pkcs15-smartcard-sign
Advanced tools
This module allows you to sign anything with a private key stored on PKCS #15 smartcard.
This module allows you to sign anything with a private key stored on PKCS #15 smartcard.
For example, you can upload your key to YubiKey and generate signatures.
It's using pkcs15-crypto to process signatures. If it's not installed, you will get an error.
const signer = require('pkcs15-smartcard-sign');
// Basic usage:
// - SHA-256
// - Read key with ID 02
// - Promot for PIN
signer.sign({
data: Buffer.from('something')
}).then(signature => {
console.log(signature.toString('hex'));
}).catch(err => {
console.error(err);
});
// Advanced options
signer.sign({
data,
// predefined PIN
pin: '0000',
// ID of the key to use (on the smart card)
key: '03',
// algo: sha256 or sha512
algo: 'sha512',
// select N-th smart card reader configured by the system
reader: 2,
// verify with this public key after sign
verifyKey: fs.readFileSync('your-public-key.pem')
});
FAQs
This module allows you to sign anything with a private key stored on PKCS #15 smartcard.
We found that pkcs15-smartcard-sign demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.