-
Notifications
You must be signed in to change notification settings - Fork 9
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bind Keys to Version and Purpose #11
Comments
I'm in favor of this and was thinking of adding something similar myself but just never got around to it. The purpose could probably be omitted if you require the type directly on the Pasteo functions, for example: public abstract String encrypt(Object payload, SymmetricKey key, String footer);
public abstract String sign(Object payload, AsymmetricSecretKey sk);
public abstract <_Payload> _Payload verify(String token, AsymmetricPublicKey pk, Class<_Payload> payloadClass) Seems to be effectively the same as taking a base Key class and checking the purpose at runtime. Actually might be cleaner since the function signature then becomes self documenting on the expected type. Do you foresee any issues with this? Perhaps I'm missing something obvious here as I just started looking at it. Regardless, I will update the library with the changes, likely with my suggestion above unless there is a reason for the alternative. |
Adds strong key types for both V1 and V2: - SymmetricKey: Key for LOCAL tokens. - AsymmetricPublicKey: Public key for PUBLIC tokens. - AsymmetricSecretKey: Secret key for PUBLIC tokens. Byte arrays are no longer accepted and must be wrapped in these types with the correct version attached. Test vectors show usage, docs will be updated to reflect this and other v1.0 changes. More details can be found here and in issue #11: https://github.com/paseto-standard/paseto-spec/blob/master/docs/02-Implementation-Guide/03-Algorithm-Lucidity.md
Did the initial work on this in the associated PR. |
Yes!
We're less worried about vulnerabilities and more about accidental misuse.
Awesome! Let us know if you need a review. |
paseto/paseto-core/src/main/java/net/aholbrook/paseto/PasetoV2.java
Line 55 in ed9567b
paseto/paseto-core/src/main/java/net/aholbrook/paseto/PasetoV2.java
Line 113 in ed9567b
See https://github.com/paseto-standard/paseto-spec/blob/master/docs/02-Implementation-Guide/03-Algorithm-Lucidity.md
Right now, byte arrays are accepted by this API. There's no mechanism to prevent a user from using a v2 public key as a v2 local key.
The text was updated successfully, but these errors were encountered: