Smack -omemo for 4.2.1 with E2E Encryption

Hiren1 · September 29, 2017, 4:55pm

Hello,

I have created chat client using smack 4.2.1 it work’s fine i can send and receive messages perfectly.

I want to add E2E Encryption using 4.1.5 for secure messaging does openfire 4.1.5 support E2E Encryption ?

Now i want to add E2E Encryption for clients i have written some code please find below.

			try {
				SignalOmemoService.acknowledgeLicense();
				SignalOmemoService.setup();

				OmemoConfiguration.setFileBasedOmemoStoreDefaultPath(new File("F:\\"));
				omemoManager = OmemoManager.getInstanceFor(connection);
				omemoManager.addOmemoMessageListener(new OmemoMessageListener() {

					@Override
					public void onOmemoKeyTransportReceived(CipherAndAuthTag arg0, Message arg1, Message arg2,
							OmemoMessageInformation arg3) {

					}

					@Override
					public void onOmemoMessageReceived(String arg0, Message arg1, Message arg2,
							OmemoMessageInformation arg3) {
						System.out.println("decrypted message :- " + arg0);

					}
				});

				omemoManager.initialize();
			} catch (Exception e) {
				e.printStackTrace();
			}

when i am trying to intialize the OmemoManager it gives verification error like below

Exception in thread “main” java.lang.VerifyError: class org.whispersystems.libsignal.state.StorageProtos$PreKeyRecordStructure overrides final method getUnknownFields.()Lcom/google/protobuf/UnknownFieldSet;
at java.lang.ClassLoader.defineClass1(Native Method)
at java.lang.ClassLoader.defineClass(ClassLoader.java:791)
at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:142)
at java.net.URLClassLoader.defineClass(URLClassLoader.java:449)
at java.net.URLClassLoader.access$100(URLClassLoader.java:71)
at java.net.URLClassLoader$1.run(URLClassLoader.java:361)
at java.net.URLClassLoader$1.run(URLClassLoader.java:355)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(URLClassLoader.java:354)
at java.lang.ClassLoader.loadClass(ClassLoader.java:423)
at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:308)
at java.lang.ClassLoader.loadClass(ClassLoader.java:356)
at org.whispersystems.libsignal.state.PreKeyRecord.(PreKeyRecord.java:25)
at org.whispersystems.libsignal.util.KeyHelper.generatePreKeys(KeyHelper.java:89)
at org.jivesoftware.smackx.omemo.signal.SignalOmemoKeyUtil.generateOmemoPreKeys(SignalOmemoKeyUtil.java:66)
at org.jivesoftware.smackx.omemo.OmemoStore.generateOmemoPreKeys(OmemoStore.java:535)
at org.jivesoftware.smackx.omemo.OmemoStore.packOmemoBundle(OmemoStore.java:201)
at org.jivesoftware.smackx.omemo.OmemoService.publishBundle(OmemoService.java:301)
at org.jivesoftware.smackx.omemo.OmemoService.initialize(OmemoService.java:228)
at org.jivesoftware.smackx.omemo.OmemoManager.initialize(OmemoManager.java:189)
at com.smack.demo.SmackE2E.main(SmackE2E.java:94)

i have used singal-protocol-java-2.6.2 does any one have solution for this problem?
i have installed openfire 4.1.5 and configured smack 4.2.1 snapshot for client.

Paul_Schaub · October 9, 2017, 12:14pm

Unrelated to your main problem, but OMEMO wont work on Openfire, since it’s PEP/PubSub implementation is currently broken.

To the crash you experience:
I’m not sure, what causes this, seems like a bug in libsignal. Can you give some more information about what Android version/device you are using?
Also: How did you include smack-omemo in your project?

Hiren1 · October 10, 2017, 3:35pm

i have included smack-omemo 4.3.0 alpha-1 in my project using build path to my java application.

However it can get response from openfire server with registerd device id.
Attched some logs .devicelist.txt (859 Bytes)

I have check server support from disco #info from client but it gives true as response so i believe that openfire can support omemo.

i can get message to other client but always it silently ignored cause there is no transport key avalilable in message stanza.

Please help me to get out of this problem or do you have any workaround solutio n for e2e encryotion omemo is not neccesarry for me.

Thanks in advance

Paul_Schaub · October 10, 2017, 5:01pm

As I said, OpenFires PubSub implementation is currently broken, so you wont get working OMEMO encryption using Openfire. You could try if your implementation works on another server like ejabberd or prosody.

You might also want to create a new bugreport for Openfire in case there is no open ticket yet. That might speed up the process of fixing Openfire

Hiren1 · October 11, 2017, 8:50am

Thanks For your suggestions.

Could you please help me to open a bug in jira tracker actully i don’t know from where can i open this bug and since this community is in migration stage i couldn’t find any thing working well.

Please help me to open a bug for developer and we can fix it out.

Or let me know what is basic requirements for pep as i modified the server and i know each and every corner of source code i can fix it but not sure how does omemo work.

I can fix this issue my self but need some direction about how does the omemo working do you have any blogs or refrence from where i can refer and fix this broken issue.

Thanks in advance…

wroot · October 11, 2017, 9:03am

Only a few users are allowed to file tickets in the bug tracker. If you can formulate this bug (short description), i can file it for you. Though, filing it won’t make it fixed faster. There are only a few volunteer developers here. If you can come up with a patch and provide it as a pull request on Github, it might speed up things.

Hiren1 · October 11, 2017, 9:11am

I’ll try my best to fix this bug and then come with pull request before that i need to understand how does the pep working and how the omemo integrated with this currently working on it.

I don’t know in deep as of now so i couldn’t give you enough information about the bug but may be paul has enough reserch on that and if he can provide then it will be great for us.

Thanks

Paul_Schaub · October 12, 2017, 2:45pm

I think a good starting point would be the XEPs. You might also want to join open_chat@conference.igniterealtime.org or jdev@conference.xmpp.org for more help

Paul_Schaub · November 17, 2017, 6:09pm

The latest beta of Openfire fixed the issue with PubSub. Openfire now supports OMEMO

Hiren1 · November 18, 2017, 4:29am

Thanks for your support and updating me let me try out that i am using alpha 4.2.0 so i think it is also fixed for that let me compile the server again.

exciting to see OMEMO for openfire server.

THanks again

Hiren1 · November 22, 2017, 5:23pm

i have tried again but seems it is still fails to encrypt and decrypt the messages.

message stanza attached in file please check it

message stanza .txt (1.1 KB)

i got warning logs from smack at receiver end like

Nov 22, 2017 10:42:13 PM org.jivesoftware.smackx.omemo.OmemoService processReceivingMessage
INFO: There is no key with our deviceId. Silently discard the message.

and getting error at sender end like

Could not fetch device list of test@hiren: org.jivesoftware.smack.XMPPException$XMPPErrorException: XMPP error reply received from test@hiren: XMPPError: internal-server-error - wait
org.jivesoftware.smack.XMPPException$XMPPErrorException: XMPP error reply received from test@hiren: XMPPError: internal-server-error - wait

Please help me to get out of this situation don’t know how to resolve it.

Many many thanks for your efforts.

Paul_Schaub · November 22, 2017, 6:02pm

It seems like your messages aren’t encrypted for their recipients. That might have multiple reasons.

Did the users subscribe to each others presence?

Hiren1 · November 23, 2017, 4:39am

yes they are subscribed as BOTH to each other i have used the same code as you demonstration in your block should i send it?

Paul_Schaub · November 23, 2017, 9:34am

Sure, source code is the best way to discover errors

Hiren1 · November 24, 2017, 2:41pm

please Find the src code in below file and let me know your suggestions.

smackE2E.txt (5.1 KB)

Paul_Schaub · November 24, 2017, 3:34pm

@Hiren1 Some questions that pop in my mind.

Is the connection authenticated in line 62?
Why do you regenerate in line 72?
Lines 75 - 80 are unnecessary
Lines 82 - 85 are unnecessary as well (you don’t build sessions with your own device)
Line 106 is unnecessary for the same reason
There is some missing code, since I don’t know, where you get ‘elemet’ from in line 122
You shouldn’t do what you do in line 140. It shouldn’t work anyways.
In general your code looks incomplete from line 107 on. To help you, I need more source code.

Hiren1 · November 25, 2017, 10:37am

1 ) Connection is authenticated in line 62.

and rest of the other code i did it for debug purpose .

Could you please assists me any tutorial or blog refering which i can make successfully encryption and descryption.

Thanks in advance.

Paul_Schaub · November 25, 2017, 1:09pm

Take a look at my blog post here.

Hiren1 · November 25, 2017, 1:27pm

Thanks for your response.

i followed the same one will try again and get back to you.

Hiren1 · November 27, 2017, 5:49pm

Hi i have followed the same one please find my source code in attachment.

E2E.java (5.4 KB)

and got following errors

Exception in thread “main” java.lang.AbstractMethodError: org.jivesoftware.smackx.omemo.signal.SignalOmemoStoreConnector.isTrustedIdentity(Lorg/whispersystems/libsignal/SignalProtocolAddress;Lorg/whispersystems/libsignal/IdentityKey;Lorg/whispersystems/libsignal/state/IdentityKeyStore$Direction;

and packet please find in the file

reponse packets.txt (19.5 KB)

could you please help me to get out this situation??

Thanks a lot mate.