search

signalapp / libsignal

Home to the Signal Protocol as well as other cryptographic primitives which make Signal possible.
GNU Affero General Public License v3.0
3.63k stars 420 forks source link

Getting error org.signal.libsignal.zkgroup.InvalidInputException: Deserialization failure in zkgroup when trying to start instance of Signal Server #562

Closed jgnoonan closed 8 months ago

jgnoonan commented 8 months ago

I am running Signal Server 12.3.0 on an EC2 instance running Ubuntu 22.04. I resolved several issues with the service/config/sample.yml and service/config/sample-secrets-bundle.yml file and am now at the point where it appears to be reading in the zkConfig parameters from these files and I am getting the following error:

org.signal.libsignal.zkgroup.InvalidInputException: Deserialization failure in zkgroup at org.signal.libsignal.internal.Native.GenericServerSecretParams_CheckValidContents(Native Method) at org.signal.libsignal.zkgroup.GenericServerSecretParams.lambda$new$0(GenericServerSecretParams.java:38) at org.signal.libsignal.internal.FilterExceptions.filterExceptions(FilterExceptions.java:163) at org.signal.libsignal.zkgroup.GenericServerSecretParams.(GenericServerSecretParams.java:36) at org.whispersystems.textsecuregcm.WhisperServerService.run(WhisperServerService.java:693) at org.whispersystems.textsecuregcm.WhisperServerService.run(WhisperServerService.java:261) at io.dropwizard.core.cli.EnvironmentCommand.run(EnvironmentCommand.java:66) at io.dropwizard.core.cli.ConfiguredCommand.run(ConfiguredCommand.java:98) at io.dropwizard.core.cli.Cli.run(Cli.java:78) at io.dropwizard.core.Application.run(Application.java:94) at org.whispersystems.textsecuregcm.WhisperServerService.main(WhisperServerService.java:1050)

I updated the pom.xml to use the latest version of libsignal, but it had no impact. I ran the zkparams command to get the private and public key and used those in the configuration file, but I still get the same error. The zkparams command produced the following public and private keys:

Public: AF6dGGBEf6+ZgILNS5BRi/w46nzSyQZUOlP2h7d8tDNMlHcGqeg1f31NUipyVr5dnt4U0brSDqHoFETbzdboyyNczjcQDZwjo8c60tFEcbqt036lUa1tukkxiRej+j43FJoABBDYW1gLBY6oI1rR0EDHdRJhTtBLuNnfAb+wjrwN1kdeAYtCpN7f9D1uHxIiK+Sq2nNOzfdSzQspLueuGXdsHKHb+howIdFFM0O0F98CFhnGVFDIYupSJcWIX4FTGlpxLR0oQL1Shq8J+YG8awG4QqCiDuNf9B/YU255tehN4rufvEnf8j26c1Pf4mA+1Q5+XjJigSgNyNMbT9h4VHISy5THnogmDDArc9+pvf7yqprUI0ls0yXHGbkIEHftBfhPCNZlmHgkGvBqMmGp+DpVjYb5RNXvKLObFyOSnuYjHNtBYJlRIStNqNC994KULyVA7RaaDS+nqdXZ7BD5XzZG1Y48zlo7lFGABkHT8Q1Ij6U96gTPjz4pzY3tYSjSHBJ6NqoaqKytVrPOG6JmYRXrIPTGuDAwYz57RfdmovBHcPPHA0qOFFtgnEhPEDnc0F/aeAKG7GIL2lFHpgXz4TRaP6psoy4DPATRg29t1+6W3w4PzdUb/CU/szCjQ5hYXk7Oxr2NHyoMVeJKRtzEgYyAtPDE36zslnW+zqOUepN5nJZ/PiuAfL6V6XPejZbI1LLb+tc+OVNbdYC5hZw3nhggi3Wml/uGiNFum25o7uZBGtLeZFEYUgeIE/FIsTcuN/qZ/UGsr314Gtydkccna24rBRlHMhjZuSqFiY9gKWFExCrmANmPOFTsxA8YHQoaR1JrtsHz9BGsvd7ebFTLHXw Private: ABQdz+ZFcip7fAMrAAlUGcp5u5O1PpLlJxXgAyjXpgINRC3b1ynrMX4h6lkOKBC4AJ51F6/jgqSN9AJCZFYh/wjCMZUTaI2R11q0Vj/9I2fyZdJjAB4GnfQVUnh1DQoMbtSoHNdakiOnc+omc6iQjsjEdHX5KiHxgqK5Snp9Eg8NJPETTIVTFD6JaMNc/PxCVkB5RrbOxS3M9CNYpM5WwAHAGVp8L8BtQImfS7x7MH5pnpuK/UdckKcSsBIiTj6mBC7pAYnfBxt5yywjbZ0clXxUkr79FjLHptTHHZleafgIXFBnWihGnCQ0z64txWidC7EjU52+uyqHHPLyCD+/ygL1iACK2LKQt+bdIJ3aXR6R5wxR9C9a7F8W3IZxAmjnD16dGGBEf6+ZgILNS5BRi/w46nzSyQZUOlP2h7d8tDNMlHcGqeg1f31NUipyVr5dnt4U0brSDqHoFETbzdboyyNSf1PsAr9hMd5yvR0Je6KIAGBJz7viW7BooR4d+tUcBMBDecpWBPA2HtZRmiD5ncdiR9v0kuRVKNPAp2j2994EsgSNOS15Yz/my4c1Fm6mF9q/WUARPP10/4mSM9BL7B7wo6yP0KZZiRmvAW3TXtkxZRshdaDTWbN85rlB5xmRCv+vEK1+gjl2AKXmE6ywqyKZLBT86WtBqUmbSOWe95IH0N15Ry0SoEaftrcUuG37/2VGUvuDgPWYXXrDgGBq6APEOvPz9fvkCKYOIZy2NkX9V9stj/zzXsNtA5PLLsmsBrimV4up/BAx2VYeyiit7B28zJ9oyqJWpj+CwVJf8MUCQlSPkTsBCxaCRlva3pcVNaFqBUBA/2luqMcNFbMFxghczjcQDZwjo8c60tFEcbqt036lUa1tukkxiRej+j43FJoABBDYW1gLBY6oI1rR0EDHdRJhTtBLuNnfAb+wjrwNeclptKSx1+/sg9zFKLIekdJmR8kPkphM57wOXxLjqwLWR14Bi0Kk3t/0PW4fEiIr5Krac07N91LNCyku564Zd+MDzuEMLKR2esz+s35fYpS6DgTYf2Ra8+iL1JN+8BAKJ56uKRv/gOPwEFm7727Mu2zb9ae6TQ/VL6U6VlxgmQTgxtuoifeLGjy5O7ZBD6uyrJzg5lV6xhr5+c25IOU7SMre4vIBI5ceCsnP91W9cTGHyLUgago1/mkA6j83a6wJ3tsasBO31ppqKq9f65P2q0XGkh0NMaFZLi24YZnAewERjF/4VItG8qeMydTUkMu1fzhodpY/qCFOLa5IAF9yBaoHcpX9QS4hiYlc92g7vXQbEySB4W5WIYOA8zlQ+CwISVeZGuhQnbIYBk9fZMsNdtJl4vCtYk515DIPT5QnVAr0O/dMclIv9rr6gIwrQF2solD96aeOC40FatwTcdTfC2wcodv6GjAh0UUzQ7QX3wIWGcZUUMhi6lIlxYhfgVMaWnEtHShAvVKGrwn5gbxrAbhCoKIO41/0H9hTbnm16E0Nad4BnI7eHZ/05nDCuMEdUElWFk0hDH3ew9bYvcUyDPcThdctmSonOcKPdDnqI7s4YXFk0HeF/8TJIPhrNjgImHsje/f3fu8/dvqYiM+nl8ef4PQly1jvSpJeQnn+CEjXUix6E8bUc4cEKtYAx6qtyxfFwnAl0qjI2BTCWl9GC2eokpcaIulgeerCu/Ub8wUdHC0a6RC2OT0JF0Hud4cHLuQp+ZlF2OctHGF2Ee6qzr3KgPQhrwa1HopIHQt2vAkZb4FRzLhCwxpVFAkxQG2bV6wl5gpQq8lUnBB2xyWjBf6cpn0eezpCo8ShVWWfMQ/rSFT06NDe1AEdukQHr5sAQxus4QW0S4nFTQPXp7GJoVfPt5bqpMljsxiFMNCDogX/gICkieTRi6MgNU1N0OFUFyesMdaGMoHP+VqE9qcQDE8RGpVakyzwRH1E4WVlHU5aTeBLIxW6/dLc6X4zA38F4rufvEnf8j26c1Pf4mA+1Q5+XjJigSgNyNMbT9h4VHISy5THnogmDDArc9+pvf7yqprUI0ls0yXHGbkIEHftBSrVBtIebZ3Ndmga+u46nAhz4RLwSkzy6YxsxO87be8KfPo+tCyRQHvdpTqJqm2xLEG5DLtEfpVdEIIcJB0a1gn4o85egbSSW/Vw9gGt+MvX66TcwprjciB5ndXySjIxUfrftBb8a3ByTouGziIgQM4Lk19HFcQ8dHQZIabhi3gOrCRxJoYha7bRv8irrKoCSsArAtV8fCSg70BmdSob1wndMABTFfyeCbaSwkLaVHIBs5MiwngRB3UWV/wMy4DHCVQzoPBRHKY4/ZEXBhtIHi9qLeVHSyDjKK3Jq4tWLkUGQE8wzev9dz48mG0riiJLMVz+BgqrRyhr0J40lbLQjAxAGegVnlVhzdsJp5Q+AHi00JBQzh85bbsaEtPPWSSkD0ruLt3nq3QpdQwwFs76PjwcR0IDcBzSkxtATNcYhj8A+E8I1mWYeCQa8GoyYan4OlWNhvlE1e8os5sXI5Ke5iMc20FgmVEhK02o0L33gpQvJUDtFpoNL6ep1dnsEPlfNuA7m8sgAF/IUF36XuB40w1OUU0lbm7BgIBfLFFRha0JjyhyqtrnJ1Pgq+okkOg/NgIbXh3WL74zLkYwAULU8gI80S/SVRGmKwgyy5ojQx98WEkwOW5d8jMP0cpJDwkVDPrMwwnmHNLmkMxjoN45nQ5l3VTaRLTqwF/clsGkHD8Pn3gNhT43Y05hEgO4OUwPmoZXFM9EaIzIfoo3aYnuaQipmSGd0r4E5haSZuskPuZ00qCHxNBKZQigUYcCx3wrB50OocxcVW0CF8OBmF0aBA743Ohq6r9+lIRGbaztI3oAKl57W+9Az8KvYfyNCvtIUYl2r4inwWGULJlpCI4tRwEaGoSfKgGxp5tV8rEsymCkp6Rgn8WokFRLhXvuWTB3B4x5hThQAhUIX00p4m9g+rkTAL6qItone9QPzceLIq4HRtWOPM5aO5RRgAZB0/ENSI+lPeoEz48+Kc2N7WEo0hwSejaqGqisrVazzhuiZmEV6yD0xrgwMGM+e0X3ZqLwRzzsBW4tXmGZ3JNBTXHpi9pt2cSF5pgnGViBWSEuhuYMTHaIII6SG6Om791m2XqrzeB/LY3D8xn5CBqSYEXY3gGQfIeKCWmFfHWgT+HzQ+jVQr/e1pXBu3XuMmURshZOJZZwU4389+aUUzIr1ur6OdZHKzkC76hKb+ww++c6pq4Cxg8/S5xsuiI5ET+s7CPOH0YW6WDz3TndsNaatZkb0gSoD7bwTGRU/8GUxv+G0v4TfBc8Drrry6IYNIuCgkU6B7USs05/AaDHWv+X1fmpVmgbJcMOvO64RAS2GAx9HewNwEKxhMq6k3og6jqdwM2AZsxkilz8VPIjsUCpJy4ovQC6XKXeGKWGxM/WiJFh6s/d+QnVLd41WE02izhL4RjSCksSz8FEV4DVxyszYqGD3zW6hjAWOz8ZWQThQxSfDhoDMmFyOlQxcfYFRSDIjD6qh/8ZbofBOd98m3nnqh3tIAY1t87W+szDswFm8POogeW0U671So0xaxs/q0vEcs0FDw

Any Ideas as to why I am getting this error in zkgroups?

jrose-signal commented 8 months ago

GenericServerSecretParams and ServerSecretParams are two different types! Today, the chat server uses the generic params for credentials exchanged with the calling servers, and the "unlabeled" ServerSecretParams for credentials exchanged with the group server. We'd rename it GroupServerSecretParams if it wouldn't be a massive diff.

jgnoonan commented 8 months ago

Any idea on why I would be getting this deserialization error? It appears something similar was resolved in 0.39.0 but I'm not sure. I can't find much on this error.

jrose-signal commented 8 months ago

These are the keys for ServerSecretParams; you need different (shorter) keys for GenericServerSecretParams, generated from generate_generic_server_params

I'll let the server team know their sample config is out of date, though!

jgnoonan commented 8 months ago

Thanks! I'll give that a shot and let you know.

jgnoonan commented 8 months ago

Two questions:

What is the name of the key that needs to be added to sample.yml or sample-secrets-bundle.yml?

How do I use generate_generic_server_params? I tried using the same format as zkparams, but that didn't work. I used:

`java -jar -Dsecrets.bundle.filename=service/config/sample-secrets-bundle.yml service/target/TextSecureServer-12.3.0.jar generate_generic_server_params

I noticed the only reference to generate_generic_server_params is in libsignal/rust/zkgroup/Cargo.toml. ANy help is appreciated. Thanks!

`

jgnoonan commented 8 months ago

@jrose-signal Sorry, forgot to tag you in the previous post. Any help is greatly appreciated. BTW, I did successfully build libsignal 0.41.0. Does the cargo build produce that key? I didn't look at all the messages produced during the build and test. Thanks!

jrose-signal commented 8 months ago

Ah, generate_generic_server_params is a Rust tool only, yes. cargo run --bin generate_generic_server_params in this repo.

We don't do general support for running the server outside of the Signal environment, but you may be able to get more general help on the community forums at http://community.signalusers.org.