RubyGems - ruby-paseto - Versions diffs - 0.1.0 - Mend

ruby-paseto 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (116) hide show

checksums.yaml +7 -0
data/CHANGELOG.md +8 -0
data/CODE_OF_CONDUCT.md +84 -0
data/LICENSE.txt +21 -0
data/README.md +549 -0
data/lib/paseto/asn1/algorithm_identifier.rb +17 -0
data/lib/paseto/asn1/curve_private_key.rb +22 -0
data/lib/paseto/asn1/ec_private_key.rb +27 -0
data/lib/paseto/asn1/ecdsa_full_r.rb +26 -0
data/lib/paseto/asn1/ecdsa_sig_value.rb +23 -0
data/lib/paseto/asn1/ecdsa_signature.rb +49 -0
data/lib/paseto/asn1/ed25519_identifier.rb +15 -0
data/lib/paseto/asn1/named_curve.rb +17 -0
data/lib/paseto/asn1/one_asymmetric_key.rb +32 -0
data/lib/paseto/asn1/private_key.rb +17 -0
data/lib/paseto/asn1/private_key_algorithm_identifier.rb +17 -0
data/lib/paseto/asn1/public_key.rb +17 -0
data/lib/paseto/asn1/subject_public_key_info.rb +28 -0
data/lib/paseto/asn1.rb +101 -0
data/lib/paseto/asymmetric_key.rb +100 -0
data/lib/paseto/configuration/box.rb +23 -0
data/lib/paseto/configuration/decode_configuration.rb +68 -0
data/lib/paseto/configuration.rb +18 -0
data/lib/paseto/interface/i_d.rb +23 -0
data/lib/paseto/interface/key.rb +113 -0
data/lib/paseto/interface/pbkd.rb +83 -0
data/lib/paseto/interface/pie.rb +59 -0
data/lib/paseto/interface/pke.rb +86 -0
data/lib/paseto/interface/serializer.rb +19 -0
data/lib/paseto/interface/version.rb +161 -0
data/lib/paseto/interface/wrapper.rb +20 -0
data/lib/paseto/operations/i_d.rb +48 -0
data/lib/paseto/operations/id/i_dv3.rb +20 -0
data/lib/paseto/operations/id/i_dv4.rb +20 -0
data/lib/paseto/operations/pbkd/p_b_k_dv3.rb +85 -0
data/lib/paseto/operations/pbkd/p_b_k_dv4.rb +94 -0
data/lib/paseto/operations/pbkw.rb +73 -0
data/lib/paseto/operations/pke/p_k_ev3.rb +97 -0
data/lib/paseto/operations/pke/p_k_ev4.rb +95 -0
data/lib/paseto/operations/pke.rb +57 -0
data/lib/paseto/operations/wrap.rb +29 -0
data/lib/paseto/paserk.rb +55 -0
data/lib/paseto/paserk_types.rb +46 -0
data/lib/paseto/protocol/version3.rb +100 -0
data/lib/paseto/protocol/version4.rb +99 -0
data/lib/paseto/result.rb +9 -0
data/lib/paseto/serializer/optional_json.rb +30 -0
data/lib/paseto/serializer/raw.rb +23 -0
data/lib/paseto/sodium/curve_25519.rb +46 -0
data/lib/paseto/sodium/safe_ed25519_loader.rb +19 -0
data/lib/paseto/sodium/stream/base.rb +82 -0
data/lib/paseto/sodium/stream/x_cha_cha20_xor.rb +31 -0
data/lib/paseto/sodium.rb +5 -0
data/lib/paseto/symmetric_key.rb +119 -0
data/lib/paseto/token.rb +127 -0
data/lib/paseto/token_types.rb +29 -0
data/lib/paseto/util.rb +105 -0
data/lib/paseto/v3/local.rb +63 -0
data/lib/paseto/v3/public.rb +204 -0
data/lib/paseto/v4/local.rb +56 -0
data/lib/paseto/v4/public.rb +169 -0
data/lib/paseto/validator.rb +154 -0
data/lib/paseto/verifiers/footer.rb +30 -0
data/lib/paseto/verifiers/payload.rb +42 -0
data/lib/paseto/verify.rb +48 -0
data/lib/paseto/version.rb +6 -0
data/lib/paseto/versions.rb +25 -0
data/lib/paseto/wrappers/pie/pie_v3.rb +72 -0
data/lib/paseto/wrappers/pie/pie_v4.rb +72 -0
data/lib/paseto/wrappers/pie.rb +71 -0
data/lib/paseto.rb +99 -0
data/paseto.gemspec +58 -0
data/sorbet/config +3 -0
data/sorbet/rbi/annotations/rainbow.rbi +269 -0
data/sorbet/rbi/gems/ast@2.4.2.rbi +584 -0
data/sorbet/rbi/gems/diff-lcs@1.5.0.rbi +1083 -0
data/sorbet/rbi/gems/docile@1.4.0.rbi +376 -0
data/sorbet/rbi/gems/ffi@1.15.5.rbi +1994 -0
data/sorbet/rbi/gems/io-console@0.5.11.rbi +8 -0
data/sorbet/rbi/gems/irb@1.5.1.rbi +342 -0
data/sorbet/rbi/gems/json@2.6.3.rbi +1541 -0
data/sorbet/rbi/gems/multi_json@1.15.0.rbi +267 -0
data/sorbet/rbi/gems/netrc@0.11.0.rbi +158 -0
data/sorbet/rbi/gems/oj@3.13.23.rbi +603 -0
data/sorbet/rbi/gems/openssl@3.0.1.rbi +1735 -0
data/sorbet/rbi/gems/parallel@1.22.1.rbi +277 -0
data/sorbet/rbi/gems/rainbow@3.1.1.rbi +407 -0
data/sorbet/rbi/gems/rake@13.0.6.rbi +3021 -0
data/sorbet/rbi/gems/rbnacl@7.1.1.rbi +3218 -0
data/sorbet/rbi/gems/regexp_parser@2.6.1.rbi +3481 -0
data/sorbet/rbi/gems/reline@0.3.1.rbi +8 -0
data/sorbet/rbi/gems/rexml@3.2.5.rbi +4717 -0
data/sorbet/rbi/gems/rspec-core@3.12.0.rbi +10887 -0
data/sorbet/rbi/gems/rspec-expectations@3.12.0.rbi +8090 -0
data/sorbet/rbi/gems/rspec-mocks@3.12.0.rbi +5300 -0
data/sorbet/rbi/gems/rspec-support@3.12.0.rbi +1617 -0
data/sorbet/rbi/gems/rspec@3.12.0.rbi +88 -0
data/sorbet/rbi/gems/ruby-progressbar@1.11.0.rbi +1239 -0
data/sorbet/rbi/gems/simplecov-html@0.12.3.rbi +219 -0
data/sorbet/rbi/gems/simplecov@0.21.2.rbi +2135 -0
data/sorbet/rbi/gems/simplecov_json_formatter@0.1.4.rbi +8 -0
data/sorbet/rbi/gems/thor@1.2.1.rbi +3956 -0
data/sorbet/rbi/gems/timecop@0.9.6.rbi +350 -0
data/sorbet/rbi/gems/unicode-display_width@2.3.0.rbi +48 -0
data/sorbet/rbi/gems/webrick@1.7.0.rbi +2555 -0
data/sorbet/rbi/gems/yard-sorbet@0.7.0.rbi +391 -0
data/sorbet/rbi/gems/yard@0.9.28.rbi +17816 -0
data/sorbet/rbi/gems/zeitwerk@2.6.6.rbi +950 -0
data/sorbet/rbi/shims/multi_json.rbi +19 -0
data/sorbet/rbi/shims/openssl.rbi +111 -0
data/sorbet/rbi/shims/rbnacl.rbi +65 -0
data/sorbet/rbi/shims/zeitwerk.rbi +6 -0
data/sorbet/rbi/todo.rbi +7 -0
data/sorbet/tapioca/config.yml +30 -0
data/sorbet/tapioca/require.rb +12 -0
metadata +376 -0

data/lib/paseto/protocol/version3.rb ADDED Viewed

@@ -0,0 +1,100 @@
+# encoding: binary
+# typed: strict
+# frozen_string_literal: true
+module Paseto
+  module Protocol
+    class Version3
+      extend T::Sig
+      extend T::Helpers
+      include Interface::Version
+      sig(:final) { override.params(key: String, nonce: String, payload: String).returns(String) }
+      def self.crypt(key:, nonce:, payload:)
+        cipher = OpenSSL::Cipher.new('aes-256-ctr')
+        cipher.key = key
+        cipher.iv = nonce
+        cipher.update(payload) + cipher.final
+      end
+      sig(:final) { override.params(data: String, digest_size: Integer).returns(String) }
+      def self.digest(data, digest_size:)
+        T.must(OpenSSL::Digest.digest('SHA384', data).byteslice(0, digest_size))
+      end
+      sig(:final) { override.returns(Integer) }
+      def self.digest_bytes
+        48
+      end
+      sig(:final) { override.params(data: String, key: String, digest_size: Integer).returns(String) }
+      def self.hmac(data, key:, digest_size:)
+        T.must(OpenSSL::HMAC.digest('SHA384', key, data).byteslice(0, digest_size))
+      end
+      sig(:final) { override.returns(T.class_of(Operations::ID::IDv3)) }
+      def self.id
+        Operations::ID::IDv3
+      end
+      sig(:final) do
+        override.params(
+          password: String,
+          salt: String,
+          length: Integer,
+          parameters: Integer
+        ).returns(String)
+      end
+      def self.kdf(password, salt:, length:, **parameters)
+        OpenSSL::KDF.pbkdf2_hmac(
+          password,
+          salt: salt,
+          length: length,
+          iterations: T.must(parameters[:iterations]),
+          hash: 'SHA384'
+        )
+      end
+      sig(:final) { override.returns(String) }
+      def self.paserk_version
+        'k3'
+      end
+      sig(:final) { override.returns(String) }
+      def self.pbkd_local_header
+        'k3.local-pw'
+      end
+      sig(:final) { override.returns(String) }
+      def self.pbkd_secret_header
+        'k3.secret-pw'
+      end
+      sig(:final) { override.params(password: String).returns(Operations::PBKD::PBKDv3) }
+      def self.pbkw(password)
+        Operations::PBKD::PBKDv3.new(password)
+      end
+      sig(:final) { override.params(key: SymmetricKey).returns(Wrappers::PIE::PieV3) }
+      def self.pie(key)
+        Wrappers::PIE::PieV3.new(key)
+      end
+      sig(:final) { override.params(key: AsymmetricKey).returns(Operations::PKE::PKEv3) }
+      def self.pke(key)
+        Operations::PKE::PKEv3.new(key)
+      end
+      sig(:final) { override.params(size: Integer).returns(String) }
+      def self.random(size)
+        SecureRandom.random_bytes(size)
+      end
+      sig(:final) { override.returns(String) }
+      def self.version
+        'v3'
+      end
+    end
+  end
+end

data/lib/paseto/protocol/version4.rb ADDED Viewed

@@ -0,0 +1,99 @@
+# typed: strict
+# frozen_string_literal: true
+module Paseto
+  module Protocol
+    class Version4
+      extend T::Sig
+      extend T::Helpers
+      include Interface::Version
+      sig(:final) { override.params(key: String, nonce: String, payload: String).returns(String) }
+      def self.crypt(key:, nonce:, payload:)
+        Paseto::Sodium::Stream::XChaCha20Xor.new(key).encrypt(nonce, payload)
+      end
+      sig(:final) { override.params(data: String, digest_size: Integer).returns(String) }
+      def self.digest(data, digest_size:)
+        RbNaCl::Hash.blake2b(data, digest_size: digest_size)
+      end
+      sig(:final) { override.returns(Integer) }
+      def self.digest_bytes
+        32
+      end
+      sig(:final) { override.params(data: String, key: String, digest_size: Integer).returns(String) }
+      def self.hmac(data, key:, digest_size: 32)
+        RbNaCl::Hash.blake2b(data, key: key, digest_size: digest_size)
+      end
+      sig(:final) { override.returns(T.class_of(Operations::ID::IDv4)) }
+      def self.id
+        Operations::ID::IDv4
+      end
+      sig(:final) do
+        override.params(
+          password: String,
+          salt: String,
+          length: Integer,
+          parameters: T.any(Symbol, Integer)
+        ).returns(String)
+      end
+      def self.kdf(password, salt:, length:, **parameters)
+        memlimit = RbNaCl::PasswordHash::Argon2.memlimit_value(parameters[:memlimit])
+        opslimit = RbNaCl::PasswordHash::Argon2.opslimit_value(parameters[:opslimit])
+        RbNaCl::PasswordHash.argon2id(
+          password,
+          salt,
+          opslimit,
+          memlimit,
+          length
+        )
+      end
+      sig(:final) { override.returns(String) }
+      def self.paserk_version
+        'k4'
+      end
+      sig(:final) { override.returns(String) }
+      def self.pbkd_local_header
+        'k4.local-pw'
+      end
+      sig(:final) { override.returns(String) }
+      def self.pbkd_secret_header
+        'k4.secret-pw'
+      end
+      sig(:final) { override.params(password: String).returns(Operations::PBKD::PBKDv4) }
+      def self.pbkw(password)
+        Operations::PBKD::PBKDv4.new(password)
+      end
+      sig(:final) { override.params(key: SymmetricKey).returns(Wrappers::PIE::PieV4) }
+      def self.pie(key)
+        Wrappers::PIE::PieV4.new(key)
+      end
+      sig(:final) { override.params(key: AsymmetricKey).returns(Operations::PKE::PKEv4) }
+      def self.pke(key)
+        Operations::PKE::PKEv4.new(key)
+      end
+      sig(:final) { override.params(size: Integer).returns(String) }
+      def self.random(size)
+        RbNaCl::Random.random_bytes(size)
+      end
+      sig(:final) { override.returns(String) }
+      def self.version
+        'v4'
+      end
+    end
+  end
+end

data/lib/paseto/result.rb ADDED Viewed

@@ -0,0 +1,9 @@
+# typed: strict
+# frozen_string_literal: true
+module Paseto
+  class Result < T::Struct
+    prop :claims, T::Hash[String, T.untyped]
+    prop :footer, T.nilable(T.any(String, T::Hash[String, T.untyped])), default: nil
+  end
+end

data/lib/paseto/serializer/optional_json.rb ADDED Viewed

@@ -0,0 +1,30 @@
+# typed: strict
+# frozen_string_literal: true
+module Paseto
+  module Serializer
+    module OptionalJson
+      extend T::Sig
+      extend Interface::Serializer
+      sig { override.params(val: String, options: T::Hash[T.untyped, T.untyped]).returns(T.untyped) }
+      def self.deserialize(val, options)
+        obj = MultiJson.load(val, options)
+        case obj
+        when Hash then obj
+        else val
+        end
+      rescue MultiJson::ParseError
+        val
+      end
+      sig { override.params(val: T.untyped, options: T::Hash[T.untyped, T.untyped]).returns(String) }
+      def self.serialize(val, options)
+        return val unless val.is_a?(Hash)
+        MultiJson.dump(val, options)
+      end
+    end
+  end
+end

data/lib/paseto/serializer/raw.rb ADDED Viewed

@@ -0,0 +1,23 @@
+# typed: strict
+# frozen_string_literal: true
+module Paseto
+  module Serializer
+    module Raw
+      extend T::Sig
+      extend Interface::Serializer
+      sig(:final) do
+        override.params(
+          val: String,
+          _options: T::Hash[T.untyped, T.untyped]
+        ).returns(T.any(String, T::Hash[String, T.untyped]))
+      end
+      def self.deserialize(val, _options) = val
+      sig(:final) { override.params(val: T.untyped, _options: T.untyped).returns(String) }
+      def self.serialize(val, _options) = val
+    end
+  end
+end

data/lib/paseto/sodium/curve_25519.rb ADDED Viewed

@@ -0,0 +1,46 @@
+# typed: false
+# frozen_string_literal: true
+module Paseto
+  module Sodium
+    class Curve25519
+      extend T::Sig
+      extend RbNaCl::Sodium
+      sodium_type :sign
+      sodium_primitive :ed25519
+      sodium_function :to_x25519_private_key,
+                      :crypto_sign_ed25519_sk_to_curve25519,
+                      %i[pointer pointer]
+      sodium_function :to_x25519_public_key,
+                      :crypto_sign_ed25519_pk_to_curve25519,
+                      %i[pointer pointer]
+      sig { params(key: V4::Public).void }
+      def initialize(key)
+        @key = key
+      end
+      sig { returns(RbNaCl::PrivateKey) }
+      def to_x25519_private_key
+        buffer = RbNaCl::Util.zeros(RbNaCl::PrivateKey::BYTES)
+        success = self.class.to_x25519_private_key(buffer, @key.to_bytes)
+        raise CryptoError, 'Ed25519->X25519 sk failure' unless success
+        RbNaCl::PrivateKey.new(buffer)
+      end
+      sig { returns(RbNaCl::PublicKey) }
+      def to_x25519_public_key
+        buffer = RbNaCl::Util.zeros(RbNaCl::PublicKey::BYTES)
+        success = self.class.to_x25519_public_key(buffer, @key.public_bytes)
+        raise CryptoError, 'Ed25519->X25519 pk failure' unless success
+        RbNaCl::PublicKey.new(buffer)
+      end
+    end
+  end
+end

data/lib/paseto/sodium/safe_ed25519_loader.rb ADDED Viewed

@@ -0,0 +1,19 @@
+# typed: strict
+# frozen_string_literal: true
+module Paseto
+  module Sodium
+    module SafeEd25519Loader
+      extend T::Sig
+      include Kernel
+      sig(:final) { params(keypair: String).returns(RbNaCl::SigningKey) }
+      def self.from_keypair(keypair)
+        RbNaCl::SigningKey.new(keypair[0, 32]).tap do |key|
+          raise InvalidKeyPair, 'public key does not match private' unless keypair == key.keypair_bytes
+        end
+      end
+    end
+  end
+end

data/lib/paseto/sodium/stream/base.rb ADDED Viewed

@@ -0,0 +1,82 @@
+# encoding: binary
+# typed: strict
+# frozen_string_literal: true
+module Paseto
+  module Sodium
+    module Stream
+      # Abstract base class for Stream ciphers
+      class Base
+        extend T::Sig
+        extend T::Helpers
+        abstract!
+        # Number of bytes in a valid key
+        KEYBYTES = 0
+        # Number of bytes in a valid nonce
+        NONCEBYTES = 0
+        MESSAGEBYTES_MAX = 0
+        sig { returns(Integer) }
+        def self.nonce_bytes
+          const_get(:NONCEBYTES)
+        end
+        sig { returns(Integer) }
+        def self.key_bytes
+          const_get(:KEYBYTES)
+        end
+        # Create a new Stream.
+        #
+        # Sets up Stream with a secret key for encrypting and decrypting messages.
+        sig { params(key: String).void }
+        def initialize(key)
+          RbNaCl::Util.check_length(key, key_bytes, 'Key')
+          @key = key
+        end
+        sig { params(nonce: String, message: T.nilable(String)).returns(String) }
+        def encrypt(nonce, message)
+          RbNaCl::Util.check_length(nonce, nonce_bytes, 'Nonce')
+          ciphertext = RbNaCl::Util.zeros(data_len(message))
+          success = do_encrypt(ciphertext, nonce, message)
+          raise CryptoError, 'Encryption failed' unless success
+          ciphertext
+        end
+        sig { returns(Integer) }
+        def nonce_bytes
+          self.class.nonce_bytes
+        end
+        sig { returns(Integer) }
+        def key_bytes
+          self.class.key_bytes
+        end
+        private
+        # Symmetric encryption key for a cipher instance
+        sig { returns(String) }
+        attr_reader :key
+        sig { abstract.params(ciphertext: String, nonce: String, message: T.nilable(String)).returns(T::Boolean) }
+        def do_encrypt(ciphertext, nonce, message); end
+        sig { params(message: T.nilable(String)).returns(Integer) }
+        def data_len(message)
+          return 0 unless message
+          message.bytesize
+        end
+      end
+    end
+  end
+end

data/lib/paseto/sodium/stream/x_cha_cha20_xor.rb ADDED Viewed

@@ -0,0 +1,31 @@
+# encoding: binary
+# typed: false
+# frozen_string_literal: true
+module Paseto
+  module Sodium
+    module Stream
+      class XChaCha20Xor < Paseto::Sodium::Stream::Base
+        extend RbNaCl::Sodium
+        sodium_type :stream
+        sodium_primitive :xchacha20
+        sodium_constant :KEYBYTES
+        sodium_constant :NONCEBYTES
+        sodium_constant :MESSAGEBYTES_MAX
+        sodium_function :stream_xchacha20_xor,
+                        :crypto_stream_xchacha20_xor,
+                        %i[pointer pointer ulong_long pointer pointer]
+        private
+        sig { override.params(ciphertext: String, nonce: String, message: T.nilable(String)).returns(T::Boolean) }
+        def do_encrypt(ciphertext, nonce, message)
+          self.class.stream_xchacha20_xor(ciphertext, message, data_len(message), nonce, key)
+        end
+      end
+    end
+  end
+end

data/lib/paseto/sodium.rb ADDED Viewed

@@ -0,0 +1,5 @@
+# typed: false
+# frozen_string_literal: true
+require_relative 'sodium/stream/base'
+require_relative 'sodium/stream/x_cha_cha20_xor'

data/lib/paseto/symmetric_key.rb ADDED Viewed

@@ -0,0 +1,119 @@
+# typed: strict
+# frozen_string_literal: true
+module Paseto
+  class SymmetricKey < Interface::Key
+    extend T::Sig
+    extend T::Helpers
+    abstract!
+    sig(:final) { returns(String) }
+    attr_reader :key, :lid, :paserk
+    sig { params(ikm: String).void }
+    def initialize(ikm)
+      raise ArgumentError, 'ikm must be 32 bytes' unless ikm.bytesize == 32
+      @key = T.let(ikm.freeze, String)
+      @paserk = T.let("#{paserk_version}.#{purpose}.#{Util.encode64(key)}".freeze, String)
+      @lid = T.let(Operations::ID.lid(self).freeze, String)
+    end
+    # Encrypts and authenticates `message` with optional binding input `implicit_assertion`, returning a `Token`.
+    # If `footer` is provided, it is included as authenticated data in the reuslting `Token``.
+    # `n` must not be used outside of tests.
+    sig(:final) { params(message: String, footer: String, implicit_assertion: String, n: T.nilable(String)).returns(Token) }
+    def encrypt(message:, footer: '', implicit_assertion: '', n: nil) # rubocop:disable Naming/MethodParameterName
+      n ||= SecureRandom.random_bytes(32)
+      ek, n2, ak = calc_keys(n)
+      c = protocol.crypt(payload: message, key: ek, nonce: n2)
+      Util.pre_auth_encode(pae_header, n, c, footer, implicit_assertion)
+          .then { |pre_auth| protocol.hmac(pre_auth, key: ak) }
+          .then { |t| "#{n}#{c}#{t}" }
+          .then { |payload| Token.new(payload: payload, version: version, purpose: purpose, footer: footer) }
+    end
+    # Verify and decrypt an encrypted Token, with an optional string `implicit_assertion`, and return the plaintext.
+    # If `token` includes a footer, it is treated as authenticated data to be verified but not returned.
+    # `token` must be a `v4.local` type Token.
+    sig(:final) { params(token: Token, implicit_assertion: String).returns(String) }
+    def decrypt(token:, implicit_assertion: '')
+      raise LucidityError unless header == token.header
+      n, c, t = split_payload(token.raw_payload)
+      ek, n2, ak = calc_keys(n)
+      pre_auth = Util.pre_auth_encode(pae_header, n, c, token.raw_footer, implicit_assertion)
+      t2 = protocol.hmac(pre_auth, key: ak)
+      raise InvalidAuthenticator unless Util.constant_compare(t, t2)
+      protocol.crypt(payload: c, key: ek, nonce: n2).encode(Encoding::UTF_8)
+    rescue Encoding::UndefinedConversionError
+      raise ParseError, 'invalid payload encoding'
+    end
+    sig(:final) do
+      override.params(
+        payload: T::Hash[String, T.untyped],
+        footer: String,
+        implicit_assertion: String,
+        options: T.nilable(T.any(String, Integer, Symbol, T::Boolean))
+      ).returns(String)
+    end
+    def encode!(payload, footer: '', implicit_assertion: '', **options)
+      n = T.cast(options.delete(:nonce), T.nilable(String))
+      MultiJson.dump(payload, options)
+               .then { |message| encrypt(message: message, footer: footer, implicit_assertion: implicit_assertion, n: n) }
+               .then(&:to_s)
+    end
+    sig(:final) do
+      override.params(
+        payload: String,
+        implicit_assertion: String,
+        options: T.nilable(T.any(Proc, String, Integer, Symbol, T::Boolean))
+      ).returns(Result)
+    end
+    def decode!(payload, implicit_assertion: '', **options)
+      token = Token.parse(payload)
+      decrypt(token: token, implicit_assertion: implicit_assertion)
+        .then { |json| MultiJson.load(json, **options) }
+        .then { |claims| Result.new(claims: claims, footer: token.footer) }
+    end
+    sig(:final) { override.returns(String) }
+    def id = @lid
+    sig(:final) { override.returns(String) }
+    def pbkw_header = protocol.pbkd_local_header
+    sig(:final) { returns(Interface::PIE) }
+    def pie = protocol.pie(self)
+    sig(:final) { override.returns(String) }
+    def purpose = 'local'
+    sig(:final) { override.returns(String) }
+    def to_bytes = key
+    sig(:final) { params(paserk: String).returns(Interface::Key) }
+    def unwrap(paserk) = Paserk.from_paserk(paserk: paserk, wrapping_key: self)
+    sig(:final) { params(key: Interface::Key, nonce: T.nilable(String)).returns(String) }
+    def wrap(key, nonce: nil) = Paserk.wrap(key: key, wrapping_key: self, nonce: nonce)
+    private
+    sig { abstract.params(nonce: String).returns([String, String, String]) }
+    def calc_keys(nonce); end
+    sig { abstract.params(payload: String).returns([String, String, String]) }
+    def split_payload(payload); end
+  end
+end

data/lib/paseto/token.rb ADDED Viewed

@@ -0,0 +1,127 @@
+# typed: strict
+# frozen_string_literal: true
+module Paseto
+  class Token
+    extend T::Sig
+    include Comparable
+    sig { returns(String) }
+    attr_reader :version, :purpose, :raw_payload, :raw_footer
+    sig { returns(T.any(String, T::Hash[String, T.untyped])) }
+    attr_reader :footer
+    sig { returns(T.class_of(Interface::Key)) }
+    attr_reader :type
+    sig do
+      params(
+        paseto: String,
+        options: T.nilable(T.any(Proc, String, Integer, Symbol, T::Boolean))
+      ).returns(Token)
+    end
+    def self.parse(paseto, **options)
+      case paseto.split('.')
+      in [String => version, String => purpose, String => payload, String => footer]
+        nil
+      in [String => version, String => purpose, String => payload]
+        footer = ''
+      else
+        raise ParseError, 'not a valid token'
+      end
+      payload = Util.decode64(payload)
+      Util.decode64(footer)
+          .then { |f| serializer.deserialize(f, options) }
+          .then { |f| new(version: version, purpose: purpose, payload: payload, footer: f) }
+    end
+    sig { returns(Paseto::Interface::Serializer) }
+    def self.serializer
+      Paseto.config.decode.footer_serializer
+    end
+    sig do
+      params(
+        payload: String,
+        purpose: String,
+        version: String,
+        footer: T.any(String, T::Hash[String, T.untyped]),
+        options: T.nilable(T.any(Proc, String, Integer, Symbol, T::Boolean))
+      ).void
+    end
+    def initialize(payload:, purpose:, version:, footer: '', **options) # rubocop:disable Metrics/AbcSize
+      raw_footer = serializer.serialize(footer, options)
+      encoded_footer = ".#{Util.encode64(raw_footer)}" unless raw_footer.empty?
+      paseto = Util.encode64(payload)
+                   .then { |data| "#{data}#{encoded_footer}" }
+                   .then { |data| "#{version}.#{purpose}.#{data}" }
+                   .then(&:freeze)
+      @version =     T.let(version.freeze,             String)
+      @purpose =     T.let(purpose.freeze,             String)
+      @raw_payload = T.let(payload.freeze,             String)
+      @type =        T.let(validate_header,            T.class_of(Interface::Key))
+      @footer =      T.let(footer,                     T.any(String, T::Hash[String, T.untyped]))
+      @raw_footer =  T.let(raw_footer,                 String)
+      @str =         T.let(paseto,                     String)
+    end
+    sig do
+      params(
+        key: Interface::Key,
+        implicit_assertion: String,
+        options: T.nilable(T.any(Proc, String, Integer, Symbol, T::Boolean))
+      ).returns(T::Hash[String, T.untyped])
+    end
+    def decode!(key, implicit_assertion: '', **options)
+      return @result.claims if @result
+      key.decode(@str, implicit_assertion: implicit_assertion, **options)
+         .then { |result| @result = T.let(result, T.nilable(Result)) }
+         .then(&:claims)
+    end
+    sig { returns(String) }
+    def header
+      "#{version}.#{purpose}"
+    end
+    sig { returns(String) }
+    def inspect
+      to_s
+    end
+    sig { returns(T::Hash[String, T.untyped]) }
+    def payload
+      return @result.claims if @result
+      raise ParseError, 'token not yet decoded, call #decode! first'
+    end
+    sig { returns(String) }
+    def to_s = @str
+    sig { params(other: T.any(Token, String)).returns(T.nilable(Integer)) }
+    def <=>(other)
+      to_s <=> other.to_s
+    end
+    private
+    sig { returns(Paseto::Interface::Serializer) }
+    def serializer = self.class.serializer
+    sig { returns(T.class_of(Interface::Key)) }
+    def validate_header
+      type = TokenTypes.deserialize(header).key_klass
+      return type if type
+      raise UnsupportedToken, header
+    rescue KeyError
+      raise UnsupportedToken, header
+    end
+  end
+end