Add support for version 1

nbaars · Nov 17, 2018 · 968e036 · 968e036
1 parent 9dda326
commit 968e036
Show file tree

Hide file tree

Showing 32 changed files with 1,276 additions and 364 deletions.
diff --git a/.travis.yml b/.travis.yml
@@ -15,7 +15,7 @@ deploy:
   provider: releases
   api_key:
     secure: SfpFUq0aJ3vYICs0FO7tKCwVTNffXSnwx2dMDs3diVwHuOtj1yl0lWk++NxkXzq6KGPzN9oj2Zmx0GBdOWs8vyCm1xdTWtswocFhnPlqmgR44fAJ1IS7AOs6jdTqr9UHccm1dSFMjz+8KYLHbfcgj+LYYrz6uAig4Lsk6n8z7pzop8U/pzcPnFDviTk3WJ/soTiRg5j1LYaqPVvR7ezS1U2YdQiCDidoWjvAn8H0QhyaCnw61JoSAXxO8nMrDVDJhuJT7rFtNBgNBLeXSVx35wWXadqWzmqBrn9boT79L0MJ+YbClsBhWFcV2ojwCcZhb3h9jaLKWxgdBRqyXbpRISs3pI1xoFNeaK+fqnD03ZvKlHBpSw2WEnSiJiev1WtrZMV4lL3PsJtILpu9K9VUttP9jFQDE0ZUoynpUnOhpFij8Hh4K86UzLTL/86fKDvIQUNzw/52uemaVYEOMZGhvTcC5RVPMBcAQHOjW0mKOzYqG5Dv3weQ0spDFY8gNM4B7h+GR80wAZdMyx3/YF+ZZ27hWIWN4QtJMJICrN8Mm9/iVlfav77ocSsQDelLlcTzxe0229XcRpdNC5M/Q+71CZGC4f4uIpyPg7XGoodeca4qFuJ/tU3zGlaVeM115fljwDjs/vbI4Qs7JUPgh3uscayxBUBG/4rEzrPlL1e6sZM=
-  file: "build/libs/*.jar"
+  file: "*/build/libs/*.jar"
   on:
     repo: nbaars/paseto4j
     tags: true

diff --git a/README.md b/README.md
@@ -2,23 +2,20 @@
 [![License](http://img.shields.io/:license-mit-blue.svg)](LICENSE)
 [![Build Status](http://img.shields.io/travis/nbaars/paseto4j.svg?style=flat-square)](https://travis-ci.org/nbaars/paseto4j)
 
-## WARNING: IMPLEMENTATION IS A PRE-RELEASE.
-
-Implementation of [PASETO](https://github.com/paragonie/paseto) library written in Java
-
-Paseto is everything you love about JOSE (JWT, JWE, JWS) without any of the
-[many design deficits that plague the JOSE standards](https://paragonie.com/blog/2017/03/jwt-json-web-tokens-is-bad-standard-that-everyone-should-avoid).
+Implementation of [PASETO](https://github.com/paragonie/paseto) library written in Java. This library is focused
+on taking part of the encryption/decryption part of the tokens it has a little dependencies as possible. How you
+construct the tokens with which JSON library is up to you. According to the specification the payload should always
+be a JSON object.
 
 # Contents
 * [What is Paseto?](#what-is-paseto)
   * [Key Differences between Paseto and JWT](#key-differences-between-paseto-and-jwt)
 * [Installation](#installation)
-* [Usage](#usage)
-* [Benchmarks](#benchmarks)
-* [Supported Paseto Versions](#supported-paseto-versions)
 
 # What is Paseto?
 
+Paseto is everything you love about JOSE (JWT, JWE, JWS) without any of the
+[many design deficits that plague the JOSE standards](https://paragonie.com/blog/2017/03/jwt-json-web-tokens-is-bad-standard-that-everyone-should-avoid).
 Paseto (Platform-Agnostic SEcurity TOkens) is a specification and reference implementation
 for secure stateless tokens.
 
@@ -34,15 +31,39 @@ use Paseto in [an insecure way](https://auth0.com/blog/critical-vulnerabilities-
 > Paseto is suitable for tamper-proof cookies, but cannot prevent replay attacks
 > by itself
 
-# Supported Paseto Versions
+# Installation
 
 ## Version 2
-Version 2 (the recommended version by the specification) is supported. 
+
+Version 2 (the recommended version by the specification) is supported, this version depends on Libsodium
+see [here](https://download.libsodium.org/doc/installation/) on how to install this library. The Dockerfile 
+contains an example how to install it on a Linux based system.
+
+### Gradle
+
+```groovy
+repositories {
+
+}
+
+dependencies {
+	compile 'org.paseto4j.paseto4j-version2:0.0.9'
+}
+
+```
 
 ## Version 1 
-Not supported
 
-# Usage
+### Gradle
+
+```groovy
+repositories {
+
+}
+
+dependencies {
+	compile 'org.paseto4j.paseto4j-version1:0.0.9'
+}
+
+```
 
-This library depends on Libsodium being present on the machine, see [here](https://download.libsodium.org/doc/installation/)
-on how to install this library. The Dockerfile contains an example how to install it on a Linux based system.
diff --git a/build.gradle b/build.gradle
@@ -1,33 +1,28 @@
 description = "Library for Paseto in Java, see https://github.com/paragonie/paseto for more information"
-apply plugin: 'java'
-compileJava {
-    group = 'org.paseto4j'
-    version = System.properties['buildNumber'] ?: '0.0.8'
-    sourceCompatibility = 1.8
-}
 
-repositories {
-	mavenCentral()
-    maven { url "https://consensys.bintray.com/consensys" }
+allprojects {
+    group = 'org.paseto4j'
+    version = System.properties['buildNumber'] ?: '0.0.7'
 }
 
-dependencies {
-	compile('com.google.guava:guava:23.5-jre')
-	compile('com.github.jnr:jnr-ffi:2.1.8')
-	compile('net.consensys.cava:cava-crypto:0.3.0')
-	compile('net.consensys.cava:cava-bytes:0.3.0')
-	compile('com.squareup.okio:okio:1.14.1')
-	testCompile('org.junit.jupiter:junit-jupiter-api:5.2.0')
-	testCompile('org.junit.jupiter:junit-jupiter-params:5.2.0')
-	testRuntime('org.junit.jupiter:junit-jupiter-engine:5.2.0')
-}
+subprojects {
+    apply plugin: 'java'
+    sourceCompatibility = 1.8
 
-test {
-    useJUnitPlatform()
-    testLogging {
-        events "passed", "skipped", "failed"
+    dependencies {
+        testCompile('org.junit.jupiter:junit-jupiter-api:5.2.0')
+        testCompile('org.junit.jupiter:junit-jupiter-params:5.2.0')
+        testRuntime('org.junit.jupiter:junit-jupiter-engine:5.2.0')
     }
-    reports {
-        html.enabled = true
+
+    test {
+        useJUnitPlatform()
+        testLogging {
+            events "passed", "skipped", "failed"
+        }
+        reports {
+            html.enabled = true
+        }
     }
 }
+
diff --git a/examples/build.gradle b/examples/build.gradle
@@ -0,0 +1,13 @@
+apply plugin: 'java'
+
+dependencies {
+    repositories {
+        jcenter()
+        maven { url 'https://jitpack.io' }
+        maven { url 'https://consensys.bintray.com/consensys' }
+    }
+
+    dependencies {
+        implementation 'com.github.nbaars:paseto4j:0.0.8'
+    }
+}
diff --git a/examples/src/main/java/org/paseto4j/version2/Version2.java b/examples/src/main/java/org/paseto4j/version2/Version2.java
@@ -0,0 +1,28 @@
+package org.paseto4j.version2;
+
+import net.consensys.cava.crypto.sodium.CryptoCavaWrapper;
+
+import static net.consensys.cava.crypto.sodium.CryptoCavaWrapper.crypto_sign_ed25519_seed_keypair;
+
+public class Version2 {
+
+    public static void main(String... args) {
+        new Version2().signToken();
+    }
+
+    private void signToken() {
+        byte[] seed = CryptoCavaWrapper.randomBytes(32);
+        byte[] privateKey = new byte[64];
+        byte[] publicKey = new byte[32];
+        crypto_sign_ed25519_seed_keypair(seed, publicKey, privateKey);
+
+        String signedToken = Paseto.sign(
+                privateKey,
+                "{\"data\":\"this is a signed message\",\"expires\":\"2019-01-01T00:00:00+00:00\"}",
+                "Paragon Initiative Enterprises");
+        System.out.println("Token is: " + signedToken);
+
+        String token = Paseto.parse(publicKey, signedToken, "Paragon Initiative Enterprises");
+        System.out.println("Token is: " + token);
+    }
+}
diff --git a/settings.gradle b/settings.gradle
@@ -1 +1,6 @@
-rootProject.name = 'paseto4j'
+
+include 'version1'
+include 'version2'
+
+project(":version1").name = "paseto4j-version1"
+project(":version2").name = "paseto4j-version2"
diff --git a/src/main/java/org/paseto4j/Paseto.java b/src/main/java/org/paseto4j/Paseto.java
diff --git a/src/main/java/org/paseto4j/PasetoLocalBuilder.java b/src/main/java/org/paseto4j/PasetoLocalBuilder.java
diff --git a/src/main/java/org/paseto4j/PasetoPublicBuilder.java b/src/main/java/org/paseto4j/PasetoPublicBuilder.java
diff --git a/src/main/java/org/paseto4j/Util.java b/src/main/java/org/paseto4j/Util.java
diff --git a/src/test/java/net/consensys/cava/crypto/sodium/CryptoCavaWrapperTest.java b/src/test/java/net/consensys/cava/crypto/sodium/CryptoCavaWrapperTest.java