common_access_token/

constants.rs

//! # Constants for Common Access Token
//!
//! This module provides centralized constants used throughout the Common Access Token library.
//! It includes constants for CAT-specific claim keys, URI components, match types, and more.

/// CAT-specific claim keys
pub mod cat_keys {
    /// Common Access Token Replay (catreplay) claim key
    pub const CATREPLAY: i32 = 308;
    /// Common Access Token Probability of Rejection (catpor) claim key
    pub const CATPOR: i32 = 309;
    /// Common Access Token Version (catv) claim key
    pub const CATV: i32 = 310;
    /// Common Access Token Network IP (catnip) claim key
    pub const CATNIP: i32 = 311;
    /// Common Access Token URI (catu) claim key
    pub const CATU: i32 = 312;
    /// Common Access Token Methods (catm) claim key
    pub const CATM: i32 = 313;
    /// Common Access Token ALPN (catalpn) claim key
    pub const CATALPN: i32 = 314;
    /// Common Access Token Header (cath) claim key
    pub const CATH: i32 = 315;
    /// Common Access Token Geographic ISO3166 (catgeoiso3166) claim key
    pub const CATGEOISO3166: i32 = 316;
    /// Common Access Token Geographic Coordinate (catgeocoord) claim key
    pub const CATGEOCOORD: i32 = 317;
    /// Common Access Token Altitude (catgeoalt) claim key
    pub const CATGEOALT: i32 = 318;
    /// Common Access Token TLS Public Key (cattpk) claim key
    pub const CATTPK: i32 = 319;
    /// Common Access Token If Data (catifdata) claim key
    pub const CATIFDATA: i32 = 320;
    /// Common Access Token DPoP Settings (catdpop) claim key
    pub const CATDPOP: i32 = 321;
    /// Common Access Token If (catif) claim key
    pub const CATIF: i32 = 322;
    /// Common Access Token Renewal (catr) claim key
    pub const CATR: i32 = 323;
    /// Common Access Token TLS Fingerprint (cattprint) claim key
    pub const CATTPRINT: i32 = 324;
}

/// URI component identifiers for CATU claim
pub mod uri_components {
    /// Scheme (RFC 3986 Section 3.1)
    pub const SCHEME: i32 = 0;
    /// Host (RFC 3986 Section 3.2.2)
    pub const HOST: i32 = 1;
    /// Port (RFC 3986 Section 3.2.3)
    pub const PORT: i32 = 2;
    /// Path (RFC 3986 Section 3.3)
    pub const PATH: i32 = 3;
    /// Query (RFC 3986 Section 3.4)
    pub const QUERY: i32 = 4;
    /// Parent path
    pub const PARENT_PATH: i32 = 5;
    /// Filename
    pub const FILENAME: i32 = 6;
    /// Stem
    pub const STEM: i32 = 7;
    /// Extension
    pub const EXTENSION: i32 = 8;
}

/// Match types for CATU claim
pub mod match_types {
    /// Exact text match
    pub const EXACT: i32 = 0;
    /// Prefix match
    pub const PREFIX: i32 = 1;
    /// Suffix match
    pub const SUFFIX: i32 = 2;
    /// Contains match
    pub const CONTAINS: i32 = 3;
    /// Regular expression match
    pub const REGEX: i32 = 4;
    /// SHA-256 match
    pub const SHA256: i32 = -1;
    /// SHA-512/256 match
    pub const SHA512_256: i32 = -2;
}

/// Renewal types for CATR claim
pub mod renewal_types {
    /// Automatic renewal
    pub const AUTOMATIC: i32 = 0;
    /// Cookie renewal
    pub const COOKIE: i32 = 1;
    /// Header renewal
    pub const HEADER: i32 = 2;
    /// Redirect renewal
    pub const REDIRECT: i32 = 3;
}

/// Renewal parameter labels for CATR claim
pub mod renewal_params {
    /// Renewal type
    pub const TYPE: i32 = 0;
    /// Expiration extension
    pub const EXPADD: i32 = 1;
    /// Renewal deadline
    pub const DEADLINE: i32 = 2;
    /// Name for cookie
    pub const COOKIE_NAME: i32 = 3;
    /// Name for header
    pub const HEADER_NAME: i32 = 4;
    /// Additional cookie parameters
    pub const COOKIE_PARAMS: i32 = 5;
    /// Additional header parameters
    pub const HEADER_PARAMS: i32 = 6;
    /// Status code for redirects
    pub const STATUS_CODE: i32 = 7;
}

/// CATREPLAY values
pub mod replay_values {
    /// Replay is permitted
    pub const PERMITTED: i32 = 0;
    /// Replay is prohibited
    pub const PROHIBITED: i32 = 1;
    /// Reuse-detection
    pub const REUSE_DETECTION: i32 = 2;
}

// Parameter labels for CATTPRINT claim
pub mod tprint_params {
    /// TLS Fingerprint Type
    pub const FINGERPRINT_TYPE: i32 = 0;
    /// TLS Fingerprint Value
    pub const FINGERPRINT_VALUE: i32 = 1;
}

#[derive(Debug, Clone, Copy, PartialEq, Eq, PartialOrd, Ord, Hash)]
#[repr(i64)] // Use i64 to match CBOR Integer type used in serialization
pub enum FingerprintType {
    JA3 = 0,
    JA3S = 1,
    JA4 = 2,
    JA4S = 3,
    JA4H = 4,
    JA4L = 5,
    JA4X = 6,
    JA4SSH = 7,
    JA4T = 8,
    JA4TS = 9,
    JA4TSCAN = 10,
    JA4D = 11,
    JA4D6 = 12,
}

impl FingerprintType {
    pub fn as_str(&self) -> &'static str {
        match self {
            FingerprintType::JA3 => "JA3",
            FingerprintType::JA3S => "JA3S",
            FingerprintType::JA4 => "JA4",
            FingerprintType::JA4S => "JA4S",
            FingerprintType::JA4H => "JA4H",
            FingerprintType::JA4L => "JA4L",
            FingerprintType::JA4X => "JA4X",
            FingerprintType::JA4SSH => "JA4SSH",
            FingerprintType::JA4T => "JA4T",
            FingerprintType::JA4TS => "JA4TS",
            FingerprintType::JA4TSCAN => "JA4TScan", 
            FingerprintType::JA4D => "JA4D",
            FingerprintType::JA4D6 => "JA4D6",
        }
    }

    pub fn from_i64(val: i64) -> Option<Self> {
        match val {
            0 => Some(FingerprintType::JA3),
            1 => Some(FingerprintType::JA3S),
            2 => Some(FingerprintType::JA4),
            3 => Some(FingerprintType::JA4S),
            4 => Some(FingerprintType::JA4H),
            5 => Some(FingerprintType::JA4L),
            6 => Some(FingerprintType::JA4X),
            7 => Some(FingerprintType::JA4SSH),
            8 => Some(FingerprintType::JA4T),
            9 => Some(FingerprintType::JA4TS),
            10 => Some(FingerprintType::JA4TSCAN),
            11 => Some(FingerprintType::JA4D),
            12 => Some(FingerprintType::JA4D6),
            _ => None,
        }
    }
}

impl std::fmt::Display for FingerprintType {
    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
        write!(f, "{}", self.as_str())
    }
}

/// CWT claim keys as defined in RFC 8392
pub mod cwt_keys {
    /// Issuer claim key
    pub const ISS: i32 = 1;
    /// Subject claim key
    pub const SUB: i32 = 2;
    /// Audience claim key
    pub const AUD: i32 = 3;
    /// Expiration time claim key
    pub const EXP: i32 = 4;
    /// Not before claim key
    pub const NBF: i32 = 5;
    /// Issued at claim key
    pub const IAT: i32 = 6;
    /// CWT ID claim key
    pub const CTI: i32 = 7;
}

/// COSE header parameter labels
pub mod cose_labels {
    /// Algorithm (used in protected header)
    pub const ALG: i32 = 1;
    /// Key identifier (used in protected or unprotected header)
    pub const KID: i32 = 4;
}

/// COSE algorithm identifiers
pub mod cose_algs {
    /// HMAC with SHA-256 (COSE algorithm identifier: 5)
    pub const HMAC_SHA_256: i32 = 5;
}