Ensure one-time kyber prekeys are generated during change number.

2025-12-26 05:58:09 +00:00 · 2024-02-08 14:17:55 -05:00
parent 3d84fc9c98
commit 155f6a88f8
6 changed files with 23 additions and 13 deletions
--- a/app/src/main/java/org/thoughtcrime/securesms/components/settings/app/changenumber/ChangeNumberRepository.kt
+++ b/app/src/main/java/org/thoughtcrime/securesms/components/settings/app/changenumber/ChangeNumberRepository.kt
@@ -251,6 +251,7 @@ class ChangeNumberRepository(
      val pniIdentityKeyPair = IdentityKeyPair(metadata.pniIdentityKeyPair.toByteArray())
      val pniRegistrationId = metadata.pniRegistrationId
      val pniSignedPreyKeyId = metadata.pniSignedPreKeyId
+      val pniLastResortKyberPreKeyId = metadata.pniLastResortKyberPreKeyId

      val pniProtocolStore = ApplicationDependencies.getProtocolStore().pni()
      val pniMetadataStore = SignalStore.account().pniPreKeys
@@ -259,16 +260,22 @@ class ChangeNumberRepository(
      SignalStore.account().setPniIdentityKeyAfterChangeNumber(pniIdentityKeyPair)

      val signedPreKey = pniProtocolStore.loadSignedPreKey(pniSignedPreyKeyId)
-      val oneTimePreKeys = PreKeyUtil.generateAndStoreOneTimeEcPreKeys(pniProtocolStore, pniMetadataStore)
+      val oneTimeEcPreKeys = PreKeyUtil.generateAndStoreOneTimeEcPreKeys(pniProtocolStore, pniMetadataStore)
+      val lastResortKyberPreKey = pniProtocolStore.loadLastResortKyberPreKeys().firstOrNull { it.id == pniLastResortKyberPreKeyId }
+      val oneTimeKyberPreKeys = PreKeyUtil.generateAndStoreOneTimeKyberPreKeys(pniProtocolStore, pniMetadataStore)
+
+      if (lastResortKyberPreKey == null) {
+        Log.w(TAG, "Last-resort kyber prekey is missing!")
+      }

      pniMetadataStore.activeSignedPreKeyId = signedPreKey.id
      accountManager.setPreKeys(
        PreKeyUpload(
          serviceIdType = ServiceIdType.PNI,
          signedPreKey = signedPreKey,
-          oneTimeEcPreKeys = oneTimePreKeys,
-          lastResortKyberPreKey = null,
-          oneTimeKyberPreKeys = null
+          oneTimeEcPreKeys = oneTimeEcPreKeys,
+          lastResortKyberPreKey = lastResortKyberPreKey,
+          oneTimeKyberPreKeys = oneTimeKyberPreKeys
        )
      )
      pniMetadataStore.isSignedPreKeyRegistered = true
@@ -395,7 +402,8 @@ class ChangeNumberRepository(
      previousPni = SignalStore.account().pni!!.toByteString(),
      pniIdentityKeyPair = pniIdentity.serialize().toByteString(),
      pniRegistrationId = pniRegistrationIds[primaryDeviceId]!!,
-      pniSignedPreKeyId = devicePniSignedPreKeys[primaryDeviceId]!!.keyId
+      pniSignedPreKeyId = devicePniSignedPreKeys[primaryDeviceId]!!.keyId,
+      pniLastResortKyberPreKeyId = devicePniLastResortKyberPreKeys[primaryDeviceId]!!.keyId
    )

    return ChangeNumberRequestData(request, metadata)
--- a/app/src/main/java/org/thoughtcrime/securesms/crypto/PreKeyUtil.java
+++ b/app/src/main/java/org/thoughtcrime/securesms/crypto/PreKeyUtil.java
@@ -201,8 +201,8 @@ public class PreKeyUtil {
  }

  public synchronized static void storeLastResortKyberPreKey(@NonNull SignalServiceAccountDataStore protocolStore, @NonNull PreKeyMetadataStore metadataStore, KyberPreKeyRecord record) {
-    Log.i(TAG, "Storing kyber prekeys...");
-    protocolStore.storeKyberPreKey(record.getId(), record);
+    Log.i(TAG, "Storing last resort kyber prekeys...");
+    protocolStore.storeLastResortKyberPreKey(record.getId(), record);
    metadataStore.setNextKyberPreKeyId((record.getId() + 1) % Medium.MAX_VALUE);
  }

--- a/app/src/main/java/org/thoughtcrime/securesms/crypto/storage/SignalServiceAccountDataStoreImpl.java
+++ b/app/src/main/java/org/thoughtcrime/securesms/crypto/storage/SignalServiceAccountDataStoreImpl.java
@@ -204,7 +204,7 @@ public class SignalServiceAccountDataStoreImpl implements SignalServiceAccountDa

  @Override
  public void storeLastResortKyberPreKey(int kyberPreKeyId, @NonNull KyberPreKeyRecord kyberPreKeyRecord) {
-    kyberPreKeyStore.storeKyberPreKey(kyberPreKeyId, kyberPreKeyRecord);
+    kyberPreKeyStore.storeLastResortKyberPreKey(kyberPreKeyId, kyberPreKeyRecord);
  }

  @Override
--- a/app/src/main/java/org/thoughtcrime/securesms/messages/protocol/BufferedKyberPreKeyStore.kt
+++ b/app/src/main/java/org/thoughtcrime/securesms/messages/protocol/BufferedKyberPreKeyStore.kt
@@ -25,7 +25,7 @@ class BufferedKyberPreKeyStore(private val selfServiceId: ServiceId) : SignalSer
  private var hasLoadedAll: Boolean = false

  /** The kyber prekeys that have been marked as removed (if they're not last resort). */
-  private val removedIfNotLastResort: MutableList<Int> = mutableListOf()
+  private val removedIfNotLastResort: MutableSet<Int> = mutableSetOf()

  @kotlin.jvm.Throws(InvalidKeyIdException::class)
  override fun loadKyberPreKey(kyberPreKeyId: Int): KyberPreKeyRecord {
--- a/app/src/main/java/org/thoughtcrime/securesms/messages/protocol/BufferedSignalServiceAccountDataStore.kt
+++ b/app/src/main/java/org/thoughtcrime/securesms/messages/protocol/BufferedSignalServiceAccountDataStore.kt
@@ -200,6 +200,7 @@ class BufferedSignalServiceAccountDataStore(selfServiceId: ServiceId) : SignalSe
  fun flushToDisk(persistentStore: SignalServiceAccountDataStore) {
    identityStore.flushToDisk(persistentStore)
    oneTimePreKeyStore.flushToDisk(persistentStore)
+    kyberPreKeyStore.flushToDisk(persistentStore)
    signedPreKeyStore.flushToDisk(persistentStore)
    sessionStore.flushToDisk(persistentStore)
    senderKeyStore.flushToDisk(persistentStore)