Paseto.V1 (paseto v1.5.0)

The Version1 implementation of the Paseto protocol.

More information about the implementation can be found here: 1.) https://github.com/paragonie/paseto/blob/master/docs/01-Protocol-Versions/Version1.md

Link to this section Summary

Functions

Handles decrypting a token given the correct key

Handles encrypting the payload and returning a valid token

Takes a token and will decrypt/verify the signature and return the token in a more digestable manner

Allows looking at the claims without having verified them.

Handles signing the token for public use.

Handles verifying the signature belongs to the provided key.

Link to this section Functions

Link to this function

decrypt(data, secret_key, footer \\ "")

@spec decrypt(String.t(), binary(), String.t() | nil) ::
  {:ok, String.t()} | {:error, String.t()}

Handles decrypting a token given the correct key

Examples:

iex> token = Paseto.V1.encrypt("This is a test message", "Test Key")
iex> token
"v1.local.3qbJND5q6IbF7cZxxWjmSTaVyMo2M3LaEDJ8StdFXw8PTUo55YIyy2BhIaAN6m-IdbGmdwM_ud1IpOyrz3CysNIkjBjab7NLRPbksV-XIsWYRFX6r7z2jsIfH-8emAv_BVtXi9lY"
iex> Paseto.V1.decrypt(token, "Test Key")
"{:ok, "This is a test message"}"
Link to this function

encrypt(data, secret_key, footer \\ "", n \\ nil)

@spec encrypt(String.t(), binary(), String.t(), binary() | nil) ::
  String.t() | {:error, String.t()}

Handles encrypting the payload and returning a valid token

Examples:

iex> Paseto.V1.encrypt("This is a test message", "Test Key")
"v1.local.3qbJND5q6IbF7cZxxWjmSTaVyMo2M3LaEDJ8StdFXw8PTUo55YIyy2BhIaAN6m-IdbGmdwM_ud1IpOyrz3CysNIkjBjab7NLRPbksV-XIsWYRFX6r7z2jsIfH-8emAv_BVtXi9lY"
Link to this function

from_token(token)

@spec from_token(Paseto.Token.t()) :: %Paseto.V1{
  footer: term(),
  payload: term(),
  purpose: term(),
  version: term()
}

Takes a token and will decrypt/verify the signature and return the token in a more digestable manner

@spec peek(token :: String.t()) :: String.t()

Allows looking at the claims without having verified them.

Link to this function

sign(data, secret_key, footer \\ "")

@spec sign(String.t(), binary(), String.t()) :: String.t() | {:error, String.t()}

Handles signing the token for public use.

Examples:

iex> {public_key, secret_key} = :crypto.generate_key(:rsa, {2048, 65_537})
iex> Paseto.V1.sign("This is a test message!", secret_key)
"v1.public.VGhpcyBpcyBhIHRlc3QgbWVzc2FnZSGswqHiZVv31r99PZphr2hqJQe81Qc_7XkxHyVb_7-xORKp-VFJdEiqfINgLnwxo8n1pkIDH4_9UfhpEyS1ivgxfYe-55INfV-OyzSpHMbuGA0xviIln0fdn98QljGwh3uDFduXnfaWeBYA6nE0JingWEvVG-V8L12IdFh1rq9ZWLleFVsn719Iz8BqsasmFAICLRpnToL7X1syHdZ6PjhBnStCM5GHHzCwbdvj64P5QqxvtUzTfXBBeC-IKu_HVxIxY9VaN3d3KQotBZ1J6W1oJ4cX0JvUR4pIaq3eKfOKdoR5fUkyjS0mP9GjjoJcW8oiKKqb3dAaCHZW9he2iZNn"
Link to this function

verify(signed_message, public_key, footer \\ "")

@spec verify(
  String.t(),
  [binary()],
  String.t() | nil
) :: {:ok, binary()} | {:error, binary()}

Handles verifying the signature belongs to the provided key.

Examples:

iex> {public_key, secret_key} = :crypto.generate_key(:rsa, {2048, 65_537})
iex> token = Paseto.V1.sign("This is a test message!", secret_key)
"v1.public.VGhpcyBpcyBhIHRlc3QgbWVzc2FnZSGswqHiZVv31r99PZphr2hqJQe81Qc_7XkxHyVb_7-xORKp-VFJdEiqfINgLnwxo8n1pkIDH4_9UfhpEyS1ivgxfYe-55INfV-OyzSpHMbuGA0xviIln0fdn98QljGwh3uDFduXnfaWeBYA6nE0JingWEvVG-V8L12IdFh1rq9ZWLleFVsn719Iz8BqsasmFAICLRpnToL7X1syHdZ6PjhBnStCM5GHHzCwbdvj64P5QqxvtUzTfXBBeC-IKu_HVxIxY9VaN3d3KQotBZ1J6W1oJ4cX0JvUR4pIaq3eKfOKdoR5fUkyjS0mP9GjjoJcW8oiKKqb3dAaCHZW9he2iZNn"
iex> [version, purpose, payload] = String.split(token, ".")
iex> V1.verify(version <> "." <> purpose <> ".", payload, public_key)
"{:ok, "This is a test message!"}"