The following problem is observed on my Note-3 which has an omemo device kingfisher@atalk.sytes.net:1000104468. It was trying to send omemo messages to a contact on android J7 device with peacock@atalk.sytes.net:717642636.
However it was found that the Identity for contact peacock@atalk.sytes.net contains two row values i.e.
peacock@atalk.sytes.net:717642636 666f824bfa43000c57375908fe4b1aee7e1da82ce2d909530c734b22b099982d
peacock@atalk.sytes.net:1701516316 666f824bfa43000c57375908fe4b1aee7e1da82ce2d909530c734b22b099982d
Actually the peacock@atalk.sytes.net:717642636 in the DB is corrupted, it contains the same IdnetityKey as another active device peacock@atalk.sytes.net:1701516316. The correct content should be:
peacock@atalk.sytes.net:717642636 79bed1b1f972d8db9b0e3ca9cce81b4952002e252cc6ba8486d4c94b44e33c4c
I do not known when the key was corrupted. But one very strange is on Note-3, the following SQL statement causes it to write to the above two rows when the Trust State is being updated. Look like Note-3 SQL native routine has problem or the DB has already some irregularity in it.
String[] selectionArgs = {device.getJid().toString(), Integer.toString((device.getDeviceId())), fingerprint};
int rows = db.update(SQLiteOmemoStore.IDENTITIES_TABLE_NAME,
fingerprintStatus.toContentValues(), SQLiteOmemoStore.BARE_JID + "=? AND "
+ SQLiteOmemoStore.DEVICE_ID + "=? AND " + SQLiteOmemoStore.FINGERPRINT + "=?", selectionArgs);
Even after I changed the “where” condition to only depend on the omemo devices, the problem persist. Since Note-3 is an old device, I am unable to get any help from the manufacturer or android team; Just has to careful when testing omemo on Note-3 with this weird behavior. This problem does not happen on my Note-10, when doing update to Trust state of similar contents.
The above comment just to state Note-3 has an corrupted key.
'==========================
Below observation is actually what I would like to have some clarification from the smack team.
With the corrupted key, omemo messages exchanges between the two devices i.e.
kingfisher@atalk.sytes.net:1000104468 and peacock@atalk.sytes.net:717642636.
is expected to have problem.
When an omemo message is sent from kingfisher@atalk.sytes.net:1000104468, it actually attempt to obtain the bundle for peacock@atalk.sytes.net:717642636 from the server. Omemo seems to be able to detect there is an discrepancy of the bundle data with its identityKey. In fact it does this twice, before giving up and ignore the device in its send recipient list.
01-30 08:55:16.518 32095-32095/org.atalk.android W/aTalk: [3] org.jivesoftware.smackx.omemo.OmemoService.buildMissingSessionsWithDevices() kingfisher@atalk.sytes.net:1000104468 could not establish session with peacock@atalk.sytes.net:717642636 because their bundle seems to be corrupt.
org.jivesoftware.smackx.omemo.exceptions.CorruptedOmemoKeyException: org.whispersystems.libsignal.InvalidKeyException: Invalid signature on device key!
01-30 08:55:18.178 32095-32095/org.atalk.android W/aTalk: [3] org.jivesoftware.smackx.omemo.OmemoService.encrypt() Could not build session with peacock@atalk.sytes.net:717642636.
I was wonder why smack omemo does not take the received bundle from the server as reference, and proceeds to update/repair the IdentityKey in the database. Instead it takes DB corrupted data as reference and states the bundle has problem.
Any comment?
How to resolve this problem, beside getting J7 to perform an Omemo regeneration.
========= aTalk log: send an omemo message from kingfisher@atalk.sytes.net:1000104468 to peacock@atalk.sytes.net:717642636.==========
01-30 08:55:15.188 32095-32473/org.atalk.android D/SMACK: SENT (0):
<iq to='peacock@atalk.sytes.net' id='W26FM-29' type='get'>
<pubsub xmlns='http://jabber.org/protocol/pubsub'>
<items node='eu.siacs.conversations.axolotl.bundles:717642636'/>
</pubsub>
</iq>
01-30 08:55:15.378 32095-32474/org.atalk.android D/SMACK: RECV (0):
<iq xml:lang='en' to='kingfisher@atalk.sytes.net/atalk' from='peacock@atalk.sytes.net' type='result' id='W26FM-29'>
<pubsub xmlns='http://jabber.org/protocol/pubsub'>
<items node='eu.siacs.conversations.axolotl.bundles:717642636'>
<item id='64BEC26EC2FBB'>
<bundle xmlns='eu.siacs.conversations.axolotl'>
<signedPreKeyPublic signedPreKeyId='1'>
Bcsy/l2/EDen5uLmTf4/6m4toFjqi7w+v3Cz/5Mg+qVc
</signedPreKeyPublic>
<signedPreKeySignature>
u3g9PwygiXi64JqbY58fb5pOZRuVbtzIAH/W3o2L444Imc6tgyzQh4pQ9H0/xuq3P3P32MuKfgKC8aOzbrOhCQ==
</signedPreKeySignature>
<identityKey>
BXm+0bH5ctjbmw48qczoG0lSAC4lLMa6hIbUyUtE4zxM
</identityKey>
<prekeys>
<preKeyPublic preKeyId='1'>
BQksVb5ZkZctcib+b27JCwVIsJk8EvaS2B1LH08BvsIH
</preKeyPublic>
</preKeyPublic>
<preKeyPublic preKeyId='65'>
BWHLL/z6AuHwrcFrJXXNq/m6NAKYbMZfOVWP2kfB3nYF
01-30 08:55:16.518 32095-32095/org.atalk.android W/aTalk: [3] org.jivesoftware.smackx.omemo.OmemoService.buildMissingSessionsWithDevices() kingfisher@atalk.sytes.net:1000104468 could not establish session with peacock@atalk.sytes.net:717642636 because their bundle seems to be corrupt.
org.jivesoftware.smackx.omemo.exceptions.CorruptedOmemoKeyException: org.whispersystems.libsignal.InvalidKeyException: Invalid signature on device key!
at org.jivesoftware.smackx.omemo.signal.SignalOmemoService.processBundle(SignalOmemoService.java:107)
at org.jivesoftware.smackx.omemo.signal.SignalOmemoService.processBundle(SignalOmemoService.java:48)
at org.jivesoftware.smackx.omemo.OmemoService.buildFreshSessionWithDevice(OmemoService.java:803)
at org.jivesoftware.smackx.omemo.OmemoService.buildMissingSessionsWithDevices(OmemoService.java:834)
at org.jivesoftware.smackx.omemo.OmemoService.encrypt(OmemoService.java:358)
at org.jivesoftware.smackx.omemo.OmemoService.createOmemoMessage(OmemoService.java:542)
at org.jivesoftware.smackx.omemo.OmemoManager.encrypt(OmemoManager.java:340)
at org.jivesoftware.smackx.omemo.OmemoManager.encrypt(OmemoManager.java:313)
at net.java.sip.communicator.impl.protocol.jabber.OperationSetBasicInstantMessagingJabberImpl.sendInstantMessage(OperationSetBasicInstantMessagingJabberImpl.java:522)
at org.atalk.android.gui.chat.MetaContactChatTransport.sendInstantMessage(MetaContactChatTransport.java:414)
at org.atalk.android.gui.chat.ChatController.sendMessage(ChatController.java:314)
at org.atalk.android.gui.chat.ChatController.onClick(ChatController.java:481)
at android.view.View.performClick(View.java:5181)
at android.view.View$PerformClick.run(View.java:20887)
at android.os.Handler.handleCallback(Handler.java:739)
at android.os.Handler.dispatchMessage(Handler.java:95)
at android.os.Looper.loop(Looper.java:145)
at android.app.ActivityThread.main(ActivityThread.java:5938)
at java.lang.reflect.Method.invoke(Native Method)
at java.lang.reflect.Method.invoke(Method.java:372)
at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:1389)
at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:1184)
Caused by: org.whispersystems.libsignal.InvalidKeyException: Invalid signature on device key!
at org.whispersystems.libsignal.SessionBuilder.process(SessionBuilder.java:176)
at org.jivesoftware.smackx.omemo.signal.SignalOmemoService.processBundle(SignalOmemoService.java:104)
at org.jivesoftware.smackx.omemo.signal.SignalOmemoService.processBundle(SignalOmemoService.java:48)
at org.jivesoftware.smackx.omemo.OmemoService.buildFreshSessionWithDevice(OmemoService.java:803)
at org.jivesoftware.smackx.omemo.OmemoService.buildMissingSessionsWithDevices(OmemoService.java:834)
at org.jivesoftware.smackx.omemo.OmemoService.encrypt(OmemoService.java:358)
at org.jivesoftware.smackx.omemo.OmemoService.createOmemoMessage(OmemoService.java:542)
at org.jivesoftware.smackx.omemo.OmemoManager.encrypt(OmemoManager.java:340)
at org.jivesoftware.smackx.omemo.OmemoManager.encrypt(OmemoManager.java:313)
at net.java.sip.communicator.impl.protocol.jabber.OperationSetBasicInstantMessagingJabberImpl.sendInstantMessage(OperationSetBasicInstantMessagingJabberImpl.java:522)
at org.atalk.android.gui.chat.MetaContactChatTransport.sendInstantMessage(MetaContactChatTransport.java:414)
at org.atalk.android.gui.chat.ChatController.sendMessage(ChatController.java:314)
at org.atalk.android.gui.chat.ChatController.onClick(ChatController.java:481)
at android.view.View.performClick(View.java:5181)
at android.view.View$PerformClick.run(View.java:20887)
at android.os.Handler.handleCallback(Handler.java:739)
at android.os.Handler.dispatchMessage(Handler.java:95)
at android.os.Looper.loop(Looper.java:145)
at android.app.ActivityThread.main(ActivityThread.java:5938)
at java.lang.reflect.Method.invoke(Native Method)
at java.lang.reflect.Method.invoke(Method.java:372)
at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:1389)
at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:1184)
01-30 08:55:16.548 32095-32473/org.atalk.android D/SMACK: SENT (0):
<iq to='peacock@atalk.sytes.net' id='W26FM-31' type='get'>
<pubsub xmlns='http://jabber.org/protocol/pubsub'>
<items node='eu.siacs.conversations.axolotl.bundles:717642636'/>
</pubsub>
</iq>
01-30 08:55:16.618 32095-32474/org.atalk.android D/SMACK: RECV (0):
<iq xml:lang='en' to='kingfisher@atalk.sytes.net/atalk' from='peacock@atalk.sytes.net' type='result' id='W26FM-31'>
<pubsub xmlns='http://jabber.org/protocol/pubsub'>
<items node='eu.siacs.conversations.axolotl.bundles:717642636'>
<item id='64BEC26EC2FBB'>
<bundle xmlns='eu.siacs.conversations.axolotl'>
<signedPreKeyPublic signedPreKeyId='1'>
Bcsy/l2/EDen5uLmTf4/6m4toFjqi7w+v3Cz/5Mg+qVc
</signedPreKeyPublic>
<signedPreKeySignature>
u3g9PwygiXi64JqbY58fb5pOZRuVbtzIAH/W3o2L444Imc6tgyzQh4pQ9H0/xuq3P3P32MuKfgKC8aOzbrOhCQ==
</signedPreKeySignature>
<identityKey>
BXm+0bH5ctjbmw48qczoG0lSAC4lLMa6hIbUyUtE4zxM
</identityKey>
<prekeys>
<preKeyPublic preKeyId='1'>
BQksVb5ZkZctcib+b27JCwVIsJk8EvaS2B1LH08BvsIH
</preKeyPublic>
<preKeyPublic preKeyId='51'>
BVPOkay3xczuANqA3rlMzn1yJTt9OfqzZiRPG8XFTPxT
</preKeyPublic>
01-30 08:55:18.178 32095-32095/org.atalk.android W/aTalk: [3] org.jivesoftware.smackx.omemo.OmemoService.encrypt() Could not build session with peacock@atalk.sytes.net:717642636.
org.jivesoftware.smackx.omemo.exceptions.CorruptedOmemoKeyException: org.whispersystems.libsignal.InvalidKeyException: Invalid signature on device key!
at org.jivesoftware.smackx.omemo.signal.SignalOmemoService.processBundle(SignalOmemoService.java:107)
at org.jivesoftware.smackx.omemo.signal.SignalOmemoService.processBundle(SignalOmemoService.java:48)
at org.jivesoftware.smackx.omemo.OmemoService.buildFreshSessionWithDevice(OmemoService.java:803)
at org.jivesoftware.smackx.omemo.OmemoService.encrypt(OmemoService.java:381)
at org.jivesoftware.smackx.omemo.OmemoService.createOmemoMessage(OmemoService.java:542)
at org.jivesoftware.smackx.omemo.OmemoManager.encrypt(OmemoManager.java:340)
at org.jivesoftware.smackx.omemo.OmemoManager.encrypt(OmemoManager.java:313)
at net.java.sip.communicator.impl.protocol.jabber.OperationSetBasicInstantMessagingJabberImpl.sendInstantMessage(OperationSetBasicInstantMessagingJabberImpl.java:522)
at org.atalk.android.gui.chat.MetaContactChatTransport.sendInstantMessage(MetaContactChatTransport.java:414)
at org.atalk.android.gui.chat.ChatController.sendMessage(ChatController.java:314)
at org.atalk.android.gui.chat.ChatController.onClick(ChatController.java:481)
at android.view.View.performClick(View.java:5181)
at android.view.View$PerformClick.run(View.java:20887)
at android.os.Handler.handleCallback(Handler.java:739)
at android.os.Handler.dispatchMessage(Handler.java:95)
at android.os.Looper.loop(Looper.java:145)
at android.app.ActivityThread.main(ActivityThread.java:5938)
at java.lang.reflect.Method.invoke(Native Method)
at java.lang.reflect.Method.invoke(Method.java:372)
at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:1389)
at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:1184)
Caused by: org.whispersystems.libsignal.InvalidKeyException: Invalid signature on device key!
at org.whispersystems.libsignal.SessionBuilder.process(SessionBuilder.java:176)
at org.jivesoftware.smackx.omemo.signal.SignalOmemoService.processBundle(SignalOmemoService.java:104)
at org.jivesoftware.smackx.omemo.signal.SignalOmemoService.processBundle(SignalOmemoService.java:48)
at org.jivesoftware.smackx.omemo.OmemoService.buildFreshSessionWithDevice(OmemoService.java:803)
at org.jivesoftware.smackx.omemo.OmemoService.encrypt(OmemoService.java:381)
at org.jivesoftware.smackx.omemo.OmemoService.createOmemoMessage(OmemoService.java:542)
at org.jivesoftware.smackx.omemo.OmemoManager.encrypt(OmemoManager.java:340)
at org.jivesoftware.smackx.omemo.OmemoManager.encrypt(OmemoManager.java:313)
at net.java.sip.communicator.impl.protocol.jabber.OperationSetBasicInstantMessagingJabberImpl.sendInstantMessage(OperationSetBasicInstantMessagingJabberImpl.java:522)
at org.atalk.android.gui.chat.MetaContactChatTransport.sendInstantMessage(MetaContactChatTransport.java:414)
at org.atalk.android.gui.chat.ChatController.sendMessage(ChatController.java:314)
at org.atalk.android.gui.chat.ChatController.onClick(ChatController.java:481)
at android.view.View.performClick(View.java:5181)
at android.view.View$PerformClick.run(View.java:20887)
at android.os.Handler.handleCallback(Handler.java:739)
at android.os.Handler.dispatchMessage(Handler.java:95)
at android.os.Looper.loop(Looper.java:145)
at android.app.ActivityThread.main(ActivityThread.java:5938)
at java.lang.reflect.Method.invoke(Native Method)
at java.lang.reflect.Method.invoke(Method.java:372)
at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:1389)
at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:1184)
01-30 08:55:18.188 32095-32473/org.atalk.android D/SMACK: SENT (0):
<message to='peacock@atalk.sytes.net/atalk' id='1611968115188237643595' type='chat'>
<encrypted xmlns='eu.siacs.conversations.axolotl'>
<header sid='1000104468'>
<key prekey='true' rid='1701516316'>
MwjpARIhBVs8YQ+qaMEQjtuFNT4u+ll9kdlVtVgTLEyWDUicmnlAGiEFb52PE0Lc/cEktwZL3I5POoYrBmmQ++/FmvVRWBf2LkoiYjMKIQWPh05gUzf03N2VaHNetWyu83MNxdH8nGRKDvWNQS68CxAEGAAiMIgDQfahxYZ7pPU3MGhzxhUjAYt7hDC+ZefvSL271h7fqB9EEy8oimh7S3KAcO8Gx03RNWicVJZLKAAwAw==
</key>
<iv>
NBB3czN0iWSo/AiR
</iv>
</header>
<payload>
PwI=
</payload>
</encrypted>
<body>
I sent you an OMEMO encrypted message but your client doesn't seem to support that. Find more information on https://conversations.im/omemo
</body>
<store xmlns='urn:xmpp:hints'/>
<encryption xmlns='urn:xmpp:eme:0' namespace='eu.siacs.conversations.axolotl' name='OMEMO'/>
<active xmlns='http://jabber.org/protocol/chatstates'/>
<request xmlns='urn:xmpp:receipts'/>
<origin-id xmlns='urn:xmpp:sid:0' id='5HUE-KW3G-K83G-Y'/>
</message>