paseto_v1/
lib.rs

1//! PASETO v1 (RustCrypto)
2//!
3//! ```
4//! use paseto_v1::{SignedToken, UnsignedToken, SecretKey, PublicKey};
5//! use paseto_json::{RegisteredClaims, Time, HasExpiry, FromIssuer, ForSubject, Validate};
6//! use std::time::Duration;
7//!
8//! // create a new keypair
9//! let secret_key = SecretKey::random().unwrap();
10//! let public_key = secret_key.public_key();
11//!
12//! // create a set of token claims
13//! let claims = RegisteredClaims::now(Duration::from_secs(3600))
14//!     .from_issuer("https://paseto.conrad.cafe/".to_string())
15//!     .for_subject("conradludgate".to_string());
16//!
17//! // create and sign a new token
18//! let signed_token = UnsignedToken::new(claims).sign(&secret_key).unwrap();
19//!
20//! // serialize the token.
21//! let token = signed_token.to_string();
22//! // "v1.public..."
23//!
24//! // serialize the public key.
25//! let key = public_key.to_string();
26//! // "k1.public..."
27//!
28//! // ...
29//!
30//! // parse the token
31//! let signed_token: SignedToken<RegisteredClaims> = token.parse().unwrap();
32//!
33//! // parse the key
34//! let public_key: PublicKey = key.parse().unwrap();
35//!
36//! // verify the token signature and validate the claims.
37//! let validation = Time::valid_now()
38//!     .and_then(HasExpiry)
39//!     .and_then(FromIssuer("https://paseto.conrad.cafe/"))
40//!     .and_then(ForSubject("conradludgate"));
41//! let verified_token = signed_token.verify(&public_key, &validation).unwrap();
42//! ```
43#![forbid(unsafe_code)]
44
45extern crate alloc;
46
47/// Low level implementation primitives.
48pub mod core;
49
50pub use paseto_core::PasetoError;
51
52/// A token with publically readable data, but not yet verified
53pub type SignedToken<M, F = ()> = paseto_core::SignedToken<core::V1, M, F>;
54/// A token with secret data
55pub type EncryptedToken<M, F = ()> = paseto_core::EncryptedToken<core::V1, M, F>;
56/// A [`SignedToken`] that has been verified
57pub type UnsignedToken<M, F = ()> = paseto_core::UnsignedToken<core::V1, M, F>;
58/// An [`EncryptedToken`] that has been decrypted
59pub type UnencryptedToken<M, F = ()> = paseto_core::UnencryptedToken<core::V1, M, F>;
60
61/// Private key used for [`encryption`](UnencryptedToken::encrypt) and [`decryptiom`](EncryptedToken::decrypt)
62pub type LocalKey = paseto_core::LocalKey<core::V1>;
63/// Public key used for signature [`verification`](SignedToken::verify)
64pub type PublicKey = paseto_core::PublicKey<core::V1>;
65/// Private key used for token [`signing`](UnsignedToken::sign)
66pub type SecretKey = paseto_core::SecretKey<core::V1>;
67
68/// A short ID for a key.
69pub type KeyId<K> = paseto_core::paserk::KeyId<core::V1, K>;
70/// A plaintext encoding of a key.
71pub type KeyText<K> = paseto_core::paserk::KeyText<core::V1, K>;
72/// An asymmetrically encrypted [`LocalKey`].
73pub type SealedKey = paseto_core::paserk::SealedKey<core::V1>;