powered by Jive Software

Could not decrypt incoming message: - OMEMO

I am sending message from Gajim using MEMO to my app but i am getting this exception - W/OmemoService: Could not decrypt incoming message:
org.jivesoftware.smackx.omemo.exceptions.CryptoFailedException: Transported key could not be decrypted, since no suitable message key was provided. Provides keys: [1197144668, 6874]

What is issue here and how can i resolve it?

Secondly , i would like know how can we send encrypted message in MUC

Firoz Saifi

You need to share more information in order to get help. How did you set up OMEMO in your app? What steps were taken before the message was received? Can the sender see the recipient device? What about sending messages the other way round?

Hi, i am sending encrypted message and the logged stanza is -

<message to='encinternal11655892610695@conference.dbchatdev.iworklab.com' id='3WMPI-90' type='groupchat'>
  <encrypted xmlns='eu.siacs.conversations.axolotl'>
    <header sid='1604960388'>
  <origin-id xmlns='urn:xmpp:sid:0' id='F8PD-8PBE-DYWA-5'/>

At the same i am getting Could not decrypt incoming message:
In the above stanza which i sent i feel there is "key rid= ‘’ " tag missing in header tag. So what code i am missing here??

I am initializing omemo and sending msg using below code

private fun omemoInit() {


    val service = SignalOmemoService.getInstance()
    var omemoStorePath= FileUtils.createOmemoPath(MainApplication.appContext)
    service.omemoStoreBackend = SignalCachingOmemoStore(SignalFileBasedOmemoStore(omemoStorePath))

    omemoManager = OmemoManager.getInstanceFor(connection)

    omemoManager!!.setTrustCallback(object: OmemoTrustCallback{
        override fun getTrust(
            device: OmemoDevice?,
            fingerprint: OmemoFingerprint?
        ): TrustState {

            return try {
                getTrust(omemoManager!!.ownDevice, device!!, fingerprint!!)
            } catch (e: IOException) {
                System.out.println("Could not get Trust of device " + device.toString() + ": " + e.message)


        override fun setTrust(
            device: OmemoDevice?,
            fingerprint: OmemoFingerprint?,
            state: TrustState?
        ) {

            try {
                storeTrust(omemoManager!!.ownDevice, device!!, fingerprint!!, state!!)
            } catch (e: IOException) {
                System.out.println("Could not set Trust of device " + device.toString() + ": " + e.message)


    //group chat listener
    omemoManager!!.addOmemoMucMessageListener(object: OmemoMucMessageListener{
        override fun onOmemoMucMessageReceived(
            muc: MultiUserChat?,
            stanza: Stanza?,
            decryptedOmemoMessage: OmemoMessage.Received?
        ) {
            Log.e("OmemoMessageResponse", "Received")
            Log.e("OmemoMessageResponse2", decryptedOmemoMessage!!.body)


private fun omemoAfterLogin()

//to send the encrypted msg in muc
val secret = “Mallory is a twerp!”
val encrypted: OmemoMessage.Sent = omemoManager!!.encrypt(muc, secret)

                    val m = Message()

Are you sending the message to another user, or yourself?
I see that you have


in your omemoAfterLogin method. This call causes all other devices of the current user to be purged from the server.

Normally when a user logs in, their client automatically publishes key material, which then gets distributed to other devices. When sending a message, the sending client will check for which devices they got key material and then send to all those. If at the time of sending a message, the device list does not contain a particular device (or that device is not trusted), the sender will not encrypt for that device, resulting in the error message at the receiver side.

Before sending a message, you can use omemoManager.getDevicesOf(jid) (link) to see, what your sending client currently believes to be the set of recipient devices. If the intended recipient device is missing, it either did not advertise itself properly or you did not receive a device list update for some reason.

Next, you could manually fetch the recipients device list using requestDeviceListUpdateFor(jid) (link), followed by another getDevicesOf(jid) call. That way you can be sure that you really have all devices of that user and you can verify that the device list really advertizes all devices you expect.

1 Like

This topic was automatically closed 62 days after the last reply. New replies are no longer allowed.