#1794 mod_cloud_notify_encrypted does not encrypt outbound push notifications: 'invalid cipher type'
Reporter
Alan
Owner
Nobody
Created
Updated
Stars
★ (1)
Tags
Type-Defect
Status-New
Priority-Medium
Alan
on
Latest revision (3b609eaf0db5) of mod_cloud_notify_encrypted produces an error when sending push notification to a client. Client uses Siskin so push notification encryption is required. No push notification is sent because this module fails to encrypt the payload.
Error in prosody.log:
REDACTED:cloud_notify debug Sending important push notification for REDACTED to push.tigase.im (REDACTED)
runnerskg254ZojBvr debug changed state from ready to error (ready)
c2sda15b81dc40 error Traceback[c2s]: ...tom_plugins/share/lua/5.3/mod_cloud_notify_encrypted.lua:132: bad argument #1 to 'new' (AES-128-GCM: invalid cipher type)
stack traceback:
[C]: in function '_openssl.cipher.new'
...tom_plugins/share/lua/5.3/mod_cloud_notify_encrypted.lua:132: in field '?'
/usr/local/lib/prosody/util/events.lua:81: in function </usr/local/lib/prosody/util/events.lua:77>
(...tail calls...)
...rosody/custom_plugins/share/lua/5.3/mod_cloud_notify.lua:409: in upvalue 'handle_notify_request'
...rosody/custom_plugins/share/lua/5.3/mod_cloud_notify.lua:440: in field '?'
/usr/local/lib/prosody/util/events.lua:81: in function </usr/local/lib/prosody/util/events.lua:77>
(...tail calls...)
/usr/local/lib/prosody/modules/mod_message.lua:60: in function </usr/local/lib/prosody/modules/mod_message.lua:18>
(...tail calls...)
/usr/local/lib/prosody/util/events.lua:81: in function </usr/local/lib/prosody/util/events.lua:77>
(...tail calls...)
/usr/local/lib/prosody/core/stanza_router.lua:188: in upvalue 'core_post_stanza'
/usr/local/lib/prosody/core/stanza_router.lua:128: in upvalue 'core_process_stanza'
/usr/local/lib/prosody/modules/mod_c2s.lua:326: in upvalue 'func'
/usr/local/lib/prosody/util/async.lua:144: in function </usr/local/lib/prosody/util/async.lua:142>
This happens because upper case argument is not allowed. I made a patch and tested it on Prosody 0.12.2 running on OpenBSD 7.2 with Lua 5.3 and LibreSSL 3.6.0.
Proposed patch:
@@ -126,13 +126,13 @@
local iv = random.bytes(12);
local key_binary = base64.decode(encryption.key_base64);
local push_json = json.encode(push_payload);
-- FIXME: luaossl does not expose the EVP_CTRL_GCM_GET_TAG API, so we append 16 NUL bytes
-- Siskin does not validate the tag anyway.
- local encrypted_payload = base64.encode(ciphers.new("AES-128-GCM"):encrypt(key_binary, iv):final(push_json)..string.rep("\0", 16));
+ local encrypted_payload = base64.encode(ciphers.new("aes-128-gcm"):encrypt(key_binary, iv):final(push_json)..string.rep("\0", 16));
local encrypted_element = st.stanza("encrypted", { xmlns = xmlns_push_encrypt, iv = base64.encode(iv) })
:text(encrypted_payload);
if push_payload.type == "call" then
encrypted_element.attr.type = "voip";
event.important = true;
end
prosody.log after applying the patch:
REDACTED:cloud_notify debug Sending important push notification for REDACTED to push.tigase.im (REDACTED)
REDACTED:cloud_notify_encrypted debug Encrypted 'chat' push notification using aes-128-gcm
mod_s2s debug opening a new outgoing connection for this stanza
Latest revision (3b609eaf0db5) of mod_cloud_notify_encrypted produces an error when sending push notification to a client. Client uses Siskin so push notification encryption is required. No push notification is sent because this module fails to encrypt the payload. Error in prosody.log: REDACTED:cloud_notify debug Sending important push notification for REDACTED to push.tigase.im (REDACTED) runnerskg254ZojBvr debug changed state from ready to error (ready) c2sda15b81dc40 error Traceback[c2s]: ...tom_plugins/share/lua/5.3/mod_cloud_notify_encrypted.lua:132: bad argument #1 to 'new' (AES-128-GCM: invalid cipher type) stack traceback: [C]: in function '_openssl.cipher.new' ...tom_plugins/share/lua/5.3/mod_cloud_notify_encrypted.lua:132: in field '?' /usr/local/lib/prosody/util/events.lua:81: in function </usr/local/lib/prosody/util/events.lua:77> (...tail calls...) ...rosody/custom_plugins/share/lua/5.3/mod_cloud_notify.lua:409: in upvalue 'handle_notify_request' ...rosody/custom_plugins/share/lua/5.3/mod_cloud_notify.lua:440: in field '?' /usr/local/lib/prosody/util/events.lua:81: in function </usr/local/lib/prosody/util/events.lua:77> (...tail calls...) /usr/local/lib/prosody/modules/mod_message.lua:60: in function </usr/local/lib/prosody/modules/mod_message.lua:18> (...tail calls...) /usr/local/lib/prosody/util/events.lua:81: in function </usr/local/lib/prosody/util/events.lua:77> (...tail calls...) /usr/local/lib/prosody/core/stanza_router.lua:188: in upvalue 'core_post_stanza' /usr/local/lib/prosody/core/stanza_router.lua:128: in upvalue 'core_process_stanza' /usr/local/lib/prosody/modules/mod_c2s.lua:326: in upvalue 'func' /usr/local/lib/prosody/util/async.lua:144: in function </usr/local/lib/prosody/util/async.lua:142> This happens because upper case argument is not allowed. I made a patch and tested it on Prosody 0.12.2 running on OpenBSD 7.2 with Lua 5.3 and LibreSSL 3.6.0. Proposed patch: @@ -126,13 +126,13 @@ local iv = random.bytes(12); local key_binary = base64.decode(encryption.key_base64); local push_json = json.encode(push_payload); -- FIXME: luaossl does not expose the EVP_CTRL_GCM_GET_TAG API, so we append 16 NUL bytes -- Siskin does not validate the tag anyway. - local encrypted_payload = base64.encode(ciphers.new("AES-128-GCM"):encrypt(key_binary, iv):final(push_json)..string.rep("\0", 16)); + local encrypted_payload = base64.encode(ciphers.new("aes-128-gcm"):encrypt(key_binary, iv):final(push_json)..string.rep("\0", 16)); local encrypted_element = st.stanza("encrypted", { xmlns = xmlns_push_encrypt, iv = base64.encode(iv) }) :text(encrypted_payload); if push_payload.type == "call" then encrypted_element.attr.type = "voip"; event.important = true; end prosody.log after applying the patch: REDACTED:cloud_notify debug Sending important push notification for REDACTED to push.tigase.im (REDACTED) REDACTED:cloud_notify_encrypted debug Encrypted 'chat' push notification using aes-128-gcm mod_s2s debug opening a new outgoing connection for this stanza