function setVAPIDInfo($privateKey, $audience, $subject) { if (!USE_VAPID || !$privateKey || !$audience || !$subject) { return; } $builder = new Builder(); $token = $builder->setAudience($audience)->setExpiration(time() + 86400)->setSubject($subject)->sign(new Sha256(), new Key($privateKey))->getToken(); $this->additionalHeaders['Authorization'] = 'Bearer ' . $token; $privKeySerializer = new PemPrivateKeySerializer(new DerPrivateKeySerializer()); $privateKeyObject = $privKeySerializer->parse($privateKey); $publicKeyObject = $privateKeyObject->getPublicKey(); $pointSerializer = new UncompressedPointSerializer(EccFactory::getAdapter()); $this->additionalHeaders['Crypto-Key'] = 'p256ecdsa=' . Base64Url::encode(hex2bin($pointSerializer->serialize($publicKeyObject->getPoint()))); }
function get_public_key($privateKey) { $publicKeyVal = __('Your private key is invalid.', 'web-push'); error_reporting(E_ERROR); try { $privKeySerializer = new PemPrivateKeySerializer(new DerPrivateKeySerializer()); $privateKeyObject = $privKeySerializer->parse($privateKey); $publicKeyObject = $privateKeyObject->getPublicKey(); $pointSerializer = new UncompressedPointSerializer(EccFactory::getAdapter()); $publicKeyVal = Base64Url::encode(hex2bin($pointSerializer->serialize($publicKeyObject->getPoint()))); } catch (Exception $e) { // Ignore exceptions while getting the public key from the private key. } error_reporting(E_ALL); return $publicKeyVal; }
/** * @param array $vapid * * @return array * * @throws \ErrorException */ public static function validate(array $vapid) { if (!array_key_exists('subject', $vapid)) { throw new \ErrorException('[VAPID] You must provide a subject that is either a mailto: or a URL.'); } if (array_key_exists('pemFile', $vapid)) { $vapid['pem'] = file_get_contents($vapid['pemFile']); if (!$vapid['pem']) { throw new \ErrorException('Error loading PEM file.'); } } if (array_key_exists('pem', $vapid)) { $pem = $vapid['pem']; $posStartKey = strpos($pem, '-----BEGIN EC PRIVATE KEY-----'); $posEndKey = strpos($pem, '-----END EC PRIVATE KEY-----'); if ($posStartKey === false || $posEndKey === false) { throw new \ErrorException('Invalid PEM data.'); } $posStartKey += 30; // length of '-----BEGIN EC PRIVATE KEY-----' $pemSerializer = new PemPrivateKeySerializer(new DerPrivateKeySerializer()); $keys = self::getUncompressedKeys($pemSerializer->parse(substr($pem, $posStartKey, $posEndKey - $posStartKey))); $vapid['publicKey'] = $keys['publicKey']; $vapid['privateKey'] = $keys['privateKey']; } if (!array_key_exists('publicKey', $vapid)) { throw new \ErrorException('[VAPID] You must provide a public key.'); } $publicKey = Base64Url::decode($vapid['publicKey']); if (Utils::safeStrlen($publicKey) !== self::PUBLIC_KEY_LENGTH) { throw new \ErrorException('[VAPID] Public key should be 65 bytes long when decoded.'); } if (!array_key_exists('privateKey', $vapid)) { throw new \ErrorException('[VAPID] You must provide a private key.'); } $privateKey = Base64Url::decode($vapid['privateKey']); if (Utils::safeStrlen($privateKey) !== self::PRIVATE_KEY_LENGTH) { throw new \ErrorException('[VAPID] Private key should be 32 bytes long when decoded.'); } return array('subject' => $vapid['subject'], 'publicKey' => $publicKey, 'privateKey' => $privateKey); }
function test_generate_vapid_options() { if (!USE_VAPID) { return; } // Test that when the plugin is installed it has valid VAPID info. $privKeySerializer = new PemPrivateKeySerializer(new DerPrivateKeySerializer()); $privateKeyObject = $privKeySerializer->parse(get_option('webpush_vapid_key')); $publicKeyObject = $privateKeyObject->getPublicKey(); $this->assertEquals('mailto:admin@example.org', get_option('webpush_vapid_subject')); $this->assertEquals('https://example.org', get_option('webpush_vapid_audience')); // Test regenerating the VAPID info. update_option('webpush_vapid_key', ''); update_option('webpush_vapid_subject', ''); update_option('webpush_vapid_audience', ''); WebPush_DB::generate_vapid_options(); $privKeySerializer = new PemPrivateKeySerializer(new DerPrivateKeySerializer()); $privateKeyObject = $privKeySerializer->parse(get_option('webpush_vapid_key')); $publicKeyObject = $privateKeyObject->getPublicKey(); $this->assertEquals('mailto:admin@example.org', get_option('webpush_vapid_subject')); $this->assertEquals('https://example.org', get_option('webpush_vapid_audience')); }