flakey test

[firien]

web-push/spec/web_push/vapid_key_spec.rb

Line 19 in 20f40d9

expect(Base64.urlsafe_decode64(key.private_key).bytesize).to eq(32)

occasionally this is 31 bytes

key = nil
30_000.times do |x|
  key = Webpush::VapidKey.new
  if key.curve.private_key.to_s(2).bytesize < 32
    puts x
    break
  end
end

puts([format("%064x", key.curve.private_key.to_i)].pack('H*').bytes[0...3])
puts '---'
puts(key.curve.private_key.to_s(2).bytes[0...3])

[collimarco]

Good catch.

You can also reproduce the issue in the tests with this code:

# vapid_key_spec.rb

it 'returns an encoded private key' do
  30_000.times do
    key = WebPush::VapidKey.new
    puts key.private_key
    expect(Base64.urlsafe_decode64(key.private_key).bytesize).to eq(32)
  end
end

However, after further investigation, it seems that the problem relies in Ruby OpenSSL and not in this gem.

For example this will sometimes fail:

30_000.times do
  key = OpenSSL::PKey::EC.generate('prime256v1')
  expect(key.private_key.to_s(2).bytesize).to eq(32)
end

Now the question is... is it a bug in OpenSSL::PKey::EC or is it normal that the private key is only 31 characters sometimes?

[collimarco]

@rossta I see that you are the author of this test, do you have any idea why it fails sometimes (very rare)? What was the meaning of that test on the length?

[rossta]

I seem to recall this as my interpretation of the literature at the time, but I’m not confident this length has to be enforced. It might be worth manually testing the behavior with a shorter key generated from the method shown above.