paseto_core/
version.rs

1use core::fmt;
2
3use crate::key::{Key, SealingKey, UnsealingKey};
4use crate::sealed::Sealed;
5
6/// An implementation of the PASETO/PASERK cryptographic schemes.
7pub trait Version {
8    /// Header for PASETO
9    const PASETO_HEADER: &'static str;
10    /// Header for PASERK
11    const PASERK_HEADER: &'static str;
12
13    /// A symmetric key used to encrypt and decrypt tokens.
14    type LocalKey: SealingKey<Local> + UnsealingKey<Local> + Key<Version = Self, KeyType = Local>;
15    /// An asymmetric key used to validate token signatures.
16    type PublicKey: UnsealingKey<Public> + Key<Version = Self, KeyType = Public> + fmt::Display;
17    /// An asymmetric key used to create token signatures.
18    type SecretKey: SealingKey<Public> + Key<Version = Self, KeyType = Secret>;
19
20    /// How to hash some keydata for creating [`KeyId`](crate::key::KeyId)
21    fn hash_key(key_header: &'static str, key_data: &[u8]) -> [u8; 33];
22}
23
24/// Marks a key as secret
25#[derive(Clone, Copy, Debug, Default, PartialEq, Eq, PartialOrd, Ord)]
26pub struct Secret;
27/// Marks a key as public and tokens as signed
28#[derive(Clone, Copy, Debug, Default, PartialEq, Eq, PartialOrd, Ord)]
29pub struct Public;
30/// Marks a key as symmetric and tokens as encrypted
31#[derive(Clone, Copy, Debug, Default, PartialEq, Eq, PartialOrd, Ord)]
32pub struct Local;
33
34impl Sealed for Secret {}
35impl Sealed for Public {}
36impl Sealed for Local {}
37
38/// A marker for [`Secret`], [`Public`], and [`Local`]
39pub trait Marker: Sealed + Sized {
40    /// ".local." or ".public." or ".secret."
41    const HEADER: &'static str;
42    /// ".lid." or ".pid." or ".sid."
43    const ID_HEADER: &'static str;
44}
45
46impl Marker for Secret {
47    const HEADER: &'static str = ".secret.";
48    const ID_HEADER: &'static str = ".sid.";
49}
50
51impl Marker for Public {
52    const HEADER: &'static str = ".public.";
53    const ID_HEADER: &'static str = ".pid.";
54}
55
56impl Marker for Local {
57    const HEADER: &'static str = ".local.";
58    const ID_HEADER: &'static str = ".lid.";
59}
60
61/// A marker for [`Public`] and [`Local`], used for token encodings.
62pub trait Purpose: Marker {
63    /// The key used to sign/encrypt tokens.
64    type SealingKey<V: Version>: SealingKey<Self>;
65    /// The key used to validate/decrypt tokens.
66    type UnsealingKey<V: Version>: UnsealingKey<Self>;
67}
68
69impl Purpose for Public {
70    type SealingKey<V: Version> = V::SecretKey;
71    type UnsealingKey<V: Version> = V::PublicKey;
72}
73
74impl Purpose for Local {
75    type SealingKey<V: Version> = V::LocalKey;
76    type UnsealingKey<V: Version> = V::LocalKey;
77}