7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
|
# File 'lib/web_push/encryption.rb', line 7
def encrypt(message, p256dh, auth)
assert_arguments(message, p256dh, auth)
group_name = 'prime256v1'
hash = 'SHA256'
salt = Random.new.bytes(16)
server = OpenSSL::PKey::EC.generate(group_name)
server_public_key_bn = server.public_key.to_bn
group = OpenSSL::PKey::EC::Group.new(group_name)
client_public_key_bn = OpenSSL::BN.new(WebPush.decode64(p256dh), 2)
client_public_key = OpenSSL::PKey::EC::Point.new(group, client_public_key_bn)
shared_secret = server.dh_compute_key(client_public_key)
client_auth_token = WebPush.decode64(auth)
info = "WebPush: info\0" + client_public_key_bn.to_s(2) + server_public_key_bn.to_s(2)
content_encryption_key_info = "Content-Encoding: aes128gcm\0"
nonce_info = "Content-Encoding: nonce\0"
prk = OpenSSL::KDF.hkdf(shared_secret, salt: client_auth_token, info: info, hash: hash, length: 32)
content_encryption_key = OpenSSL::KDF.hkdf(prk, salt: salt, info: content_encryption_key_info, hash: hash, length: 16)
nonce = OpenSSL::KDF.hkdf(prk, salt: salt, info: nonce_info, hash: hash, length: 12)
ciphertext = encrypt_payload(message, content_encryption_key, nonce)
serverkey16bn = convert16bit(server_public_key_bn)
rs = ciphertext.bytesize
raise ArgumentError, "encrypted payload is too big" if rs > 4096
= "#{salt}" + [rs].pack('N*') + [serverkey16bn.bytesize].pack('C*') + serverkey16bn
+ ciphertext
end
|