Implement PASERK serialization

Implement serialization and deserialization of v2/3/4
local/secret/public keys as well as key identifiers (lid/sid/pid).

Co-authored-by: Daniel SUTTO <[email protected]>

Author: minus7

keys.go

@@ -0,0 +1,16 @@
+package paseto
+
+// KeyType indicates if key is symmetric, private or public
+type KeyType string
+
+// KeyVersion indicates the token version the key may be used for
+type KeyVersion int
+
+const (
+	// Symmetric key used for local tokens
+	KeyTypeLocal KeyType = "local"
+	// Asymmetric secret key used for public tokens
+	KeyTypeSecret KeyType = "secret"
+	// Asymmetric public key used for public tokens
+	KeyTypePublic KeyType = "public"
+)

paserk/keys.go

@@ -0,0 +1,21 @@
+package paserk
+
+import (
+	"aidanwoods.dev/go-paseto"
+)
+
+type Key interface {
+	ExportBytes() []byte
+	Type() paseto.KeyType
+	Version() paseto.KeyVersion
+}
+
+var _ Key = &paseto.V2SymmetricKey{}
+var _ Key = &paseto.V2AsymmetricSecretKey{}
+var _ Key = &paseto.V2AsymmetricPublicKey{}
+var _ Key = &paseto.V3SymmetricKey{}
+var _ Key = &paseto.V3AsymmetricSecretKey{}
+var _ Key = &paseto.V3AsymmetricPublicKey{}
+var _ Key = &paseto.V4SymmetricKey{}
+var _ Key = &paseto.V4AsymmetricSecretKey{}
+var _ Key = &paseto.V4AsymmetricPublicKey{}

paserk/paserk.go

@@ -0,0 +1,214 @@
+package paserk
+
+import (
+	"crypto/sha512"
+	"encoding/base64"
+	"errors"
+	"fmt"
+	"golang.org/x/crypto/blake2b"
+	"hash"
+	"strconv"
+	"strings"
+
+	"aidanwoods.dev/go-paseto"
+)
+
+// type of PASERK token
+type PaserkType string
+
+const (
+	// Unique Identifier for a separate PASERK for local PASETOs
+	PaserkTypeLid PaserkType = "lid"
+	// Symmetric key for local tokens
+	PaserkTypeLocal PaserkType = "local"
+	// Symmetric key wrapped using asymmetric encryption
+	PaserkTypeSeal PaserkType = "seal"
+	// Symmetric key wrapped by another symmetric key
+	PaserkTypeLocalWrap PaserkType = "local-wrap"
+	// Symmetric key wrapped using password-based encryption
+	PaserkTypeLocalPw PaserkType = "local-pw"
+	// Unique Identifier for a separate PASERK for public PASETOs. (Secret Key)
+	PaserkTypeSid PaserkType = "sid"
+	// Public key for verifying public tokens
+	PaserkTypePublic PaserkType = "public"
+	// Unique Identifier for a separate PASERK for public PASETOs. (Public Key)
+	PaserkTypePid PaserkType = "pid"
+	// Secret key for signing public tokens
+	PaserkTypeSecret PaserkType = "secret"
+	// Asymmetric secret key wrapped by another symmetric key
+	PaserkTypeSecretWrap PaserkType = "secret-wrap"
+	// Asymmetric secret key wrapped using password-based encryption
+	PaserkTypeSecretPw PaserkType = "secret-pw"
+)
+
+func parsePaserkType(s string) (PaserkType, error) {
+	switch PaserkType(s) {
+	case PaserkTypeLid:
+		return PaserkTypeLid, nil
+	case PaserkTypeLocal:
+		return PaserkTypeLocal, nil
+	case PaserkTypeSeal:
+		return PaserkTypeSeal, nil
+	case PaserkTypeLocalWrap:
+		return PaserkTypeLocalWrap, nil
+	case PaserkTypeLocalPw:
+		return PaserkTypeLocalPw, nil
+	case PaserkTypeSid:
+		return PaserkTypeSid, nil
+	case PaserkTypePublic:
+		return PaserkTypePublic, nil
+	case PaserkTypePid:
+		return PaserkTypePid, nil
+	case PaserkTypeSecret:
+		return PaserkTypeSecret, nil
+	case PaserkTypeSecretWrap:
+		return PaserkTypeSecretWrap, nil
+	case PaserkTypeSecretPw:
+		return PaserkTypeSecretPw, nil
+	default:
+		return "", errors.New("invalid PASERK type")
+	}
+}
+
+func (paserkType PaserkType) supportsKeyType(typ paseto.KeyType) bool {
+	if paserkType == PaserkTypeLocal && typ == paseto.KeyTypeLocal {
+		return true
+	} else if paserkType == PaserkTypeSecret && typ == paseto.KeyTypeSecret {
+		return true
+	} else if paserkType == PaserkTypePublic && typ == paseto.KeyTypePublic {
+		return true
+	} else {
+		return false
+	}
+}
+
+// SerializeKey exports a local/secret/public key as a PASERK token
+func SerializeKey(k Key) (string, error) {
+	var paserkType PaserkType
+	switch k.Type() {
+	case paseto.KeyTypeLocal:
+		paserkType = PaserkTypeLocal
+	case paseto.KeyTypeSecret:
+		paserkType = PaserkTypeSecret
+	case paseto.KeyTypePublic:
+		paserkType = PaserkTypePublic
+	default:
+		return "", errors.New("invalid key type")
+	}
+	header := "k" + strconv.Itoa(int(k.Version())) + "." + string(paserkType) + "."
+	data := base64.RawURLEncoding.EncodeToString(k.ExportBytes())
+	return header + data, nil
+}
+
+// SerializeKeyID exports a local/secret/public key's identity as a lid/sid/pid PASERK token
+func SerializeKeyID(k Key) (string, error) {
+	var paserkType PaserkType
+	switch k.Type() {
+	case paseto.KeyTypeLocal:
+		paserkType = PaserkTypeLid
+	case paseto.KeyTypeSecret:
+		paserkType = PaserkTypeSid
+	case paseto.KeyTypePublic:
+		paserkType = PaserkTypePid
+	default:
+		return "", errors.New("invalid key type")
+	}
+	var h hash.Hash
+	switch k.Version() {
+	case 1, 3:
+		h = sha512.New384()
+	case 2, 4:
+		h, _ = blake2b.New(33, nil)
+	default:
+		return "", errors.New("invalid key version")
+	}
+	header := "k" + strconv.Itoa(int(k.Version())) + "." + string(paserkType) + "."
+	h.Write([]byte(header))
+	s, err := SerializeKey(k)
+	if err != nil {
+		return "", err
+	}
+	h.Write([]byte(s))
+	data := base64.RawURLEncoding.EncodeToString(h.Sum(nil)[:33])
+	return header + data, nil
+}
+
+type KnownKeyTypes interface {
+	paseto.V2SymmetricKey |
+		paseto.V2AsymmetricSecretKey |
+		paseto.V2AsymmetricPublicKey |
+		paseto.V3SymmetricKey |
+		paseto.V3AsymmetricSecretKey |
+		paseto.V3AsymmetricPublicKey |
+		paseto.V4SymmetricKey |
+		paseto.V4AsymmetricSecretKey |
+		paseto.V4AsymmetricPublicKey
+	Key
+}
+
+// DeserializeKey constructs a local/secret/public key of type T from a given
+// PASERK token, given that it matches type and version of T
+func DeserializeKey[T KnownKeyTypes](paserkStr string) (T, error) {
+	var t T
+	frags := strings.Split(paserkStr, ".")
+	if len(frags) != 3 {
+		return t, fmt.Errorf("invalid PASERK token: %s", paserkStr)
+	}
+	if len(frags[0]) != 2 || frags[0][0] != 'k' {
+		return t, fmt.Errorf("invalid PASERK version field")
+	}
+	version, err := strconv.Atoi(frags[0][1:])
+	if err != nil {
+		return t, fmt.Errorf("invalid PASERK version number")
+	}
+	typ, err := parsePaserkType(frags[1])
+	if err != nil {
+		return t, err
+	}
+	data, err := base64.RawURLEncoding.DecodeString(frags[2])
+	if err != nil {
+		return t, fmt.Errorf("cannot decode data part of PASERK token: %w", err)
+	}
+
+	if t.Version() != paseto.KeyVersion(version) || !typ.supportsKeyType(t.Type()) {
+		return t, fmt.Errorf("cannot decode PASERK token of type 'k%d.%s', expected 'k%d.%s'", version, typ, t.Version(), t.Type())
+	}
+
+	var key Key
+	switch version {
+	case 2:
+		switch typ {
+		case PaserkTypeLocal:
+			key, err = paseto.V2SymmetricKeyFromBytes(data)
+		case PaserkTypeSecret:
+			key, err = paseto.NewV2AsymmetricSecretKeyFromBytes(data)
+		case PaserkTypePublic:
+			key, err = paseto.NewV2AsymmetricPublicKeyFromBytes(data)
+		}
+	case 3:
+		switch typ {
+		case PaserkTypeLocal:
+			key, err = paseto.V3SymmetricKeyFromBytes(data)
+		case PaserkTypeSecret:
+			key, err = paseto.NewV3AsymmetricSecretKeyFromBytes(data)
+		case PaserkTypePublic:
+			key, err = paseto.NewV3AsymmetricPublicKeyFromBytes(data)
+		}
+	case 4:
+		switch typ {
+		case PaserkTypeLocal:
+			key, err = paseto.V4SymmetricKeyFromBytes(data)
+		case PaserkTypeSecret:
+			key, err = paseto.NewV4AsymmetricSecretKeyFromBytes(data)
+		case PaserkTypePublic:
+			key, err = paseto.NewV4AsymmetricPublicKeyFromBytes(data)
+		}
+	}
+	if err != nil {
+		return t, fmt.Errorf("can't construct key from data part of paserk token: %w", err)
+	}
+	if key == nil {
+		return t, fmt.Errorf("deserializing of key of type %T is not implemented", t)
+	}
+	return key.(T), nil
+}

paserk/paserk_test.go

@@ -0,0 +1,45 @@
+package paserk
+
+import (
+	"aidanwoods.dev/go-paseto"
+	"github.com/stretchr/testify/require"
+	"testing"
+)
+
+func TestSerializeKey(t *testing.T) {
+	k, _ := paseto.NewV4AsymmetricPublicKeyFromHex("0000000000000000000000000000000000000000000000000000000000000000")
+	s, err := SerializeKey(k)
+	require.NoError(t, err)
+	require.Equal(t, "k4.public.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA", s)
+}
+
+func TestDeserializeKey(t *testing.T) {
+	k, err := DeserializeKey[paseto.V4AsymmetricPublicKey]("k4.public.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA")
+	require.NoError(t, err)
+	require.Equal(t, "0000000000000000000000000000000000000000000000000000000000000000", k.ExportHex())
+}
+
+func TestDeserializeKeyFailure(t *testing.T) {
+	_, err := DeserializeKey[paseto.V4AsymmetricPublicKey]("kx.secret.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA")
+	require.Error(t, err)
+	require.Equal(t, "invalid PASERK version number", err.Error())
+
+	_, err = DeserializeKey[paseto.V4AsymmetricPublicKey]("k4.something.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA")
+	require.Error(t, err)
+	require.Equal(t, "invalid PASERK type", err.Error())
+
+	_, err = DeserializeKey[paseto.V4AsymmetricPublicKey]("k4.secret.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA")
+	require.Error(t, err)
+	require.Equal(t, "cannot decode PASERK token of type 'k4.secret', expected 'k4.public'", err.Error())
+
+	_, err = DeserializeKey[paseto.V4AsymmetricPublicKey]("k2.public.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA")
+	require.Error(t, err)
+	require.Equal(t, "cannot decode PASERK token of type 'k2.public', expected 'k4.public'", err.Error())
+}
+
+func TestSerializeKeyID(t *testing.T) {
+	k, _ := paseto.V4SymmetricKeyFromHex("0000000000000000000000000000000000000000000000000000000000000000")
+	s, err := SerializeKeyID(k)
+	require.NoError(t, err)
+	require.Equal(t, "k4.lid.bqltbNc4JLUAmc9Xtpok-fBuI0dQN5_m3CD9W_nbh559", s)
+}

v2_keys.go

@@ -47,6 +47,13 @@ func (k V2AsymmetricPublicKey) ExportBytes() []byte {
 	return k.material
 }
 
+func (k V2AsymmetricPublicKey) Version() KeyVersion {
+	return 2
+}
+func (k V2AsymmetricPublicKey) Type() KeyType {
+	return KeyTypePublic
+}
+
 // V2AsymmetricSecretKey V2 public private key
 type V2AsymmetricSecretKey struct {
 	material ed25519.PrivateKey
@@ -75,6 +82,13 @@ func (k V2AsymmetricSecretKey) ExportSeedHex() string {
 	return encoding.HexEncode(k.material.Seed())
 }
 
+func (k V2AsymmetricSecretKey) Version() KeyVersion {
+	return 2
+}
+func (k V2AsymmetricSecretKey) Type() KeyType {
+	return KeyTypeSecret
+}
+
 // NewV2AsymmetricSecretKey generate a new secret key for use with asymmetric
 // cryptography. Don't forget to export the public key for sharing, DO NOT share
 // this secret key.
@@ -158,6 +172,13 @@ func (k V2SymmetricKey) ExportBytes() []byte {
 	return k.material[:]
 }
 
+func (k V2SymmetricKey) Version() KeyVersion {
+	return 2
+}
+func (k V2SymmetricKey) Type() KeyType {
+	return KeyTypeLocal
+}
+
 // V2SymmetricKeyFromHex constructs a key from hex
 func V2SymmetricKeyFromHex(hexEncoded string) (V2SymmetricKey, error) {
 	var bytes []byte

v3_keys.go

@@ -60,6 +60,13 @@ func (k V3AsymmetricPublicKey) ExportBytes() []byte {
 	return k.compressed()
 }
 
+func (k V3AsymmetricPublicKey) Version() KeyVersion {
+	return 3
+}
+func (k V3AsymmetricPublicKey) Type() KeyType {
+	return KeyTypePublic
+}
+
 // V3AsymmetricSecretKey v3 public private key
 type V3AsymmetricSecretKey struct {
 	material ecdsa.PrivateKey
@@ -80,6 +87,13 @@ func (k V3AsymmetricSecretKey) ExportBytes() []byte {
 	return k.material.D.Bytes()
 }
 
+func (k V3AsymmetricSecretKey) Version() KeyVersion {
+	return 3
+}
+func (k V3AsymmetricSecretKey) Type() KeyType {
+	return KeyTypeSecret
+}
+
 // NewV3AsymmetricSecretKey generate a new secret key for use with asymmetric
 // cryptography. Don't forget to export the public key for sharing, DO NOT share
 // this secret key.
@@ -145,6 +159,14 @@ func (k V3SymmetricKey) ExportBytes() []byte {
 	return k.material[:]
 }
 
+func (k V3SymmetricKey) Version() KeyVersion {
+	return 3
+}
+
+func (k V3SymmetricKey) Type() KeyType {
+	return KeyTypeLocal
+}
+
 // V3SymmetricKeyFromHex constructs a key from hex
 func V3SymmetricKeyFromHex(hexEncoded string) (V3SymmetricKey, error) {
 	var bytes []byte