web-push 2.1.0 → 3.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.github/workflows/ci.yml +3 -2
- data/README.md +3 -1
- data/lib/web_push/encryption.rb +5 -5
- data/lib/web_push/vapid_key.rb +33 -14
- data/lib/web_push/version.rb +1 -1
- data/lib/web_push.rb +0 -1
- data/spec/web_push/encryption_spec.rb +4 -6
- data/web-push.gemspec +0 -1
- metadata +7 -21
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: a688b354339ddf4f82d8febb54a2042bb432357dffd77a571c3c9212c107aa2f
|
|
4
|
+
data.tar.gz: 01060b2687a57217cafb2cf96b3925c6e2e39102daf6f796277d06d767ae6a0e
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 2386c18e4fef78c027b2a5dee6a1778dc82d43cf26dcf0468e83feb8ff972eca1b743c87d68612fffee8ea9feb05329bc4a06127599643de72d922b465aca776
|
|
7
|
+
data.tar.gz: b023139054b433c36d32d5a91465e8d0082231a6c7c2e8f0ff79825599457c28b57e51ffcabdf21e7fb03ab5e63a28750c00fddfea74204c3f8da640fd9ffe38
|
data/.github/workflows/ci.yml
CHANGED
|
@@ -6,11 +6,12 @@ on:
|
|
|
6
6
|
branches: [ master ]
|
|
7
7
|
jobs:
|
|
8
8
|
test:
|
|
9
|
-
runs-on: ubuntu-latest
|
|
10
9
|
strategy:
|
|
11
10
|
fail-fast: false
|
|
12
11
|
matrix:
|
|
13
|
-
|
|
12
|
+
os: [ubuntu-20.04, ubuntu-22.04]
|
|
13
|
+
ruby-version: ['3.0', '3.1', '3.2']
|
|
14
|
+
runs-on: ${{ matrix.os }}
|
|
14
15
|
steps:
|
|
15
16
|
- uses: actions/checkout@v3
|
|
16
17
|
- name: Set up Ruby
|
data/README.md
CHANGED
|
@@ -5,6 +5,8 @@
|
|
|
5
5
|
|
|
6
6
|
This gem makes it possible to send push messages to web browsers from Ruby backends using the [Web Push Protocol](https://datatracker.ietf.org/doc/html/rfc8030). It supports [Message Encryption for Web Push](https://datatracker.ietf.org/doc/html/rfc8291) and [VAPID](https://datatracker.ietf.org/doc/html/rfc8292).
|
|
7
7
|
|
|
8
|
+
**Note**: This is an open source gem for Web Push. If you want to send web push notifications from Ruby using Pushpad, you need to use another gem ([pushpad gem](https://github.com/pushpad/pushpad-ruby)).
|
|
9
|
+
|
|
8
10
|
## Installation
|
|
9
11
|
|
|
10
12
|
Add this line to the Gemfile:
|
|
@@ -178,7 +180,7 @@ WebPush.payload_send(
|
|
|
178
180
|
p256dh: "BO/aG9nYXNkZmFkc2ZmZHNmYWRzZmFl...",
|
|
179
181
|
auth: "aW1hcmthcmFpa3V6ZQ==",
|
|
180
182
|
vapid: {
|
|
181
|
-
subject: "mailto:sender@example.com"
|
|
183
|
+
subject: "mailto:sender@example.com",
|
|
182
184
|
pem: ENV['VAPID_KEYS']
|
|
183
185
|
}
|
|
184
186
|
)
|
data/lib/web_push/encryption.rb
CHANGED
|
@@ -8,10 +8,10 @@ module WebPush
|
|
|
8
8
|
assert_arguments(message, p256dh, auth)
|
|
9
9
|
|
|
10
10
|
group_name = 'prime256v1'
|
|
11
|
+
hash = 'SHA256'
|
|
11
12
|
salt = Random.new.bytes(16)
|
|
12
13
|
|
|
13
|
-
server = OpenSSL::PKey::EC.
|
|
14
|
-
server.generate_key
|
|
14
|
+
server = OpenSSL::PKey::EC.generate(group_name)
|
|
15
15
|
server_public_key_bn = server.public_key.to_bn
|
|
16
16
|
|
|
17
17
|
group = OpenSSL::PKey::EC::Group.new(group_name)
|
|
@@ -26,11 +26,11 @@ module WebPush
|
|
|
26
26
|
content_encryption_key_info = "Content-Encoding: aes128gcm\0"
|
|
27
27
|
nonce_info = "Content-Encoding: nonce\0"
|
|
28
28
|
|
|
29
|
-
prk =
|
|
29
|
+
prk = OpenSSL::KDF.hkdf(shared_secret, salt: client_auth_token, info: info, hash: hash, length: 32)
|
|
30
30
|
|
|
31
|
-
content_encryption_key =
|
|
31
|
+
content_encryption_key = OpenSSL::KDF.hkdf(prk, salt: salt, info: content_encryption_key_info, hash: hash, length: 16)
|
|
32
32
|
|
|
33
|
-
nonce =
|
|
33
|
+
nonce = OpenSSL::KDF.hkdf(prk, salt: salt, info: nonce_info, hash: hash, length: 12)
|
|
34
34
|
|
|
35
35
|
ciphertext = encrypt_payload(message, content_encryption_key, nonce)
|
|
36
36
|
|
data/lib/web_push/vapid_key.rb
CHANGED
|
@@ -10,9 +10,7 @@ module WebPush
|
|
|
10
10
|
# @return [WebPush::VapidKey] a VapidKey instance for the given public and private keys
|
|
11
11
|
def self.from_keys(public_key, private_key)
|
|
12
12
|
key = new
|
|
13
|
-
key.public_key
|
|
14
|
-
key.private_key = private_key
|
|
15
|
-
|
|
13
|
+
key.set_keys! public_key, private_key
|
|
16
14
|
key
|
|
17
15
|
end
|
|
18
16
|
|
|
@@ -20,19 +18,14 @@ module WebPush
|
|
|
20
18
|
#
|
|
21
19
|
# @return [WebPush::VapidKey] a VapidKey instance for the given public and private keys
|
|
22
20
|
def self.from_pem(pem)
|
|
23
|
-
|
|
24
|
-
src = OpenSSL::PKey.read pem
|
|
25
|
-
key.curve.public_key = src.public_key
|
|
26
|
-
key.curve.private_key = src.private_key
|
|
27
|
-
|
|
28
|
-
key
|
|
21
|
+
new(OpenSSL::PKey.read(pem))
|
|
29
22
|
end
|
|
30
23
|
|
|
31
24
|
attr_reader :curve
|
|
32
25
|
|
|
33
|
-
def initialize
|
|
34
|
-
@curve =
|
|
35
|
-
@curve.
|
|
26
|
+
def initialize(pkey = nil)
|
|
27
|
+
@curve = pkey
|
|
28
|
+
@curve = OpenSSL::PKey::EC.generate('prime256v1') if @curve.nil?
|
|
36
29
|
end
|
|
37
30
|
|
|
38
31
|
# Retrieve the encoded elliptic curve public key for VAPID protocol
|
|
@@ -57,11 +50,37 @@ module WebPush
|
|
|
57
50
|
end
|
|
58
51
|
|
|
59
52
|
def public_key=(key)
|
|
60
|
-
|
|
53
|
+
set_keys! key, nil
|
|
61
54
|
end
|
|
62
55
|
|
|
63
56
|
def private_key=(key)
|
|
64
|
-
|
|
57
|
+
set_keys! nil, key
|
|
58
|
+
end
|
|
59
|
+
|
|
60
|
+
def set_keys!(public_key = nil, private_key = nil)
|
|
61
|
+
if public_key.nil?
|
|
62
|
+
public_key = curve.public_key
|
|
63
|
+
else
|
|
64
|
+
public_key = OpenSSL::PKey::EC::Point.new(group, to_big_num(public_key))
|
|
65
|
+
end
|
|
66
|
+
|
|
67
|
+
if private_key.nil?
|
|
68
|
+
private_key = curve.private_key
|
|
69
|
+
else
|
|
70
|
+
private_key = to_big_num(private_key)
|
|
71
|
+
end
|
|
72
|
+
|
|
73
|
+
asn1 = OpenSSL::ASN1::Sequence([
|
|
74
|
+
OpenSSL::ASN1::Integer.new(1),
|
|
75
|
+
# Not properly padded but OpenSSL doesn't mind
|
|
76
|
+
OpenSSL::ASN1::OctetString(private_key.to_s(2)),
|
|
77
|
+
OpenSSL::ASN1::ObjectId('prime256v1', 0, :EXPLICIT),
|
|
78
|
+
OpenSSL::ASN1::BitString(public_key.to_octet_string(:uncompressed), 1, :EXPLICIT),
|
|
79
|
+
])
|
|
80
|
+
|
|
81
|
+
der = asn1.to_der
|
|
82
|
+
|
|
83
|
+
@curve = OpenSSL::PKey::EC.new(der)
|
|
65
84
|
end
|
|
66
85
|
|
|
67
86
|
def curve_name
|
data/lib/web_push/version.rb
CHANGED
data/lib/web_push.rb
CHANGED
|
@@ -4,9 +4,7 @@ describe WebPush::Encryption do
|
|
|
4
4
|
describe '#encrypt' do
|
|
5
5
|
let(:curve) do
|
|
6
6
|
group = 'prime256v1'
|
|
7
|
-
|
|
8
|
-
curve.generate_key
|
|
9
|
-
curve
|
|
7
|
+
OpenSSL::PKey::EC.generate(group)
|
|
10
8
|
end
|
|
11
9
|
|
|
12
10
|
let(:p256dh) do
|
|
@@ -67,10 +65,10 @@ describe WebPush::Encryption do
|
|
|
67
65
|
content_encryption_key_info = "Content-Encoding: aes128gcm\0"
|
|
68
66
|
nonce_info = "Content-Encoding: nonce\0"
|
|
69
67
|
|
|
70
|
-
prk =
|
|
68
|
+
prk = OpenSSL::KDF.hkdf(shared_secret, salt: client_auth_token, info: info, hash: 'SHA256', length: 32)
|
|
71
69
|
|
|
72
|
-
content_encryption_key =
|
|
73
|
-
nonce =
|
|
70
|
+
content_encryption_key = OpenSSL::KDF.hkdf(prk, salt: salt, info: content_encryption_key_info, hash: 'SHA256', length: 16)
|
|
71
|
+
nonce = OpenSSL::KDF.hkdf(prk, salt: salt, info: nonce_info, hash: 'SHA256', length: 12)
|
|
74
72
|
|
|
75
73
|
decrypt_ciphertext(ciphertext, content_encryption_key, nonce)
|
|
76
74
|
end
|
data/web-push.gemspec
CHANGED
metadata
CHANGED
|
@@ -1,30 +1,16 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: web-push
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version:
|
|
4
|
+
version: 3.0.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- zaru
|
|
8
8
|
- collimarco
|
|
9
|
-
autorequire:
|
|
9
|
+
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date:
|
|
12
|
+
date: 2023-11-13 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
|
-
- !ruby/object:Gem::Dependency
|
|
15
|
-
name: hkdf
|
|
16
|
-
requirement: !ruby/object:Gem::Requirement
|
|
17
|
-
requirements:
|
|
18
|
-
- - "~>"
|
|
19
|
-
- !ruby/object:Gem::Version
|
|
20
|
-
version: '1.0'
|
|
21
|
-
type: :runtime
|
|
22
|
-
prerelease: false
|
|
23
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
24
|
-
requirements:
|
|
25
|
-
- - "~>"
|
|
26
|
-
- !ruby/object:Gem::Version
|
|
27
|
-
version: '1.0'
|
|
28
14
|
- !ruby/object:Gem::Dependency
|
|
29
15
|
name: jwt
|
|
30
16
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -95,7 +81,7 @@ dependencies:
|
|
|
95
81
|
- - "~>"
|
|
96
82
|
- !ruby/object:Gem::Version
|
|
97
83
|
version: '3.0'
|
|
98
|
-
description:
|
|
84
|
+
description:
|
|
99
85
|
email:
|
|
100
86
|
- support@pushpad.xyz
|
|
101
87
|
executables: []
|
|
@@ -124,7 +110,7 @@ homepage: https://github.com/pushpad/web-push
|
|
|
124
110
|
licenses:
|
|
125
111
|
- MIT
|
|
126
112
|
metadata: {}
|
|
127
|
-
post_install_message:
|
|
113
|
+
post_install_message:
|
|
128
114
|
rdoc_options: []
|
|
129
115
|
require_paths:
|
|
130
116
|
- lib
|
|
@@ -139,8 +125,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
139
125
|
- !ruby/object:Gem::Version
|
|
140
126
|
version: '0'
|
|
141
127
|
requirements: []
|
|
142
|
-
rubygems_version: 3.3.
|
|
143
|
-
signing_key:
|
|
128
|
+
rubygems_version: 3.0.3.1
|
|
129
|
+
signing_key:
|
|
144
130
|
specification_version: 4
|
|
145
131
|
summary: Web Push library for Ruby (RFC8030)
|
|
146
132
|
test_files: []
|