Closed not-my-profile closed 2 years ago
brycx
commented
2 years ago Thanks for this suggestion @not-my-profile.
PASERK does indeed sound like a good idea. I'll investigate this some more, since it seems this'll require more logic for footer-handling, additional cryptographic primitives, etc. What I mean is, it will not be trivial to support.
not-my-profile
commented
2 years ago You're welcome :)
I opened this issue specifically for the local and public PASERK types, which as far as I understand, shouldn't require additional cryptographic primitives. So to achieve key interoperability with other libraries this subset of PASERK should suffice.
brycx
commented
2 years ago Could you clarify exactly which PASERK types you are referring to, from this matrix: https://github.com/paseto-standard/paserk#paserk
Am I correct in guessing it's: local, public and secret. The three types marked as unsafe to be put in the PASETO footer?
not-my-profile
commented
2 years ago Yes, exactly :)
brycx
commented
2 years ago Alright.
So essentially additions to SymmetricKey, AsymmetricSecretKey and AsymmetricPublicKey, that enable each type to be created from a PASERK string and be converted back, would solve your use-case?
not-my-profile
commented
2 years ago Yes, exactly :)
brycx
commented
2 years ago Okay, this is a much smaller scope than I initially feared. We can have this implemented.
In order to use Paseto for my application I need cross-language interoperability. However the only two Paseto v4 implementations for Python enforce Algorithm Lucidity, meaning they currently cannot be easily used in conjunction with pasetors, since it doesn't support Paserk.
So it would be great if pasetors could support importing/exporting keys from/to Paserk :)