dat 1.0.0

DAT - Data Access Token
Documentation

DAT - Data Access Token

Cargo.toml

dat = { version = "1.0.0" }

DAT

# Example
sign_alg: P256
crypt_alg: AES128GCMN
plain: 123
secure: asdf

# DAT result Example
1776530737.11.MTIz.8yKUvzs7mg3tDwdeA9I2gNOliewpTgm9OVbEY3Qh6io.qfnqmXKuNE3MfRr576rxNMCchxbY1iqC07-woJcbCudt2O0BAyK_86ypaSfLJjkGq9FZxpGrsgBDkk-xQhGvmA

expire.kid.plain.secure.sign

  • expire: number
    • Unix-Timestamp (sec)
  • kid: stringifiable
    • key id
  • plain: base64 url no pad
    • Text Data
  • secure: base64 url no pad
    • Encrypted Text Data
  • sign: base64 url no pad
    • dat-bank[kid].sign(expire.kid.plain.secure)

DAT KEY

# Example
1.2.P256.DErFl-U5h4fdbnAXTTs2GikkJgZwYXV25v2EdFeXIXs.AES128GCMN.5VEziIzCu2LRsK1XS6OYxA.1776541326.1776544626.1800

version.kid.signAlg.signKey.cryptAlg.cryptKey.issueBegin.issueEnd.tokenTtl

  • version: number
    • dat-key format version
  • kid: stringifiable
    • key id
  • signAlg: text
    • sign algorithm
  • signKey: base64 url no pad

    If both signing and verification are supported, the sign key is represented in Base64. For verification-only keys where a sign key cannot be issued, the verify key is represented in Base64 with a tilde (~) prefixed to it.

    • sign: <sign key base64>
    • verify: ~<verify key base64>
  • cryptAlg: text
    • crypt algorithm,
  • cryptKey: base64 url no pad
    • crypt key
  • issueBegin: number
    • issue begin time
  • issueEnd: number
    • issue end time
  • tokenTtl: number
    • token(dat) TTL

support sign – verify algorithm

name algorithm
P256 secp256r1
P384 secp384r1
P521 secp521r1

support crypt algorithm

name algorithm
AES128GCMN aes-128-gcm n(nonce + body)
AES256GCMN aes-256-cbc n(nonce + body)

Performance

Testing started at 1:04 AM ...
    Finished `release` profile [optimized] target(s) in 0.03s
     Running tests/dat_performance_test.rs (target/release/deps/dat_performance_test-58de8a915a641c6f)
performance test (plain, secure)
plain: xw9MEtCmms11woOeYwGdK3MKxoW38A4mHTnuUmXouyaKyOHfGwtXMPSTyDu01V61v7a0HqWJWGP35FujMy8JYkmjeYY0hAKttGER
secure: qchXBjq9wx4jDBUOCXmnlEtBSjhKAXkGPti3jxxMtlgBXPGvt2x00sI4xnmGUXWK8rVouCqrVsIhmorqZ0TNHXQvuB49ZIC8q78h
P256/AES128GCMN to_dat * 1000 : 83ms
P256/AES128GCMN to_payload * 1000 : 92ms
P256/AES256GCMN to_dat * 1000 : 78ms
P256/AES256GCMN to_payload * 1000 : 95ms
P384/AES128GCMN to_dat * 1000 : 276ms
P384/AES128GCMN to_payload * 1000 : 315ms
P384/AES256GCMN to_dat * 1000 : 276ms
P384/AES256GCMN to_payload * 1000 : 317ms
P521/AES128GCMN to_dat * 1000 : 238ms
P521/AES128GCMN to_payload * 1000 : 305ms
P521/AES256GCMN to_dat * 1000 : 236ms
P521/AES256GCMN to_payload * 1000 : 295ms