Open firien opened 1 year ago
Good catch.
You can also reproduce the issue in the tests with this code:
# vapid_key_spec.rb
it 'returns an encoded private key' do
30_000.times do
key = WebPush::VapidKey.new
puts key.private_key
expect(Base64.urlsafe_decode64(key.private_key).bytesize).to eq(32)
end
end
However, after further investigation, it seems that the problem relies in Ruby OpenSSL and not in this gem.
For example this will sometimes fail:
30_000.times do
key = OpenSSL::PKey::EC.generate('prime256v1')
expect(key.private_key.to_s(2).bytesize).to eq(32)
end
Now the question is... is it a bug in OpenSSL::PKey::EC
or is it normal that the private key is only 31 characters sometimes?
@rossta I see that you are the author of this test, do you have any idea why it fails sometimes (very rare)? What was the meaning of that test on the length?
I seem to recall this as my interpretation of the literature at the time, but I’m not confident this length has to be enforced. It might be worth manually testing the behavior with a shorter key generated from the method shown above.
https://github.com/pushpad/web-push/blob/20f40d9586b524b8c75e64887683931d6e11b078/spec/web_push/vapid_key_spec.rb#L19
occasionally this is 31 bytes