[FR] Documentation regarding rules for valid encryption keys

[samuela]

Is your feature request related to a problem? Please describe. I have the following bit of toy code:

let state = paseto::tokens::PasetoBuilder::new()
  .set_encryption_key(Vec::from("FISHYLAKEBLACKMAGIC".as_bytes()))
  .set_expiration(Utc::now() + Duration::minutes(15))
  .set_not_before(Utc::now())
  .build()
  .expect("failed to construct paseto token");

and I'm getting a nasty error:

thread 'main' panicked at 'failed to construct paseto token: InvalidKey

Looking at the documentation however, I don't see any rules regarding what makes a key valid or invalid.

Describe the solution you'd like Some explanation of the requirements for set_encryption_key in the docs.

Describe alternatives you've considered n/a

Additional context n/a

[samuela]

After a bit of poking around I think I've found that the key must be exactly 32 characters long, no more no less. Not sure if this is exactly the rule, but it worked for me.

[Mythra]

Hey @samuela ,

Yes this is a requirement of the underlying encryption algorithim in both modes. I agree though this should be better documented, and a better error message here explaining why. I'm away on holiday right now, but will get to this as soon as possible!

Thanks, Cynthia