Added support for aes128gcm

Author: colecrouter

package.json

@@ -1,6 +1,6 @@
 {
   "name": "web-push-browser",
-  "version": "1.0.1",
+  "version": "1.1.0",
   "description": "Minimal library for sending notifications via the browser Push API",
   "main": "build/index.js",
   "dependencies": {

src/crypto/payload.ts

@@ -1,22 +1,24 @@
 import type { PushNotificationSubscription } from "../types.js";
 import { fromBase64Url } from "../utils/base64url.js";
 
+type EncryptionOptions = {
+	algorithm: "aesgcm" | "aes128gcm";
+};
+
 /**
  * Encrypt a plaintext payload using the keys provided by the PushSubscription.
  * @param payload - The plaintext payload to encrypt.
  * @param keys - The keys from the PushSubscription.
+ * @param options - Options for encryption. Defaults to AES128GCM if not specified.
  */
 export async function encryptPayload(
 	payload: string,
 	keys: PushNotificationSubscription["keys"],
+	options: EncryptionOptions = { algorithm: "aes128gcm" },
 ) {
 	const encoder = new TextEncoder();
 	const salt = crypto.getRandomValues(new Uint8Array(16));
 
-	if (!keys.p256dh || !keys.auth) {
-		throw new Error("Missing p256dh or auth key");
-	}
-
 	// Get the p256dh and auth keys from the subscription
 	const auth =
 		typeof keys.auth === "string" ? fromBase64Url(keys.auth) : keys.auth;
@@ -62,7 +64,7 @@ export async function encryptPayload(
 	);
 
 	// Derive the Content Encryption Key
-	const cekInfo = encoder.encode("Content-Encoding: aes128gcm");
+	const cekInfo = encoder.encode(`Content-Encoding: ${options.algorithm}`);
 	const cek = await crypto.subtle.deriveBits(
 		{
 			name: "HKDF",
@@ -95,24 +97,30 @@ export async function encryptPayload(
 		await crypto.subtle.exportKey("raw", localKeyPair.publicKey),
 	);
 
-	// Construct the header
-	const header = new Uint8Array([
-		...salt, // 16 bytes
-		...new Uint8Array(4), // 4 bytes for record size (we'll fill this later)
-		...serverPublicKeyBytes, // 65 bytes for public key
-	]);
-
-	// Construct the full message
-	const message = new Uint8Array([
-		...header,
-		...new Uint8Array(encryptedPayload),
-	]);
-
-	// Now fill in the record size
-	const recordSize = new Uint32Array([encryptedPayload.byteLength]);
-	new Uint8Array(message.buffer, 16, 4).set(new Uint8Array(recordSize.buffer));
-	const encrypted = message.buffer;
-	const serverPublicKey = localKeyPair.publicKey;
-
-	return { encrypted, salt, serverPublicKey };
+	let encrypted: ArrayBuffer;
+
+	if (options.algorithm === "aes128gcm") {
+		const header = new Uint8Array([
+			...salt,
+			...new Uint8Array(4),
+			...serverPublicKeyBytes,
+		]);
+
+		const message = new Uint8Array([
+			...header,
+			...new Uint8Array(encryptedPayload),
+		]);
+
+		const recordSize = new Uint32Array([encryptedPayload.byteLength]);
+		new Uint8Array(message.buffer, 16, 4).set(
+			new Uint8Array(recordSize.buffer),
+		);
+		encrypted = message.buffer;
+	} else {
+		// For 'aesgcm', we don't include the header in the encrypted payload
+		encrypted = encryptedPayload;
+	}
+	const localPublicKey = localKeyPair.publicKey;
+
+	return { encrypted, salt, localPublicKey };
 }

src/request/generate.ts

@@ -1,53 +1,70 @@
-import type { PushNotificationSubscription } from "../types.js";
 import { toBase64Url } from "../utils/base64url.js";
 
+type BaseOptions = {
+	ttl?: number;
+	urgency?: "very-low" | "low" | "normal" | "high";
+};
+
+type AESGCMOptions = BaseOptions & {
+	algorithm: "aesgcm";
+	salt: ArrayBuffer;
+	localPublicKey: CryptoKey;
+};
+
+type AES128GCMOptions = BaseOptions & {
+	algorithm?: "aes128gcm";
+};
+
+type EncryptionOptions = AESGCMOptions | AES128GCMOptions;
+
 /**
  * Generate the headers for a Web Push request.
  * @param publicVapidKey - The public VAPID key.
  * @param jwt - The signed JWT token.
  * @param encryptedPayload - The encrypted payload.
- * @param salt - The salt used to encrypt the payload.
- * @param localPublicKey - The public key used to encrypt the payload.
- * @param ttl - The time-to-live for the notification.
+ * @param options - Options for encryption and additional headers. Defaults to AES128GCM if not specified.
  * @returns The generated headers.
  */
 export async function generateHeaders(
 	publicVapidKey: CryptoKey,
 	jwt: string,
 	encryptedPayload: ArrayBuffer,
-	salt: ArrayBuffer,
-	localPublicKey: CryptoKey,
-	ttl = 86400,
-) {
+	options: EncryptionOptions = { algorithm: "aes128gcm" },
+): Promise<Headers> {
 	const exportedPubKey = await crypto.subtle.exportKey("raw", publicVapidKey);
 	const encodedPubKey = toBase64Url(exportedPubKey);
 
-	const exportedLocalPubKey = await crypto.subtle.exportKey(
-		"raw",
-		localPublicKey,
-	);
-	const encodedLocalPubKey = toBase64Url(exportedLocalPubKey);
-
 	const headers = new Headers();
-	headers.append("Authorization", `Bearer ${jwt}`);
-	const cryptoKey = new URLSearchParams();
-	cryptoKey.set("dh", encodedLocalPubKey);
+	headers.append("Content-Type", "application/octet-stream");
+	headers.append("Content-Length", encryptedPayload.byteLength.toString());
+	headers.append("TTL", Math.floor(options.ttl ?? 86400).toString());
 
-	// On Microsoft Edge servers, this doesn't work, despite being documented in the spec
-	// headers.append("Crypto-Key", `p256ecdsa=${encodedPubKey}`);
-	// headers.append("Crypto-Key", `dh=${encodedLocalPubKey}`);
+	if (options.urgency) {
+		headers.append("Urgency", options.urgency);
+	}
 
-	// Also on Microsoft, the order matters, despite the spec saying it doesn't
-	headers.append(
-		"Crypto-Key",
-		`p256ecdsa=${encodedPubKey};dh=${encodedLocalPubKey}`,
-	);
+	if (options.algorithm === "aesgcm") {
+		const exportedLocalPubKey = await crypto.subtle.exportKey(
+			"raw",
+			options.localPublicKey,
+		);
+		const encodedLocalPubKey = toBase64Url(exportedLocalPubKey);
 
-	headers.append("Content-Encoding", "aesgcm");
-	headers.append("Content-Type", "application/octet-stream");
-	headers.append("Content-Length", encryptedPayload.byteLength.toString());
-	headers.append("Encryption", `salt=${toBase64Url(salt)}`);
-	headers.append("TTL", Math.floor(ttl).toString());
+		headers.append("Authorization", `Bearer ${jwt}`);
+		headers.append("Content-Encoding", "aesgcm");
+
+		// On Microsoft Edge servers, this doesn't work, despite being documented in the spec
+		// headers.append("Crypto-Key", `p256ecdsa=${encodedPubKey}`);
+		// headers.append("Crypto-Key", `dh=${encodedLocalPubKey}`);
+		headers.append(
+			"Crypto-Key",
+			`p256ecdsa=${encodedPubKey};dh=${encodedLocalPubKey}`,
+		);
+		headers.append("Encryption", `salt=${toBase64Url(options.salt)}`);
+	} else {
+		headers.append("Authorization", `vapid t=${jwt}, k=${encodedPubKey}`);
+		headers.append("Content-Encoding", "aes128gcm");
+	}
 
 	return headers;
 }

src/request/send.ts

@@ -3,12 +3,19 @@ import { encryptPayload } from "../crypto/payload.js";
 import type { PushNotificationSubscription } from "../types.js";
 import { generateHeaders } from "./generate.js";
 
+type EncryptionOptions = {
+	algorithm: "aesgcm" | "aes128gcm";
+	urgency?: "very-low" | "low" | "normal" | "high";
+	ttl?: number;
+};
+
 /**
  * Send a push notification to a user.
  * @param vapidKeys - The VAPID keys to use for the request.
  * @param subscription - The PushSubscription to send the notification to.
  * @param email - The email address to use as the `sub` claim in the JWT. For example, `[email protected]`.
  * @param payload - The payload to send in the notification.
+ * @param options - Options for encryption and additional headers. Defaults to AES128GCM if not specified.
  * @returns The response from the push service.
  * @throws If any of the keys are unable to be parsed.
  */
@@ -17,23 +24,22 @@ export async function sendPushNotification(
 	subscription: PushNotificationSubscription,
 	email: string,
 	payload: string,
+	options: EncryptionOptions = { algorithm: "aes128gcm" },
 ) {
 	const jwt = await createJWT(
 		vapidKeys.privateKey,
 		new URL(subscription.endpoint),
 		email,
 	);
-	const { encrypted, salt, serverPublicKey } = await encryptPayload(
+	const { encrypted, salt, localPublicKey } = await encryptPayload(
 		payload,
 		subscription.keys,
 	);
-	const headers = await generateHeaders(
-		vapidKeys.publicKey,
-		jwt,
-		encrypted,
+	const headers = await generateHeaders(vapidKeys.publicKey, jwt, encrypted, {
+		...options,
+		localPublicKey,
 		salt,
-		serverPublicKey,
-	);
+	});
 	const request = new Request(subscription.endpoint, {
 		method: "POST",
 		headers,