users can specify a PEM file

Minishlink · Minishlink · commit b21561b93d14 · 2016-11-08T13:17:07.000+01:00
diff --git a/README.md b/README.md
@@ -73,7 +73,7 @@ There are several good examples and tutorials on the web:
 ### Authentication
 Browsers need to verify your identity. A standard called VAPID can authenticate you for all browsers. You'll need to create and provide a public and private key for your server.
 
-You can specify your authentication details when instantiating WebPush:
+You can specify your authentication details when instantiating WebPush. The keys can be passed directly, or you can load a PEM file or its content:
 ```php
 <?php
 
@@ -87,14 +87,16 @@ $auth = array(
         'subject' => 'mailto:me@website.com', // can be a mailto: or your website address
         'publicKey' => '~88 chars', // uncompressed public key P-256 encoded in Base64-URL
         'privateKey' => '~44 chars', // in fact the secret multiplier of the private key encoded in Base64-URL
+        'pemFile' => 'path/to/pem', // if you have a PEM file and can link to it on your filesystem
+        'pem' => 'pemFileContent', // if you have a PEM file and want to hardcode its content
     ),
 );
 
 $webPush = new WebPush($auth);
 $webPush->sendNotification($endpoint, null, null, null, true);
 ```
 
-In order to generate the public and private keys, enter the following in your Linux bash:
+In order to generate the uncompressed public and secret key, encoded in Base64, enter the following in your Linux bash:
 ```
 $ openssl ecparam -genkey -name prime256v1 -out private_key.pem
 $ openssl ec -in private_key.pem -pubout -outform DER|tail -c 65|base64|tr -d '=' |tr '/+' '_-' >> public_key.txt
diff --git a/src/VAPID.php b/src/VAPID.php
@@ -15,6 +15,7 @@
 use Jose\Factory\JWKFactory;
 use Jose\Factory\JWSFactory;
 use Mdanter\Ecc\EccFactory;
+use Mdanter\Ecc\Serializer\Point\UncompressedPointSerializer;
 use Mdanter\Ecc\Serializer\PrivateKey\DerPrivateKeySerializer;
 use Mdanter\Ecc\Serializer\PrivateKey\PemPrivateKeySerializer;
 
@@ -33,6 +34,33 @@ public static function validate(array $vapid)
             throw new \ErrorException('[VAPID] You must provide a subject that is either a mailto: or a URL.');
         }
 
+        if (array_key_exists('pemFile', $vapid)) {
+            $vapid['pem'] = file_get_contents($vapid['pemFile']);
+
+            if (!$vapid['pem']) {
+                throw new \ErrorException('Error loading PEM file.');
+            }
+        }
+
+        if (array_key_exists('pem', $vapid)) {
+            $pem = $vapid['pem'];
+            $posStartKey = strpos($pem, '-----BEGIN EC PRIVATE KEY-----');
+            $posEndKey = strpos($pem, '-----END EC PRIVATE KEY-----');
+
+            if ($posStartKey === false || $posEndKey === false) {
+                throw new \ErrorException('Invalid PEM data.');
+            }
+
+            $posStartKey += 30; // length of '-----BEGIN EC PRIVATE KEY-----'
+
+            $pemSerializer = new PemPrivateKeySerializer(new DerPrivateKeySerializer());
+            $keys = $pemSerializer->parse(substr($pem, $posStartKey, $posEndKey - $posStartKey));
+
+            $pointSerializer = new UncompressedPointSerializer(EccFactory::getAdapter());
+            $vapid['publicKey'] = base64_encode(hex2bin($pointSerializer->serialize($keys->getPublicKey()->getPoint())));
+            $vapid['privateKey'] = base64_encode(hex2bin(gmp_strval($keys->getSecret(), 16)));
+        }
+
         if (!array_key_exists('publicKey', $vapid)) {
             throw new \ErrorException('[VAPID] You must provide a public key.');
         }
