@arigato/mamba
Advanced tools
Readme
A library for signing URLs using ECDSA P-521 keys and SHA-512 encryption.
$ npm i @arigato/mamba
The sign function accepts a URL and a private ECDSA P-521 encryption key. It returns the same URL with a timestamp and signature in the query denoted by ts and sig, respectively. You can use a PEM or a DER key.
import { sign } from "@arigato/mamba";
const signedUrl = sign(
"https://api.manifold.co/v1/users?bar=foo&abc=cba",
somePrivateKey
);
// https://api.manifold.co/v1/users?bar=foo&abc=cba&ts=1543524418617&sig=MIGIAkIB8w1v%2F8VqdCXRUvKuTM7F%2F%2B8gpUJe5p2ewronH4Uakw3QD8WGGGxIpkX6bXiDdfUHxoc0K14Rl%2FBLEKQVHxK8pXYCQgFxffVMjMCUOaWbPRthEMSGL%2Fy3RuSPZigHs1RoHsqngrEvbSZwPW3ioLMxIPrjfva%2BxeAD7xHznhaaRyKU6ogX%2Bg%3D%3D
Use formatPrivateDERKey, which accepts either a string or a buffer.
import { sign, formatPrivateDERKey, KeyType } from "@arigato/mamba";
const signedUrl = sign(
"https://api.manifold.co/v1/users?bar=foo&abc=cba",
formatPrivateDERKey(somePrivateKey)
);
Follow the instructions below to contribute.
Clone the repo:
$ git clone git@github.com:manifoldco/mamba.git
Then change into the directory and install dependencies:
$ cd mamba
$ npm i
All code files and tests are located in the src/ folder. After making changes, run the build command:
$ npm run build
This compiles the TypeScript to JavaScript and places it in the dist/ folder.
Please add tests for any new code you write. Run tests with
$ npm test
Note: you will need node 10.12.0 or higher in order to run the tests, which generate public and private keys for testing using functionality not available in previous releases.
FAQs
A tool for signing URLs using secp521r1
The npm package @arigato/mamba receives a total of 1 weekly downloads. As such, @arigato/mamba popularity was classified as not popular.
We found that @arigato/mamba demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 20 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
NIST's new AI Risk Management Framework aims to enhance the security and reliability of generative AI systems and address the unique challenges of malicious AI exploits.
Security News
This episode of the Risky Biz podcast discusses how the rise of small open source packages and the shift towards individual maintainers makes the ecosystem more vulnerable to supply chain attacks.
Product
Streamline your login process and enhance security by enabling Single Sign-On (SSO) on the Socket platform, now available for all customers on the Enterprise plan, supporting 20+ identity providers.