Allow string / Buffer payloads

[lhchavez]

Hello!

The reference PHP implementation allows "to store arbitrary binary data in a PASETO, by invoking the Protocol classes directly". The same is true of other library implementations of PASETO.

I have a change here that allows just that, for interoperability with other implementations: 722ea12 Would that be something acceptable as a PR?

TL;DR:

• The {V1,V2}.{encrypt,sign} functions would now accept a string or Buffer payload.
• The {V1,V2}.{decrypt,verify} functions would now accept a { buffer: true } option to return the payload as Buffer.
• All of the modified functions now throw if claims are provided and they are operating in "Buffer mode".
  • The TypeScript declarations have been updated to prevent this from happening from the type system.

[panva]

"Reference implementation" says

Unlike JWT, we don't force you to use JSON. You can store arbitrary binary data in a Paseto, by invoking the Protocol classes directly. This is an advanced usage, of course.

Poking at JWT for being JSON only (despite the JWS format serving the role of arbitrary data), and yet the RFC says that

All PASETO payloads MUST be a JSON object.

---

Anyway. I would be fine with the change if you removed strings as input, only leave in Buffers. Assuming utf-8 for a string is just as bad as assuming only objects will be payloads and the last thing i wish to be dealing with is more options for used input encoding.

[lhchavez]

only leaving Buffers sounds reasonable. thanks for the discussion opened the PR :D