prosody-modules
c83bfcc6ac0a
mod_cloud_notify_encrypted/mod_cloud_notify_encrypted.lua

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody-modules

Annotate

mod_cloud_notify_encrypted/mod_cloud_notify_encrypted.lua @ 6220:c83bfcc6ac0a

mod_cloud_notify_encrypted: Use new 'util.crypto' on Prosody 13.0 This removes the dependency on lua-luaossl when running on Prosody 13.0 (or trunk) which has util.crypto Compatibility with Prosody 0.12 retained but also the dependency
author Kim Alvefur <zash@zash.se>
date Mon, 31 Mar 2025 13:24:44 +0200
parent 5952:2b80188448d1
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
4456
8ed1989e99f9 mod_cloud_notify_encrypted: Update to latest spec, fixes unreliable call notifications
Matthew Wild <mwild1@gmail.com>
parents: 4373
diff changeset
1 local array = require "util.array";
4327
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
2 local base64 = require "util.encodings".base64;
4651
8231774f5bfd mod_cloud_notify_encrypted: Ensure body substring remains valid UTF-8
Kim Alvefur <zash@zash.se>
parents: 4650
diff changeset
3 local valid_utf8 = require "util.encodings".utf8.valid;
6220
c83bfcc6ac0a mod_cloud_notify_encrypted: Use new 'util.crypto' on Prosody 13.0
Kim Alvefur <zash@zash.se>
parents: 5952
diff changeset
4 local have_crypto, crypto = pcall(require, "util.crypto");
4327
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
5 local jid = require "util.jid";
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
6 local json = require "util.json";
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
7 local random = require "util.random";
4456
8ed1989e99f9 mod_cloud_notify_encrypted: Update to latest spec, fixes unreliable call notifications
Matthew Wild <mwild1@gmail.com>
parents: 4373
diff changeset
8 local set = require "util.set";
4327
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
9 local st = require "util.stanza";
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
10
6220
c83bfcc6ac0a mod_cloud_notify_encrypted: Use new 'util.crypto' on Prosody 13.0
Kim Alvefur <zash@zash.se>
parents: 5952
diff changeset
11 if not have_crypto then
c83bfcc6ac0a mod_cloud_notify_encrypted: Use new 'util.crypto' on Prosody 13.0
Kim Alvefur <zash@zash.se>
parents: 5952
diff changeset
12 local ossl_ciphers = require "openssl.cipher";
c83bfcc6ac0a mod_cloud_notify_encrypted: Use new 'util.crypto' on Prosody 13.0
Kim Alvefur <zash@zash.se>
parents: 5952
diff changeset
13 crypto = {};
c83bfcc6ac0a mod_cloud_notify_encrypted: Use new 'util.crypto' on Prosody 13.0
Kim Alvefur <zash@zash.se>
parents: 5952
diff changeset
14 -- FIXME: luaossl does not expose the EVP_CTRL_GCM_GET_TAG API, so we append 16 NUL bytes
c83bfcc6ac0a mod_cloud_notify_encrypted: Use new 'util.crypto' on Prosody 13.0
Kim Alvefur <zash@zash.se>
parents: 5952
diff changeset
15 -- Siskin does not validate the tag anyway.
c83bfcc6ac0a mod_cloud_notify_encrypted: Use new 'util.crypto' on Prosody 13.0
Kim Alvefur <zash@zash.se>
parents: 5952
diff changeset
16 function crypto.aes_128_gcm_encrypt(key, iv, message)
c83bfcc6ac0a mod_cloud_notify_encrypted: Use new 'util.crypto' on Prosody 13.0
Kim Alvefur <zash@zash.se>
parents: 5952
diff changeset
17 return ciphers.new("AES-128-GCM"):encrypt(key, iv):final(message)..string.rep("\0", 16);
c83bfcc6ac0a mod_cloud_notify_encrypted: Use new 'util.crypto' on Prosody 13.0
Kim Alvefur <zash@zash.se>
parents: 5952
diff changeset
18 end
c83bfcc6ac0a mod_cloud_notify_encrypted: Use new 'util.crypto' on Prosody 13.0
Kim Alvefur <zash@zash.se>
parents: 5952
diff changeset
19 end
c83bfcc6ac0a mod_cloud_notify_encrypted: Use new 'util.crypto' on Prosody 13.0
Kim Alvefur <zash@zash.se>
parents: 5952
diff changeset
20
4327
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
21 local xmlns_jmi = "urn:xmpp:jingle-message:0";
4465
2a7a76712e71 mod_cloud_notify_encrypted: Fix expected namespace of JMI description element
Matthew Wild <mwild1@gmail.com>
parents: 4457
diff changeset
22 local xmlns_jingle_apps_rtp = "urn:xmpp:jingle:apps:rtp:1";
4327
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
23 local xmlns_push = "urn:xmpp:push:0";
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
24 local xmlns_push_encrypt = "tigase:push:encrypt:0";
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
25 local xmlns_push_encrypt_aes_128_gcm = "tigase:push:encrypt:aes-128-gcm";
4467
6d595857164a mod_cloud_notify_encrypted: Advertise support for JMI push notifications
Matthew Wild <mwild1@gmail.com>
parents: 4466
diff changeset
26 local xmlns_push_jingle = "tigase:push:jingle:0";
4327
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
27
4650
44af84178cea mod_cloud_notify_encrypted: For encrypted messages, push a friendly message instead of fallback body
Matthew Wild <mwild1@gmail.com>
parents: 4467
diff changeset
28 local function detect_stanza_encryption(stanza)
44af84178cea mod_cloud_notify_encrypted: For encrypted messages, push a friendly message instead of fallback body
Matthew Wild <mwild1@gmail.com>
parents: 4467
diff changeset
29 local eme = stanza:get_child("encryption", "urn:xmpp:eme:0");
44af84178cea mod_cloud_notify_encrypted: For encrypted messages, push a friendly message instead of fallback body
Matthew Wild <mwild1@gmail.com>
parents: 4467
diff changeset
30 if eme then return eme.attr.namespace or ""; end
44af84178cea mod_cloud_notify_encrypted: For encrypted messages, push a friendly message instead of fallback body
Matthew Wild <mwild1@gmail.com>
parents: 4467
diff changeset
31 -- Fallback for legacy OMEMO clients without EME
44af84178cea mod_cloud_notify_encrypted: For encrypted messages, push a friendly message instead of fallback body
Matthew Wild <mwild1@gmail.com>
parents: 4467
diff changeset
32 local omemo = stanza:get_child("encrypted", "eu.siacs.conversations.axolotl");
44af84178cea mod_cloud_notify_encrypted: For encrypted messages, push a friendly message instead of fallback body
Matthew Wild <mwild1@gmail.com>
parents: 4467
diff changeset
33 if omemo then return "eu.siacs.conversations.axolotl"; end
44af84178cea mod_cloud_notify_encrypted: For encrypted messages, push a friendly message instead of fallback body
Matthew Wild <mwild1@gmail.com>
parents: 4467
diff changeset
34 end
44af84178cea mod_cloud_notify_encrypted: For encrypted messages, push a friendly message instead of fallback body
Matthew Wild <mwild1@gmail.com>
parents: 4467
diff changeset
35
4327
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
36 -- https://xeps.tigase.net//docs/push-notifications/encrypt/#41-discovering-support
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
37 local function account_disco_info(event)
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
38 event.reply:tag("feature", {var=xmlns_push_encrypt}):up();
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
39 event.reply:tag("feature", {var=xmlns_push_encrypt_aes_128_gcm}):up();
4467
6d595857164a mod_cloud_notify_encrypted: Advertise support for JMI push notifications
Matthew Wild <mwild1@gmail.com>
parents: 4466
diff changeset
40 event.reply:tag("feature", {var=xmlns_push_jingle}):up();
4327
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
41 end
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
42 module:hook("account-disco-info", account_disco_info);
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
43
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
44 function handle_register(event)
4329
2a5164162708 mod_cloud_notify_encrypted: Fix the location of the <encrypt> element in push registrations
Matthew Wild <mwild1@gmail.com>
parents: 4327
diff changeset
45 local encrypt = event.stanza:get_child("enable", xmlns_push):get_child("encrypt", xmlns_push_encrypt);
4327
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
46 if not encrypt then return; end
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
47
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
48 local algorithm = encrypt.attr.alg;
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
49 if algorithm ~= "aes-128-gcm" then
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
50 event.origin.send(st.error_reply(
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
51 event.stanza, "modify", "feature-not-implemented", "Unknown encryption algorithm"
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
52 ));
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
53 return false;
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
54 end
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
55
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
56 local key_base64 = encrypt:get_text();
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
57 local key_binary = base64.decode(key_base64);
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
58 if not key_binary or #key_binary ~= 16 then
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
59 event.origin.send(st.error_reply(
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
60 event.stanza, "modify", "bad-request", "Invalid encryption key"
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
61 ));
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
62 return false;
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
63 end
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
64
5054
62480053c87b mod_cloud_notify_encrypted: Additional debug logging when enabling/skipping
Matthew Wild <mwild1@gmail.com>
parents: 4651
diff changeset
65 module:log("debug", "Encrypted push notifications enabled");
62480053c87b mod_cloud_notify_encrypted: Additional debug logging when enabling/skipping
Matthew Wild <mwild1@gmail.com>
parents: 4651
diff changeset
66
4327
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
67 event.push_info.encryption = {
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
68 algorithm = algorithm;
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
69 key_base64 = key_base64;
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
70 };
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
71 end
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
72
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
73 function handle_push(event)
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
74 local encryption = event.push_info.encryption;
5054
62480053c87b mod_cloud_notify_encrypted: Additional debug logging when enabling/skipping
Matthew Wild <mwild1@gmail.com>
parents: 4651
diff changeset
75 if not encryption then
62480053c87b mod_cloud_notify_encrypted: Additional debug logging when enabling/skipping
Matthew Wild <mwild1@gmail.com>
parents: 4651
diff changeset
76 module:log("debug", "Encryption not enabled for this notification");
62480053c87b mod_cloud_notify_encrypted: Additional debug logging when enabling/skipping
Matthew Wild <mwild1@gmail.com>
parents: 4651
diff changeset
77 return;
62480053c87b mod_cloud_notify_encrypted: Additional debug logging when enabling/skipping
Matthew Wild <mwild1@gmail.com>
parents: 4651
diff changeset
78 end
4327
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
79
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
80 if encryption.algorithm ~= "aes-128-gcm" then
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
81 event.reason = "Unsupported encryption algorithm: "..tostring(encryption.algorithm);
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
82 return true;
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
83 end
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
84
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
85 local push_summary = event.push_summary;
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
86
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
87 local original_stanza = event.original_stanza;
4650
44af84178cea mod_cloud_notify_encrypted: For encrypted messages, push a friendly message instead of fallback body
Matthew Wild <mwild1@gmail.com>
parents: 4467
diff changeset
88 local is_encrypted_msg = detect_stanza_encryption(original_stanza);
44af84178cea mod_cloud_notify_encrypted: For encrypted messages, push a friendly message instead of fallback body
Matthew Wild <mwild1@gmail.com>
parents: 4467
diff changeset
89 local body;
44af84178cea mod_cloud_notify_encrypted: For encrypted messages, push a friendly message instead of fallback body
Matthew Wild <mwild1@gmail.com>
parents: 4467
diff changeset
90 if is_encrypted_msg then
44af84178cea mod_cloud_notify_encrypted: For encrypted messages, push a friendly message instead of fallback body
Matthew Wild <mwild1@gmail.com>
parents: 4467
diff changeset
91 -- TODO: localization
44af84178cea mod_cloud_notify_encrypted: For encrypted messages, push a friendly message instead of fallback body
Matthew Wild <mwild1@gmail.com>
parents: 4467
diff changeset
92 body = "You have received an encrypted message";
44af84178cea mod_cloud_notify_encrypted: For encrypted messages, push a friendly message instead of fallback body
Matthew Wild <mwild1@gmail.com>
parents: 4467
diff changeset
93 else
44af84178cea mod_cloud_notify_encrypted: For encrypted messages, push a friendly message instead of fallback body
Matthew Wild <mwild1@gmail.com>
parents: 4467
diff changeset
94 body = original_stanza:get_child_text("body");
44af84178cea mod_cloud_notify_encrypted: For encrypted messages, push a friendly message instead of fallback body
Matthew Wild <mwild1@gmail.com>
parents: 4467
diff changeset
95 if body and #body > 255 then
44af84178cea mod_cloud_notify_encrypted: For encrypted messages, push a friendly message instead of fallback body
Matthew Wild <mwild1@gmail.com>
parents: 4467
diff changeset
96 body = body:sub(1, 255);
4651
8231774f5bfd mod_cloud_notify_encrypted: Ensure body substring remains valid UTF-8
Kim Alvefur <zash@zash.se>
parents: 4650
diff changeset
97 if not valid_utf8(body) then
8231774f5bfd mod_cloud_notify_encrypted: Ensure body substring remains valid UTF-8
Kim Alvefur <zash@zash.se>
parents: 4650
diff changeset
98 body = body:gsub("[\194-\244][\128-\191]*$", "");
8231774f5bfd mod_cloud_notify_encrypted: Ensure body substring remains valid UTF-8
Kim Alvefur <zash@zash.se>
parents: 4650
diff changeset
99 end
4650
44af84178cea mod_cloud_notify_encrypted: For encrypted messages, push a friendly message instead of fallback body
Matthew Wild <mwild1@gmail.com>
parents: 4467
diff changeset
100 end
4331
2e355540f8c8 mod_cloud_notify_encrypted: Truncate message body to 255 characters
Matthew Wild <mwild1@gmail.com>
parents: 4330
diff changeset
101 end
4327
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
102
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
103 local push_payload = {
4330
e655581173be mod_cloud_notify_encrypted: Fixes to the push notification syntax and payload
Matthew Wild <mwild1@gmail.com>
parents: 4329
diff changeset
104 unread = tonumber(push_summary["message-count"]) or 1;
e655581173be mod_cloud_notify_encrypted: Fixes to the push notification syntax and payload
Matthew Wild <mwild1@gmail.com>
parents: 4329
diff changeset
105 sender = jid.bare(original_stanza.attr.from);
e655581173be mod_cloud_notify_encrypted: Fixes to the push notification syntax and payload
Matthew Wild <mwild1@gmail.com>
parents: 4329
diff changeset
106 message = body;
4327
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
107 };
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
108
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
109 if original_stanza.name == "message" then
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
110 if original_stanza.attr.type == "groupchat" then
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
111 push_payload.type = "groupchat";
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
112 push_payload.nickname = jid.resource(original_stanza.attr.from);
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
113 elseif original_stanza.attr.type ~= "error" then
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
114 local jmi_propose = original_stanza:get_child("propose", xmlns_jmi);
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
115 if jmi_propose then
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
116 push_payload.type = "call";
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
117 push_payload.sid = jmi_propose.attr.id;
4456
8ed1989e99f9 mod_cloud_notify_encrypted: Update to latest spec, fixes unreliable call notifications
Matthew Wild <mwild1@gmail.com>
parents: 4373
diff changeset
118 local media_types = set.new();
4465
2a7a76712e71 mod_cloud_notify_encrypted: Fix expected namespace of JMI description element
Matthew Wild <mwild1@gmail.com>
parents: 4457
diff changeset
119 for description in jmi_propose:childtags("description", xmlns_jingle_apps_rtp) do
4456
8ed1989e99f9 mod_cloud_notify_encrypted: Update to latest spec, fixes unreliable call notifications
Matthew Wild <mwild1@gmail.com>
parents: 4373
diff changeset
120 local media_type = description.attr.media;
8ed1989e99f9 mod_cloud_notify_encrypted: Update to latest spec, fixes unreliable call notifications
Matthew Wild <mwild1@gmail.com>
parents: 4373
diff changeset
121 if media_type then
8ed1989e99f9 mod_cloud_notify_encrypted: Update to latest spec, fixes unreliable call notifications
Matthew Wild <mwild1@gmail.com>
parents: 4373
diff changeset
122 media_types:add(media_type);
8ed1989e99f9 mod_cloud_notify_encrypted: Update to latest spec, fixes unreliable call notifications
Matthew Wild <mwild1@gmail.com>
parents: 4373
diff changeset
123 end
8ed1989e99f9 mod_cloud_notify_encrypted: Update to latest spec, fixes unreliable call notifications
Matthew Wild <mwild1@gmail.com>
parents: 4373
diff changeset
124 end
8ed1989e99f9 mod_cloud_notify_encrypted: Update to latest spec, fixes unreliable call notifications
Matthew Wild <mwild1@gmail.com>
parents: 4373
diff changeset
125 push_payload.media = array.collect(media_types:items());
4466
38bd4d557413 mod_cloud_notify_encrypted: Include full JID of sender with call notifications, per spec
Matthew Wild <mwild1@gmail.com>
parents: 4465
diff changeset
126 push_payload.sender = original_stanza.attr.from;
4327
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
127 else
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
128 push_payload.type = "chat";
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
129 end
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
130 end
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
131 elseif original_stanza.name == "presence"
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
132 and original_stanza.attr.type == "subscribe" then
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
133 push_payload.type = "subscribe";
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
134 end
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
135
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
136 local iv = random.bytes(12);
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
137 local key_binary = base64.decode(encryption.key_base64);
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
138 local push_json = json.encode(push_payload);
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
139
6220
c83bfcc6ac0a mod_cloud_notify_encrypted: Use new 'util.crypto' on Prosody 13.0
Kim Alvefur <zash@zash.se>
parents: 5952
diff changeset
140 local encrypted_payload = base64.encode(crypto.aes_128_gcm_encrypt(key_binary, iv, push_json));
4327
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
141 local encrypted_element = st.stanza("encrypted", { xmlns = xmlns_push_encrypt, iv = base64.encode(iv) })
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
142 :text(encrypted_payload);
4456
8ed1989e99f9 mod_cloud_notify_encrypted: Update to latest spec, fixes unreliable call notifications
Matthew Wild <mwild1@gmail.com>
parents: 4373
diff changeset
143 if push_payload.type == "call" then
4457
091d06c7d724 mod_cloud_notify_encrypted: Fix traceback (incorrect variable name)
Matthew Wild <mwild1@gmail.com>
parents: 4456
diff changeset
144 encrypted_element.attr.type = "voip";
4456
8ed1989e99f9 mod_cloud_notify_encrypted: Update to latest spec, fixes unreliable call notifications
Matthew Wild <mwild1@gmail.com>
parents: 4373
diff changeset
145 event.important = true;
8ed1989e99f9 mod_cloud_notify_encrypted: Update to latest spec, fixes unreliable call notifications
Matthew Wild <mwild1@gmail.com>
parents: 4373
diff changeset
146 end
4333
97f369745ec7 mod_cloud_notify_encrypted: Use new direct access to notification element
Matthew Wild <mwild1@gmail.com>
parents: 4331
diff changeset
147 -- Replace the unencrypted notification data with the encrypted one
97f369745ec7 mod_cloud_notify_encrypted: Use new direct access to notification element
Matthew Wild <mwild1@gmail.com>
parents: 4331
diff changeset
148 event.notification_payload
97f369745ec7 mod_cloud_notify_encrypted: Use new direct access to notification element
Matthew Wild <mwild1@gmail.com>
parents: 4331
diff changeset
149 :remove_children("x", "jabber:x:data")
97f369745ec7 mod_cloud_notify_encrypted: Use new direct access to notification element
Matthew Wild <mwild1@gmail.com>
parents: 4331
diff changeset
150 :add_child(encrypted_element);
5055
3b609eaf0db5 mod_cloud_notify_encrypted: Add debug logging when successfully encrypted
Matthew Wild <mwild1@gmail.com>
parents: 5054
diff changeset
151
3b609eaf0db5 mod_cloud_notify_encrypted: Add debug logging when successfully encrypted
Matthew Wild <mwild1@gmail.com>
parents: 5054
diff changeset
152 module:log("debug", "Encrypted '%s' push notification using %s", push_payload.type, encryption.algorithm);
4327
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
153 end
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
154
5952
2b80188448d1 mod_cloud_notify_encrypted: Add runtime dependency on mod_cloud_notify
Matthew Wild <mwild1@gmail.com>
parents: 5055
diff changeset
155 module:depends("cloud_notify");
4327
beb3342f1137 mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
156 module:hook("cloud_notify/registration", handle_register);
4456
8ed1989e99f9 mod_cloud_notify_encrypted: Update to latest spec, fixes unreliable call notifications
Matthew Wild <mwild1@gmail.com>
parents: 4373
diff changeset
157 module:hook("cloud_notify/push", handle_push, 1);