An ESM/CommonJS library for managing secrets in your application. The main goal of this library is to provide terminal commands (with npx) to generate secrets for your application from a mnemonic phrase. To achieve it, a lot of tools are used within micro functions.
- Generates a mnemonic phrase on terminal, with
npx pglysecrets mnemonic
; - Generates a key-pair from a mnemonic phrase, with
npx pglysecrets generate:ed25519
; - Generates a secret key from a mnemonic phrase, with
npx pglysecrets generate:aes256
; - Recovers a key-pair from a mnemonic phrase, with
npx pglysecrets recover:ed25519
; - Recovers a secret key from a mnemonic phrase, with
npx pglysecrets recover:aes256
; - Functions to sign and verify data with
ED25519
ined25519.sign
anded25519.verify
; - Functions to encrypt and decrypt data with
AES-256
inaes256.encrypt
,aes256.decrypt
,aes256.encryptStream
andaes256.decryptStream
; - Services to manage secrets and key-pairs in your application.
Generates and shows a mnemonic.
pglysecrets mnemonic [options]
Option | Description | Default | Required |
---|---|---|---|
-s, --strength <strength> |
Strength of mnemonic. | 128 | No |
-n, --language <language> |
Language of mnemonic. Available: czech, chinese_simplified, chinese_traditional, korean, french, italian, spanish, japanese, portuguese, english. | english | No |
pglysecrets mnemonic -s 256 -n japanese
Generates a key-pair based on a mnemonic phrase using the ed25519 algorithm.
The name for a secret key will be
${name}.sk.key
and for a public key will be${name}.pk.key
. When using the index option, the key will be stored in a JSON file with the name${index}.index.keypairs.json
.
pglysecrets generate:ed25519 <name> <version> [options]
Argument | Description | Required |
---|---|---|
<name> |
Name of the key. | Yes |
<version> |
Version of the key. Should be an integer. | Yes |
Option | Description | Default | Required |
---|---|---|---|
-p, --path <path> |
Path to save the key. | Yes | |
-x, --index <index> |
Index name. Will store the key in a JSON index. | No | |
-w, --password <password> |
Password for seed generation. | No | |
-l, --language <language> |
Language of mnemonic. | english |
No |
pglysecrets generate:ed25519 myKey 1 -p /path/to/save -x keyIndex -w myPassword -l japanese
Recovers a key-pair from a mnemonic and saves it to a file. It will remove the previous key from the index when the index is set.
The name for a secret key will be
${name}.sk.key
and for a public key will be${name}.pk.key
. When using the index option, the key will be stored in a JSON file with the name${index}.index.keypairs.json
.⚠️ It will replace the previous key with the same name and version.
pglysecrets recover:ed25519 <name> <version> [options]
Argument | Description | Required |
---|---|---|
<name> |
Name of the key. | Yes |
<version> |
Version of the key. Should be an integer. | Yes |
Option | Description | Default | Required |
---|---|---|---|
-p, --path <path> |
Path to save the key. | Yes | |
-x, --index <index> |
Index name. Will store the key in a JSON index. | No | |
-m, --mnemonic <mnemonic> |
Mnemonic to recover the key. | Yes | |
-w, --password <password> |
Password for seed generation. | No |
pglysecrets recover:ed25519 myKey 1 -p /path/to/save -x keyIndex -m "mnemonic phrase here" -w myPassword
Generates a secret based on a mnemonic phrase using the aes256 algorithm.
The name for a secret key will be
${name}.secret.key
. When using the index option, the key will be stored in a JSON file with the name${index}.index.secrets.json
.
pglysecrets generate:aes256 <name> <version> [options]
Argument | Description | Required |
---|---|---|
<name> |
Name of the key. | Yes |
<version> |
Version of the key. Should be an integer. | Yes |
Option | Description | Default | Required |
---|---|---|---|
-p, --path <path> |
Path to save the key. | Yes | |
-x, --index <index> |
Index name. Will store the key in a JSON index. | No | |
-w, --password <password> |
Password for seed generation. | No | |
-l, --language <language> |
Language of mnemonic. Available: czech, chinese_simplified, chinese_traditional, korean, french, italian, spanish, japanese, portuguese, english. | english | No |
pglysecrets generate:aes256 mySecret 1 -p /path/to/save -x secretIndex -w myPassword -l japanese
Recovers a secret from a mnemonic and saves it to a file. It will remove the previous key from the index when the index is set.
The name for a secret key will be
${name}.secret.key
. When using the index option, the key will be stored in a JSON file with the name${index}.index.secrets.json
.⚠️ It will replace the previous key with the same name and version.
pglysecrets recover:aes256 <name> <version> [options]
Argument | Description | Required |
---|---|---|
<name> |
Name of the key. | Yes |
<version> |
Version of the key. Should be an integer. | Yes |
Option | Description | Default | Required |
---|---|---|---|
-p, --path <path> |
Path to save the key. | Yes | |
-x, --index <index> |
Index name. Will store the key in a JSON index. | No | |
-m, --mnemonic <mnemonic> |
Mnemonic to recover the key. | Yes | |
-w, --password <password> |
Password for seed generation. | No |
pglysecrets recover:aes256 mySecret 1 -p /path/to/save -x secretIndex -m "mnemonic phrase here" -w myPassword
This library is ready for ES module or CommonJs module. You must add it by using Node.Js:
npm i --save @piggly/secrets
See the CHANGELOG file for information about all code changes.
This library uses the Jest. We carry out tests of all the main features of this application.
npm run test:once
See the CONTRIBUTING file for information before submitting your contribution.
MIT License (MIT). See LICENSE.