Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Implement aes128gcm, remove legacy code, add exactor agnostic client, update docs, and more. #30

Merged
merged 27 commits into from
Aug 10, 2021

Conversation

andyblarblar
Copy link
Collaborator

@andyblarblar andyblarblar commented Aug 6, 2021

This PR finishes and builds upon the work done in #23 by fully implementing Aes128Gcm and making numerus other improvements to the API. This PR should reduce this crate's complexity considerably though the ece delegation and removal of legacy APIs. My hope is that these changes should make it easier to maintain this crate long term now that the web push API is stable and rust async is much more mature.

Changelog 📝

Additions

[+] - Full aes128gcm support via ece crate. Credit to @tiesselune for this. See #23 for more. Closes #3.
[+] - Isahc based default client to remove Tokio dependency. Separate changes from #25 but similar effect, although Isahc works on any executor as it uses curl under the hood.
[+] - Cargo feature to enable the old hyper client.
[+] - Generic build_request() to allow for custom clients using the http crate's generic request body. This function is also exported now. This should enable someone to make a say, ureq web push client crate, without our input.
[+] - Add function to create a VAPID builder without a sub, allowing for key material to be reused.
[+] - Method to get the public key bytes from a Vapid signature (useful for sending the key to client without messing with openssl).
[+] - Improved tests and added one to actually test the encryption itself.
[+] - Expand documentation throughout the code base, and update docs to accurately reflect the current web push API.
[+] - Bump to v0.8

Deletions

[-] - Remove all aesgcm code. This significantly reduces maintenance by reducing tests and removes concerns of deprecation. This is possible because of aes128gcm's universal support.
[-] - Remove old GCM/FCM code. This is redundant now that web push is standardized.

Breaking Changes ⚠

  • WebPushClient::new() now returns a Result as the Isahc client has a fallible constructor. This has been applied to both clients to keep the API the same, although the hyper client is infallible.
  • Removal of all gcm/fcm methods on builders. I believe the FCM crate may be a valid upgrade path if FCM is heavily used.
  • Removal of ContentEncoding::AesGcm. Because all tested APIs support (and in the case of Edge only supports) Aes128Gcm, consumers should simply replace the variant with ContentEncoding::Aes128Gcm.

Notes

The documentation generation for docs.rs will probably need to be modified now that features are being used.

All tests pass and confirmed working on Chrome, Firefox, and chromium Edge. You can see it working (potentially, my project still has some bugs 😅) in a personal project here.

Sorry if I'm breaking GitHub etiquette with this PR, these changes were originally designed for myself, so the PR ended up being gigantic. Credit again to @tiesselune for doing the bulk of the ece transition, this PR is really just expanding on his work.

John Tiesselune and others added 27 commits July 11, 2021 18:27
prepared tests for headers that are left to do
(some small padding is added in the rust-ece crate)
This allows for aes128Gcm to fully operate in all tested browsers, including edge.
This commit will fix the base64 encoding issues by directly reading the PEM key as bytes instead of immediately encoding, allowing consumers to choose to base64 encode or not.
Use the autopush implementation for all connections. This is possible as web push has been standardised, leaving this legacy code redundant. The FCM crate should cover all uses of FCM by this crates consumers.
Add `hyper-client` feature to optionally use the old hyper client. Isach is runtime independent, allowing this crate to be used in non Tokio environments. The hyper client remains as a potentially faster and more maintained option. Isach is the default as I feel the crate should work out of the box on any async executor.
Expose request_builder now that it's generic and documented.
Implement aes128gcm, remove legacy code, add exactor agnostic client, update docs, and more!
@pimeys
Copy link
Owner

pimeys commented Aug 10, 2021

Oh wow! Sorry, I've been on vacations and currently catching up at work. I'll take a look into this later today hopefully, so we get it merged and new release out.

@pimeys pimeys merged commit 4cac72a into pimeys:master Aug 10, 2021
@pimeys
Copy link
Owner

pimeys commented Aug 10, 2021

v0.8.0 published.

@andyblarblar andyblarblar deleted the master branch August 13, 2021 03:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

AES128GCM Support
2 participants