From 075a08884ba1febc5536f72c26966f536c77a251 Mon Sep 17 00:00:00 2001 From: Ravi Khadiwala Date: Wed, 20 Mar 2024 18:11:05 -0500 Subject: [PATCH] Preserve backupCredentialRequest across rereg --- .../textsecuregcm/storage/Accounts.java | 5 +++++ .../textsecuregcm/storage/AccountsTest.java | 17 +++++++++++++++++ 2 files changed, 22 insertions(+) diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/storage/Accounts.java b/service/src/main/java/org/whispersystems/textsecuregcm/storage/Accounts.java index de8bb6b73..fd8886a9e 100644 --- a/service/src/main/java/org/whispersystems/textsecuregcm/storage/Accounts.java +++ b/service/src/main/java/org/whispersystems/textsecuregcm/storage/Accounts.java @@ -304,6 +304,11 @@ public class Accounts extends AbstractDynamoDbStore { accountToCreate.setVersion(existingAccount.getVersion()); + // Carry over the old backup id commitment. If the new account claimer cannot does not have the secret used to + // generate their backup-id, this credential is useless, however if they can produce the same credential they + // won't be rate-limited for setting their backup-id. + accountToCreate.setBackupCredentialRequest(existingAccount.getBackupCredentialRequest()); + final List writeItems = new ArrayList<>(); // If we're reclaiming an account that already has a username, we'd like to give the re-registering client diff --git a/service/src/test/java/org/whispersystems/textsecuregcm/storage/AccountsTest.java b/service/src/test/java/org/whispersystems/textsecuregcm/storage/AccountsTest.java index f60698126..317488440 100644 --- a/service/src/test/java/org/whispersystems/textsecuregcm/storage/AccountsTest.java +++ b/service/src/test/java/org/whispersystems/textsecuregcm/storage/AccountsTest.java @@ -416,6 +416,23 @@ class AccountsTest { Collections.emptyList()).toCompletableFuture().join()); } + @Test + void testReclaimAccountPreservesBcr() { + final String e164 = "+14151112222"; + final UUID existingUuid = UUID.randomUUID(); + final Account existingAccount = + generateAccount(e164, existingUuid, UUID.randomUUID(), List.of(generateDevice(DEVICE_ID_1))); + existingAccount.setBackupCredentialRequest(TestRandomUtil.nextBytes(32)); + createAccount(existingAccount); + final Account secondAccount = + generateAccount(e164, UUID.randomUUID(), UUID.randomUUID(), List.of(generateDevice(DEVICE_ID_1))); + + reclaimAccount(secondAccount); + + final Account reclaimed = accounts.getByAccountIdentifier(existingUuid).get(); + assertThat(reclaimed.getBackupCredentialRequest()).isEqualTo(existingAccount.getBackupCredentialRequest()); + } + @Test void testReclaimAccount() { final String e164 = "+14151112222";