npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@useobo/crypto

v0.0.1

Published

OBO Crypto - Encryption, JWT signing, and key management

Downloads

9

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

kaarchkaarch

Keywords

oboencryptionjwtaes-256-gcmkey-rotationkms

Readme

@useobo/crypto

Cryptographic utilities for OBO. Provides AES-256-GCM encryption, JWT signing/verification with key rotation support, and optional GCP Cloud KMS integration.

Installation

npm install @useobo/crypto
# or
pnpm add @useobo/crypto

Features

  • AES-256-GCM Encryption: Authenticated encryption for sensitive data at rest
  • JWT Signing & Verification: Create and verify JWT tokens with HS256
  • Key Rotation: Support for multiple signing keys with seamless rotation
  • JWT Revocation: In-memory token blocklist for immediate invalidation
  • GCP Cloud KMS: Optional hardware-grade key management for enterprise deployments

Usage

Encryption

import { encrypt, decrypt, isEncrypted } from '@useobo/crypto';

// Encrypt sensitive data
const encrypted = encrypt('my-secret-token');
// Returns: "enc:v1:base64iv:base64ciphertext:base64tag"

// Check if data is encrypted
if (isEncrypted(encrypted)) {
  const decrypted = decrypt(encrypted);
  console.log(decrypted); // "my-secret-token"
}

JWT Operations

import { signJWT, verifyJWT, getKeyInfo } from '@useobo/crypto';

// Sign a JWT
const token = await signJWT({
  principal: '[email protected]',
  scopes: ['repo:read', 'repo:write'],
  slipId: 'slip_abc123',
}, 3600); // expires in 1 hour

// Verify a JWT
const payload = await verifyJWT(token);
console.log(payload.principal); // "[email protected]"

// Get key information
const keys = getKeyInfo();
console.log(keys);
// { primary: { id: '1', createdAt: ... }, secondary: [...] }

JWT Revocation

import { revokeToken, isTokenRevoked, cleanupExpiredRevocations } from '@useobo/crypto';

// Revoke a token by JTI
revokeToken('slip_abc123', 'User requested revocation');

// Check if revoked
if (isTokenRevoked('slip_abc123')) {
  console.log('Token has been revoked');
}

// Cleanup old revocations (run periodically)
cleanupExpiredRevocations(7 * 24 * 60 * 60 * 1000); // 7 days

GCP Cloud KMS (Optional)

import {
  encryptWithKms,
  decryptWithKms,
  hasKmsConfigured
} from '@useobo/crypto';

// Check if KMS is configured
if (hasKmsConfigured()) {
  // Encrypt using GCP KMS
  const ciphertext = await encryptWithKms('sensitive-data');

  // Decrypt using GCP KMS
  const plaintext = await decryptWithKms(ciphertext);
}

Environment Variables

# Encryption key (32 bytes base64-encoded)
OBO_ENCRYPTION_KEY=your-32-byte-base64-key

# JWT signing secrets (for key rotation)
OBO_JWT_SECRET_1=primary-secret
OBO_JWT_SECRET_2=secondary-secret

# GCP KMS (optional)
OBO_KMS_PROJECT_ID=my-project
OBO_KMS_LOCATION_ID=global
OBO_KMS_KEY_RING_ID=obo-keys
OBO_KMS_KEY_ID=obo-encryption-key

License

MIT