Expand description
HMAC-SHA256 join-token issuance and constant-time verification.
Token format (opaque to callers, transmitted as hex):
[for_node: u64 LE | expiry_unix_secs: u64 LE | mac: 32 bytes]The MAC is HMAC-SHA256 over for_node || expiry_unix_secs keyed by
the cluster’s cluster_secret. Verification is constant-time via
hmac::Mac::verify_slice (which uses the subtle crate internally).
The nodedb crate’s ctl::join_token module is a thin CLI wrapper
that delegates issuance to issue_token here. Verification is
consumed by the bootstrap-listener handler in
nodedb/src/control/cluster/bootstrap_listener.rs.
Enums§
- Token
Error - Error returned by token operations.
Constants§
- TOKEN_
BYTE_ LEN - Total token byte length before hex encoding.
- TOKEN_
HEADER_ LEN - Number of bytes in the token header (for_node + expiry).
- TOKEN_
HEX_ LEN - Expected hex string length of a token.
- TOKEN_
MAC_ LEN - Number of bytes in the HMAC-SHA256 tag.
Functions§
- issue_
token - Convenience: issue a token and return it as a lowercase hex string.
- issue_
token_ bytes - Issue a new HMAC-SHA256 join token for
for_nodethat expires atexpiry_unix_secs. Returns the raw token bytes (hex-encode for printing or transmission). - token_
hash - Compute SHA-256 of the token bytes. Used as the stable identity for state-machine tracking (never stores the raw token).
- token_
to_ hex - Encode raw token bytes as a lowercase hex string.
- verify_
token - Verify a hex-encoded token against
secret. Returns the bound(for_node, expiry_unix_secs)on success.