{"_id":"subkey","_rev":"370386","name":"subkey","description":"create subkeys to sign with","dist-tags":{"latest":"1.2.2"},"maintainers":[{"name":"cwmma","email":"calvin.metcalf@gmail.com"}],"time":{"modified":"2021-07-26T06:59:16.000Z","created":"2015-05-03T02:31:53.429Z","1.2.2":"2015-05-06T14:00:16.472Z","1.2.1":"2015-05-05T20:19:51.217Z","1.2.0":"2015-05-05T19:28:35.528Z","1.1.0":"2015-05-05T14:51:41.371Z","1.0.0":"2015-05-03T02:31:53.429Z"},"users":{},"author":"","repository":{"type":"git","url":"git+ssh://git@github.com/calvinmetcalf/subkey.git"},"versions":{"1.2.2":{"name":"subkey","version":"1.2.2","description":"create subkeys to sign with","main":"index.js","scripts":{"test":"node test.js | tspec"},"author":"","license":"MIT","dependencies":{"elliptic":"^3.0.3","protocol-buffers":"^3.0.0"},"devDependencies":{"tap-spec":"^3.0.0","tape":"^4.0.0"},"repository":{"type":"git","url":"git+ssh://git@github.com/calvinmetcalf/subkey.git"},"gitHead":"e3def2e9511dfa258d56e8ee1dde8b8ab2e32012","bugs":{"url":"https://github.com/calvinmetcalf/subkey/issues"},"homepage":"https://github.com/calvinmetcalf/subkey#readme","_id":"subkey@1.2.2","_shasum":"6d2cd2152440de8ae476d48317c596184ebc8eb8","_from":".","_npmVersion":"2.9.0","_nodeVersion":"2.0.0","_npmUser":{"name":"cwmma","email":"calvin.metcalf@gmail.com"},"maintainers":[{"name":"cwmma","email":"calvin.metcalf@gmail.com"}],"dist":{"shasum":"6d2cd2152440de8ae476d48317c596184ebc8eb8","size":8700,"noattachment":false,"key":"/subkey/-/subkey-1.2.2.tgz","tarball":"http://registry.cnpm.dingdandao.com/subkey/download/subkey-1.2.2.tgz"},"directories":{},"publish_time":1430920816472,"_cnpm_publish_time":1430920816472,"_hasShrinkwrap":false},"1.2.1":{"name":"subkey","version":"1.2.1","description":"create subkeys to sign with","main":"index.js","scripts":{"test":"node test.js | tspec"},"author":"","license":"MIT","dependencies":{"elliptic":"^3.0.3","protocol-buffers":"^3.0.0"},"devDependencies":{"tap-spec":"^3.0.0","tape":"^4.0.0"},"repository":{"type":"git","url":"git+ssh://git@github.com/calvinmetcalf/subkey.git"},"gitHead":"a85e180ca4e17864b8969ff867798cce1f4bec9d","bugs":{"url":"https://github.com/calvinmetcalf/subkey/issues"},"homepage":"https://github.com/calvinmetcalf/subkey#readme","_id":"subkey@1.2.1","_shasum":"cfadda37e20e84129ea1f5947c83156f994e9b3a","_from":".","_npmVersion":"2.9.0","_nodeVersion":"2.0.0","_npmUser":{"name":"cwmma","email":"calvin.metcalf@gmail.com"},"maintainers":[{"name":"cwmma","email":"calvin.metcalf@gmail.com"}],"dist":{"shasum":"cfadda37e20e84129ea1f5947c83156f994e9b3a","size":8719,"noattachment":false,"key":"/subkey/-/subkey-1.2.1.tgz","tarball":"http://registry.cnpm.dingdandao.com/subkey/download/subkey-1.2.1.tgz"},"directories":{},"publish_time":1430857191217,"_cnpm_publish_time":1430857191217,"_hasShrinkwrap":false},"1.2.0":{"name":"subkey","version":"1.2.0","description":"create subkeys to sign with","main":"index.js","scripts":{"test":"node test.js | tspec"},"author":"","license":"MIT","dependencies":{"elliptic":"^3.0.3","protocol-buffers":"^3.0.0"},"devDependencies":{"tap-spec":"^3.0.0","tape":"^4.0.0"},"repository":{"type":"git","url":"git+ssh://git@github.com/calvinmetcalf/subkey.git"},"gitHead":"1eee637d86c8155c9c1a354b3cb796fec71c9079","bugs":{"url":"https://github.com/calvinmetcalf/subkey/issues"},"homepage":"https://github.com/calvinmetcalf/subkey#readme","_id":"subkey@1.2.0","_shasum":"31e9c3d524fa09a824f48d169e1359ff1ebe600f","_from":".","_npmVersion":"2.9.0","_nodeVersion":"2.0.0","_npmUser":{"name":"cwmma","email":"calvin.metcalf@gmail.com"},"maintainers":[{"name":"cwmma","email":"calvin.metcalf@gmail.com"}],"dist":{"shasum":"31e9c3d524fa09a824f48d169e1359ff1ebe600f","size":8691,"noattachment":false,"key":"/subkey/-/subkey-1.2.0.tgz","tarball":"http://registry.cnpm.dingdandao.com/subkey/download/subkey-1.2.0.tgz"},"directories":{},"publish_time":1430854115528,"_cnpm_publish_time":1430854115528,"_hasShrinkwrap":false},"1.1.0":{"name":"subkey","version":"1.1.0","description":"create subkeys to sign with","main":"index.js","scripts":{"test":"node test.js | tspec"},"author":"","license":"MIT","dependencies":{"elliptic":"^3.0.3","protocol-buffers":"^3.0.0"},"devDependencies":{"tap-spec":"^3.0.0","tape":"^4.0.0"},"repository":{"type":"git","url":"git@github.com:calvinmetcalf/subkey.git"},"gitHead":"28e7580cff7cb997135caa882f3b5f74b5df9e5f","bugs":{"url":"https://github.com/calvinmetcalf/subkey/issues"},"homepage":"https://github.com/calvinmetcalf/subkey","_id":"subkey@1.1.0","_shasum":"a6be4339db81bb7c4fcbd9509297df98fbc33e92","_from":".","_npmVersion":"2.7.6","_nodeVersion":"2.0.0","_npmUser":{"name":"cwmma","email":"calvin.metcalf@gmail.com"},"maintainers":[{"name":"cwmma","email":"calvin.metcalf@gmail.com"}],"dist":{"shasum":"a6be4339db81bb7c4fcbd9509297df98fbc33e92","size":7494,"noattachment":false,"key":"/subkey/-/subkey-1.1.0.tgz","tarball":"http://registry.cnpm.dingdandao.com/subkey/download/subkey-1.1.0.tgz"},"directories":{},"publish_time":1430837501371,"_cnpm_publish_time":1430837501371,"_hasShrinkwrap":false},"1.0.0":{"name":"subkey","version":"1.0.0","description":"create subkeys to sign with","main":"index.js","scripts":{"test":"node test.js | tspec"},"author":"","license":"MIT","dependencies":{"elliptic":"^3.0.3","protocol-buffers":"^3.0.0"},"devDependencies":{"tap-spec":"^3.0.0","tape":"^4.0.0"},"repository":{"type":"git","url":"git@github.com:calvinmetcalf/subkey.git"},"gitHead":"ad51660810a8f6cabe9d9dd93d08c170ce9ffbbc","bugs":{"url":"https://github.com/calvinmetcalf/subkey/issues"},"homepage":"https://github.com/calvinmetcalf/subkey","_id":"subkey@1.0.0","_shasum":"2f49d6d4243d01653ccd1c7fdd9a85e708961d41","_from":".","_npmVersion":"2.0.0","_npmUser":{"name":"cwmma","email":"calvin.metcalf@gmail.com"},"maintainers":[{"name":"cwmma","email":"calvin.metcalf@gmail.com"}],"dist":{"shasum":"2f49d6d4243d01653ccd1c7fdd9a85e708961d41","size":3631,"noattachment":false,"key":"/subkey/-/subkey-1.0.0.tgz","tarball":"http://registry.cnpm.dingdandao.com/subkey/download/subkey-1.0.0.tgz"},"directories":{},"publish_time":1430620313429,"_cnpm_publish_time":1430620313429,"_hasShrinkwrap":false}},"readme":"subkey\n===\n\n[![Build Status](https://travis-ci.org/calvinmetcalf/subkey.svg)](https://travis-ci.org/calvinmetcalf/subkey)\n\n```bash\nnpm install subkey\n```\n\nCreate signatures based on an RSA key, but using a ed25519 session key to avoid\nsignature oracle issues.  Uses [elliptic](https://github.com/indutny/elliptic) for ECDSA.\n\nAPI\n===\n```js\nvar subkey = require('subkey');\n\nvar signature = subkey.sign(yourPrivateKey, 'your message');\n\nsubkey.verify(yourPublicKey, signature, 'not your message');\n// returns true\n\nsubkey.verify(yourPublicKey, signature, 'not your message');\n// returns false\n```\n\nThe first time you sign with an RSA key an ed25519 key is created and signed with your RSA key.  This key is used to sign all messaged and they public key, and the key signature are included with the message signature each time you sign something. This ephemeral subkey is only saved in memory and will not be saved.\n\nWhen verifying, the first time a key, session key, and session key signature combination is seen it is verified and will fail to verify if the session key in the signature does not match the RSA key.  It then verifies against session key returning true or false depending on whether it verifies.\n\n\nASYNC!!!!\n===\n\nThere are async methods, mainly in here for compatibility with ssh-agent, the api is\n\n```js\nsubkey.signAsync(yourPrivateKey, 'your message', signFunction, callback);\nfunction signFunction (key, message, callback) {\n   //obtain signature of message with key\n   callback(null, sig);\n}\nsubkey.verifyAsync(yourPublicKey, signature, 'your message', function (err, valid) {\n  // err = null and valid = true\n});\nsubkey.verifyAsync(yourPublicKey, signature, 'not your message', function (err, valid) {\n  // err = null and valid = false\n});\n\n```\n\nThe sign function takes a key and a message and the callback must be called with the rsa-ssh1\nsignature of the message. This is used to sign the ephemeral key the rest of signing works the same.\n\nverifyAsync is like verify except (beside being async) it uses sha1 as the hash method\nused to sign they subkey instead of sha-224 like the sync method.  In other words they are not compatible.\n","_attachments":{},"homepage":"https://github.com/calvinmetcalf/subkey#readme","bugs":{"url":"https://github.com/calvinmetcalf/subkey/issues"},"license":"MIT"}