Expand description
PASETO v1 (RustCrypto)
use paseto_v1::{SignedToken, UnsignedToken, SecretKey, PublicKey};
use paseto_json::{RegisteredClaims, Time, HasExpiry, FromIssuer, ForSubject, Validate};
use std::time::Duration;
// create a new keypair
let secret_key = SecretKey::random().unwrap();
let public_key = secret_key.public_key();
// create a set of token claims
let claims = RegisteredClaims::now(Duration::from_secs(3600))
.from_issuer("https://paseto.conrad.cafe/".to_string())
.for_subject("conradludgate".to_string());
// create and sign a new token
let signed_token = UnsignedToken::new(claims).sign(&secret_key).unwrap();
// serialize the token.
let token = signed_token.to_string();
// "v1.public..."
// serialize the public key.
let key = public_key.to_string();
// "k1.public..."
// ...
// parse the token
let signed_token: SignedToken<RegisteredClaims> = token.parse().unwrap();
// parse the key
let public_key: PublicKey = key.parse().unwrap();
// verify the token signature and validate the claims.
let validation = Time::valid_now()
.and_then(HasExpiry)
.and_then(FromIssuer("https://paseto.conrad.cafe/"))
.and_then(ForSubject("conradludgate"));
let verified_token = signed_token.verify(&public_key, &validation).unwrap();Modules§
- core
- Low level implementation primitives.
Enums§
- Paseto
Error - Error returned for all PASETO and PASERK operations that can fail
Type Aliases§
- Encrypted
Token - A token with secret data
- KeyId
- A short ID for a key.
- KeyText
- A plaintext encoding of a key.
- Local
Key - Private key used for
encryptionanddecryptiom - Public
Key - Public key used for signature
verification - Sealed
Key - An asymmetrically encrypted
LocalKey. - Secret
Key - Private key used for token
signing - Signed
Token - A token with publically readable data, but not yet verified
- Unencrypted
Token - An
EncryptedTokenthat has been decrypted - Unsigned
Token - A
SignedTokenthat has been verified