Rotate MRBK when rotating AEP.

2026-04-21 09:20:19 +01:00 · 2025-07-30 09:59:16 -04:00
parent faecbf5ea9
commit 90c381f0ba
5 changed files with 37 additions and 16 deletions
--- a/app/src/main/java/org/thoughtcrime/securesms/keyvalue/AccountValues.kt
+++ b/app/src/main/java/org/thoughtcrime/securesms/keyvalue/AccountValues.kt
@@ -134,7 +134,7 @@ class AccountValues internal constructor(store: KeyValueStore, context: Context)
          return AccountEntropyPool(it)
        }

-        Log.i(TAG, "Generating Account Entropy Pool (AEP)...")
+        Log.i(TAG, "Generating Account Entropy Pool (AEP)...", Throwable(), true)
        val newAep = LibSignalAccountEntropyPool.generate()
        putString(KEY_ACCOUNT_ENTROPY_POOL, newAep)
        return AccountEntropyPool(newAep)
@@ -143,6 +143,7 @@ class AccountValues internal constructor(store: KeyValueStore, context: Context)

  fun rotateAccountEntropyPool(aep: AccountEntropyPool) {
    AEP_LOCK.withLock {
+      Log.i(TAG, "Rotating Account Entropy Pool (AEP)...", Throwable(), true)
      store
        .beginWrite()
        .putString(KEY_ACCOUNT_ENTROPY_POOL, aep.value)
--- a/app/src/main/java/org/thoughtcrime/securesms/keyvalue/BackupValues.kt
+++ b/app/src/main/java/org/thoughtcrime/securesms/keyvalue/BackupValues.kt
@@ -16,7 +16,6 @@ import org.thoughtcrime.securesms.jobmanager.impl.RestoreAttachmentConstraintObs
 import org.thoughtcrime.securesms.keyvalue.protos.ArchiveUploadProgressState
 import org.thoughtcrime.securesms.keyvalue.protos.BackupDownloadNotifierState
 import org.thoughtcrime.securesms.util.RemoteConfig
-import org.thoughtcrime.securesms.util.Util
 import org.whispersystems.signalservice.api.archive.ArchiveServiceCredential
 import org.whispersystems.signalservice.api.archive.GetArchiveCdnCredentialsResponse
 import org.whispersystems.signalservice.api.backup.MediaRootBackupKey
@@ -187,15 +186,15 @@ class BackupValues(store: KeyValueStore) : SignalStoreValues(store) {
          return MediaRootBackupKey(value)
        }

-        Log.i(TAG, "Generating MediaRootBackupKey...", Throwable())
-        val bytes = Util.getSecretBytes(32)
-        store.beginWrite().putBlob(KEY_MEDIA_ROOT_BACKUP_KEY, bytes).commit()
-        return MediaRootBackupKey(bytes)
+        Log.i(TAG, "Generating MediaRootBackupKey...", Throwable(), true)
+        val newKey = MediaRootBackupKey.generate()
+        store.beginWrite().putBlob(KEY_MEDIA_ROOT_BACKUP_KEY, newKey.value).commit()
+        return newKey
      }
    }
    set(value) {
      lock.withLock {
-        Log.i(TAG, "Setting MediaRootBackupKey", Throwable())
+        Log.i(TAG, "Setting MediaRootBackupKey...", Throwable(), true)
        store.beginWrite().putBlob(KEY_MEDIA_ROOT_BACKUP_KEY, value.value).commit()
        mediaCredentials.clearAll()
        cachedMediaCdnPath = null