paseto-v4-sodium

Crates.iopaseto-v4-sodium
lib.rspaseto-v4-sodium
version0.1.0-rc.3
created_at2025-09-20 12:04:11.47988+00
updated_at2025-09-21 14:21:03.231396+00
descriptionPASETO/PASERK V4 based on libsodium
homepage
repositoryhttps://github.com/conradludgate/paseto-rs
max_upload_size
id1847688
size42,698
Conrad Ludgate (conradludgate)

documentation

README

paseto-v4-sodium

libsodium based PASETO V4 implementation.

Examples

use paseto_v4_sodium::{SignedToken, VerifiedToken};
use paseto_v4_sodium::libsodium;
use paseto_v4_sodium::key::{SecretKey, PublicKey, SealingKey};
use paseto_json::{RegisteredClaims, jiff};

// init libsodium
libsodium::ensure_init().expect("libsodium should initialise successfully");

// create a new keypair
let secret_key = SecretKey::random().unwrap();
let public_key = secret_key.unsealing_key();

// create a set of token claims
let now = jiff::Timestamp::now();
let claims = RegisteredClaims {
    iss: Some("https://paseto.conrad.cafe/".to_string()),
    iat: Some(now),
    nbf: Some(now),
    exp: Some(now + std::time::Duration::from_secs(3600)),
    sub: Some("conradludgate".to_string()),
    ..RegisteredClaims::default()
};

// create and sign a new token
let signed_token = VerifiedToken::new(claims).sign(&secret_key).unwrap();

// serialize the token.
let token = signed_token.to_string();
// "v4.public.eyJpc3MiOiJodHRwczovL3Bhc2V0by5jb25yYWQuY2FmZS8iLCJzdWIiOiJjb25yYWRsdWRnYXRlIiwiYXVkIjpudWxsLCJleHAiOiIyMDI1LTA5LTIwVDEyOjAxOjEzLjcyMjQ3OVoiLCJuYmYiOiIyMDI1LTA5LTIwVDExOjAxOjEzLjcyMjQ3OVoiLCJpYXQiOiIyMDI1LTA5LTIwVDExOjAxOjEzLjcyMjQ3OVoiLCJqdGkiOm51bGx9N7O1CAXQpQ3rpxhq6xFZt32z27VSL8suiek38-5W4LRGr1tDmKcP0_xrlp5-kdE6o7B_K8KU-6Fwmu0hzrkiDQ"

// serialize the public key.
let key = public_key.to_string();
// "k4.public.xRPdFzRvXY-H-6L3S2I3_TmdMKu6XwLKLSR10lZ-yfk"

// parse the token
let signed_token: SignedToken<RegisteredClaims> = token.parse().unwrap();

// parse the key
let public_key: PublicKey = key.parse().unwrap();

// verify the token
let verified_token = signed_token.verify(&public_key).unwrap();

// TODO: verify the claims
let now = jiff::Timestamp::now();
if let Some(exp) = verified_token.message.exp && exp < now {
    panic!("expired");
}
if let Some(nbf) = verified_token.message.nbf && now < nbf {
    panic!("not yet available");
}
Commit count: 21

cargo fmt