Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

support for OMEMO encryption #529

Closed
georgehazan opened this issue Oct 22, 2016 · 43 comments
Closed

support for OMEMO encryption #529

georgehazan opened this issue Oct 22, 2016 · 43 comments
Assignees

Comments

@georgehazan
Copy link
Member

@georgehazan georgehazan commented Oct 22, 2016

Reported by plahh on 10 Feb 2016 15:41 UTC
as requested in this thread
here is the ticket :)

http://conversations.im/omemo/
https://en.wikipedia.org/wiki/OMEMO_%28encryption%29

gajim already got a plugin. code here

@georgehazan
Copy link
Member Author

@georgehazan georgehazan commented Oct 22, 2016

Comment by sss_sss on 8 Sep 2016 20:17 UTC
i am on it

@georgehazan
Copy link
Member Author

@georgehazan georgehazan commented Oct 22, 2016

Comment by sss_sss on 24 Sep 2016 06:08 UTC
нужно больше золота....

@georgehazan georgehazan added trivial and removed major labels Oct 22, 2016
@LittleVulpix
Copy link
Contributor

@LittleVulpix LittleVulpix commented Feb 22, 2017

@sss123next , tagging you with this ticket since you said you are now working on it. :)

@dreamflasher
Copy link

@dreamflasher dreamflasher commented Jun 12, 2017

@georgehazan @sss123next Is there any status update for us? :)

@georgehazan
Copy link
Member Author

@georgehazan georgehazan commented Jun 12, 2017

doesn't it work? in the dev version, of course

@sergeevabc
Copy link

@sergeevabc sergeevabc commented Jun 13, 2017

Do you believe current implementation with the following todo is cooked enough to be used in production?

TODO:

  1. fix AES-128 GCM in 4.5 implementation
  2. handle prekeys properly (cleanup after first use, create new keys)
  3. reimplement session initialization without loosing first message (incomming + outgoing)
  4. fingerprints/keys management ui
  5. per-contact encryption settings (enable/disable for one contact)
@georgehazan
Copy link
Member Author

@georgehazan georgehazan commented Jun 13, 2017

you better ask @sss123next about it

@dreamflasher
Copy link

@dreamflasher dreamflasher commented Jun 14, 2017

@georgehazan No it doesn't. I found this thread where he apparently writes updates: http://forum.miranda-ng.org/index.php?topic=4506.30 -- but how exactly am I supposed to retrieve the plugin with his commits? It is said somewhere that it's supposed to be in "dev" Miranda, but there is apparently currently none: http://www.miranda-im.org/development/
I have the latest Miranda, with the latest jabber plugin and I don't see any possibility to use Omemo.

@LittleVulpix
Copy link
Contributor

@LittleVulpix LittleVulpix commented Jun 14, 2017

@dreamflasher That's MirandaIM which is pretty dead. This is miranda NG where the changes are taking place. Get the latest dev version from here: http://www.miranda-ng.org/en/downloads/ , if you want to migrate from IM to NG, there is a nice article on our wiki. Make sure to backup everything beforehand.

@dreamflasher
Copy link

@dreamflasher dreamflasher commented Jun 15, 2017

@LittleVulpix Ah bummer! I first tried with Miranda NG, but it didn't work there, so then I tried Miranda. I have switched to Miranda NG a while ago, but when I now checked
http://www.miranda-ng.org/en/downloads/ "17.6.2016 New stable build released, 0.95.5"
http://www.miranda-im.org/ "Miranda IM v0.10.70 Released June 06, 2017"
So I thought Miranda would be more current than Miranda NG again.
But yeah, same with me for Miranda NG: I have the development version from the place you wrote, and Omemo doesn't work. I have a chat with Omemo on conversations/gajim, and I don't get the messages on Miranda, also Miranda doesn't announce itself as Omemo capable. How do I activate it? Is there any manual anywhere?

@LittleVulpix
Copy link
Contributor

@LittleVulpix LittleVulpix commented Jun 15, 2017

@dreamflasher

Yes, there is a way to toggle it on. As long as you are on the dev version of miranda, go to main miranda options menu, type network into the search box, find the name of the network you want to modify (the internal name you gave it, probably jabber if you haven't changed anything), go into advanced and scroll at the very bottom - there is an option to enable Omemo.

And yeah, there hasn't been a stable release in a while - but the dev branch is safe for the most part.

See screencap from my miranda:

image

@dreamflasher
Copy link

@dreamflasher dreamflasher commented Jun 15, 2017

@LittleVulpix Thank you very much! I was able to active it (although activating crashed Miranda NG).
Then I tried do start a conversation with an Omemo contact, it asks to create a new session, but the messages aren't received by the other end. Also new messages aren't received by Miranda NG.

@LittleVulpix
Copy link
Contributor

@LittleVulpix LittleVulpix commented Jun 15, 2017

@dreamflasher Ahh, I don't use Omemo myself, so I never tested it. I guess this is a question for @sss123next since he is developing the omemo plugin. Sorry it didn't work! :(

@dreamflasher
Copy link

@dreamflasher dreamflasher commented Jun 15, 2017

@LittleVulpix You were very helpful in setting things up, so thank you very much for that!
Maybe @sss123next can take over with the bugs? :)

@sss123next
Copy link
Collaborator

@sss123next sss123next commented Jun 20, 2017

hmm.
i have tested it with success.
one thing which is not done properly yet - is aes128gcm tagging (verification always fail in my case), but actual encryption/decryption work fine.
other TODO entries is convenience mostly, not XEP implementation related.
i will recheck it.
crashes are completely unexpected behavior.
i will investigate it.

@sss123next
Copy link
Collaborator

@sss123next sss123next commented Jun 21, 2017

i have done quick tests. all looks normal screenshot . so i need more info. check miranda console, it may have useful readable debug messages, also check xml console, i am also need crashlogs, backtraces e.t.c. in case of crash.

gjedeer added a commit to gjedeer/omemo-top that referenced this issue Jul 19, 2017
I did not use the Miranda plugin but looking at their discussion, it seems they have a working version already

miranda-ng/miranda-ng#529
bascht added a commit to bascht/omemo-top that referenced this issue Jul 19, 2017
I did not use the Miranda plugin but looking at their discussion, it seems they have a working version already

miranda-ng/miranda-ng#529
@wiktor-k
Copy link

@wiktor-k wiktor-k commented Aug 1, 2017

I'm getting Delivery failure: No valid OMEMO session exists when sending a message to OMEMO-enabled contact. Are there any other options/actions besides Network/Advanced/Use OMEMO?

I'm using stock Miranda NG 0.95.6 64bit.

@sss123next sss123next added major and removed trivial labels Aug 17, 2017
@wiktor-k
Copy link

@wiktor-k wiktor-k commented Aug 17, 2017

also it is critical to use build from code 2017-05-18 17:37:18 ( 5ab73a1 ) or later, if by stock you mean release - it's most probably too old

Do you publish dev builds somewhere? I'm assuming https://www.miranda-ng.org/en/downloads/ is "too old"? I can test experimental builds but setting up the development infrastructure myself is just too much work (sorry if that sounds bad).

@sss123next
Copy link
Collaborator

@sss123next sss123next commented Aug 17, 2017

https://www.miranda-ng.org/distr/miranda-ng-alpha-latest_x64.7z - i guess this should be ok
as i know it should be daily builds, if nothing changed during this year )

@wiktor-k
Copy link

@wiktor-k wiktor-k commented Aug 17, 2017

I erased entire directory (profile too) and started from scratch, before sending first message it asked me twice if I want to create new OMEMO session (each time with different key, probably for mobile) I said Yes both times. Sadly it still failed.

Here's the network log from the alpha build:

[20:54:13 2B18] [JABBER_1] Deflate: Z_OK
[20:54:13 2B18] [JABBER_1] (ZLIB) Data sent
<iq type="get" id="mir_24" from="x@conversations.im" to="a@conversations.im"><pubsub xmlns="http://jabber.org/protocol/pubsub"><items node="eu.siacs.conversations.axolotl.bundles:1775231250"/></pubsub></iq>
===OUT: 221(105) bytes
[20:54:13 2B18] [JABBER_1] Jabber OMEMO: info: OmemoCheckSession: pending session creation encryption/decryption of THIS message will not be done and message WILL be lost
[20:54:13 18B0] [JABBER_1] Inflate: Z_OK
[20:54:13 18B0] [JABBER_1] (ZLIB) Data received
<iq from='a@conversations.im' to='x@conversations.im/Miranda' id='mir_24' type='result'><pubsub xmlns='http://jabber.org/protocol/pubsub'><items node='eu.siacs.conversations.axolotl.bundles:1775231250'><item id='5D68D16BCF808'><bundle xmlns='eu.siacs.conversations.axolotl'><signedPreKeyPublic signedPreKeyId='1'>BdNmP78geFV66ql8u8ltLStLuDh8OQojMKiFLUu0cQZ0
</signedPreKeyPublic><signedPreKeySignature>r5bn8niujaNdHZhpnRGBjXrXiS4uGuJNpZZ4BbdA6uYO/iUlyFyh3+9VbAZDAc9a7OFaigoDi2MB
atmofdzRCw==
</signedPreKeySignature><identityKey>BfV/qBoZwL57/XzEzSq1hfn6Hpzs61CXF9pRBcMzaSE4
</identityKey><prekeys><preKeyPublic preKeyId='92'>BWejMJL08vSsroHSv5+z/S4XZG0pSv0SewRPlJdPiA4f
....prekeys here....
</preKeyPublic></prekeys></bundle></item></items><set xmlns='http://jabber.org/protocol/rsm'><first index='0'>modification@001494:577899:852197</first><last>modification@001494:577899:852197</last><count>1</count></set></pubsub></iq>
===IN: 9622(130) bytes
[20:54:13 18B0] [JABBER_1] recvResult = 9622
[20:54:13 18B0] [JABBER_1] bytesParsed = 9622
[20:54:13 18B0] [JABBER_1] Jabber OMEMO: session_builder_process_pre_key_bundle failure SG_ERR_INVALID_KEY
[20:54:13 18B0] [JABBER_1] Jabber OMEMO: error: omemo::build_session failed
[20:54:13 2B48] [JABBER_1] Broadcast ACK
[20:54:13 2B18] [JABBER_1] Deflate: Z_OK
[20:54:13 2B18] [JABBER_1] (ZLIB) Data sent
<message to="a@conversations.im/phone" type="chat" id="mir_25"><composing xmlns="http://jabber.org/protocol/chatstates"/></message>
===OUT: 137(50) bytes
[20:54:13 2B48] [JABBER_1] Returning from thread
@sss123next
Copy link
Collaborator

@sss123next sss123next commented Aug 17, 2017

thx for info, i will check.

@sss123next
Copy link
Collaborator

@sss123next sss123next commented Aug 17, 2017

which clients used on other side ?
is it possible to send message from other side to miranda ?
if so, show miranda log and xml log on incomming messages.
if not..., i guess it libsignal/libaxolotl incompatibility ?

@wiktor-k
Copy link

@wiktor-k wiktor-k commented Aug 17, 2017

which clients used on other side ?

Conversations.im and Gajim.

is it possible to send message from other side to miranda ?

I'll test various scenarios and get back to you.

@sss123next
Copy link
Collaborator

@sss123next sss123next commented Sep 1, 2017

@wiktor-k any news ?

i have done most of important things in todo.
now implementation close to "complete" state.
convenience ui is separated topic and enhancement.

for now i want bugreports.

@sss123next
Copy link
Collaborator

@sss123next sss123next commented Sep 1, 2017

update:
currently we have this: https://conversations.im/xeps/multi-end.html
and not: https://conversations.im/omemo/xep-omemo.html nor https://xmpp.org/extensions/xep-0384.html

which both looks incompatible on first sight

@sss123next
Copy link
Collaborator

@sss123next sss123next commented Sep 14, 2017

switched to xep-0384 d8a068a

@wiktor-k
Copy link

@wiktor-k wiktor-k commented Oct 27, 2017

@sss123next I downloaded the version from https://www.miranda-ng.org/distr/miranda-ng-alpha-latest_x64.7z

Unfortunately the error still exists (Delivery failure: No valid OMEMO session exists). Plugins page shows jabber.dll version 0.11.0.5. Is it possible that this is related to contact using Prosody that does not persist PubSub items (so that keys could be removed after restart)?

Do I need to create new profile from scratch or should the update (overwrite all files) take care of everything?

@dryo
Copy link

@dryo dryo commented Oct 27, 2017

I too have Problems: I'm sending messages but the other party does not receive/see them. When the other party sends me a message I get this:

I sent you an OMEMO encrypted message but your client doesn’t seem to support that. Find more information on https://conversations.im/omemo

The receiving end uses conversations and I had an OMEMO encrypted session also with conversations with the receiver earlier. The receiver probably did not close the app in the meantime. Maybe this is relevant.

Network log says this when receiving:

[14:57:59 1F90] [***@***] Inflate: Z_OK
[14:57:59 1F90] [***@***] (ZLIB) Data received
<message to='***@***/***' from='***@***/mobile' type='chat' id='757eb832-6ec9-4490-9871-c423c84b27ae'><encrypted xmlns='eu.siacs.conversations.axolotl'><header sid='1511459254'><key prekey='true' rid='214083405'>MwhhEiEF3lJUNCjrDBXi3Ghv0goXqOMtET9gISTo6zv9QujIMgUaIQXd3hQ3L/wRegQTlMS3Sj3nPpz+S/8VjYtn7scY33AeXCJiMwohBT5RTQ+yJojmHKzvZPCykiGDZ7hzuoydd6YwYQwL/KVPEAEYACIwVtj2AxqtDdMMD4oY/ehMBqXs7E+vqD0POVkIaD0U89N9Gpz7gFLRWAGhUgHWs4MWWnMNihctiYAotpPc0AUwAQ==</key><iv>DF6SuD6N2G8uJnAC9CmA6w==</iv></header><payload>Zvg8vGSHLo5vUz/XmZudUsoR3WjJHg8f+hbJnmx6twmGf4QguyDHdimJWbt4YQ==</payload></encrypted><markable xmlns='urn:xmpp:chat-markers:0'/><origin-id xmlns='urn:xmpp:sid:0' id='757eb832-6ec9-4490-9871-c423c84b27ae'/><store xmlns='urn:xmpp:hints'/><encryption xmlns='urn:xmpp:eme:0' namespace='eu.siacs.conversations.axolotl' name='OMEMO'/><body>I sent you an OMEMO encrypted message but your client doesn’t seem to support that. Find more information on https://conversations.**/omemo</body></message>
===IN: 1022(223) bytes
[14:57:59 1F90] [***@***] recvResult = 1022
[14:57:59 1F90] [***@***] bytesParsed = 1022
[14:58:00 1F90] [***@***] Jabber OMEMO: error: session_cipher_decrypt_pre_key_signal_message failed SG_ERR_INVALID_MESSAGE
[14:58:00 1F90] [***@***] Jabber OMEMO: error: signal_message_deserialize failed with unknown error
[14:58:00 1F90] [***@***] Jabber OMEMO: error: failed to decrypt incomming message
[14:58:00 1F90] [***@***] JabberUpdateMirVer: for jid ***@***
[14:58:00 1F90] [***@***] JabberUpdateMirVer: for rc mobile: http://conversations.im#+wL56uyy89dgaGVTbnJJpkXpkIE=

Network log says this when sending:

[14:58:24 2030] [***@***] Deflate: Z_OK
[14:58:24 2030] [***@***] (ZLIB) Data sent
<message to="***@***/mobile" id="mir_28"><encrypted xmlns="eu.siacs.conversations.axolotl"><payload>kOapO3NhnifBOhSY</payload><header sid="214083405"><key rid="1511459254">MwjXHRIhBS2BelDPQ2hlaDe0pF2NYtkoE7H17DoGRXpSJxtFYVE7GiEFQqbmCQumd156Dnr7dHYsuqOPJfN8oFlkbmOSmK6gfkEiUjMKIQUWt0mm7Zrsxhj+zvockZZ5GHImMA9Fzrd7axiysD/DAhABGAAiIM3Wd/o69zoLalxhdN3Jj3A6QppAtkoQQm6t7SEhW8VIIvOUDyzr5mgozc6KZjAm</key><iv>9O0GUHl+PRYnnXir</iv></header></encrypted><store xmlns="urn:xmpp:hints"/><active xmlns="http://jabber.org/protocol/chatstates"/></message>
===OUT: 544(115) bytes
[14:58:24 11B4] [***@***] Broadcast ACK
[14:58:24 11B4] [***@***] Returning from thread
@dryo
Copy link

@dryo dryo commented Oct 27, 2017

Addition: Also when enabling or disabling OMEMO in settings while being connected miranda crashes. Care for crash reports?

@sss123next
Copy link
Collaborator

@sss123next sss123next commented Nov 27, 2017

sorry for delay

Unfortunately the error still exists (Delivery failure: No valid OMEMO session exists). Plugins page shows jabber.dll version 0.11.0.5. Is it possible that this is related to contact using Prosody that does not persist PubSub items (so that keys could be removed after restart)?

xml log from miranda will be helpful

Do I need to create new profile from scratch or should the update (overwrite all files) take care of everything?

all should be done automatically, but you can manually remove all omemo* in database in jabber section to be sure

The receiving end uses conversations and I had an OMEMO encrypted session also with conversations with the receiver earlier. The receiver probably did not close the app in the meantime. Maybe this is relevant.

Network log says this when receiving:

https://xmpp.org/extensions/xep-0384.html#namespaces - they broke it again...
i will rollback in next few days.

Addition: Also when enabling or disabling OMEMO in settings while being connected miranda crashes. Care for crash reports?

yes.

so, for now post crashlogs, and wait for namespace rollback, also i will reread xep again, maybe they have broke something more than this..

@sss123next
Copy link
Collaborator

@sss123next sss123next commented Nov 27, 2017

51e27d7 - rollback to "updated" https://xmpp.org/extensions/xep-0384.html

this should resolve incompatibility with fresh implementations (also this will break compatibility with others once more)

@dartraiden
Copy link
Member

@dartraiden dartraiden commented Mar 26, 2018

#1215
after crash and start, OMEMO enabled in settings, but I receive

I sent you an OMEMO encrypted message but your client doesn’t seem to support that. Find more information on https://conversations.im/omemo

from contact

@sss123next
Copy link
Collaborator

@sss123next sss123next commented Mar 26, 2018

i need xml logs.
better from both sides if possible.

@sss123next
Copy link
Collaborator

@sss123next sss123next commented Apr 9, 2018

look on #1255 for further development

@sss123next sss123next closed this Apr 9, 2018
@sss123next
Copy link
Collaborator

@sss123next sss123next commented Apr 24, 2018

current implementation is incompatible with conversation for some reason.
we constantly have SG_ERR_INVALID_MESSAGE on attempt to do session_cipher_decrypt_pre_key_signal_message on incoming prekey message from conversations

and no info on conversations side ( looks like conversations does not have any debugging at all.... )

i have redone tests with miranda<>miranda, it works.
i have done all tests with latest libsignal-protocol-c.

@Neustradamus
Copy link

@Neustradamus Neustradamus commented Sep 6, 2019

OMEMO 100% works with Miranda NG?

@OmlineEditor
Copy link

@OmlineEditor OmlineEditor commented Oct 22, 2019

Not 100% implemented OMEMO :-(
interface not yet finalized.
Is there a graphical menu where you can see and verify the keys?
I do not see the interface for normal operation.

@RIS2000
Copy link

@RIS2000 RIS2000 commented Oct 25, 2019

Still no success Miranda <-> Conversations. But Gajim works pretty well, so i suppose that Miranda have some faulty implementation ((

@tigexplorer
Copy link

@tigexplorer tigexplorer commented Dec 14, 2019

I've no success with Miranda <-> Conversations and Miranda <-> Dino

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
You can’t perform that action at this time.