New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details →
Socket
Book a DemoSign in
Socket
Book a DemoSign in

seald

Package Overview
Dependencies
Maintainers
1
Versions
4
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

seald

Encrypt part of your text file, powered by [TweetNaCl.js](https://tweetnacl.js.org/).

latest
Source
npmnpm
Version
0.0.3
Version published
Weekly downloads
15
-6.25%
Maintainers
1
Weekly downloads
 
Created
Source

seald

Encrypt part of your text file, powered by TweetNaCl.js.

Warning: This package is unrelated to the end-to-end encryption SDK Seald.io. If you are looking for the Seald.io SDK, please install the @seald-io/sdk package.

Example usage

I have a .env.staging file.

AWS_ACCESS_KEY_ID=AKIAYVP4CIPPALMU4BWD
AWS_SECRET_ACCESS_KEY=n2ErjptdPdQAnHNI9F50zyGAsE6NAj+w4SpzTJ7x

I want to encrypt the value of AWS_SECRET_ACCESS_KEY with these desired qualities:

  • I don’t want to encrypt the whole file. I want to see the overall structure.
  • I want to use asymmetric encryption, so others can add secrets to this file without knowing the secret key.

I went to https://tweetnacl.js.org/#/box and generated a secret key along with a public key:

  • Secret key: NIx+f8paZzMcofxgzlNsnApvGhuVzLTloHfFL8MwiPs=
  • Public key: r8+GVn7boCsLU9MkVOO7b/mDg99MSqjuxNs9OapGp3Q=

Then, I use the public key to encrypt the AWS secret access key:

// Run this in Node.js REPL
console.log(
  require('seald').seal(
    'n2ErjptdPdQAnHNI9F50zyGAsE6NAj+w4SpzTJ7x',
    'r8+GVn7boCsLU9MkVOO7b/mDg99MSqjuxNs9OapGp3Q=',
  ),
)
// -> (SEALD;r8+GVn7boCsLU9MkVOO7b/mDg99MSqjuxNs9OapGp3Q=;WAwRB4BMmL+QcC608kIq8iLBR59hh+RDtS4N3SdEH0k=;8I1leOJ+jE3KKoRroq1CQkFEil4zL6PG;70jNalbCAmvDhIYJAZl2LgJdtCrJZJmKf0kIwRUqYw8gBS7A3J9CNqL7EfbvHlpEVWww6T8CLZY=)

It returns a string that I can now use in my .env.staging.seald file:

AWS_ACCESS_KEY_ID=AKIAYVP4CIPPALMU4BWD
AWS_SECRET_ACCESS_KEY=(SEALD;r8+GVn7boCsLU9MkVOO7b/mDg99MSqjuxNs9OapGp3Q=;WAwRB4BMmL+QcC608kIq8iLBR59hh+RDtS4N3SdEH0k=;8I1leOJ+jE3KKoRroq1CQkFEil4zL6PG;70jNalbCAmvDhIYJAZl2LgJdtCrJZJmKf0kIwRUqYw8gBS7A3J9CNqL7EfbvHlpEVWww6T8CLZY=)

On the CI, I can unseal it with this script:

import fs from 'fs'
import { unseal } from 'seald'

// Usually I would load the key from your CI’s secret store or environment variable.
const keys = {
  'r8+GVn7boCsLU9MkVOO7b/mDg99MSqjuxNs9OapGp3Q=':
    'NIx+f8paZzMcofxgzlNsnApvGhuVzLTloHfFL8MwiPs=',
}

const sealed = fs.readFileSync('.env.staging.seald', 'utf8')
const unsealed = unseal(sealed, keys)
fs.writeFileSync('.env.staging', unsealed)

seald data format

The sealed data has this syntax:

(SEALD;PublicKey;SealerPublicKey;Nonce;Payload)

API reference

https://apiref.page/package/seald

API reference screenshot

FAQs

Package last updated on 01 Dec 2022

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Attackers Are Hunting High-Impact Node.js Maintainers in a Coordinated Social Engineering Campaign

Security News

Attackers Are Hunting High-Impact Node.js Maintainers in a Coordinated Social Engineering Campaign

Multiple high-impact npm maintainers confirm they have been targeted in the same social engineering campaign that compromised Axios.

By Sarah Gooding  -  Apr 03, 2026