dat 0.3.0

DAT - Data Access Token
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54

# DAT - Data Access Token

# Cargo.toml
```
dat = { version = "0.3.0" }
```

# DAT Format
> ```expire```.```kid```.```plain```.```secure```.```signature```

- ```expire```: number
  - Unix-Timestamp (sec)
- ```kid```: text
  - Keystore(signature and crypt) ID
- ```plain```: base64 url no pad
  - Text Data 
- ```secure```: base64 url no pad
  - Encrypted Text Data
- ```signature```: base64 url no pad
  - Keystore\[kid\].signature(expire.kid.plain.secure.)

# Keystore Format
```
// example
1.123.P256.Qb40YzdR3QbRG_oh4QgZrBdrhzaFqFzah5Y4o4jE0js.AES128GCMN.ZCJk5cJNR6lrsMEuRRHWuQ.1775801019.1775861119.600

// format
version.kid.signAlg.signKey.cryptAlg.cryptKey.issueBegin.issueEnd.tokenLifetime

// format description
version: keystore format version
kid: keystore id,
signAlg: signature algorithm,
signKey: keystore signature key data (base64 url no pad),
cryptAlg: crypt algorithm,
cryptKey: keystore crypt key data (base64 url no pad),
issueBegin: issue begin time (unix timestamp sec),
issueEnd: issue end time (unix timestamp sec),
tokenLifetime: token lifetime (sec)
```

## support sign – verify algorithm
| name   | algorithm  |
|--------|------------|
| P256   | secp256r1  |
| P384   | secp384r1  |
| P521   | secp521r1  |

## support crypt algorithm
| name       | algorithm                   |
|------------|-----------------------------|
| AES128GCMN | aes-128-gcm n(nonce + body) |
| AES256GCMN | aes-256-cbc n(nonce + body) |