From 11f4f36a689b6447c9898a2840418e581cb3eb11 Mon Sep 17 00:00:00 2001
From: Owen Jacobson <owen@grimoire.ca>
Date: Tue, 28 Oct 2025 14:10:48 -0400
Subject: Use PKCS8 PEM, not raw SEC1 bytes, to store VAPID keys.

The `web-push` crate's VAPID signing support requires a private key. The `p256` crate is more than capable of generating one, but the easiest way to get a key from a `p256::ecdsa::SigningKey` to a `web_push::PartialVapidSignature` is via PKCS #8 PEM, not via the bytes. Since we'll need it in that form anyways, store it that way, so that we don't have to decode it using `p256`, re-encode to PEM, then decode to `PartialVapidSignature`.

The migration in this commit invalidates existing VAPID keys. We could include support for re-encoding them on read, but there's little point: this code is still in flux anyways, and only development deployments exist. By the time this is final, the schema will have settled.
---
 src/vapid/repo.rs | 15 +++++++++------
 1 file changed, 9 insertions(+), 6 deletions(-)

(limited to 'src/vapid/repo.rs')

diff --git a/src/vapid/repo.rs b/src/vapid/repo.rs
index 4ac5286..98b3bae 100644
--- a/src/vapid/repo.rs
+++ b/src/vapid/repo.rs
@@ -1,4 +1,7 @@
-use p256::{NistP256, ecdsa::SigningKey, elliptic_curve::FieldBytes};
+use p256::{
+    ecdsa::SigningKey,
+    pkcs8::{DecodePrivateKey as _, EncodePrivateKey as _, LineEnding},
+};
 use sqlx::{Sqlite, SqliteConnection, Transaction};
 
 use super::{
@@ -76,8 +79,8 @@ impl Vapid<'_> {
     }
 
     pub async fn store_signing_key(&mut self, key: &SigningKey) -> Result<(), Error> {
-        let key = key.to_bytes();
-        let key = key.as_slice();
+        let key = key.to_pkcs8_pem(LineEnding::CRLF)?;
+        let key = key.as_str();
         sqlx::query!(
             r#"
                 insert into vapid_signing_key (key)
@@ -97,14 +100,13 @@ impl Vapid<'_> {
                 select
                     key.changed_at as "changed_at: DateTime",
                     key.changed_sequence as "changed_sequence: Sequence",
-                    signing.key as "key: Vec<u8>"
+                    signing.key
                 from vapid_key as key
                 join vapid_signing_key as signing
             "#
         )
         .map(|row| {
-            let key = FieldBytes::<NistP256>::from_slice(&row.key);
-            let key = SigningKey::from_bytes(key)?;
+            let key = SigningKey::from_pkcs8_pem(&row.key)?;
             let key = key.verifying_key().to_owned();
 
             let changed = Instant::new(row.changed_at, row.changed_sequence);
@@ -122,6 +124,7 @@ impl Vapid<'_> {
 #[error(transparent)]
 pub enum Error {
     Ecdsa(#[from] p256::ecdsa::Error),
+    Pkcs8(#[from] p256::pkcs8::Error),
     Database(#[from] sqlx::Error),
 }
 
-- 
cgit v1.2.3