCode.UnknownMessageIndex
+        ) {
+            this.perSessionBackupDownloader.onDecryptionKeyMissingError(event.getRoomId()!, content.session_id!);
+        }
+
+        const errorDetails = { session: content.sender_key + "|" + content.session_id };
+        switch (err.code) {
+            case RustSdkCryptoJs.DecryptionErrorCode.MissingRoomKey:
+                throw new DecryptionError(
+                    DecryptionFailureCode.MEGOLM_UNKNOWN_INBOUND_SESSION_ID,
+                    "The sender's device has not sent us the keys for this message.",
+                    errorDetails,
+                );
+
+            case RustSdkCryptoJs.DecryptionErrorCode.UnknownMessageIndex:
+                throw new DecryptionError(
+                    DecryptionFailureCode.OLM_UNKNOWN_MESSAGE_INDEX,
+                    "The sender's device has not sent us the keys for this message at this index.",
+                    errorDetails,
+                );
+
+            // We don't map MismatchedIdentityKeys for now, as there is no equivalent in legacy.
+            // Just put it on the `UNKNOWN_ERROR` bucket.
+            default:
+                throw new DecryptionError(DecryptionFailureCode.UNKNOWN_ERROR, err.description, errorDetails);
        }
    }