Module: Webpush::Encryption

Extended by:
Encryption
Included in:
Encryption
Defined in:
lib/webpush/encryption.rb

Instance Method Summary collapse

Instance Method Details

#encrypt(message, p256dh, auth) ⇒ Object

rubocop:disable Metrics/AbcSize, Metrics/MethodLength

Raises:

  • (ArgumentError) 


8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
 
# File 'lib/webpush/encryption.rb', line 8

def encrypt(message, p256dh, auth)
  assert_arguments(message, p256dh, auth)

  group_name = 'prime256v1'
  salt = Random.new.bytes(16)

  server = OpenSSL::PKey::EC.new(group_name)
  server.generate_key
  server_public_key_bn = server.public_key.to_bn

  group = OpenSSL::PKey::EC::Group.new(group_name)
  client_public_key_bn = OpenSSL::BN.new(Webpush.decode64(p256dh), 2)
  client_public_key = OpenSSL::PKey::EC::Point.new(group, client_public_key_bn)

  shared_secret = server.dh_compute_key(client_public_key)

  client_auth_token = Webpush.decode64(auth)

  info = "WebPush: info\0" + client_public_key_bn.to_s(2) + server_public_key_bn.to_s(2)
  content_encryption_key_info = "Content-Encoding: aes128gcm\0"
  nonce_info = "Content-Encoding: nonce\0"

  prk = HKDF.new(shared_secret, salt: client_auth_token, algorithm: 'SHA256', info: info).next_bytes(32)

  content_encryption_key = HKDF.new(prk, salt: salt, info: content_encryption_key_info).next_bytes(16)

  nonce = HKDF.new(prk, salt: salt, info: nonce_info).next_bytes(12)

  ciphertext = encrypt_payload(message, content_encryption_key, nonce)

  serverkey16bn = convert16bit(server_public_key_bn)
  rs = ciphertext.bytesize
  raise ArgumentError, "encrypted payload is too big" if rs > 4096

  aes128gcmheader = "#{salt}" + [rs].pack('N*') + [serverkey16bn.bytesize].pack('C*') + serverkey16bn

  aes128gcmheader + ciphertext
end