[go: up one dir, main page]

pasetors 0.7.7

PASETO: Platform-Agnostic Security Tokens (in Rust)
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78

use crate::errors::Error;
use alloc::vec::Vec;
use core::convert::TryInto;

/// Encode `n` to little-endian bytes. The MSB is cleared.
pub fn le64(n: u64) -> [u8; size_of::<u64>()] {
    let mut out = [0u8; size_of::<u64>()];
    let mut n_tmp = n;

    out[0] = (n_tmp & 255) as u8;
    n_tmp >>= 8;
    out[1] = (n_tmp & 255) as u8;
    n_tmp >>= 8;
    out[2] = (n_tmp & 255) as u8;
    n_tmp >>= 8;
    out[3] = (n_tmp & 255) as u8;
    n_tmp >>= 8;
    out[4] = (n_tmp & 255) as u8;
    n_tmp >>= 8;
    out[5] = (n_tmp & 255) as u8;
    n_tmp >>= 8;
    out[6] = (n_tmp & 255) as u8;
    n_tmp >>= 8;
    n_tmp &= 127; // Clear the MSB for interoperability
    out[7] = (n_tmp & 255) as u8;

    out
}

/// Pre-Authentication Encoding. See [specification](https://github.com/paragonie/paseto/blob/master/docs/01-Protocol-Versions/Common.md#pae-definition).
pub fn pae(pieces: &[&[u8]]) -> Result<Vec<u8>, Error> {
    let mut out: Vec<u8> = Vec::with_capacity(64);

    out.extend_from_slice(&le64(pieces.len().try_into()?));
    for elem in pieces.iter() {
        out.extend_from_slice(&le64(elem.len().try_into()?));
        out.extend_from_slice(elem);
    }

    Ok(out)
}

#[cfg(test)]
mod unit_tests {
    use super::*;

    #[test]
    fn test_le64() {
        assert_eq!(vec![0, 0, 0, 0, 0, 0, 0, 0], le64(0));
        assert_eq!(vec![10, 0, 0, 0, 0, 0, 0, 0], le64(10));
    }

    #[test]
    fn test_pae() {
        // Source: https://github.com/paragonie/paseto/blob/master/tests/UtilTest.php
        assert_eq!("0000000000000000", hex::encode(pae(&[]).unwrap()));
        assert_eq!(
            "01000000000000000000000000000000",
            hex::encode(pae(&[b""]).unwrap())
        );
        assert_eq!(
            "020000000000000000000000000000000000000000000000",
            hex::encode(pae(&[b"", b""]).unwrap())
        );
        assert_eq!(
            "0100000000000000070000000000000050617261676f6e",
            hex::encode(pae(&[b"Paragon"]).unwrap())
        );
        assert_eq!(
            "0200000000000000070000000000000050617261676f6e0a00000000000000496e6974696174697665",
            hex::encode(pae(&[b"Paragon", b"Initiative",]).unwrap())
        );
        assert_eq!(
            "0100000000000000190000000000000050617261676f6e0a00000000000000496e6974696174697665",
            hex::encode(pae(&[b"Paragon\n\0\0\0\0\0\0\0Initiative"]).unwrap())
        );
    }
}