Amora is a secure token inspired by JWT and Branca, but enhanced a bit in some areas.
Project description
Amora
Amora is a secure token inspired by JWT and Branca, but enhanced a bit in some areas.
Key features:
- Can contain any type of payload: JSON, msgpack, cbor and so on...
- Always encrypted and authenticated using XChaCha20-Poly1305 algorithm.
- There are two versions of Amora:
- Amora zero: encrypted with a 32-byte symmetric key.
- Amora one: encrypted with a 32-byte asymmetric key.
- Encoded using url-safe base64.
- Always contain token generation time and TTL.
Amora structure
- header (4 bytes for Amora zero; 36 bytes for Amora one):
- version marker: 0xa0 or 0xa1 (1 byte)
- TTL (3 bytes; little-endian)
- randomly generated public key (32 bytes; Amora one only)
- nonce (24 bytes)
- token generation time (first 4 bytes; little-endian)
- randomly generated 20 bytes
- payload (any length)
- message authentication code (4 bytes)
Token generation time (TGT) + TTL
TGT is an unsigned 32-bit int. It's a number of seconds starting from the Unix epoch on January 1, 1970 UTC. This means that Amora tokens will work correctly until the year 2106.
TTL is an unsigned 24-bits int. It means that each token can be valid for a maximum of 194 days.
Asymmetric encryption
The shared key is computed using the X25519 function. It requires two pairs of priv/pub keys. The first pair must be known. The second pair is randomly generated for each token.
Code examples
Symmetric key from bytes
key = bytes([
0x4f, 0x99, 0x70, 0x66, 0x2f, 0xac, 0xd3, 0x7d,
0xc3, 0x6c, 0x0f, 0xd1, 0xda, 0xd0, 0x7e, 0xaa,
0x04, 0x7c, 0x28, 0x54, 0x58, 0x3c, 0x92, 0x0f,
0x52, 0x4b, 0x2b, 0x01, 0xd8, 0x40, 0x83, 0x1a,
])
amora = amora_py.Amora.amora_zero(key)
payload = "sample_payload_just_for_testing"
token = amora.encode(payload.encode(), 1)
decoded = amora.decode(token, True)
decoded = bytes(decoded).decode()
Symmetric key from string
key = "4f9970662facd37dc36c0fd1dad07eaa047c2854583c920f524b2b01d840831a"
amora = amora_py.Amora.amora_zero_from_str(key)
payload = "sample_payload_just_for_testing"
token = amora.encode(payload.encode(), 1)
decoded = amora.decode(token, True)
decoded = bytes(decoded).decode()
Asymmetric key from bytes
x25519 = X25519PrivateKey.generate()
secret_key = x25519.private_bytes_raw()
public_key = x25519.public_key().public_bytes_raw()
amora = amora_py.Amora.amora_one(secret_key, public_key)
payload = "sample_payload_just_for_testing"
token = amora.encode(payload.encode(), 1)
decoded = amora.decode(token, True)
decoded = bytes(decoded).decode()
Asymmetric key from string
secret_key = "778d0b92672b9a25ec4fbe65e3ad2212efa011e8f7035754c1342fe46191dbb3"
public_key = "5cdd89c1bb6859c927c50b6976712f256cdbf14d7273f723dc121c191f9d6d6d"
amora = amora_py.Amora.amora_one_from_str(secret_key, public_key)
payload = "sample_payload_just_for_testing"
token = amora.encode(payload.encode(), 1)
decoded = amora.decode(token, True)
decoded = bytes(decoded).decode()
Fetch metadata from the token
token = "oAEAAE_X6GVaC7xve5xaaAaLiW1YPqHX9I1BNGbKnC7ArMke4G" \
"EU9MXCgU2U5jYAkJhDXQBqsO5tadCKyXZmI3mV-bpDFr1aQc1U";
meta = amora_py.Amora.meta(token)
print(meta)
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distributions
Hashes for amora_py-0.2.1-cp312-cp312-manylinux_2_34_x86_64.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | af3097d6e450cb2fedb7a9e93d4dbe6cacaf5bfce1103a61a6190ba358dc4b0a |
|
MD5 | d6eae89a113589ab9e8b69bf5031844b |
|
BLAKE2b-256 | 64570eb996f4d54f0bdf1956bfb10deb1909ef2bd90773072f56c9a2c40f41a0 |
Hashes for amora_py-0.2.1-cp312-cp312-manylinux_2_34_aarch64.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 385ac2e86cdde08afa3dcece2355462f0ad20026021f81d0e34b8eab69aaca44 |
|
MD5 | 52a528948a41897f7ee723d88eb08e8d |
|
BLAKE2b-256 | 758891c704c57c4ef6f76e673e9cbe1050133a8059ad23d998c7718ef945ec14 |
Hashes for amora_py-0.2.1-cp311-cp311-manylinux_2_34_x86_64.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 05d0bd6a6d40cb82c9a6b81c7f5b8ae6750d8cdf060717c81529923045312161 |
|
MD5 | 328ce25a77dd6c69fe6cb9412d5e33fc |
|
BLAKE2b-256 | 17866dbf55a2d42c68977eca816b2ff5de5ec4b363ae24261a98d318628abf20 |
Hashes for amora_py-0.2.1-cp311-cp311-manylinux_2_34_aarch64.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 42b36d2dc995b7bf6ed7ae83bd54063b565fdbc1b44c5e07446e8871a5bb20c7 |
|
MD5 | a35b036dfc68ebf8a178a646fc7e1f7e |
|
BLAKE2b-256 | 3dea9e995f0dafe4d1347856d8096ca730e5de070c5c38658a2b184cdf5b4088 |
Hashes for amora_py-0.2.1-cp310-cp310-manylinux_2_34_x86_64.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 6546feb2cf2daf48bf3a9435c106ec30bb3ff9750b316195ae36b4074b06a514 |
|
MD5 | a6cfc83aa5657e025419815e3fa9dd8e |
|
BLAKE2b-256 | 2507fe497f29a6dd13ba7a838f7beff0df7ca672da8b2860b6acfe6cf34c2530 |
Hashes for amora_py-0.2.1-cp310-cp310-manylinux_2_34_aarch64.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 6e433123cf1bfcfe5c52f758302e2b29949e3331343f4f476fb4cae3e28d9b51 |
|
MD5 | c22028e8fdd7d09f0d85cad9cedd84f7 |
|
BLAKE2b-256 | cd97927b3e246e56e40f831649f5178b74a9831229e31687257466035b9162e3 |
Hashes for amora_py-0.2.1-cp39-cp39-manylinux_2_34_x86_64.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 29e996bb7f7c36ddf8261655f3742119faaf73bd522314771e9e561deefda006 |
|
MD5 | 8da18b4a3cce2726ed3ed32d4a958f37 |
|
BLAKE2b-256 | de8d665ebb0cc0ddd46ba9d83cf6f596c5830ca7baa24f61d877a10aa650d566 |
Hashes for amora_py-0.2.1-cp39-cp39-manylinux_2_34_aarch64.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 83412d9f533bf3485adfae2b49cb46cd7451b727bbdbf0e108693a36063c2ce7 |
|
MD5 | 4da8872c215c830a5f11f7e4562e684a |
|
BLAKE2b-256 | 29e120eecae23281246a15dd960aef80afffbfbc6dd6ddd714d020f67f63ce13 |
Hashes for amora_py-0.2.1-cp38-cp38-manylinux_2_34_x86_64.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | c4549508b13061eb03888667110dca0506adc472d52a4377f7b5a19296e88150 |
|
MD5 | 3a1d1af454cc4955919504c85f91d1a4 |
|
BLAKE2b-256 | 378c459134dd7d33138314176d64d49643b7930f1e39122620eeea5ba0a2269f |
Hashes for amora_py-0.2.1-cp38-cp38-manylinux_2_34_aarch64.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 457fabae4db88b5dc6a69a6ad475c342f835836527a10fa0a9c918f1c99de907 |
|
MD5 | d7331ddc99b1c15272a1c18dd991dfd4 |
|
BLAKE2b-256 | c12c9da14bd892af6a685db7d8c2c5c3173f4d2811f9167b8bd634b688b462f2 |