UNPKG

ssb-keys/README.md

Version:

2.32 kBMarkdownView Raw

1# SSB-Keys
2
3supplies key loading and other cryptographic functions needed in secure-scuttlebutt apps.
4
5```js
6var ssbkeys = require('ssb-keys')
7
8//usually, load keys like this
9var keys = ssbkeys.loadOrCreateSync(filename)
10/* => {
11  id: String,
12  public: String,
13  private: String
14}*/
15
16//but for testing, .generate() is useful.
17var keys = ssbkeys.generate()
18/* => {
19  id: String,
20  public: String,
21  private: String
22}*/
23
24
25//hmac_key is a fixed value that applies to _THIS_ signature use, see below.
26
27var obj = ssbkeys.signObj(k, hmac_key, { foo: 'bar' })
28console.log(obj) /* => {
29  foo: 'bar',
30  signature: ...
31} */
32ssbkeys.verifyObj(k, hmac_key, obj) // => true
33```
34
35## api
36
37### loadOrCreateSync (filename)
38
39Load a file containing the your private key. the file will also
40contain a comment with a warning about keeping the file secret.
41
42Works in the browser, or stores the keys is localStorage in the browser.
43(web apps should be hosted a secure way, for example [web-bootloader](https://github.com/dominictarr/web-bootloader))
44
45If the file does not exist it will be created. there is also
46variations and parts `loadOrCreate` (async), `load`, `create`
47`createSync` `loadSync`. But since you only need to load once,
48using the combined function is easiest.
49
50### generate(curve, seed)
51
52generate a key, with optional seed.
53curve defaults to `ed25519` (and no other type is currently supported)
54seed should be a 32 byte buffer.
55
56### signObj(keys, hmac_key?, obj)
57
58signs a javascript object, and then adds a signature property to it.
59
60If `hmac_key` is provided, the object is hmaced before signing,
61which means it cannot be verified without the correct `hmac_key`.
62If each way that signatures are used in your application use a different
63hmac key, it means that a signature intended for one use cannot be reused in another
64(chosen protocol attack)
65
66### verifyObj(keys, hmac_key?, obj)
67
68verify a signed object. `hmac_key` must be the same value as passed to `signObj`.
69
70### box(msg, recipients)
71
72encrypt a message to many recipients. msg will be JSON encoded, then encrypted
73with [private-box](https://github.com/auditdrivencrypto/private-box)
74
75### unbox (boxed, keys)
76
77decrypt a message encrypted with `box`. If the `boxed` successfully decrypted,
78the parsed JSON is returned, if not, `undefined` is returned.
79
80### LICENSE
81
82MIT
83

1	`# SSB-Keys`
2
3	`supplies key loading and other cryptographic functions needed in secure-scuttlebutt apps.`
4
5	```js
6	`var ssbkeys = require('ssb-keys')`
7
8	`//usually, load keys like this`
9	`var keys = ssbkeys.loadOrCreateSync(filename)`
10	`/* => {`
11	`id: String,`
12	`public: String,`
13	`private: String`
14	`}*/`
15
16	`//but for testing, .generate() is useful.`
17	`var keys = ssbkeys.generate()`
18	`/* => {`
19	`id: String,`
20	`public: String,`
21	`private: String`
22	`}*/`
23
24
25	`//hmac_key is a fixed value that applies to _THIS_ signature use, see below.`
26
27	`var obj = ssbkeys.signObj(k, hmac_key, { foo: 'bar' })`
28	`console.log(obj) /* => {`
29	`foo: 'bar',`
30	`signature: ...`
31	`} */`
32	`ssbkeys.verifyObj(k, hmac_key, obj) // => true`
33	```
34
35	`## api`
36
37	`### loadOrCreateSync (filename)`
38
39	`Load a file containing the your private key. the file will also`
40	`contain a comment with a warning about keeping the file secret.`
41
42	`Works in the browser, or stores the keys is localStorage in the browser.`
43	`(web apps should be hosted a secure way, for example [web-bootloader](https://github.com/dominictarr/web-bootloader))`
44
45	`If the file does not exist it will be created. there is also`
46	variations and parts `loadOrCreate` (async), `load`, `create`
47	`createSync` `loadSync`. But since you only need to load once,
48	`using the combined function is easiest.`
49
50	`### generate(curve, seed)`
51
52	`generate a key, with optional seed.`
53	curve defaults to `ed25519` (and no other type is currently supported)
54	`seed should be a 32 byte buffer.`
55
56	`### signObj(keys, hmac_key?, obj)`
57
58	`signs a javascript object, and then adds a signature property to it.`
59
60	If `hmac_key` is provided, the object is hmaced before signing,
61	which means it cannot be verified without the correct `hmac_key`.
62	`If each way that signatures are used in your application use a different`
63	`hmac key, it means that a signature intended for one use cannot be reused in another`
64	`(chosen protocol attack)`
65
66	`### verifyObj(keys, hmac_key?, obj)`
67
68	verify a signed object. `hmac_key` must be the same value as passed to `signObj`.
69
70	`### box(msg, recipients)`
71
72	`encrypt a message to many recipients. msg will be JSON encoded, then encrypted`
73	`with [private-box](https://github.com/auditdrivencrypto/private-box)`
74
75	`### unbox (boxed, keys)`
76
77	decrypt a message encrypted with `box`. If the `boxed` successfully decrypted,
78	the parsed JSON is returned, if not, `undefined` is returned.
79
80	`### LICENSE`
81
82	`MIT`
83