authenticvision / libpaseto Goto Github PK
View Code? Open in Web Editor NEWC implementation of Platform-Agnostic Security Tokens (PASETO)
Home Page: https://paseto.io
License: BSD 3-Clause "New" or "Revised" License
libpaseto's People
Contributors
Stargazers
Watchers
libpaseto's Issues
Add install target & pkg-config support
set expiration
Hello. I was wondering if there is the posibility to specify the exp time on a token
Bind Keys to Purpose
libpaseto/src/paseto_v2_local.c
Line 137 in e8bc52e
libpaseto/src/paseto_v2_public.c
Line 127 in e8bc52e
Right now, byte arrays are accepted by this API. There's no mechanism to prevent a user from using a v2 public key as a v2 local key.
It may also be a good idea to bind keys to a version, in case you want to support v4 tokens too.
Will paseto_v2_encrypt always terminate with a nul \0 byte?
Apologies for the incorrect use of an issue but it feels like the best place to ask. I need a little guidance since I'm not very proficient at reading C and don't want to take something for granted that could potentially be unsafe.
I've written some Crystal C bindings for this library and the largest area of concern is that I'm allowing the Crystal string initialiser to step over the returned pointer from paseto_v2_encrypt which appears to terminate whenever reaches a zero byte.
The libsodium docs suggest that the returned char* will be terminated with a \0 character so I'm assuming that would be enough in this instance?
Thanks for the lib!
Any chance for the v2.public interface?
Hello,
Thanks for this implementation. Do you think the v2.public interface will be supported by this lib one day?
Thanks.
Unable to load V2 secret or public key with base64
Using an ESP32. Coding in Arduino.
I'm attempting to use paseto_v2_public_load_secret_key_base64 and paseto_v2_public_load_public_key_base64 functions but I'm unable to load the the keys.
I've attempted many different base64 encoding methods, including the base encoded strings generated by openssl, but not had any luck so far.
I note that https://github.com/authenticvision/libpaseto/blob/master/examples/example.c is the paseto_v2_local_load_key_base64 function and this works as expected.
I also note that you've written some tests for the paseto_v2_public_load_secret_key_hex function, and using this function with the same hex encoded strings works as expected.
Would you be able to add an example using the paseto_v2_public_load_secret_key_base64 and paseto_v2_public_load_public_key_base64 functions please?
Check API with a fuzzer
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.