Documentation ¶
Overview ¶
Package xpaseto provides basic abilities to sign and verify PASETO-style tokens using XEdDSA signatures. This allows the same keys to be used for X25519 Diffie-Hellman exchanges, and for payload signing and verification. This package is based off https://github.com/o1egl/paseto and uses imports from this library in places. o1egl/paseto license: MIT - https://github.com/o1egl/paseto/blob/master/LICENSE
The tokens generated by this package do NOT conform with the PASETO standard. See https://paseto.io/rfc/ Section 5.2
Private PASETO tokens have not been implemented in this package.
Index ¶
- func Sign(privateKey []byte, message []byte, random [64]byte) (signature []byte, err error)
- func Verify(publicKey []byte, message []byte, signature []byte) bool
- type Signer
- func (s *Signer) ParsePaseto(token string) (jsonToken paseto.JSONToken, err error)
- func (s *Signer) ParseSelfSigned(token string) (jsonToken paseto.JSONToken, err error)
- func (s *Signer) SelfSignPaseto(jsonToken paseto.JSONToken) (token string, err error)
- func (s *Signer) SignPaseto(jsonToken paseto.JSONToken) (token string, err error)
- type XV2
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
Types ¶
type Signer ¶
Signer is a struct which is used to Sign and Verify XPASETO tokens Privkey is a montgomery x25519 private key Pubkey is the public counterpart to the Privkey
func NewSigner ¶
NewSigner returns a new Signer, initialised with the given private and public x25519 keys
func (*Signer) ParsePaseto ¶
ParsePaseto returns a paseto.JSONToken from a raw token string If the token signature is invalid, an error will be returned
func (*Signer) ParseSelfSigned ¶
ParseSelfSigned parses and validates an XPASETO token against the 'pubkey' in the additional claims.
func (*Signer) SelfSignPaseto ¶
SelfSignPaseto sets the "pubkey" additional claim to the value of the public part of the keypair used to sign the XPASETO token
type XV2 ¶
type XV2 struct{}
This defines an XV2 struct which can be used to sign and verify payloads This is currently a redundant struct, and methods could be converted to standard functions However the XV2 struct could be built upon in the future to satisfy the 'Protocol' interface defined by "o1egl/paseto"