fix: handle new PEM decode case for APNS cert keys (#248)

* fix: handle new PEM decode case for APNS cert keys * refactor: minor tweaks
codedge-llc · Nov 24, 2023 · 8bfafd6 · 8bfafd6
1 parent d1305ec
commit 8bfafd6
Show file tree

Hide file tree

Showing 4 changed files with 8 additions and 5 deletions.
diff --git a/.tool-versions b/.tool-versions
@@ -1 +1,2 @@
-elixir 1.13.4
+elixir 1.15.5-otp-26
+erlang 26.0.2
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -7,7 +7,8 @@
 - Resolve APNS `:too_many_provider_token_updates` by moving token generation into
   `APNS.Token` ([#227](https://github.com/codedge-llc/pigeon/pull/227)).
 - Support HTTPoison 2.0. ([#236](https://github.com/codedge-llc/pigeon/pull/236))
-- Fix DispatcherWorker missing a clause for `{:stop, reason}` in the init function
+- Fix `DispatcherWorker` missing a clause for `{:stop, reason}` in the init function
+- `APNS.Config` keys now decode properly for PEMs generated with OpenSSL 3. ([#248](https://github.com/codedge-llc/pigeon/pull/248))
 
 ## v2.0.0-rc.1
 

diff --git a/lib/pigeon/apns.ex b/lib/pigeon/apns.ex
@@ -130,15 +130,15 @@ defmodule Pigeon.APNS do
   5. From a shell, convert the certificate.
 
   ```
-  openssl pkcs12 -clcerts -nokeys -out cert.pem -in cert.p12
+  openssl pkcs12 -legacy -clcerts -nokeys -out cert.pem -in cert.p12
   ```
 
   6. Convert the key. Be sure to set a PEM pass phrase here. The pass phrase must be 4 or 
      more characters in length or this will not work. You will need that pass phrase added 
      here in order to remove it in the next step.
 
   ```
-  openssl pkcs12 -nocerts -out key.pem -in key.p12
+  openssl pkcs12 -legacy -nocerts -out key.pem -in key.p12
   ```
 
   7. Remove the PEM pass phrase from the key.

diff --git a/lib/pigeon/apns/config.ex b/lib/pigeon/apns/config.ex
@@ -96,6 +96,7 @@ defmodule Pigeon.APNS.Config do
   def decode_pem(bin) when is_binary(bin) do
     case :public_key.pem_decode(bin) do
       [{:Certificate, cert, _}] -> cert
+      [{:PrivateKeyInfo, key, _}] -> {:PrivateKeyInfo, key}
       [{:RSAPrivateKey, key, _}] -> {:RSAPrivateKey, key}
       _ -> {:error, {:invalid, bin}}
     end
@@ -158,7 +159,7 @@ defimpl Pigeon.Configurable, for: Pigeon.APNS.Config do
     [
       {:cert, cert},
       {:key, key},
-      {:password, ''},
+      {:password, ~c""},
       {:packet, 0},
       {:reuseaddr, true},
       {:active, true},