Mercurial Mercurial > prosody > prosody-modules / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_cloud_notify_encrypted/mod_cloud_notify_encrypted.lua
changeset 4334 e655581173be
parent 4333 2a5164162708
child 4335 2e355540f8c8
equal deleted inserted replaced
4333:2a5164162708 4334:e655581173be 
    56 	local push_summary = event.push_summary;
 
    56 	local push_summary = event.push_summary;
 
    57 
    57 
    58 	local original_stanza = event.original_stanza;
 
    58 	local original_stanza = event.original_stanza;
 
    59 
    59 
    60 	local push_payload = {
 
    60 	local push_payload = {
 
    61 		unread = push_summary["message-count"];
 
    61 		unread = tonumber(push_summary["message-count"]) or 1;
 
    62 		sender = push_summary["last-message-sender"];
 
    62 		sender = jid.bare(original_stanza.attr.from);
 
       
    63 		message = body;
 
    63 	};
 
    64 	};
 
    64 
    65 
    65 	if original_stanza.name == "message" then
 
    66 	if original_stanza.name == "message" then
 
    66 		if original_stanza.attr.type == "groupchat" then
 
    67 		if original_stanza.attr.type == "groupchat" then
 
    67 			push_payload.type = "groupchat";
 
    68 			push_payload.type = "groupchat";
 
    82 
    83 
    83 	local iv = random.bytes(12);
 
    84 	local iv = random.bytes(12);
 
    84 	local key_binary = base64.decode(encryption.key_base64);
 
    85 	local key_binary = base64.decode(encryption.key_base64);
 
    85 	local push_json = json.encode(push_payload);
 
    86 	local push_json = json.encode(push_payload);
 
    86 
    87 
    87 	local encrypted_payload = ciphers.new("AES-128-GCM"):encrypt(key_binary, iv):final(push_json);
 
    88 	-- FIXME: luaossl does not expose the EVP_CTRL_GCM_GET_TAG API, so we append 16 NUL bytes
 
       
    89 	-- Siskin does not validate the tag anyway.
 
       
    90 	local encrypted_payload = base64.encode(ciphers.new("AES-128-GCM"):encrypt(key_binary, iv):final(push_json)..string.rep("\0", 16));
 
    88 	local encrypted_element = st.stanza("encrypted", { xmlns = xmlns_push_encrypt, iv = base64.encode(iv) })
 
    91 	local encrypted_element = st.stanza("encrypted", { xmlns = xmlns_push_encrypt, iv = base64.encode(iv) })
 
    89 		:text(encrypted_payload);
 
    92 		:text(encrypted_payload);
 
    90 	-- Replace the unencrypted notification with the encrypted one
 
    93 	-- Replace the unencrypted notification with the encrypted one
 
    91 	event.notification_stanza
 
    94 	event.notification_stanza
 
    92 		:get_child("pubsub", "http://jabber.org/protocol/pubsub")
 
    95 		:get_child("pubsub", "http://jabber.org/protocol/pubsub")
 
    93 		:get_child("publish")
 
    96 		:get_child("publish")
 
    94 		:get_child("item")
 
    97 		:get_child("item")
 
    95 		:remove_children("notification", xmlns_push)
 
    98 		:remove_children("notification", xmlns_push)
 
    96 		:add_child(encrypted_element);
 
    99 		:tag("notification", { xmlns = xmlns_push })
 
       
   100 			:add_child(encrypted_element)
 
       
   101 			:up();
 
    97 end
 
   102 end
 
    98 
   103 
    99 module:hook("cloud_notify/registration", handle_register);
 
   104 module:hook("cloud_notify/registration", handle_register);
 
   100 module:hook("cloud_notify/push", handle_push);
 
   105 module:hook("cloud_notify/push", handle_push);
prosody-modules