OMEMO libsignal-protocol.js Invalid signature

[danjde]

Hi Dev,
I've just installed (from git) on VPS Debian Stretch, Prosody 0.11, Fail2ban 0.9.6-2, Shorewall 5.0.15.6-1, Apache 2.4.25, modsecurity 3.0.0-3, php7 7.0.33, Converse.js v4.2.0.

Then I've enabled OMEMO, as described from @licaon-kter here,
the green padlock is present but trying to send in OMEMO mode I get the following error:

Error: Invalid signature libsignal-protocol.js:25278:28

and obviously the message does not start.

I've try to exit, re-enter in untrusted device mode and back in trusted device as suggested here with no changes.

Here my Converse installation.

Thanks!

Davide

[licaon-kter]

Seeing the same with gray stuck inputbox if I regenerate the key.

[philfry]

Same here. I cannot send omemo messages (input box turns grey and freezes). Receiving omemo-encrypted messages is not a problem, though.
Using https://cdn.conversejs.org/3rdparty/libsignal-protocol.min.js .

[danjde]

I've try from the developer Converse.js page, and the behaviour seems the same:
Error: Invalid signature libsignal-protocol.min.js:1:718658

[chee]

I downgraded to 4.1.2 on my server and OMEMO messages send again. i think this was introduced in 4.2.0

[rscmbbng]

A new installation via Prosody's mod_conversejs, where the files are loaded via cdn.conversejs.org also has this issue.

[licaon-kter]

Can someone with ejabberd (besides me) test?

[jcbrand]

@licaon-kter: I've run into this issue myself. I'll try to include a fix with the next release.

[orbitz]

After doing some bisecting, I've tracked the introduction of this bug to this commit:

1dfdb36

[orbitz]

Reverting that change in 4.2.0 resolved the issue for me.

[jcbrand]

Thank you @orbitz, that's very helpful! I'm working on a commit to fix this.

[danjde]

Hi Devs,
I've merged into my converse.js 4.20 the @jcbrand changes, exit, re-enter in untrusted device mode and back in trusted device as suggested here and now this message error appear:

ERROR: IQError@https://www.converse.3x1t.org/dist/converse.js:56083:5
fetchBundleFromServer@https://www.converse.3x1t.org/dist/converse.js:57052:17
  converse.js:63317:5
	["./src/headless/converse-core.js"]/_converse.log https://www.converse.3x1t.org/dist/converse.js:63317:5
	handleMessageSendError https://www.converse.3x1t.org/dist/converse.js:56403:11
	wrappedOverride https://www.converse.3x1t.org/dist/converse.js:32507:20
	apply https://www.converse.3x1t.org/dist/converse.js:8332:12
	wrapper https://www.converse.3x1t.org/dist/converse.js:13177:16
	sendMessage https://www.converse.3x1t.org/dist/converse.js:56426:13

and:

Unable to send an encrypted message due to an unexpected error. <iq xmlns="jabber:client" to="cosmogonia@3x1t.org/converse.js-136910396" type="error" id="656f086a-6d3a-4031-bffd-e6c56baa4530:sendIQ"><error type="cancel"><item-not-found xmlns="urn:ietf:params:xml:ns:xmpp-stanzas"/></error></iq>

Aniway, the @orbitz refer to v4.1.2 files release.
it would be good if @orbitz explained better how he modified version 4.20.

Thanks!

[jcbrand]

@danjde: That error seems to indicate that your contact doesn't have a published OMEMO bundle.

It doesn't indicate that there's a bug in Converse.js.

[orbitz]

@danjde Do you know what the other side of your communication is using for OMEMO? According to the OMEMO XEP, how converse.js is discovering OMEMO support is correct (query for device list for the contact). So it sounds like the other side is presenting devices but not publishing a bundle.

[danjde]

@danjde: That error seems to indicate that your contact doesn't have a published OMEMO bundle.

It doesn't indicate that there's a bug in Converse.js.

Strange, I've try using the same contacts that daily I chat with Dino and Conversations (with OMEMO).

[danjde]

@danjde Do you know what the other side of your communication is using for OMEMO? According to the OMEMO XEP, how converse.js is discovering OMEMO support is correct (query for device list for the contact). So it sounds like the other side is presenting devices but not publishing a bundle.

Could you publish your

dist/converse.js
spec/omemo.js
src/converse-omemo.js

please?
I have made surely some mistakes in the implementation of the differences

Many thanks ;-)

[orbitz]

My src/converse-omemo.js is the one in the repo.

[licaon-kter]

@danjde Put all your files on your server, edit your index to load them from /dist and not cdn....min....

[danjde]

@danjde Put all your files on your server, edit your index to load them from /dist and not cdn....min....

Well, I will check my system as you suggest.
But my doubt is: if I encounter this problem on the official Converse page too, the problem should be independent from my system. Could be what I tell right? :-\

Thanks!

[licaon-kter]

Independent of server, maybe your browser is broken? Maybe the CDN is blocked in $COUNTRY, dunno