Lib.rs

加密学
#密钥管理 #paseto #安全 #令牌 #paserk

rusty_paserk

平台无关可序列化密钥(PASERK)是PASETO密钥管理的扩展

作者:Conrad Ludgate

10 个不稳定版本 (3 个重大更新)

0.4.0 2024年5月29日
0.3.0 2023年11月7日
0.2.3 2023年8月18日
0.2.2 2023年7月24日
0.1.0 2023年6月18日

加密学 中排名 158

Download history 628/week @ 2024-04-27 675/week @ 2024-05-04 584/week @ 2024-05-11 620/week @ 2024-05-18 1004/week @ 2024-05-25 1045/week @ 2024-06-01 1647/week @ 2024-06-08 939/week @ 2024-06-15 869/week @ 2024-06-22 656/week @ 2024-06-29 717/week @ 2024-07-06 631/week @ 2024-07-13 641/week @ 2024-07-20 797/week @ 2024-07-27 529/week @ 2024-08-03 326/week @ 2024-08-10

每月下载量 2,348
5 个crate中使用(通过atuin-client

MIT 许可证

96KB
1.5K SLoC

rusty_paserk

rusty_paseto的扩展,在之上增加了平台无关可序列化密钥规范。

示例

本地封装

use rusty_paserk::wrap::{Pie, LocalWrapperExt};
use rusty_paseto::core::{PasetoSymmetricKey, V4, Local, Key};

let wrapping_key = PasetoSymmetricKey::<V4, Local>::from(Key::try_new_random().unwrap());

let local_key = PasetoSymmetricKey::from(Key::try_new_random().unwrap());
let nonce = Key::try_new_random().unwrap();
let wrapped_local = Pie::wrap_local(&local_key, &wrapping_key, &nonce);
// => "k4.local-wrap.pie.RcAvOxHI0H-0uMsIl6KGcplH_tDlOhW1omFwXltZCiynHeRNH0hmn28AkN516h3WHuAReH3CvQ2SZ6mevnTquPETSd3XnlcbRWACT5GLWcus3BsD4IFWm9wFZgNF7C_E"

let mut wrapped_local = wrapped_local.into_bytes();
let local_key2 = Pie::unwrap_local(&mut wrapped_local, &wrapping_key).unwrap();
assert_eq!(local_key.as_ref(), local_key2.as_ref());

秘密封装

use rusty_paserk::wrap::{Pie, SecretWrapperExt};
use rusty_paseto::core::{PasetoSymmetricKey, PasetoAsymmetricPrivateKey, V4, Key};

let wrapping_key = PasetoSymmetricKey::from(Key::try_new_random().unwrap());

let secret_key = Key::try_new_random().unwrap();
let secret_key = PasetoAsymmetricPrivateKey::from(&secret_key);
let nonce = Key::try_new_random().unwrap();
let wrapped_secret = Pie::wrap_secret(&secret_key, &wrapping_key, &nonce);
// => "k4.secret-wrap.pie.cTTnZwzBA3AKBugQCzmctv5R9CjyPOlelG9SLZrhupDwk6vYx-3UQFCZ7x4d57KU4K4U1qJeFP6ELzkMJ0s8qHt0hsQkW14Ni6TJ89MRzEqglUgI6hJD-EF2E9kIFO5YuC5MHwXN7Wi_vG1S3L-OoTjZgT_ZJ__8T7SJhvYLodo"

let mut wrapped_secret = wrapped_secret.into_bytes();
let secret_key2 = Pie::unwrap_secret(&mut wrapped_secret, &wrapping_key).unwrap();
assert_eq!(secret_key.as_ref(), secret_key2.as_ref());

本地ID

use rusty_paserk::id::EncodeId;
use rusty_paseto::core::{PasetoSymmetricKey, V4, Local, Key};

let local_key = PasetoSymmetricKey::<V4, Local>::from(Key::try_new_random().unwrap());
let kid = local_key.encode_id();
// => "k4.lid.XxPub51WIAEmbVTmrs-lFoFodxTSKk8RuYEJk3gl-DYB"

秘密ID

use rusty_paserk::id::EncodeId;
use rusty_paseto::core::{PasetoAsymmetricPrivateKey, V4, Public, Key};

let secret_key = Key::try_new_random().unwrap();
let secret_key = PasetoAsymmetricPrivateKey::<V4, Public>::from(&secret_key);
let kid = secret_key.encode_id();
// => "k4.sid.p26RNihDPsk2QbglGMTmwMMqLYyeLY25UOQZXQDXwn61"

公开ID

use rusty_paserk::id::EncodeId;
use rusty_paseto::core::{PasetoAsymmetricPublicKey, V4, Public, Key};

let public_key = Key::try_new_random().unwrap();
let public_key = PasetoAsymmetricPublicKey::<V4, Public>::from(&public_key);
let kid = public_key.encode_id();
// => "k4.pid.yMgldRRLHBLkhmcp8NG8yZrtyldbYoAjQWPv_Ma1rzRu"

依赖

~9–18MB
~339K SLoC