Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

OMEMO libsignal-protocol.js Invalid signature #1524

Closed
danjde opened this issue Apr 6, 2019 · 16 comments

Comments

@danjde
Copy link

commented Apr 6, 2019

Hi Dev,
I've just installed (from git) on VPS Debian Stretch, Prosody 0.11, Fail2ban 0.9.6-2, Shorewall 5.0.15.6-1, Apache 2.4.25, modsecurity 3.0.0-3, php7 7.0.33, Converse.js v4.2.0.

Then I've enabled OMEMO, as described from @licaon-kter here,
the green padlock is present but trying to send in OMEMO mode I get the following error:

Error: Invalid signature libsignal-protocol.js:25278:28

and obviously the message does not start.

I've try to exit, re-enter in untrusted device mode and back in trusted device as suggested here with no changes.

Here my Converse installation.

Thanks!

Davide

@licaon-kter

This comment has been minimized.

Copy link
Contributor

commented Apr 6, 2019

Seeing the same with gray stuck inputbox if I regenerate the key.

@philfry

This comment has been minimized.

Copy link

commented Apr 26, 2019

Same here. I cannot send omemo messages (input box turns grey and freezes). Receiving omemo-encrypted messages is not a problem, though.
Using https://cdn.conversejs.org/3rdparty/libsignal-protocol.min.js .

@danjde

This comment has been minimized.

Copy link
Author

commented May 4, 2019

I've try from the developer Converse.js page, and the behaviour seems the same:
Error: Invalid signature libsignal-protocol.min.js:1:718658

@chee

This comment has been minimized.

Copy link
Contributor

commented May 10, 2019

I downgraded to 4.1.2 on my server and OMEMO messages send again. i think this was introduced in 4.2.0

@rscmbbng

This comment has been minimized.

Copy link

commented May 13, 2019

A new installation via Prosody's mod_conversejs, where the files are loaded via cdn.conversejs.org also has this issue.

@licaon-kter

This comment has been minimized.

Copy link
Contributor

commented May 13, 2019

Can someone with ejabberd (besides me) test?

@jcbrand

This comment has been minimized.

Copy link
Member

commented May 13, 2019

@licaon-kter: I've run into this issue myself. I'll try to include a fix with the next release.

@jcbrand jcbrand added the bug label May 21, 2019

@orbitz

This comment has been minimized.

Copy link

commented Jul 5, 2019

After doing some bisecting, I've tracked the introduction of this bug to this commit:

1dfdb36

@orbitz

This comment has been minimized.

Copy link

commented Jul 5, 2019

Reverting that change in 4.2.0 resolved the issue for me.

@jcbrand

This comment has been minimized.

Copy link
Member

commented Jul 5, 2019

Thank you @orbitz, that's very helpful! I'm working on a commit to fix this.

@jcbrand jcbrand closed this in 3ca6ac7 Jul 5, 2019

@jcbrand jcbrand added this to the 5.0.0 milestone Jul 5, 2019

@danjde

This comment has been minimized.

Copy link
Author

commented Jul 11, 2019

Hi Devs,
I've merged into my converse.js 4.20 the @jcbrand changes, exit, re-enter in untrusted device mode and back in trusted device as suggested here and now this message error appear:

ERROR: IQError@https://www.converse.3x1t.org/dist/converse.js:56083:5
fetchBundleFromServer@https://www.converse.3x1t.org/dist/converse.js:57052:17
  converse.js:63317:5
	["./src/headless/converse-core.js"]/_converse.log https://www.converse.3x1t.org/dist/converse.js:63317:5
	handleMessageSendError https://www.converse.3x1t.org/dist/converse.js:56403:11
	wrappedOverride https://www.converse.3x1t.org/dist/converse.js:32507:20
	apply https://www.converse.3x1t.org/dist/converse.js:8332:12
	wrapper https://www.converse.3x1t.org/dist/converse.js:13177:16
	sendMessage https://www.converse.3x1t.org/dist/converse.js:56426:13

and:

Unable to send an encrypted message due to an unexpected error. <iq xmlns="jabber:client" to="cosmogonia@3x1t.org/converse.js-136910396" type="error" id="656f086a-6d3a-4031-bffd-e6c56baa4530:sendIQ"><error type="cancel"><item-not-found xmlns="urn:ietf:params:xml:ns:xmpp-stanzas"/></error></iq>

Aniway, the @orbitz refer to v4.1.2 files release.
it would be good if @orbitz explained better how he modified version 4.20.

Thanks!

@jcbrand

This comment has been minimized.

Copy link
Member

commented Jul 11, 2019

@danjde: That error seems to indicate that your contact doesn't have a published OMEMO bundle.

It doesn't indicate that there's a bug in Converse.js.

@orbitz

This comment has been minimized.

Copy link

commented Jul 12, 2019

@danjde Do you know what the other side of your communication is using for OMEMO? According to the OMEMO XEP, how converse.js is discovering OMEMO support is correct (query for device list for the contact). So it sounds like the other side is presenting devices but not publishing a bundle.

@danjde

This comment has been minimized.

Copy link
Author

commented Jul 12, 2019

@danjde: That error seems to indicate that your contact doesn't have a published OMEMO bundle.

It doesn't indicate that there's a bug in Converse.js.

Strange, I've try using the same contacts that daily I chat with Dino and Conversations (with OMEMO).

@danjde

This comment has been minimized.

Copy link
Author

commented Jul 12, 2019

@danjde Do you know what the other side of your communication is using for OMEMO? According to the OMEMO XEP, how converse.js is discovering OMEMO support is correct (query for device list for the contact). So it sounds like the other side is presenting devices but not publishing a bundle.

Could you publish your

dist/converse.js
spec/omemo.js
src/converse-omemo.js

please?
I have made surely some mistakes in the implementation of the differences

Many thanks ;-)

@orbitz

This comment has been minimized.

Copy link

commented Jul 12, 2019

My src/converse-omemo.js is the one in the repo.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
7 participants
You can’t perform that action at this time.