dat 0.1.0

DAT - Data Access Token
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57

# DAT - Data Access Token


# DAT Format
> ```expire```.```kid```.```plain```.```secure```.```signature```

- ```expire```: number
  - Unix-Timestamp (sec)
- ```kid```: text
  - Keystore(signature and crypt) ID
- ```plain```: base64 url no pad
  - Text Data 
- ```secure```: base64 url no pad
  - Encrypted Text Data
- ```signature```: base64 url no pad
  - Keystore\[kid\].signature(expire.kid.plain.secure.)

# Keystore Format
```
// format
{
    "kid": keystore id,
    "signAlg": signature algorithm,
    "signKey": keystore signature key data (base64 url no pad),
    "cryptAlg": crypt algorithm,
    "cryptKey": keystore crypt key data (base64 url no pad),
    "issueBegin": issue begin time (unix timestamp sec),
    "issueEnd": issue end time (unix timestamp sec),
    "tokenLifetime": token lifetime (sec)
}

// example
{
    "kid":"123",
    "signAlg": "P256",
    "signKey": "Qb40YzdR3QbRG_oh4QgZrBdrhzaFqFzah5Y4o4jE0js",
    "cryptAlg": "AES128GCMN",
    "cryptKey": "ZCJk5cJNR6lrsMEuRRHWuQ",
    "issueBegin": 1775801019,
    "issueEnd": 1775861119,
    "tokenLifetime": 600
}
```

## support sign – verify algorithm
| name   | algorithm  |
|--------|------------|
| P256   | secp256r1  |
| P384   | secp384r1  |
| P521   | secp521r1  |

## support crypt algorithm
| name       | algorithm                   |
|------------|-----------------------------|
| AES128GCMN | aes-128-gcm n(nonce + body) |
| AES256GCMN | aes-256-cbc n(nonce + body) |