Closed cnizzardini closed 2 years ago
$key = AsymmetricSecretKey::generate($version);
Don't generate keys elsewhere then import them. Instead, generate with the library then export. PASERK helps here.
More information: https://github.com/paseto-standard/paserk
There are other methods. We intentionally don't clobber claim values with the footer, or vice-versa, and keep them separate. JsonToken
has getFooterArray()
.
The KeyRing
class does what a JWK does at runtime, but for advanced use-cases, PASERK provides those features instead of polluting PASETO with features.
Thanks for the answers.
Any thoughts about providing a shell command within this library to generate AssymetricKeys or is that found within PASERK?
We hadn't considered that, but it might be a useful thing to make.
Yes, would be nice if I could run something like vendor/bin/paseto keygen
or vendor/bin/paseto keygen -encode
or whatever...
Ps. @paragonie-security I could try my hand at building one. Just not sure if this library would prefer to roll its own command ala phpcs or would be okay pulling in a depedency like symfony/console to ease creation.
I'm learning my way through this spec and lib and have a couple of questions.
Meaning is it possible to supply my own custom key in place of
sodium_crypto_sign_keypair()
as the argument? Thus far I have been unsuccessful and have had to copy the output of the encoded private key and use it like so to decode:When trying building keys like this I am unable to decode them: