Migrate to new SVR2 enclave.

Co-authored-by: Cody Henthorne <cody@signal.org>
2026-02-26 12:44:38 +00:00 · 2025-05-08 08:05:09 -04:00
parent 778db277c8
commit b3c9ec9691
3 changed files with 15 additions and 5 deletions
--- a/app/src/main/java/org/thoughtcrime/securesms/migrations/ApplicationMigrations.java
+++ b/app/src/main/java/org/thoughtcrime/securesms/migrations/ApplicationMigrations.java
@@ -179,9 +179,10 @@ public class ApplicationMigrations {
    // Need to skip 135 because of hotfix ordering issues
    static final int FIX_CHANGE_NUMBER_ERROR       = 136;
    static final int CHAT_FOLDER_STORAGE_SYNC      = 137;
+    static final int SVR2_ENCLAVE_UPDATE_3         = 138;
  }

-  public static final int CURRENT_VERSION = 137;
+  public static final int CURRENT_VERSION = 138;

 /**
   * This *must* be called after the {@link JobManager} has been instantiated, but *before* the call
@@ -824,6 +825,10 @@ public class ApplicationMigrations {
      jobs.put(Version.CHAT_FOLDER_STORAGE_SYNC, new SyncChatFoldersMigrationJob());
    }

+    if (lastSeenVersion < Version.SVR2_ENCLAVE_UPDATE_3) {
+      jobs.put(Version.SVR2_ENCLAVE_UPDATE_3, new Svr2MirrorMigrationJob());
+    }
+
    return jobs;
  }

--- a/app/src/main/java/org/thoughtcrime/securesms/pin/SvrRepository.kt
+++ b/app/src/main/java/org/thoughtcrime/securesms/pin/SvrRepository.kt
@@ -44,6 +44,7 @@ object SvrRepository {

  val TAG = Log.tag(SvrRepository::class.java)

+  private val svr2Legacy: SecureValueRecovery = AppDependencies.signalServiceAccountManager.getSecureValueRecoveryV2(BuildConfig.SVR2_MRENCLAVE_LEGACY)
  private val svr2: SecureValueRecovery = AppDependencies.signalServiceAccountManager.getSecureValueRecoveryV2(BuildConfig.SVR2_MRENCLAVE)
  private val svr3: SecureValueRecovery = AppDependencies.signalServiceAccountManager.getSecureValueRecoveryV3(AppDependencies.libsignalNetwork)

@@ -51,7 +52,7 @@ object SvrRepository {
  private val readImplementations: List<SecureValueRecovery> = if (Svr3Migration.shouldReadFromSvr3) {
    listOf(svr3, svr2)
  } else {
-    listOf(svr2)
+    listOf(svr2, svr2Legacy)
  }

  /** An ordered list of SVR implementations to write to. They should be in priority order, with the most important one listed first. */
@@ -63,6 +64,7 @@ object SvrRepository {
      }
      if (Svr3Migration.shouldWriteToSvr2) {
        implementations += svr2
+        implementations += svr2Legacy
      }
      return implementations
    }
@@ -99,7 +101,8 @@ object SvrRepository {
        )
      } else {
        listOf(
-          svr2 to { restoreMasterKeyPreRegistrationFromV2(svr2, credentials.svr2, userPin) }
+          svr2 to { restoreMasterKeyPreRegistrationFromV2(svr2, credentials.svr2, userPin) },
+          svr2Legacy to { restoreMasterKeyPreRegistrationFromV2(svr2Legacy, credentials.svr2, userPin) }
        )
      }