5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
|
# File 'lib/webpush/encryption.rb', line 5
def encrypt(message, p256dh, auth)
assert_arguments(message, p256dh, auth)
group_name = "prime256v1"
salt = Random.new.bytes(16)
server = OpenSSL::PKey::EC.new(group_name)
server.generate_key
server_public_key_bn = server.public_key.to_bn
group = OpenSSL::PKey::EC::Group.new(group_name)
client_public_key_bn = OpenSSL::BN.new(Webpush.decode64(p256dh), 2)
client_public_key = OpenSSL::PKey::EC::Point.new(group, client_public_key_bn)
shared_secret = server.dh_compute_key(client_public_key)
client_auth_token = Webpush.decode64(auth)
prk = HKDF.new(shared_secret, salt: client_auth_token, algorithm: 'SHA256', info: "Content-Encoding: auth\0").next_bytes(32)
context = create_context(client_public_key_bn, server_public_key_bn)
content_encryption_key_info = create_info('aesgcm', context)
content_encryption_key = HKDF.new(prk, salt: salt, info: content_encryption_key_info).next_bytes(16)
nonce_info = create_info('nonce', context)
nonce = HKDF.new(prk, salt: salt, info: nonce_info).next_bytes(12)
ciphertext = encrypt_payload(message, content_encryption_key, nonce)
{
ciphertext: ciphertext,
salt: salt,
server_public_key_bn: convert16bit(server_public_key_bn),
server_public_key: server_public_key_bn.to_s(2),
shared_secret: shared_secret
}
end
|