56 local push_summary = event.push_summary; |
56 local push_summary = event.push_summary; |
57 |
57 |
58 local original_stanza = event.original_stanza; |
58 local original_stanza = event.original_stanza; |
59 |
59 |
60 local push_payload = { |
60 local push_payload = { |
61 unread = push_summary["message-count"]; |
61 unread = tonumber(push_summary["message-count"]) or 1; |
62 sender = push_summary["last-message-sender"]; |
62 sender = jid.bare(original_stanza.attr.from); |
|
63 message = body; |
63 }; |
64 }; |
64 |
65 |
65 if original_stanza.name == "message" then |
66 if original_stanza.name == "message" then |
66 if original_stanza.attr.type == "groupchat" then |
67 if original_stanza.attr.type == "groupchat" then |
67 push_payload.type = "groupchat"; |
68 push_payload.type = "groupchat"; |
82 |
83 |
83 local iv = random.bytes(12); |
84 local iv = random.bytes(12); |
84 local key_binary = base64.decode(encryption.key_base64); |
85 local key_binary = base64.decode(encryption.key_base64); |
85 local push_json = json.encode(push_payload); |
86 local push_json = json.encode(push_payload); |
86 |
87 |
87 local encrypted_payload = ciphers.new("AES-128-GCM"):encrypt(key_binary, iv):final(push_json); |
88 -- FIXME: luaossl does not expose the EVP_CTRL_GCM_GET_TAG API, so we append 16 NUL bytes |
|
89 -- Siskin does not validate the tag anyway. |
|
90 local encrypted_payload = base64.encode(ciphers.new("AES-128-GCM"):encrypt(key_binary, iv):final(push_json)..string.rep("\0", 16)); |
88 local encrypted_element = st.stanza("encrypted", { xmlns = xmlns_push_encrypt, iv = base64.encode(iv) }) |
91 local encrypted_element = st.stanza("encrypted", { xmlns = xmlns_push_encrypt, iv = base64.encode(iv) }) |
89 :text(encrypted_payload); |
92 :text(encrypted_payload); |
90 -- Replace the unencrypted notification with the encrypted one |
93 -- Replace the unencrypted notification with the encrypted one |
91 event.notification_stanza |
94 event.notification_stanza |
92 :get_child("pubsub", "http://jabber.org/protocol/pubsub") |
95 :get_child("pubsub", "http://jabber.org/protocol/pubsub") |
93 :get_child("publish") |
96 :get_child("publish") |
94 :get_child("item") |
97 :get_child("item") |
95 :remove_children("notification", xmlns_push) |
98 :remove_children("notification", xmlns_push) |
96 :add_child(encrypted_element); |
99 :tag("notification", { xmlns = xmlns_push }) |
|
100 :add_child(encrypted_element) |
|
101 :up(); |
97 end |
102 end |
98 |
103 |
99 module:hook("cloud_notify/registration", handle_register); |
104 module:hook("cloud_notify/registration", handle_register); |
100 module:hook("cloud_notify/push", handle_push); |
105 module:hook("cloud_notify/push", handle_push); |