diff --git a/npmextra.json b/npmextra.json index 3e795d7..151205d 100644 --- a/npmextra.json +++ b/npmextra.json @@ -7,14 +7,24 @@ "shortDescription": "handle private/public key creation", "npmPackagename": "@push.rocks/smartkey", "license": "MIT", - "projectDomain": "push.rocks" + "projectDomain": "push.rocks", + "description": "Handles the creation and management of private/public key pairs.", + "keywords": [ + "cryptography", + "security", + "keypair", + "public key", + "private key", + "encryption", + "decryption" + ] } }, "npmci": { "npmGlobalTools": [], "npmAccessLevel": "public" }, - "tsdocs": { + "tsdoc": { "legal": "\n## License and Legal Information\n\nThis repository contains open-source code that is licensed under the MIT License. A copy of the MIT License can be found in the [license](license) file within this repository. \n\n**Please note:** The MIT License does not grant permission to use the trade names, trademarks, service marks, or product names of the project, except as required for reasonable and customary use in describing the origin of the work and reproducing the content of the NOTICE file.\n\n### Trademarks\n\nThis project is owned and maintained by Task Venture Capital GmbH. The names and logos associated with Task Venture Capital GmbH and any related products or services are trademarks of Task Venture Capital GmbH and are not included within the scope of the MIT license granted herein. Use of these trademarks must comply with Task Venture Capital GmbH's Trademark Guidelines, and any usage must be approved in writing by Task Venture Capital GmbH.\n\n### Company Information\n\nTask Venture Capital GmbH \nRegistered at District court Bremen HRB 35230 HB, Germany\n\nFor any legal inquiries or if you require further information, please contact us via email at hello@task.vc.\n\nBy using this repository, you acknowledge that you have read this section, agree to comply with its terms, and understand that the licensing of the code does not imply endorsement by Task Venture Capital GmbH of any derivative works.\n" } } \ No newline at end of file diff --git a/package.json b/package.json index fa5f0da..e841140 100644 --- a/package.json +++ b/package.json @@ -2,7 +2,7 @@ "name": "@push.rocks/smartkey", "version": "1.0.6", "private": false, - "description": "handle private/public key creation", + "description": "Handles the creation and management of private/public key pairs.", "main": "dist/index.js", "typings": "dist/index.d.ts", "author": "Lossless GmbH", @@ -22,5 +22,14 @@ }, "dependencies": { "@pushrocks/smartpromise": "^2.0.5" - } + }, + "keywords": [ + "cryptography", + "security", + "keypair", + "public key", + "private key", + "encryption", + "decryption" + ] } \ No newline at end of file diff --git a/readme.hints.md b/readme.hints.md new file mode 100644 index 0000000..0519ecb --- /dev/null +++ b/readme.hints.md @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/readme.md b/readme.md index efbaf0c..ee4ab50 100644 --- a/readme.md +++ b/readme.md @@ -1,26 +1,85 @@ -# @pushrocks/smartkey -handle private/public key creation +# @push.rocks/smartkey +Handle private/public key creation efficiently and securely with this TypeScript-based library, offering seamless integration and robust functionality for managing cryptographic key pairs. -## Availabililty and Links -* [npmjs.org (npm package)](https://www.npmjs.com/package/@pushrocks/smartkey) -* [gitlab.com (source)](https://gitlab.com/pushrocks/smartkey) -* [github.com (source mirror)](https://github.com/pushrocks/smartkey) -* [docs (typedoc)](https://pushrocks.gitlab.io/smartkey/) +## Install +To get started with `@push.rocks/smartkey` in your project, you'll need to have Node.js and npm installed. Then, you can install the package using npm: -## Status for master -[![build status](https://gitlab.com/pushrocks/smartkey/badges/master/build.svg)](https://gitlab.com/pushrocks/smartkey/commits/master) -[![coverage report](https://gitlab.com/pushrocks/smartkey/badges/master/coverage.svg)](https://gitlab.com/pushrocks/smartkey/commits/master) -[![npm downloads per month](https://img.shields.io/npm/dm/@pushrocks/smartkey.svg)](https://www.npmjs.com/package/@pushrocks/smartkey) -[![Known Vulnerabilities](https://snyk.io/test/npm/@pushrocks/smartkey/badge.svg)](https://snyk.io/test/npm/@pushrocks/smartkey) -[![TypeScript](https://img.shields.io/badge/TypeScript->=%203.x-blue.svg)](https://nodejs.org/dist/latest-v10.x/docs/api/) -[![node](https://img.shields.io/badge/node->=%2010.x.x-blue.svg)](https://nodejs.org/dist/latest-v10.x/docs/api/) -[![JavaScript Style Guide](https://img.shields.io/badge/code%20style-prettier-ff69b4.svg)](https://prettier.io/) +```bash +npm install @push.rocks/smartkey --save +``` + +This command adds `@push.rocks/smartkey` to your project's dependencies, ensuring that your project is ready to leverage the power of key management. ## Usage -For further information read the linked docs at the top of this readme. +### Getting Started with SmartKey +To use `@push.rocks/smartkey` in your TypeScript project, initially import the main class `SmartKey` and relevant interfaces from the package: -> MIT licensed | **©** [Lossless GmbH](https://lossless.gmbh) -| By using this npm module you agree to our [privacy policy](https://lossless.gmbH/privacy.html) +```typescript +import { SmartKey, KeyPair } from '@push.rocks/smartkey'; +``` -[![repo-footer](https://pushrocks.gitlab.io/assets/repo-footer.svg)](https://maintainedby.lossless.com) +`SmartKey` is your gateway to creating and managing key pairs, while `KeyPair` represents the public and private keys. + +### Creating a New Key Pair + +Generating a new key pair is simple and straightforward with `@push.rocks/smartkey`. You can create a key pair with an optional passphrase for the private key encryption: + +```typescript +async function generateKeyPair() { + const smartKeyInstance = new SmartKey(); + try { + const keyPair: KeyPair = await smartKeyInstance.getKeypair('YourPassPhraseHere'); + + console.log('Public Key:', keyPair.publicKey); + console.log('Private Key:', keyPair.privateKey); + } catch (error) { + console.error('Error generating key pair:', error); + } +} + +generateKeyPair(); +``` + +In this example, we instantiate `SmartKey` and call `getKeypair` with an optional passphrase. The resulting `keyPair` object contains both the public and private keys. Note that including a passphrase is optional but recommended for additional security of the private key. + +### Understanding Key Formats + +The keys generated by `@push.rocks/smartkey` are in the PEM format, widely used and compatible with many cryptographic operations and libraries. This format ensures that your keys can be easily integrated into a variety of applications and systems. + +### Secure Key Storage + +After generating your keys, it's crucial to store them securely. The public key can be distributed or stored openly, as it's used to encrypt data that only the matching private key can decrypt. However, the private key should be kept secure and confidential. If you're using a passphrase, it adds an extra layer of protection, encrypting your private key to prevent unauthorized access even if the key itself is compromised. + +### Integration with Cryptographic Operations + +`@push.rocks/smartkey` focuses on key management, and you may want to use the keys generated for operations such as data encryption, decryption, or creating digital signatures. This usually involves integrating with other cryptographic libraries or modules, such as Node.js's built-in `crypto` module or other npm packages that provide higher-level cryptographic functionalities. + +For example, you might use the public key from a `KeyPair` to encrypt data with another library, ensuring that only the holder of the corresponding private key can decrypt and access the original information. + +### Advanced Usage and Considerations + +- **Key Rotation**: Regularly rotating keys is a fundamental security practice. `@push.rocks/smartkey` makes generating new key pairs simple, so periodic rotation can be easily implemented in your application's security strategy. +- **Passphrase Management**: If you opt to use passphrases, ensure they are securely managed and stored independently from the keys themselves. Leveraging a secure storage solution, such as a dedicated secrets manager, is advisable. +- **Cryptography Best Practices**: Always adhere to current cryptography best practices, including using strong passphrases, securely storing keys, and understanding the cryptographic principles underlying the operations you perform with the keys. + +`@push.rocks/smartkey` provides a robust foundation for managing cryptographic keys within your TypeScript applications, streamlining the creation, management, and secure storage of key pairs. Through its integration-friendly design and adherence to best practices, it's an essential tool for any security-conscious developer. + +## License and Legal Information + +This repository contains open-source code that is licensed under the MIT License. A copy of the MIT License can be found in the [license](license) file within this repository. + +**Please note:** The MIT License does not grant permission to use the trade names, trademarks, service marks, or product names of the project, except as required for reasonable and customary use in describing the origin of the work and reproducing the content of the NOTICE file. + +### Trademarks + +This project is owned and maintained by Task Venture Capital GmbH. The names and logos associated with Task Venture Capital GmbH and any related products or services are trademarks of Task Venture Capital GmbH and are not included within the scope of the MIT license granted herein. Use of these trademarks must comply with Task Venture Capital GmbH's Trademark Guidelines, and any usage must be approved in writing by Task Venture Capital GmbH. + +### Company Information + +Task Venture Capital GmbH +Registered at District court Bremen HRB 35230 HB, Germany + +For any legal inquiries or if you require further information, please contact us via email at hello@task.vc. + +By using this repository, you acknowledge that you have read this section, agree to comply with its terms, and understand that the licensing of the code does not imply endorsement by Task Venture Capital GmbH of any derivative works.