Changeset

4330:e655581173be

mod_cloud_notify_encrypted: Fixes to the push notification syntax and payload
author Matthew Wild <mwild1@gmail.com>
date Wed, 13 Jan 2021 14:18:24 +0000
parents 4329:2a5164162708
children 4331:2e355540f8c8
files mod_cloud_notify_encrypted/mod_cloud_notify_encrypted.lua
diffstat 1 files changed, 9 insertions(+), 4 deletions(-) [+]
line wrap: on
line diff
--- a/mod_cloud_notify_encrypted/mod_cloud_notify_encrypted.lua	Wed Jan 13 14:15:38 2021 +0000
+++ b/mod_cloud_notify_encrypted/mod_cloud_notify_encrypted.lua	Wed Jan 13 14:18:24 2021 +0000
@@ -58,8 +58,9 @@
 	local original_stanza = event.original_stanza;
 
 	local push_payload = {
-		unread = push_summary["message-count"];
-		sender = push_summary["last-message-sender"];
+		unread = tonumber(push_summary["message-count"]) or 1;
+		sender = jid.bare(original_stanza.attr.from);
+		message = body;
 	};
 
 	if original_stanza.name == "message" then
@@ -84,7 +85,9 @@
 	local key_binary = base64.decode(encryption.key_base64);
 	local push_json = json.encode(push_payload);
 
-	local encrypted_payload = ciphers.new("AES-128-GCM"):encrypt(key_binary, iv):final(push_json);
+	-- FIXME: luaossl does not expose the EVP_CTRL_GCM_GET_TAG API, so we append 16 NUL bytes
+	-- Siskin does not validate the tag anyway.
+	local encrypted_payload = base64.encode(ciphers.new("AES-128-GCM"):encrypt(key_binary, iv):final(push_json)..string.rep("\0", 16));
 	local encrypted_element = st.stanza("encrypted", { xmlns = xmlns_push_encrypt, iv = base64.encode(iv) })
 		:text(encrypted_payload);
 	-- Replace the unencrypted notification with the encrypted one
@@ -93,7 +96,9 @@
 		:get_child("publish")
 		:get_child("item")
 		:remove_children("notification", xmlns_push)
-		:add_child(encrypted_element);
+		:tag("notification", { xmlns = xmlns_push })
+			:add_child(encrypted_element)
+			:up();
 end
 
 module:hook("cloud_notify/registration", handle_register);