Up: API
Undocumented procedure.
Undocumented procedure.
Decrypts an AES256-encrypted payload using a given key. It relies on the ‘openssl‘ command-line tool to perform the decryption.
Args: payload: The base64-encoded, AES256-encrypted string to decrypt. k: The decryption key (a string) that was used to encrypt the payload.
Returns: The original, decrypted data as a string.
Example: (decrypt-payload "U2FsdGVkX1+..." "mysecretkey") Returns "mysecretdata"
Safely attempts to decrypt a given token. This function acts as a wrapper around ‘unsafe-decrypt-token‘, catching any errors that occur during the decryption process.
Args: token: The token string to be decrypted. encryption-key: The key used for encryption. signing-key: The key used for signing/verification.
Returns: The decrypted token payload if successful, otherwise ‘#f‘ (false) and prints an error message to the console.
Encrypts a given payload using AES256 encryption with a specified key. It leverages the ‘openssl‘ command-line tool.
Args: payload: The string to encrypt. k: The encryption key (a string) to use.
Returns: A string representing the base64-encoded, AES256-encrypted version of the payload.
Example: (encrypt-payload "mysecretdata" "mysecretkey") Returns a string like "U2FsdGVkX1+..."
Safely attempts to generate a new token. This function wraps ‘unsafe-generate-token‘ to gracefully handle any potential errors during token creation.
Args: encryption-key: The key to be used for encrypting the token’s payload. signing-key: The key to be used for signing the token. get-owner-details: A thunk that returns a list of details about the token’s owner. token-validity-seconds: (Optional) The duration in seconds for which the token will be valid.
Returns: A newly generated token string if successful, otherwise ‘#f‘ (false) and prints an error message to the console.
Check if needed permissions are a subset of the present (existing) permissions.
Undocumented procedure.
Garbles a string by splitting it into two halves, reversing each half, and then concatenating the reversed second half with the reversed first half. If the string has an odd length, the first half will be shorter by one character.
#:args s: The input string to garble.
#:return A new string that is the garbled version of the input string.
Example: (string-garble "abcdefg") ; Returns "gfedcba" (string-garble "hello world") ; Returns "dlrow olleh"
Ungarbeles a string that was previously garbled by the ‘string-garble‘ function. It reconstructs the original string by reversing the process of ‘string-garble‘.
Args: s: The garbled string to ungarble.
Returns: The original string before it was garbled.
Example: (string-ungarble "gfedcba") ; Returns "abcdefg" (string-ungarble "dlrow olleh") ; Returns "hello world"
Verify the validity of a token payload, by doing checks on every field, and returning either #t or #f representing validity status.
Decodes and validates a secure token that was created by generate-token.
This function decrypts the token, decodes the payload, parses it safely, and validates its expiration time.
WARNING: This function depends on the ‘base64‘ and ‘openssl‘ command-line utilities being available in the system’s PATH.
#:returns: A parsed association list representing the token’s payload if the token is valid and successfully decoded. Otherwise, it raises an error.
Generates a secure, encrypted, and Base64-encoded authentication token.
#:key encryption-key: The secret key (string) used for AES-256 encryption. This parameter is required. #:key signing-key: The signing key (string) used for the final AES-256 encryption. This parameter is required. #:key get-owner-details: A thunk that returns an the owner’s details. #:key token-validity-seconds: The token’s lifetime in seconds. #:returns: An encrypted and Base64-encoded string representing the token.
Up: API