web-push 2.1.0 → 3.0.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (10) hide show
  1. checksums.yaml +4 -4
  2. data/.github/workflows/ci.yml +3 -2
  3. data/README.md +3 -1
  4. data/lib/web_push/encryption.rb +5 -5
  5. data/lib/web_push/vapid_key.rb +33 -14
  6. data/lib/web_push/version.rb +1 -1
  7. data/lib/web_push.rb +0 -1
  8. data/spec/web_push/encryption_spec.rb +4 -6
  9. data/web-push.gemspec +0 -1
  10. metadata +7 -21
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: bb622817a7125abd49993f92ef3555c51bb695da2f5613fff03ae9b64aff94ff
4
- data.tar.gz: bd014b310ddb76ed652bdf47668bad25251efa07835649702eaea8c595fa7856
3
+ metadata.gz: a688b354339ddf4f82d8febb54a2042bb432357dffd77a571c3c9212c107aa2f
4
+ data.tar.gz: 01060b2687a57217cafb2cf96b3925c6e2e39102daf6f796277d06d767ae6a0e
5
5
  SHA512:
6
- metadata.gz: 923ae3767467c3ceaabf74180c5b27f9297e2b16874f23bd76c557087ed30f05bc2e149034bb8aae5c586c535c03658742cfe6082c64f0e5de8a3265cd18e4f2
7
- data.tar.gz: e5158b056e50178ec282ce6314abe524a7c4954073ba3b70a65b52c9783a78050e96624a46b6f4127a0ac007a3e52fe756018326d4cfae9d2b95cca2c5df2c59
6
+ metadata.gz: 2386c18e4fef78c027b2a5dee6a1778dc82d43cf26dcf0468e83feb8ff972eca1b743c87d68612fffee8ea9feb05329bc4a06127599643de72d922b465aca776
7
+ data.tar.gz: b023139054b433c36d32d5a91465e8d0082231a6c7c2e8f0ff79825599457c28b57e51ffcabdf21e7fb03ab5e63a28750c00fddfea74204c3f8da640fd9ffe38
data/.github/workflows/ci.yml CHANGED
@@ -6,11 +6,12 @@ on:
6
6
  branches: [ master ]
7
7
  jobs:
8
8
  test:
9
- runs-on: ubuntu-latest
10
9
  strategy:
11
10
  fail-fast: false
12
11
  matrix:
13
- ruby-version: ['3.0', '3.1']
12
+ os: [ubuntu-20.04, ubuntu-22.04]
13
+ ruby-version: ['3.0', '3.1', '3.2']
14
+ runs-on: ${{ matrix.os }}
14
15
  steps:
15
16
  - uses: actions/checkout@v3
16
17
  - name: Set up Ruby
data/README.md CHANGED
@@ -5,6 +5,8 @@
5
5
 
6
6
  This gem makes it possible to send push messages to web browsers from Ruby backends using the [Web Push Protocol](https://datatracker.ietf.org/doc/html/rfc8030). It supports [Message Encryption for Web Push](https://datatracker.ietf.org/doc/html/rfc8291) and [VAPID](https://datatracker.ietf.org/doc/html/rfc8292).
7
7
 
8
+ **Note**: This is an open source gem for Web Push. If you want to send web push notifications from Ruby using Pushpad, you need to use another gem ([pushpad gem](https://github.com/pushpad/pushpad-ruby)).
9
+
8
10
  ## Installation
9
11
 
10
12
  Add this line to the Gemfile:
@@ -178,7 +180,7 @@ WebPush.payload_send(
178
180
  p256dh: "BO/aG9nYXNkZmFkc2ZmZHNmYWRzZmFl...",
179
181
  auth: "aW1hcmthcmFpa3V6ZQ==",
180
182
  vapid: {
181
- subject: "mailto:sender@example.com"
183
+ subject: "mailto:sender@example.com",
182
184
  pem: ENV['VAPID_KEYS']
183
185
  }
184
186
  )
data/lib/web_push/encryption.rb CHANGED
@@ -8,10 +8,10 @@ module WebPush
8
8
  assert_arguments(message, p256dh, auth)
9
9
 
10
10
  group_name = 'prime256v1'
11
+ hash = 'SHA256'
11
12
  salt = Random.new.bytes(16)
12
13
 
13
- server = OpenSSL::PKey::EC.new(group_name)
14
- server.generate_key
14
+ server = OpenSSL::PKey::EC.generate(group_name)
15
15
  server_public_key_bn = server.public_key.to_bn
16
16
 
17
17
  group = OpenSSL::PKey::EC::Group.new(group_name)
@@ -26,11 +26,11 @@ module WebPush
26
26
  content_encryption_key_info = "Content-Encoding: aes128gcm\0"
27
27
  nonce_info = "Content-Encoding: nonce\0"
28
28
 
29
- prk = HKDF.new(shared_secret, salt: client_auth_token, algorithm: 'SHA256', info: info).read(32)
29
+ prk = OpenSSL::KDF.hkdf(shared_secret, salt: client_auth_token, info: info, hash: hash, length: 32)
30
30
 
31
- content_encryption_key = HKDF.new(prk, salt: salt, info: content_encryption_key_info).read(16)
31
+ content_encryption_key = OpenSSL::KDF.hkdf(prk, salt: salt, info: content_encryption_key_info, hash: hash, length: 16)
32
32
 
33
- nonce = HKDF.new(prk, salt: salt, info: nonce_info).read(12)
33
+ nonce = OpenSSL::KDF.hkdf(prk, salt: salt, info: nonce_info, hash: hash, length: 12)
34
34
 
35
35
  ciphertext = encrypt_payload(message, content_encryption_key, nonce)
36
36
 
data/lib/web_push/vapid_key.rb CHANGED
@@ -10,9 +10,7 @@ module WebPush
10
10
  # @return [WebPush::VapidKey] a VapidKey instance for the given public and private keys
11
11
  def self.from_keys(public_key, private_key)
12
12
  key = new
13
- key.public_key = public_key
14
- key.private_key = private_key
15
-
13
+ key.set_keys! public_key, private_key
16
14
  key
17
15
  end
18
16
 
@@ -20,19 +18,14 @@ module WebPush
20
18
  #
21
19
  # @return [WebPush::VapidKey] a VapidKey instance for the given public and private keys
22
20
  def self.from_pem(pem)
23
- key = new
24
- src = OpenSSL::PKey.read pem
25
- key.curve.public_key = src.public_key
26
- key.curve.private_key = src.private_key
27
-
28
- key
21
+ new(OpenSSL::PKey.read(pem))
29
22
  end
30
23
 
31
24
  attr_reader :curve
32
25
 
33
- def initialize
34
- @curve = OpenSSL::PKey::EC.new('prime256v1')
35
- @curve.generate_key
26
+ def initialize(pkey = nil)
27
+ @curve = pkey
28
+ @curve = OpenSSL::PKey::EC.generate('prime256v1') if @curve.nil?
36
29
  end
37
30
 
38
31
  # Retrieve the encoded elliptic curve public key for VAPID protocol
@@ -57,11 +50,37 @@ module WebPush
57
50
  end
58
51
 
59
52
  def public_key=(key)
60
- curve.public_key = OpenSSL::PKey::EC::Point.new(group, to_big_num(key))
53
+ set_keys! key, nil
61
54
  end
62
55
 
63
56
  def private_key=(key)
64
- curve.private_key = to_big_num(key)
57
+ set_keys! nil, key
58
+ end
59
+
60
+ def set_keys!(public_key = nil, private_key = nil)
61
+ if public_key.nil?
62
+ public_key = curve.public_key
63
+ else
64
+ public_key = OpenSSL::PKey::EC::Point.new(group, to_big_num(public_key))
65
+ end
66
+
67
+ if private_key.nil?
68
+ private_key = curve.private_key
69
+ else
70
+ private_key = to_big_num(private_key)
71
+ end
72
+
73
+ asn1 = OpenSSL::ASN1::Sequence([
74
+ OpenSSL::ASN1::Integer.new(1),
75
+ # Not properly padded but OpenSSL doesn't mind
76
+ OpenSSL::ASN1::OctetString(private_key.to_s(2)),
77
+ OpenSSL::ASN1::ObjectId('prime256v1', 0, :EXPLICIT),
78
+ OpenSSL::ASN1::BitString(public_key.to_octet_string(:uncompressed), 1, :EXPLICIT),
79
+ ])
80
+
81
+ der = asn1.to_der
82
+
83
+ @curve = OpenSSL::PKey::EC.new(der)
65
84
  end
66
85
 
67
86
  def curve_name
data/lib/web_push/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module WebPush
4
- VERSION = '2.1.0'.freeze
4
+ VERSION = '3.0.1'.freeze
5
5
  end
data/lib/web_push.rb CHANGED
@@ -2,7 +2,6 @@
2
2
 
3
3
  require 'openssl'
4
4
  require 'base64'
5
- require 'hkdf'
6
5
  require 'jwt'
7
6
  require 'uri'
8
7
  require 'net/http'
data/spec/web_push/encryption_spec.rb CHANGED
@@ -4,9 +4,7 @@ describe WebPush::Encryption do
4
4
  describe '#encrypt' do
5
5
  let(:curve) do
6
6
  group = 'prime256v1'
7
- curve = OpenSSL::PKey::EC.new(group)
8
- curve.generate_key
9
- curve
7
+ OpenSSL::PKey::EC.generate(group)
10
8
  end
11
9
 
12
10
  let(:p256dh) do
@@ -67,10 +65,10 @@ describe WebPush::Encryption do
67
65
  content_encryption_key_info = "Content-Encoding: aes128gcm\0"
68
66
  nonce_info = "Content-Encoding: nonce\0"
69
67
 
70
- prk = HKDF.new(shared_secret, salt: client_auth_token, algorithm: 'SHA256', info: info).read(32)
68
+ prk = OpenSSL::KDF.hkdf(shared_secret, salt: client_auth_token, info: info, hash: 'SHA256', length: 32)
71
69
 
72
- content_encryption_key = HKDF.new(prk, salt: salt, info: content_encryption_key_info).read(16)
73
- nonce = HKDF.new(prk, salt: salt, info: nonce_info).read(12)
70
+ content_encryption_key = OpenSSL::KDF.hkdf(prk, salt: salt, info: content_encryption_key_info, hash: 'SHA256', length: 16)
71
+ nonce = OpenSSL::KDF.hkdf(prk, salt: salt, info: nonce_info, hash: 'SHA256', length: 12)
74
72
 
75
73
  decrypt_ciphertext(ciphertext, content_encryption_key, nonce)
76
74
  end
data/web-push.gemspec CHANGED
@@ -14,7 +14,6 @@ Gem::Specification.new do |spec|
14
14
 
15
15
  spec.required_ruby_version = '>= 3.0'
16
16
 
17
- spec.add_dependency 'hkdf', '~> 1.0'
18
17
  spec.add_dependency 'jwt', '~> 2.0'
19
18
  spec.add_dependency 'openssl', '~> 3.0'
20
19
 
metadata CHANGED
@@ -1,30 +1,16 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: web-push
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.1.0
4
+ version: 3.0.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - zaru
8
8
  - collimarco
9
- autorequire:
9
+ autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2022-11-28 00:00:00.000000000 Z
12
+ date: 2023-11-13 00:00:00.000000000 Z
13
13
  dependencies:
14
- - !ruby/object:Gem::Dependency
15
- name: hkdf
16
- requirement: !ruby/object:Gem::Requirement
17
- requirements:
18
- - - "~>"
19
- - !ruby/object:Gem::Version
20
- version: '1.0'
21
- type: :runtime
22
- prerelease: false
23
- version_requirements: !ruby/object:Gem::Requirement
24
- requirements:
25
- - - "~>"
26
- - !ruby/object:Gem::Version
27
- version: '1.0'
28
14
  - !ruby/object:Gem::Dependency
29
15
  name: jwt
30
16
  requirement: !ruby/object:Gem::Requirement
@@ -95,7 +81,7 @@ dependencies:
95
81
  - - "~>"
96
82
  - !ruby/object:Gem::Version
97
83
  version: '3.0'
98
- description:
84
+ description:
99
85
  email:
100
86
  - support@pushpad.xyz
101
87
  executables: []
@@ -124,7 +110,7 @@ homepage: https://github.com/pushpad/web-push
124
110
  licenses:
125
111
  - MIT
126
112
  metadata: {}
127
- post_install_message:
113
+ post_install_message:
128
114
  rdoc_options: []
129
115
  require_paths:
130
116
  - lib
@@ -139,8 +125,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
139
125
  - !ruby/object:Gem::Version
140
126
  version: '0'
141
127
  requirements: []
142
- rubygems_version: 3.3.26
143
- signing_key:
128
+ rubygems_version: 3.0.3.1
129
+ signing_key:
144
130
  specification_version: 4
145
131
  summary: Web Push library for Ruby (RFC8030)
146
132
  test_files: []