diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
index 632310d..b3e82cf 100644
--- a/.github/workflows/build.yaml
+++ b/.github/workflows/build.yaml
@@ -66,6 +66,7 @@ jobs:
           path: |
             target/${{ matrix.job.target }}/release/hbbr
             target/${{ matrix.job.target }}/release/hbbs
+            target/${{ matrix.job.target }}/release/rustdesk-utils
           if-no-files-found: error
 
   # github (draft) release with all binaries
@@ -102,7 +103,7 @@ jobs:
           path: i386
 
       - name: Rename files
-        run: for arch in amd64 arm64v8 armv7 i386 ; do for b in hbbr hbbs ; do mv -v ${arch}/${b} ${arch}/${b}-${arch} ; done ; done 
+        run: for arch in amd64 arm64v8 armv7 i386 ; do for b in hbbr hbbs rustdesk-utils ; do mv -v ${arch}/${b} ${arch}/${b}-${arch} ; done ; done 
 
       - name: Create Release
         uses: softprops/action-gh-release@v1
diff --git a/Cargo.toml b/Cargo.toml
index 5ace1a4..d652980 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -10,6 +10,10 @@ default-run = "hbbs"
 name = "hbbr"
 path = "src/hbbr.rs"
 
+[[bin]]
+name = "rustdesk-utils"
+path = "src/utils.rs"
+
 # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
 
 [dependencies]
diff --git a/src/utils.rs b/src/utils.rs
new file mode 100644
index 0000000..7eb7a58
--- /dev/null
+++ b/src/utils.rs
@@ -0,0 +1,93 @@
+use hbb_common::{bail, ResultType};
+use sodiumoxide::crypto::sign;
+use std::env;
+use std::process;
+use std::str;
+
+fn print_help() {
+    println!(
+        "Usage:
+    rustdesk-util [command]\n
+Available Commands:
+    genkeypair                                   Generate a new keypair
+    validatekeypair [public key] [secret key]    Validate an existing keypair"
+    );
+    process::exit(0x0001);
+}
+
+fn error_then_help(msg: &str) {
+    println!("ERROR: {}\n", msg);
+    print_help();
+}
+
+fn gen_keypair() {
+    let (pk, sk) = sign::gen_keypair();
+    let public_key = base64::encode(pk);
+    let secret_key = base64::encode(sk);
+    println!("Public Key:  {public_key}");
+    println!("Secret Key:  {secret_key}");
+}
+
+fn validate_keypair(pk: &str, sk: &str) -> ResultType<()> {
+    let sk1 = base64::decode(&sk);
+    if sk1.is_err() {
+        bail!("Invalid secret key");
+    }
+    let sk1 = sk1.unwrap();
+
+    let secret_key = sign::SecretKey::from_slice(sk1.as_slice());
+    if secret_key.is_none() {
+        bail!("Invalid Secret key");
+    }
+    let secret_key = secret_key.unwrap();
+
+    let pk1 = base64::decode(&pk);
+    if pk1.is_err() {
+        bail!("Invalid public key");
+    }
+    let pk1 = pk1.unwrap();
+
+    let public_key = sign::PublicKey::from_slice(pk1.as_slice());
+    if public_key.is_none() {
+        bail!("Invalid Public key");
+    }
+    let public_key = public_key.unwrap();
+
+    let random_data_to_test = b"This is meh.";
+    let signed_data = sign::sign(random_data_to_test, &secret_key);
+    let verified_data = sign::verify(&signed_data, &public_key);
+    if verified_data.is_err() {
+        bail!("Key pair is INVALID");
+    }
+    let verified_data = verified_data.unwrap();
+
+    if random_data_to_test != &verified_data[..] {
+        bail!("Key pair is INVALID");
+    }
+
+    Ok(())
+}
+
+fn main() {
+    let args: Vec<_> = env::args().collect();
+    if args.len() <= 1 {
+        print_help();
+    }
+
+    let command = args[1].to_lowercase();
+    match command.as_str() {
+        "genkeypair" => gen_keypair(),
+        "validatekeypair" => {
+            if args.len() <= 3 {
+                error_then_help("You must supply both the public and the secret key");
+            }
+            let res = validate_keypair(args[2].as_str(), args[3].as_str());
+            if let Err(e) = res {
+                println!("{}", e);
+                process::exit(0x0001);
+            }
+            println!("Key pair is VALID");
+        }
+        _ => print_help(),
+    }
+}