web-push 3.0.0 → 3.0.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: c8a683629bc333d1f987fc867dd05b4d0af39179e94cc8dc7c9742dbaddd4c45
-  data.tar.gz: 1c86dcbfcbec2791df28c45c2dff656ca8385b5a3fb75d900fb731e7472887f9
+  metadata.gz: a688b354339ddf4f82d8febb54a2042bb432357dffd77a571c3c9212c107aa2f
+  data.tar.gz: 01060b2687a57217cafb2cf96b3925c6e2e39102daf6f796277d06d767ae6a0e
 SHA512:
-  metadata.gz: 8e33057f0c869ea54dd952f5b937fe6ca01c49a7d82549a7563fd4b148a315eba627d791f5c39d844834b2418466b21f7c58ae382c310fdc339b1560be508234
-  data.tar.gz: 813fc19fb5939a5318409ac30651d31050d22e006213305e549899b109cde83ddcc3dfac17a7d1c1abc016ebc6dbb3235f17fd049eff96738be4e2832be55917
+  metadata.gz: 2386c18e4fef78c027b2a5dee6a1778dc82d43cf26dcf0468e83feb8ff972eca1b743c87d68612fffee8ea9feb05329bc4a06127599643de72d922b465aca776
+  data.tar.gz: b023139054b433c36d32d5a91465e8d0082231a6c7c2e8f0ff79825599457c28b57e51ffcabdf21e7fb03ab5e63a28750c00fddfea74204c3f8da640fd9ffe38

data/README.md

@@ -5,6 +5,8 @@
 
 This gem makes it possible to send push messages to web browsers from Ruby backends using the [Web Push Protocol](https://datatracker.ietf.org/doc/html/rfc8030). It supports [Message Encryption for Web Push](https://datatracker.ietf.org/doc/html/rfc8291) and [VAPID](https://datatracker.ietf.org/doc/html/rfc8292).
 
+**Note**: This is an open source gem for Web Push. If you want to send web push notifications from Ruby using Pushpad, you need to use another gem ([pushpad gem](https://github.com/pushpad/pushpad-ruby)).
+
 ## Installation
 
 Add this line to the Gemfile:
@@ -178,7 +180,7 @@ WebPush.payload_send(
   p256dh: "BO/aG9nYXNkZmFkc2ZmZHNmYWRzZmFl...",
   auth: "aW1hcmthcmFpa3V6ZQ==",
   vapid: {
-    subject: "mailto:sender@example.com"
+    subject: "mailto:sender@example.com",
     pem: ENV['VAPID_KEYS']
   }
 )

data/lib/web_push/encryption.rb

@@ -8,6 +8,7 @@ module WebPush
       assert_arguments(message, p256dh, auth)
 
       group_name = 'prime256v1'
+      hash = 'SHA256'
       salt = Random.new.bytes(16)
 
       server = OpenSSL::PKey::EC.generate(group_name)
@@ -25,11 +26,11 @@ module WebPush
       content_encryption_key_info = "Content-Encoding: aes128gcm\0"
       nonce_info = "Content-Encoding: nonce\0"
 
-      prk = HKDF.new(shared_secret, salt: client_auth_token, algorithm: 'SHA256', info: info).read(32)
+      prk = OpenSSL::KDF.hkdf(shared_secret, salt: client_auth_token, info: info, hash: hash, length: 32)
 
-      content_encryption_key = HKDF.new(prk, salt: salt, info: content_encryption_key_info).read(16)
+      content_encryption_key = OpenSSL::KDF.hkdf(prk, salt: salt, info: content_encryption_key_info, hash: hash, length: 16)
 
-      nonce = HKDF.new(prk, salt: salt, info: nonce_info).read(12)
+      nonce = OpenSSL::KDF.hkdf(prk, salt: salt, info: nonce_info, hash: hash, length: 12)
 
       ciphertext = encrypt_payload(message, content_encryption_key, nonce)
 

data/lib/web_push/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module WebPush
-  VERSION = '3.0.0'.freeze
+  VERSION = '3.0.1'.freeze
 end

data/lib/web_push.rb

@@ -2,7 +2,6 @@
 
 require 'openssl'
 require 'base64'
-require 'hkdf'
 require 'jwt'
 require 'uri'
 require 'net/http'

data/spec/web_push/encryption_spec.rb

@@ -65,10 +65,10 @@ describe WebPush::Encryption do
       content_encryption_key_info = "Content-Encoding: aes128gcm\0"
       nonce_info = "Content-Encoding: nonce\0"
 
-      prk = HKDF.new(shared_secret, salt: client_auth_token, algorithm: 'SHA256', info: info).read(32)
+      prk = OpenSSL::KDF.hkdf(shared_secret, salt: client_auth_token, info: info, hash: 'SHA256', length: 32)
 
-      content_encryption_key = HKDF.new(prk, salt: salt, info: content_encryption_key_info).read(16)
-      nonce = HKDF.new(prk, salt: salt, info: nonce_info).read(12)
+      content_encryption_key = OpenSSL::KDF.hkdf(prk, salt: salt, info: content_encryption_key_info, hash: 'SHA256', length: 16)
+      nonce = OpenSSL::KDF.hkdf(prk, salt: salt, info: nonce_info, hash: 'SHA256', length: 12)
 
       decrypt_ciphertext(ciphertext, content_encryption_key, nonce)
     end

data/web-push.gemspec

@@ -14,7 +14,6 @@ Gem::Specification.new do |spec|
 
   spec.required_ruby_version = '>= 3.0'
 
-  spec.add_dependency 'hkdf', '~> 1.0'
   spec.add_dependency 'jwt', '~> 2.0'
   spec.add_dependency 'openssl', '~> 3.0'
 

metadata

@@ -1,30 +1,16 @@
 --- !ruby/object:Gem::Specification
 name: web-push
 version: !ruby/object:Gem::Version
-  version: 3.0.0
+  version: 3.0.1
 platform: ruby
 authors:
 - zaru
 - collimarco
-autorequire:
+autorequire: 
 bindir: bin
 cert_chain: []
-date: 2023-01-05 00:00:00.000000000 Z
+date: 2023-11-13 00:00:00.000000000 Z
 dependencies:
-- !ruby/object:Gem::Dependency
-  name: hkdf
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.0'
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.0'
 - !ruby/object:Gem::Dependency
   name: jwt
   requirement: !ruby/object:Gem::Requirement
@@ -95,7 +81,7 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '3.0'
-description:
+description: 
 email:
 - support@pushpad.xyz
 executables: []
@@ -124,7 +110,7 @@ homepage: https://github.com/pushpad/web-push
 licenses:
 - MIT
 metadata: {}
-post_install_message:
+post_install_message: 
 rdoc_options: []
 require_paths:
 - lib
@@ -139,8 +125,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.4.1
-signing_key:
+rubygems_version: 3.0.3.1
+signing_key: 
 specification_version: 4
 summary: Web Push library for Ruby (RFC8030)
 test_files: []