diff --git a/README.md b/README.md index cdfbbd1..f6e8b2f 100644 --- a/README.md +++ b/README.md @@ -47,7 +47,7 @@ More examples - [here](example_test.go) ## Benchmarks -> Go version 1.19.5 / Mac M1 +> Go version 1.21 / Mac M1 ### V3 @@ -56,12 +56,12 @@ More examples - [here](example_test.go) goos: darwin goarch: arm64 pkg: zntr.io/paseto/v3 -Benchmark_Paseto_Encrypt-10 74833 14775 ns/op 8274 B/op 59 allocs/op -Benchmark_Paseto_Decrypt-10 84738 14189 ns/op 8050 B/op 59 allocs/op -Benchmark_Paseto_Sign-10 7467 157376 ns/op 9059 B/op 86 allocs/op -Benchmark_Paseto_Verify-10 1980 604653 ns/op 3754 B/op 52 allocs/op +Benchmark_Paseto_Encrypt-10 200414 6050 ns/op 8274 B/op 59 allocs/op +Benchmark_Paseto_Decrypt-10 214208 5558 ns/op 8050 B/op 59 allocs/op +Benchmark_Paseto_Sign-10 9921 117440 ns/op 9060 B/op 86 allocs/op +Benchmark_Paseto_Verify-10 2373 504017 ns/op 2504 B/op 36 allocs/op PASS -ok zntr.io/paseto/v3 5.373s +ok zntr.io/paseto/v3 6.169s ``` ### V4 @@ -71,12 +71,12 @@ ok zntr.io/paseto/v3 5.373s goos: darwin goarch: arm64 pkg: zntr.io/paseto/v4 -Benchmark_Paseto_Encrypt-10 461580 2580 ns/op 2288 B/op 12 allocs/op -Benchmark_Paseto_Decrypt-10 554426 2139 ns/op 2064 B/op 12 allocs/op -Benchmark_Paseto_Sign-10 47422 24875 ns/op 928 B/op 4 allocs/op -Benchmark_Paseto_Verify-10 22990 52357 ns/op 704 B/op 4 allocs/op +Benchmark_Paseto_Encrypt-10 411024 2532 ns/op 2288 B/op 12 allocs/op +Benchmark_Paseto_Decrypt-10 567030 2092 ns/op 2064 B/op 12 allocs/op +Benchmark_Paseto_Sign-10 51487 23268 ns/op 928 B/op 4 allocs/op +Benchmark_Paseto_Verify-10 23076 51794 ns/op 704 B/op 4 allocs/op PASS -ok zntr.io/paseto/v4 6.660s +ok zntr.io/paseto/v4 5.825s ``` ## License diff --git a/go.mod b/go.mod index f6cff01..4136888 100644 --- a/go.mod +++ b/go.mod @@ -1,15 +1,15 @@ module zntr.io/paseto -go 1.19 +go 1.21 require ( - github.com/stretchr/testify v1.8.1 - golang.org/x/crypto v0.17.0 + github.com/stretchr/testify v1.9.0 + golang.org/x/crypto v0.22.0 ) require ( github.com/davecgh/go-spew v1.1.1 // indirect github.com/pmezard/go-difflib v1.0.0 // indirect - golang.org/x/sys v0.15.0 // indirect + golang.org/x/sys v0.19.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect ) diff --git a/go.sum b/go.sum index 56b02f9..4f52307 100644 --- a/go.sum +++ b/go.sum @@ -1,21 +1,14 @@ -github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= -github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= -github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= -github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk= -github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= -golang.org/x/crypto v0.17.0 h1:r8bRNjWL3GshPW3gkd+RpvzWrZAwPS49OmTGZ/uhM4k= -golang.org/x/crypto v0.17.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4= -golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc= -golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg= +github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= +golang.org/x/crypto v0.22.0 h1:g1v0xeRhjcugydODzvb3mEM9SQ0HGp9s/nh3COQ/C30= +golang.org/x/crypto v0.22.0/go.mod h1:vr6Su+7cTlO45qkww3VDJlzDn0ctJvRgYbC2NvXHt+M= +golang.org/x/sys v0.19.0 h1:q5f1RH2jigJ1MoAWp2KTp3gm5zAGFUTarQZ5U386+4o= +golang.org/x/sys v0.19.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= diff --git a/v3/public.go b/v3/public.go index e7bb087..fabf016 100644 --- a/v3/public.go +++ b/v3/public.go @@ -81,7 +81,7 @@ func Sign(m []byte, sk *ecdsa.PrivateKey, f, i []byte) (string, error) { return string(final), nil } -// PASETO v3 signature verification primitive. +// Verify PASETO v3 signature. // https://github.com/paseto-standard/paseto-spec/blob/master/docs/01-Protocol-Versions/Version3.md#verify func Verify(t string, pub *ecdsa.PublicKey, f, i []byte) ([]byte, error) { // Check arguments diff --git a/v3/public_test.go b/v3/public_test.go index 63ec54a..1c3aaee 100644 --- a/v3/public_test.go +++ b/v3/public_test.go @@ -86,7 +86,8 @@ func Test_Paseto_PublicVector(t *testing.T) { var sk ecdsa.PrivateKey sk.D, _ = new(big.Int).SetString(testCase.secretKey, 16) sk.PublicKey.Curve = elliptic.P384() - sk.PublicKey.X, sk.PublicKey.Y = sk.PublicKey.Curve.ScalarBaseMult(sk.D.Bytes()) + pubRaw, _ := new(big.Int).SetString(testCase.publicKey, 16) + sk.X, sk.Y = elliptic.UnmarshalCompressed(sk.PublicKey.Curve, pubRaw.Bytes()) // Sign token, err := Sign([]byte(testCase.payload), &sk, []byte(testCase.footer), []byte(testCase.implicitAssertion)) @@ -121,8 +122,9 @@ func benchmarkSign(m []byte, sk *ecdsa.PrivateKey, f, i []byte, b *testing.B) { func Benchmark_Paseto_Sign(b *testing.B) { var sk ecdsa.PrivateKey sk.D, _ = new(big.Int).SetString("20347609607477aca8fbfbc5e6218455f3199669792ef8b466faa87bdc67798144c848dd03661eed5ac62461340cea96", 16) - sk.PublicKey.Curve = elliptic.P384() - sk.PublicKey.X, sk.PublicKey.Y = sk.PublicKey.Curve.ScalarBaseMult(sk.D.Bytes()) + sk.Curve = elliptic.P384() + pubRaw, _ := new(big.Int).SetString("02fbcb7c69ee1c60579be7a334134878d9c5c5bf35d552dab63c0140397ed14cef637d7720925c44699ea30e72874c72fb", 16) + sk.X, sk.Y = elliptic.UnmarshalCompressed(sk.PublicKey.Curve, pubRaw.Bytes()) m := []byte("{\"data\":\"this is a signed message\",\"exp\":\"2022-01-01T00:00:00+00:00\"}") f := []byte("{\"kid\":\"zVhMiPBP9fRf2snEcT7gFTioeA9COcNy9DfgL1W60haN\"}") @@ -146,8 +148,9 @@ func benchmarkVerify(t string, pk *ecdsa.PublicKey, f, i []byte, b *testing.B) { func Benchmark_Paseto_Verify(b *testing.B) { var sk ecdsa.PrivateKey sk.D, _ = new(big.Int).SetString("20347609607477aca8fbfbc5e6218455f3199669792ef8b466faa87bdc67798144c848dd03661eed5ac62461340cea96", 16) + pubRaw, _ := new(big.Int).SetString("02fbcb7c69ee1c60579be7a334134878d9c5c5bf35d552dab63c0140397ed14cef637d7720925c44699ea30e72874c72fb", 16) sk.PublicKey.Curve = elliptic.P384() - sk.PublicKey.X, sk.PublicKey.Y = sk.PublicKey.Curve.ScalarBaseMult(sk.D.Bytes()) + sk.PublicKey.X, sk.PublicKey.Y = elliptic.UnmarshalCompressed(sk.PublicKey.Curve, pubRaw.Bytes()) token := "v3.public.eyJkYXRhIjoidGhpcyBpcyBhIHNpZ25lZCBtZXNzYWdlIiwiZXhwIjoiMjAyMi0wMS0wMVQwMDowMDowMCswMDowMCJ94SjWIbjmS7715GjLSnHnpJrC9Z-cnwK45dmvnVvCRQDCCKAXaKEopTajX0DKYx1Xqr6gcTdfqscLCAbiB4eOW9jlt-oNqdG8TjsYEi6aloBfTzF1DXff_45tFlnBukEX.eyJraWQiOiJkWWtJU3lseFFlZWNFY0hFTGZ6Rjg4VVpyd2JMb2xOaUNkcHpVSEd3OVVxbiJ9" f := []byte("{\"kid\":\"dYkISylxQeecEcHELfzF88UZrwbLolNiCdpzUHGw9Uqn\"}")