Skip to content

Commit

Permalink
Add support for OpenSSL 3
Browse files Browse the repository at this point in the history
Co-Authored-By: ClearlyClaire <ClearlyClaire@users.noreply.github.com>
Co-Authored-By: xfalcox <xfalcox@users.noreply.github.com>
  • Loading branch information
3 people committed Jan 5, 2023
1 parent f9e7f65 commit 7fa47ce
Show file tree
Hide file tree
Showing 4 changed files with 36 additions and 20 deletions.
3 changes: 1 addition & 2 deletions lib/web_push/encryption.rb
Original file line number Diff line number Diff line change
Expand Up @@ -10,8 +10,7 @@ def encrypt(message, p256dh, auth)
group_name = 'prime256v1'
salt = Random.new.bytes(16)

server = OpenSSL::PKey::EC.new(group_name)
server.generate_key
server = OpenSSL::PKey::EC.generate(group_name)
server_public_key_bn = server.public_key.to_bn

group = OpenSSL::PKey::EC::Group.new(group_name)
Expand Down
47 changes: 33 additions & 14 deletions lib/web_push/vapid_key.rb
Original file line number Diff line number Diff line change
Expand Up @@ -10,29 +10,22 @@ class VapidKey
# @return [WebPush::VapidKey] a VapidKey instance for the given public and private keys
def self.from_keys(public_key, private_key)
key = new
key.public_key = public_key
key.private_key = private_key

key.set_keys! public_key, private_key
key
end

# Create a VapidKey instance from pem encoded elliptic curve public and private keys
#
# @return [WebPush::VapidKey] a VapidKey instance for the given public and private keys
def self.from_pem(pem)
key = new
src = OpenSSL::PKey.read pem
key.curve.public_key = src.public_key
key.curve.private_key = src.private_key

key
new(OpenSSL::PKey.read(pem))
end

attr_reader :curve

def initialize
@curve = OpenSSL::PKey::EC.new('prime256v1')
@curve.generate_key
def initialize(pkey = nil)
@curve = pkey
@curve = OpenSSL::PKey::EC.generate('prime256v1') if @curve.nil?
end

# Retrieve the encoded elliptic curve public key for VAPID protocol
Expand All @@ -57,11 +50,37 @@ def private_key
end

def public_key=(key)
curve.public_key = OpenSSL::PKey::EC::Point.new(group, to_big_num(key))
set_keys! key, nil
end

def private_key=(key)
curve.private_key = to_big_num(key)
set_keys! nil, key
end

def set_keys!(public_key = nil, private_key = nil)
if public_key.nil?
public_key = curve.public_key
else
public_key = OpenSSL::PKey::EC::Point.new(group, to_big_num(public_key))
end

if private_key.nil?
private_key = curve.private_key
else
private_key = to_big_num(private_key)
end

asn1 = OpenSSL::ASN1::Sequence([
OpenSSL::ASN1::Integer.new(1),
# Not properly padded but OpenSSL doesn't mind
OpenSSL::ASN1::OctetString(private_key.to_s(2)),
OpenSSL::ASN1::ObjectId('prime256v1', 0, :EXPLICIT),
OpenSSL::ASN1::BitString(public_key.to_octet_string(:uncompressed), 1, :EXPLICIT),
])

der = asn1.to_der

@curve = OpenSSL::PKey::EC.new(der)
end

def curve_name
Expand Down
2 changes: 1 addition & 1 deletion lib/web_push/version.rb
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# frozen_string_literal: true

module WebPush
VERSION = '2.1.0'.freeze
VERSION = '3.0.0'.freeze
end
4 changes: 1 addition & 3 deletions spec/web_push/encryption_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -4,9 +4,7 @@
describe '#encrypt' do
let(:curve) do
group = 'prime256v1'
curve = OpenSSL::PKey::EC.new(group)
curve.generate_key
curve
OpenSSL::PKey::EC.generate(group)
end

let(:p256dh) do
Expand Down

0 comments on commit 7fa47ce

Please sign in to comment.