web-push 2.0.0 → 3.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 0ce88ebd076b697f1933784607d0e7d743e66c0fe2a3522b2d91fbf8f7d674b4
-  data.tar.gz: b8eede6dba32f1933ab8ea706dd27dcc7d54fcc2a1bafb6c63249accc2e335f5
+  metadata.gz: c8a683629bc333d1f987fc867dd05b4d0af39179e94cc8dc7c9742dbaddd4c45
+  data.tar.gz: 1c86dcbfcbec2791df28c45c2dff656ca8385b5a3fb75d900fb731e7472887f9
 SHA512:
-  metadata.gz: 8cfedadf6aa0335ac451df3b47358b801802aed8e81f49ab869826eef67ff64bb06950095fd8764c259b37165dd5cdd7537521f23957cde359bb41e14661f53d
-  data.tar.gz: 8cb1d4e8711c0356dd22b10befaf535cbe9fbc3878bb18414f708dfa378472f2728d576641831822c63928320c10b79ded83cc888542280a9161eb83b194df86
+  metadata.gz: 8e33057f0c869ea54dd952f5b937fe6ca01c49a7d82549a7563fd4b148a315eba627d791f5c39d844834b2418466b21f7c58ae382c310fdc339b1560be508234
+  data.tar.gz: 813fc19fb5939a5318409ac30651d31050d22e006213305e549899b109cde83ddcc3dfac17a7d1c1abc016ebc6dbb3235f17fd049eff96738be4e2832be55917

data/.github/workflows/ci.yml

@@ -6,11 +6,12 @@ on:
     branches: [ master ]
 jobs:
   test:
-    runs-on: ubuntu-latest
     strategy:
       fail-fast: false
       matrix:
-        ruby-version: ['3.0', '3.1']
+        os: [ubuntu-20.04, ubuntu-22.04]
+        ruby-version: ['3.0', '3.1', '3.2']
+    runs-on: ${{ matrix.os }}
     steps:
     - uses: actions/checkout@v3
     - name: Set up Ruby

data/lib/web_push/encryption.rb

@@ -10,8 +10,7 @@ module WebPush
       group_name = 'prime256v1'
       salt = Random.new.bytes(16)
 
-      server = OpenSSL::PKey::EC.new(group_name)
-      server.generate_key
+      server = OpenSSL::PKey::EC.generate(group_name)
       server_public_key_bn = server.public_key.to_bn
 
       group = OpenSSL::PKey::EC::Group.new(group_name)

data/lib/web_push/vapid_key.rb

@@ -10,9 +10,7 @@ module WebPush
     # @return [WebPush::VapidKey] a VapidKey instance for the given public and private keys
     def self.from_keys(public_key, private_key)
       key = new
-      key.public_key = public_key
-      key.private_key = private_key
-
+      key.set_keys! public_key, private_key
       key
     end
 
@@ -20,19 +18,14 @@ module WebPush
     #
     # @return [WebPush::VapidKey] a VapidKey instance for the given public and private keys
     def self.from_pem(pem)
-      key = new
-      src = OpenSSL::PKey.read pem
-      key.curve.public_key = src.public_key
-      key.curve.private_key = src.private_key
-
-      key
+      new(OpenSSL::PKey.read(pem))
     end
 
     attr_reader :curve
 
-    def initialize
-      @curve = OpenSSL::PKey::EC.new('prime256v1')
-      @curve.generate_key
+    def initialize(pkey = nil)
+      @curve = pkey
+      @curve = OpenSSL::PKey::EC.generate('prime256v1') if @curve.nil?
     end
 
     # Retrieve the encoded elliptic curve public key for VAPID protocol
@@ -57,11 +50,37 @@ module WebPush
     end
 
     def public_key=(key)
-      curve.public_key = OpenSSL::PKey::EC::Point.new(group, to_big_num(key))
+      set_keys! key, nil
     end
 
     def private_key=(key)
-      curve.private_key = to_big_num(key)
+      set_keys! nil, key
+    end
+    
+    def set_keys!(public_key = nil, private_key = nil)
+      if public_key.nil?
+        public_key = curve.public_key
+      else
+        public_key = OpenSSL::PKey::EC::Point.new(group, to_big_num(public_key))
+      end
+
+      if private_key.nil?
+        private_key = curve.private_key
+      else
+        private_key = to_big_num(private_key)
+      end
+
+      asn1 = OpenSSL::ASN1::Sequence([
+        OpenSSL::ASN1::Integer.new(1),
+        # Not properly padded but OpenSSL doesn't mind
+        OpenSSL::ASN1::OctetString(private_key.to_s(2)),
+        OpenSSL::ASN1::ObjectId('prime256v1', 0, :EXPLICIT),
+        OpenSSL::ASN1::BitString(public_key.to_octet_string(:uncompressed), 1, :EXPLICIT),
+      ])
+
+      der = asn1.to_der
+
+      @curve = OpenSSL::PKey::EC.new(der)
     end
 
     def curve_name

data/lib/web_push/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module WebPush
-  VERSION = '2.0.0'.freeze
+  VERSION = '3.0.0'.freeze
 end

data/spec/web_push/encryption_spec.rb

@@ -4,9 +4,7 @@ describe WebPush::Encryption do
   describe '#encrypt' do
     let(:curve) do
       group = 'prime256v1'
-      curve = OpenSSL::PKey::EC.new(group)
-      curve.generate_key
-      curve
+      OpenSSL::PKey::EC.generate(group)
     end
 
     let(:p256dh) do

data/web-push.gemspec

@@ -16,7 +16,7 @@ Gem::Specification.new do |spec|
 
   spec.add_dependency 'hkdf', '~> 1.0'
   spec.add_dependency 'jwt', '~> 2.0'
-  spec.add_dependency 'openssl', '~> 2.2'
+  spec.add_dependency 'openssl', '~> 3.0'
 
   spec.add_development_dependency 'rspec', '~> 3.0'
   spec.add_development_dependency 'simplecov', '~> 0.0'

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: web-push
 version: !ruby/object:Gem::Version
-  version: 2.0.0
+  version: 3.0.0
 platform: ruby
 authors:
 - zaru
@@ -9,7 +9,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-11-27 00:00:00.000000000 Z
+date: 2023-01-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: hkdf
@@ -45,14 +45,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.2'
+        version: '3.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.2'
+        version: '3.0'
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
@@ -139,7 +139,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.3.26
+rubygems_version: 3.4.1
 signing_key:
 specification_version: 4
 summary: Web Push library for Ruby (RFC8030)