npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

sodium-cli

v1.0.2

Published

A simple CLI frontend for common sodium-native actions

Downloads

36

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

bretbret

Keywords

sodiumsodium-nativeclicryptopki

Readme

sodium-cli

npm version build status

A simple CLI frontend for sodium-native actions.

Installation

npm install sodium-cli -g

Usage

sodium-cli ships with a few cli commands and a common.js api.

The CLI ships three commands:

$ keygen

key.public and key.secret written to /Users/bret/repos/sodium-cli

$ sign index.js

6be2ee42223ac80784c9ad19c3898a35a0ac012ae0938e546deda8d479291494c316eb2f2a3bb1dda695fbe84819de8a9ec43f356b69bd7f0cf0190b11230809

$ verify 6be2ee42223ac80784c9ad19c3898a35a0ac012ae0938e546deda8d479291494c316eb2f2a3bb1dda695fbe84819de8a9ec43f356b69bd7f0cf0190b11230809 index.js

Valid signature for index.js by ./key.public

There is also an API counterpart for each command:

const sodiumCLI = require('sodium-cli')
const cwd = process.cwd()

sodiumCLI.keygen(cwd, err => {
  if (err) throw err
  sodiumCLI.sign('./secret.key', './some-file', (err, sig) => {
    if (err) throw err
    sodiumCLI.verify(sig, './public.key', './some-file', (err, valid) => {
      if (err) throw err
      console.log('Signature is valid ' + valid)
    })
  })
})

CLI

keygen

Generate a libsodium crypto_sign keypair and save it to disk.

$ keygen --help

sodium-cli keygen: Generate a libsodium crypto_sign keypair and save it to disk

Usage: keygen {options}
    --dest, -d            path to save keypair (default: ".")
    --force, -f           overwrite existing key files (default: false)
    --help, -h            show help
    --version, -v         print the version of the program

$ keygen

key.public and key.secret written to /Users/bret/repos/sodium-cli

$ ls key*

key.public key.secret

If keygen finds any existing keys in the destination directory, it will refuse to generate new keys unless you pass the --force flag.

sign [file]

Sign a file with a libsodium crypto_sign secret key and print to stdout.

$ sign --help

sodium-cli sign: Sign a file with a libsodium crypto_sign secret key and print to stdout

Usage: sign [file] {options}
    --secret, -s          path to secret key to sign with (default: "./key.secret")
    --help, -h            show help
    --version, -v         print the version of the program

$ sign index.js
6be2ee42223ac80784c9ad19c3898a35a0ac012ae0938e546deda8d479291494c316eb2f2a3bb1dda695fbe84819de8a9ec43f356b69bd7f0cf0190b11230809

verify [signature] [public key]

Verify a file with a libsodium crypto_sign public key and signature.

$ verify
sodium-cli verify: Verify a file with a libsodium crypto_sign public key and signature

Usage: verify [signature] [file] {options}
    --public, -p          path to public key file to verify with (default: "./key.public")
    --help, -h            show help
    --version, -v         print the version of the program
$ verify 6be2ee42223ac80784c9ad19c3898a35a0ac012ae0938e546deda8d479291494c316eb2f2a3bb1dda695fbe84819de8a9ec43f356b69bd7f0cf0190b11230809 index.js

Valid signature for index.js by ./key.public

$ verify badSig index.js

ERROR: Signature appears invalid

API

sodiumCLI.keygen(destination, callback)

Generate a libsodium crypto_sign keypair and save it to a destination path as destination/public.key and destination/secret.key. Any existing key files are overwritten.

Callback is called with (err) after the key files are written to disk.

sodiumCLI.sign(secretPath, filePath, callback)

Sign a file at filePath with a libsodium crypto_sign secret key located at secretPath.

Callback is called with (err, signature) where signature is the hex representation of the signature.

sodiumCLI.verify(signature, publicPath, filePath, callback)

Verify a file at filePath with a libsodium crypto_sign public key located at publicPath and detached libsodium hex signature.

Callback is called with (err, valid) where valid is a boolean indicating if the file is valid for the signature, public key and file combination.

See also

  • sodium-native: the underlying bindings to libsodium used perform all cryptographic actions.
  • libsodium: docs for the libsodium library.

License

MIT