Migrate to new SVR2 enclave.

app/src/main/java/org/thoughtcrime/securesms/migrations/ApplicationMigrations.java

@@ -158,9 +158,10 @@ public class ApplicationMigrations {
     static final int CALL_LINK_STORAGE_SYNC        = 114;
     static final int WALLPAPER_MIGRATION           = 115;
     static final int BACKFILL_DIGESTS_V3           = 116;
+    static final int SVR2_ENCLAVE_UPDATE_2         = 117;
   }
 
-  public static final int CURRENT_VERSION = 116;
+  public static final int CURRENT_VERSION = 117;
 
  /**
    * This *must* be called after the {@link JobManager} has been instantiated, but *before* the call
@@ -723,6 +724,10 @@ public class ApplicationMigrations {
       jobs.put(Version.BACKFILL_DIGESTS_V3, new BackfillDigestsForDuplicatesMigrationJob());
     }
 
+    if (lastSeenVersion < Version.SVR2_ENCLAVE_UPDATE_2) {
+      jobs.put(Version.SVR2_ENCLAVE_UPDATE_2,  new Svr2MirrorMigrationJob());
+    }
+
     return jobs;
   }
 

app/src/main/java/org/thoughtcrime/securesms/pin/SvrRepository.kt

@@ -42,11 +42,16 @@ object SvrRepository {
 
   val TAG = Log.tag(SvrRepository::class.java)
 
+  private val svr2Legacy: SecureValueRecovery = AppDependencies.signalServiceAccountManager.getSecureValueRecoveryV2(BuildConfig.SVR2_MRENCLAVE_LEGACY)
   private val svr2: SecureValueRecovery = AppDependencies.signalServiceAccountManager.getSecureValueRecoveryV2(BuildConfig.SVR2_MRENCLAVE)
   private val svr3: SecureValueRecovery = AppDependencies.signalServiceAccountManager.getSecureValueRecoveryV3(AppDependencies.libsignalNetwork)
 
   /** An ordered list of SVR implementations to read from. They should be in priority order, with the most important one listed first. */
-  private val readImplementations: List<SecureValueRecovery> = if (Svr3Migration.shouldReadFromSvr3) listOf(svr3, svr2) else listOf(svr2)
+  private val readImplementations: List<SecureValueRecovery> = if (Svr3Migration.shouldReadFromSvr3) {
+    listOf(svr3, svr2)
+  } else {
+    listOf(svr2, svr2Legacy)
+  }
 
   /** An ordered list of SVR implementations to write to. They should be in priority order, with the most important one listed first. */
   private val writeImplementations: List<SecureValueRecovery>
@@ -58,6 +63,9 @@ object SvrRepository {
       if (Svr3Migration.shouldWriteToSvr2) {
         implementations += svr2
       }
+      if (Svr3Migration.shouldWriteToSvr2) {
+        implementations += svr2Legacy
+      }
       return implementations
     }
 
@@ -89,10 +97,11 @@ object SvrRepository {
       val operations: List<Pair<SecureValueRecovery, () -> RestoreResponse>> = if (Svr3Migration.shouldReadFromSvr3) {
         listOf(
           svr3 to { restoreMasterKeyPreRegistrationFromV3(credentials.svr3, userPin) },
-          svr2 to { restoreMasterKeyPreRegistrationFromV2(credentials.svr2, userPin) }
+          svr2 to { restoreMasterKeyPreRegistrationFromV2(svr2, credentials.svr2, userPin) }
         )
       } else {
-        listOf(svr2 to { restoreMasterKeyPreRegistrationFromV2(credentials.svr2, userPin) })
+        listOf(svr2 to { restoreMasterKeyPreRegistrationFromV2(svr2, credentials.svr2, userPin) })
+        listOf(svr2Legacy to { restoreMasterKeyPreRegistrationFromV2(svr2Legacy, credentials.svr2, userPin) })
       }
 
       for ((implementation, operation) in operations) {
@@ -411,11 +420,11 @@ object SvrRepository {
 
   @WorkerThread
   @VisibleForTesting
-  fun restoreMasterKeyPreRegistrationFromV2(credentials: AuthCredentials?, userPin: String): RestoreResponse {
+  fun restoreMasterKeyPreRegistrationFromV2(svr: SecureValueRecovery, credentials: AuthCredentials?, userPin: String): RestoreResponse {
     return if (credentials == null) {
       RestoreResponse.Missing
     } else {
-      svr2.restoreDataPreRegistration(credentials, shareSet = null, userPin)
+      svr.restoreDataPreRegistration(credentials, shareSet = null, userPin)
     }
   }