powered by Jive Software

Smack 4.4.0: Invalid buddy prekeys on server locks out user omemoDevice from sending omemo message

If the prekeys from a buddy uploadeded to the server contains invalid key, this will cause SessionBuilder#process(PreKeyBundle preKey) to throw InvalidKeyException.

      if (preKey.getSignedPreKey() != null &&
          !Curve.verifySignature(preKey.getIdentityKey().getPublicKey(),
                                 preKey.getSignedPreKey().serialize(),
                                 preKey.getSignedPreKeySignature()))
      {
        throw new InvalidKeyException("Invalid signature on device key!");
      }

Because of the InvalidKeyException, Omemo is unable to buildFreshSessionWithDevice for this buddy.
Sending of Omemo message is not further possible with this buddy with invalid prekeys on server.

===================
A bit of history how the buddy prekeys and invalid keys come about.

aTalk is trying to implement Regenerate OMEMO identities.
It seems that the newly generated prekeys for the buddy already contain error in the local SQL database.

I manually purged all the OMEMO published data on server for the buddy; and restarts the buddy device, the device will again published the prekeys to the server. However the InvalidKeyException still happen on the sender device. This indicates that problem does not occur during publishing the data to the server.

Do you happen to have used conversejs by any means? if so, this issue is probably resolved by https://github.com/igniterealtime/Smack/pull/337

1 Like