| Age | Commit message (Collapse) | Author |
|---|
|
There are new versions of paseto standard: version 3 and version 4.
To minimize conflicts in the future, we move the old implementation of
paseto v2 to sub directory "v2" with package name "pasetov2".
The paseto package now left with common functions, like creating
pre-authentication encoding (PAE).
|
|
With help of spdxconv tool [1], we able to bulk update all files license
and copyright format to comply with SPDX formats.
[1] https://kilabit.info/project/spdxconv/
|
|
|
|
The realignment reduce the cost of the following struct,
* JSONFooter: from 24 to 16 bytes (-8)
* Key: from 72 to 56 bytes (-16)
* keys: from 16 to 8 bytes (-8)
* struct in TestEncrypt: from 88 to 80 bytes (-8)
* structtest in TestSign: from 72 to 64 bytes (-8)
* PublicMode: from 80 to 64 bytes (-16)
* struct in TestPublicMode_UnpackHTTPRequest: from 56 to 48 bytes (-8)
* PublicToken: from 152 to 136 bytes (-16)
|
|
* The Issuer field must equal to peer.ID
* The Audience field must equal to our.ID,
* If peer.AllowedSubjects is not empty, the Subject value must be in
one of them,
* The current time must be after IssuedAt field,
* The current time must after NotBefore "nbf" field,
* The current time must before ExpiredAt field.
|
|
Package paseto provide the opionated implementation of
Platform-Agnostic SEcurity TOkens (PASETOs) as defined in draft of
RFC 01 [1].
This implementation only support PASETO Protocol v2.
This library focus on how to sign and verify data, everything else is
handled and filled automatically.
[1] https://github.com/paragonie/paseto/blob/master/docs/RFC/draft-paragon-paseto-rfc-01.txt
|
