Crate paseto_v4

Crate paseto_v4 

Source
Expand description

PASETO v4 (RustCrypto)

use paseto_v4::{SignedToken, UnsignedToken, SecretKey, PublicKey};
use paseto_json::{RegisteredClaims, Time, HasExpiry, FromIssuer, ForSubject, Validate};
use std::time::Duration;

// create a new keypair
let secret_key = SecretKey::random().unwrap();
let public_key = secret_key.public_key();

// create a set of token claims
let claims = RegisteredClaims::now(Duration::from_secs(3600))
    .from_issuer("https://paseto.conrad.cafe/".to_string())
    .for_subject("conradludgate".to_string());

// create and sign a new token
let signed_token = UnsignedToken::new(claims).sign(&secret_key).unwrap();

// serialize the token.
let token = signed_token.to_string();
// "v4.public.eyJpc3MiOiJodHRwczovL3Bhc2V0by5jb25yYWQuY2FmZS8iLCJzdWIiOiJjb25yYWRsdWRnYXRlIiwiYXVkIjpudWxsLCJleHAiOiIyMDI1LTA5LTIwVDEyOjAxOjEzLjcyMjQ3OVoiLCJuYmYiOiIyMDI1LTA5LTIwVDExOjAxOjEzLjcyMjQ3OVoiLCJpYXQiOiIyMDI1LTA5LTIwVDExOjAxOjEzLjcyMjQ3OVoiLCJqdGkiOm51bGx9N7O1CAXQpQ3rpxhq6xFZt32z27VSL8suiek38-5W4LRGr1tDmKcP0_xrlp5-kdE6o7B_K8KU-6Fwmu0hzrkiDQ"

// serialize the public key.
let key = public_key.to_string();
// "k4.public.xRPdFzRvXY-H-6L3S2I3_TmdMKu6XwLKLSR10lZ-yfk"

// ...

// parse the token
let signed_token: SignedToken<RegisteredClaims> = token.parse().unwrap();

// parse the key
let public_key: PublicKey = key.parse().unwrap();

// verify the token signature and validate the claims.
let validation = Time::valid_now()
    .and_then(HasExpiry)
    .and_then(FromIssuer("https://paseto.conrad.cafe/"))
    .and_then(ForSubject("conradludgate"));
let verified_token = signed_token.verify(&public_key, &validation).unwrap();

Modules§

core
Low level implementation primitives.

Enums§

PasetoError
Error returned for all PASETO and PASERK operations that can fail

Type Aliases§

EncryptedToken
A token with secret data
KeyId
A short ID for a key.
KeyText
A plaintext encoding of a key.
LocalKey
Private key used for encryption and decryptiom
PasswordWrappedLocalKey
An password encrypted LocalKey.
PasswordWrappedSecretKey
An password encrypted SecretKey.
PieWrappedLocalKey
An password encrypted LocalKey.
PieWrappedSecretKey
An password encrypted SecretKey.
PublicKey
Public key used for signature verification
SealedKey
An asymmetrically encrypted LocalKey.
SecretKey
Private key used for token signing
SignedToken
A token with publically readable data, but not yet verified
UnencryptedToken
An EncryptedToken that has been decrypted
UnsignedToken
A SignedToken that has been verified