Fix MAC

helpers.js

@@ -214,16 +214,16 @@ function decryptWebsocketMessage(message) {
 		return;
 	}
 	var iv = CryptoJS.lib.WordArray.create(decodedMessage.subarray(1, 1 + 16));
-	var ciphertext = btoa(getString(decodedMessage.subarray(1 + 16, decodedMessage.length - 10)));
+	var ciphertext = decodedMessage.subarray(1 + 16, decodedMessage.length - 10);
 	var mac = CryptoJS.lib.WordArray.create(decodedMessage.subarray(decodedMessage.length - 10, decodedMessage.length));
 
 	var calculated_mac = CryptoJS.algo.HMAC.create(CryptoJS.algo.SHA256, mac_key);
 	calculated_mac.update(CryptoJS.enc.Latin1.parse(String.fromCharCode(1)));
 	calculated_mac.update(iv);
-	calculated_mac.update(ciphertext);
+	calculated_mac.update(CryptoJS.lib.WordArray.create(ciphertext));
 	calculated_mac = calculated_mac.finalize();
 
-	var plaintext = CryptoJS.AES.decrypt(ciphertext, aes_key, {iv: iv});//TODO: Does this throw on invalid padding?
+	var plaintext = CryptoJS.AES.decrypt(btoa(getString(ciphertext)), aes_key, {iv: iv});//TODO: Does this throw on invalid padding?
 
 	if (calculated_mac.toString(CryptoJS.enc.Hex).substring(0, 20) != mac.toString(CryptoJS.enc.Hex)) {
 		console.log("Got message with bad MAC");
@@ -318,14 +318,12 @@ function subscribeToPush(message_callback) {
 						try {
 							var plaintext = decryptWebsocketMessage(message.message);
 							var proto = decodeProtobuf(plaintext);
+
+							doAjax({call: 'push', httpType: 'PUT', urlParameters: '/' + message.id, do_auth: true});
+							message_callback(proto);
 						} catch (e) {
 							console.log("Error decoding message: " + e);
-							return;
 						}
-
-						doAjax({call: 'push', httpType: 'PUT', urlParameters: '/' + message.id, do_auth: true});
-
-						message_callback(proto);
 					},
 					onError: function(response) {
 						console.log('Server is down :(');