Paseto.NET, a Paseto (Platform-Agnostic Security Tokens) implementation for .NET
v1.local | v1.public | v2.local | v2.public |
---|---|---|---|
โ | โ๏ธ | โ๏ธ | โ๏ธ |
string secretKey = "YJExjGFZvdbSKTeVgLUQFupOzFWfSlRm"; // The secret key must have 32 chars.
byte[] hashSeed = Encoding.ASCII.GetBytes(secretKey); // Convert it into byte array
byte[] privateKey = new byte[64];
byte[] publicKey = new byte[32];
Ed25519.KeyPairFromSeed(out publicKey, out privateKey, hashSeed);
//...
byte[] privateKey = Ed25519.ExpandedPrivateKeyFromSeed(hashSeed);
//...
byte[] publicKey = Ed25519.PublicKeyFromSeed(hashSeed);
var token = new PasetoBuilder<Version2>()
.WithKey(privateKey)
.AddClaim("example", "Hello Paseto!")
.Expiration(DateTime.UtcNow.AddHours(24))
.AsPublic() // Purpose
.Build();
var encoder = new PasetoEncoder(cfg => cfg.Use<Version2>(privateKey)); // default is public purpose
var token = encoder.Encode(new PasetoPayload
{
{ "example", "Hello Paseto!" },
{ "exp", DateTime.UtcNow.AddHours(24) }
});
v2.public.eyJleGFtcGxlIjoiSGVsbG8gUGFzZXRvISIsImV4cCI6IjIwMTgtMDQtMDdUMDU6MDQ6MDcuOTE5NjM3NVoifTuR3EYYCG12DjhIqPKiVmTkKx2ewCDrYNZHcoewiF-lpFeaFqKW3LkEgnW28UZxrBWA5wrLFCR5FP1qUlMeqQA
var payload = new PasetoBuilder<Version2>()
.WithKey(publicKey)
.AsPublic() // Purpose
.Decode(token);
var decoder = new PasetoDecoder(cfg => cfg.Use<Version2>(publicKey)); // default is public purpose
var payload = decoder.Decode(token);
{
"example": "Hello Paseto!",
"exp": "2018-04-07T05:04:07.9196375Z"
}
- Switch from Unix DateTime to ISO 8601 compliant to adhere to Paseto registered claims
- Add support for local authentication for v2
- Add support for local authentication for v1
- Add support for version detection when decoding
- Add payload validation rules
- There's already an initial implementation and tests
- Improve protocol versioning
- Add more documentation on the usage
- Extend the fluent builder API
- Add more tests
- Uses Ed25519 algorithm from CodesInChaos Chaos.NaCl cryptography library.
- Uses Blake2b cryptographic hash function from metadings repository.
- Uses XChaCha20-Poly1305 AEAD from NaCl.Core repository.