Closed Iazzetta closed 6 years ago
I'm not sure. The error is happening inside of the cryptography library, so there could be a number of reasons.
1) Is the private key data a valid PEM file?
You can use a command like
openssl ec -inform pem -in YourKeyFile.pem -text -noout
it should produce something like:
read EC key
Private-Key: (256 bit)
priv:
00:96:70:09:fd:aa:7b:ff:29:22:fd:c3:af:5b:4e:
4a:41:f2:0f:07:6f:89:9b:a5:46:d2:f0:64:d0:95:
87:77:83
pub:
04:46:cb:95:b6:e2:dd:7a:ed:eb:88:5a:00:bc:96:
4a:41:f2:0f:07:6f:89:9b:a5:46:d2:f0:64:d0:95:
00:96:70:09:fd:aa:7b:ff:29:22:fd:c3:af:5b:4e:
56:4f:66:95:4d:0f:29:7d:12:ea:2f:4f:39:b0:4a:
ef:e6:3d:43:ac
ASN1 OID: prime256v1
NIST CURVE: P-256
If not, the file may not be a proper key.
If that does work, (and if I understand that you're able to send push notifications using something like pywebpush
, just not if the library is integrated into django), then I've no idea. It may be a library version conflict, or some monkey patch, or anything, really. (cryptography and openssl can be terrible about randomly changing how things work via "minor" updates)
I don't have a lot of time right now to dig into this, but I'll try to get to it as soon as I can.
Thanks for the fast answer. Its a valid PEM, but maybe for use PEM in Django, I need do more things and not just pass the file in parameter. I switched the .pem
file by generated private key of https://web-push-codelab.glitch.me
and works. For production, I can use this generated keys?
You can use whatever private key you want. The vapid key is just how a remote site identifies you, so if you have a key that works, use it and protect it like you would your password.
I'm a bit curious why one key is rejected and the other accepted, but I can try and sort that out.
If you're not using the old, broken PEM file for anything, I'd appreciate if you could sent it to me. It might be useful for debugging. Also, can I presume you're using python 3.5? or are you using a different version or platform?
Thanks!
Yes, Python 3.5. I delete my old private and public files :( But I generate many in my django tests.
Cool. No worries about the keys, I'm sure I can duplicate the problem.
Closing, this may be related to #89 where the underlying library could be generating incompatible key values.
Just for the record, since vapid and friends try very hard to 'duck' the key passed to them (object, filename string, key string...) if the key file isn't found at the path given in the settings dictionary the code goes down a path that produces this error because the invalid filename is interpreted as a key string.
I have done some tests with push notification and works. But when I integrate with django, I get this error:
Why?