DAT - Data Access Token

Cargo.toml

dat = { version = "0.4.0" }

DAT Format

expire.kid.plain.secure.sign

expire: number
- Unix-Timestamp (sec)
kid: stringifiable
- Keystore(sign and crypt) ID
plain: base64 url no pad
- Text Data
secure: base64 url no pad
- Encrypted Text Data
sign: base64 url no pad
- Keystore[kid].sign(expire.kid.plain.secure.)

Keystore Format

// example
1.123.P256.Qb40YzdR3QbRG_oh4QgZrBdrhzaFqFzah5Y4o4jE0js.AES128GCMN.ZCJk5cJNR6lrsMEuRRHWuQ.1775801019.1775861119.600

// format
version.kid.signAlg.signKey.cryptAlg.cryptKey.issueBegin.issueEnd.tokenTtl

// format description
version: keystore format version
kid: keystore id,
signAlg: sign algorithm,
signKey: keystore sign key data (base64 url no pad),
cryptAlg: crypt algorithm,
cryptKey: keystore crypt key data (base64 url no pad),
issueBegin: issue begin time (unix timestamp secs),
issueEnd: issue end time (unix timestamp secs),
tokenTtl: token TTL (secs)

support sign – verify algorithm

name	algorithm
P256	secp256r1
P384	secp384r1
P521	secp521r1

support crypt algorithm

name	algorithm
AES128GCMN	aes-128-gcm n(nonce + body)
AES256GCMN	aes-256-cbc n(nonce + body)

dat 0.4.0

DAT - Data Access Token

Cargo.toml

DAT Format

Keystore Format

support sign – verify algorithm

support crypt algorithm