Migrate backup passphrase to be keystore-encrypted when available.

2025-12-03 10:32:39 +00:00 · 2019-02-07 09:47:06 -08:00
parent db1ad39c6b
commit c9a0a66f18
4 changed files with 64 additions and 7 deletions
--- a/src/org/thoughtcrime/securesms/backup/BackupDialog.java
+++ b/src/org/thoughtcrime/securesms/backup/BackupDialog.java
@@ -34,7 +34,7 @@ public class BackupDialog {
      button.setOnClickListener(v -> {
        CheckBox confirmationCheckBox = dialog.findViewById(R.id.confirmation_check);
        if (confirmationCheckBox.isChecked()) {
-          TextSecurePreferences.setBackupPassphrase(context, Util.join(password, " "));
+          BackupPassphrase.set(context, Util.join(password, " "));
          TextSecurePreferences.setBackupEnabled(context, true);
          LocalBackupListener.schedule(context);

@@ -75,7 +75,7 @@ public class BackupDialog {
                   .setMessage(R.string.BackupDialog_disable_and_delete_all_local_backups)
                   .setNegativeButton(android.R.string.cancel, null)
                   .setPositiveButton(R.string.BackupDialog_delete_backups_statement, (dialog, which) -> {
-                     TextSecurePreferences.setBackupPassphrase(context, null);
+                     BackupPassphrase.set(context, null);
                     TextSecurePreferences.setBackupEnabled(context, false);
                     BackupUtil.deleteAllBackups();
                     preference.setChecked(false);
--- a/src/org/thoughtcrime/securesms/backup/BackupPassphrase.java
+++ b/src/org/thoughtcrime/securesms/backup/BackupPassphrase.java
@@ -0,0 +1,47 @@
+package org.thoughtcrime.securesms.backup;
+
+import android.content.Context;
+import android.os.Build;
+import android.support.annotation.NonNull;
+import android.support.annotation.Nullable;
+
+import org.thoughtcrime.securesms.crypto.KeyStoreHelper;
+import org.thoughtcrime.securesms.logging.Log;
+import org.thoughtcrime.securesms.util.TextSecurePreferences;
+
+/**
+ * Allows the getting and setting of the backup passphrase, which is stored encrypted on API >= 23.
+ */
+public class BackupPassphrase {
+
+  private static final String TAG = BackupPassphrase.class.getSimpleName();
+
+  public static String get(@NonNull Context context) {
+    String passphrase          = TextSecurePreferences.getBackupPassphrase(context);
+    String encryptedPassphrase = TextSecurePreferences.getEncryptedBackupPassphrase(context);
+
+    if (Build.VERSION.SDK_INT < 23 || (passphrase == null && encryptedPassphrase == null)) {
+      return passphrase;
+    }
+
+    if (encryptedPassphrase == null) {
+      Log.i(TAG, "Migrating to encrypted passphrase.");
+      set(context, passphrase);
+      encryptedPassphrase = TextSecurePreferences.getEncryptedBackupPassphrase(context);
+    }
+
+    KeyStoreHelper.SealedData data = KeyStoreHelper.SealedData.fromString(encryptedPassphrase);
+    return new String(KeyStoreHelper.unseal(data));
+  }
+
+  public static void set(@NonNull Context context, @Nullable String passphrase) {
+    if (passphrase == null || Build.VERSION.SDK_INT < 23) {
+      TextSecurePreferences.setBackupPassphrase(context, passphrase);
+      TextSecurePreferences.setEncryptedBackupPassphrase(context, null);
+    } else {
+      KeyStoreHelper.SealedData encryptedPassphrase = KeyStoreHelper.seal(passphrase.getBytes());
+      TextSecurePreferences.setEncryptedBackupPassphrase(context, encryptedPassphrase.serialize());
+      TextSecurePreferences.setBackupPassphrase(context, null);
+    }
+  }
+}