paseto-ts
Version:
PASETO v4 (encrypt, decrypt, sign & verify) in TypeScript
40 lines (39 loc) • 1.95 kB
TypeScript
import type { GetRandomValues } from '../lib/types.js';
export interface PASERKPublicKeyPair {
secretKey: string;
publicKey: string;
}
export interface PASERKPublicKeyPairBuffer {
secretKey: Uint8Array;
publicKey: Uint8Array;
}
/**
* Generates a secret key (`local` purpose) or key pair (`public` purpose).
* The keys are scoped to the purpose and version of PASETO; when parsing a token, the key must be
* the same purpose and version as the token. This prevents a `v4.public` key from being used to
* parse a `v4.local` token or vice versa.
*
* To use the generated key(s) in another PASETO implementation, specify the format as `paserk`.
* @param {string} purpose `local` (encrypt/decrypt) or `public` (sign/verify)
* @param {object} options Options
* @param {string} options.format Format of the returned key(s) (`paserk` (PASERK) or `buffer` (Uint8Array)); defaults to `paserk`
* @param {(length: number): Uint8Array} options.getRandomValues Optional crypto.getRandomValues implementation (for Node < 19)
* @returns {string | Uint8Array | PASERKPublicKeyPair | PASERKPublicKeyPairBuffer} Private and public key pair for `public` purpose, secret key for `local` purpose
* @see https://github.com/paseto-standard/paseto-spec/blob/master/docs/02-Implementation-Guide/03-Algorithm-Lucidity.md#paseto-cryptography-key-requirements
*/
export declare function generateKeys(purpose: 'local', opts?: {
format?: 'paserk';
getRandomValues?: GetRandomValues;
}): string;
export declare function generateKeys(purpose: 'local', opts?: {
format?: 'buffer';
getRandomValues?: GetRandomValues;
}): Uint8Array;
export declare function generateKeys(purpose: 'public', opts?: {
format?: 'paserk';
getRandomValues?: GetRandomValues;
}): PASERKPublicKeyPair;
export declare function generateKeys(purpose: 'public', opts?: {
format?: 'buffer';
getRandomValues?: GetRandomValues;
}): PASERKPublicKeyPairBuffer;