Return only one key in key.read[Armored], add readAll[Armored]

2020-02-26 22:32:22 +01:00 · 2020-02-26 22:32:22 +01:00 · 2bc24f354b
commit 2bc24f354b
parent 3817cca3c6
24 changed files with 543 additions and 603 deletions
--- a/README.md
+++ b/README.md
@ -197,19 +197,19 @@ const openpgp = require('openpgp'); // use as CommonJS, AMD, ES6 module or via w
 -----END PGP PRIVATE KEY BLOCK-----`; // encrypted private key
    const passphrase = `yourPassphrase`; // what the private key is encrypted with
-    const { keys: [privateKey] } = await openpgp.key.readArmored(privateKeyArmored);
+    const privateKey = await openpgp.key.readArmored(privateKeyArmored);
    await privateKey.decrypt(passphrase);
    const encrypted = await openpgp.encrypt({
-        message: openpgp.message.fromText('Hello, World!'),                 // input as Message object
+        message: openpgp.message.fromText('Hello, World!'),          // input as Message object
-        publicKeys: (await openpgp.key.readArmored(publicKeyArmored)).keys, // for encryption
+        publicKeys: await openpgp.key.readArmored(publicKeyArmored), // for encryption
-        privateKeys: [privateKey]                                           // for signing (optional)
+        privateKeys: privateKey                                      // for signing (optional)
    });
    console.log(encrypted); // '-----BEGIN PGP MESSAGE ... END PGP MESSAGE-----'
    const { data: decrypted } = await openpgp.decrypt({
-        message: await openpgp.message.readArmored(encrypted),              // parse armored message
+        message: await openpgp.message.readArmored(encrypted),       // parse armored message
-        publicKeys: (await openpgp.key.readArmored(publicKeyArmored)).keys, // for verification (optional)
+        publicKeys: await openpgp.key.readArmored(publicKeyArmored), // for verification (optional)
-        privateKeys: [privateKey]                                           // for decryption
+        privateKeys: privateKey                                      // for decryption
    });
    console.log(decrypted); // 'Hello, World!'
 })();
@ -233,12 +233,10 @@ Encrypt with multiple public keys:
    const passphrase = `yourPassphrase`; // what the private key is encrypted with
    const message = 'Hello, World!';
-    const { keys: [privateKey] } = await openpgp.key.readArmored(privateKeyArmored);
+    const privateKey = await openpgp.key.readArmored(privateKeyArmored);
    await privateKey.decrypt(passphrase)
-    const publicKeys = await Promise.all(publicKeysArmored.map(async (key) => {
+    const publicKeys = await Promise.all(publicKeysArmored.map(openpgp.key.readArmored));
        return (await openpgp.key.readArmored(key)).keys[0];
    }));
    const encrypted = await openpgp.encrypt({
        message: openpgp.message.fromText(message),   // input as Message object
@ -328,7 +326,7 @@ its [Reader class](https://openpgpjs.org/web-stream-tools/Reader.html).
 -----END PGP PRIVATE KEY BLOCK-----`; // Encrypted private key
    const passphrase = `yourPassphrase`; // Password that private key is encrypted with
-    const privateKey = (await openpgp.key.readArmored([privateKeyArmored])).keys[0];
+    const privateKey = await openpgp.key.readArmored(privateKeyArmored);
    await privateKey.decrypt(passphrase);
    const readableStream = new openpgp.stream.ReadableStream({
@ -339,16 +337,16 @@ its [Reader class](https://openpgpjs.org/web-stream-tools/Reader.html).
    });
    const encrypted = await openpgp.encrypt({
-        message: openpgp.message.fromText(readableStream),                  // input as Message object
+        message: openpgp.message.fromText(readableStream),           // input as Message object
-        publicKeys: (await openpgp.key.readArmored(publicKeyArmored)).keys, // for encryption
+        publicKeys: await openpgp.key.readArmored(publicKeyArmored), // for encryption
-        privateKeys: [privateKey]                                           // for signing (optional)
+        privateKeys: privateKey                                      // for signing (optional)
    });
    console.log(encrypted); // ReadableStream containing '-----BEGIN PGP MESSAGE ... END PGP MESSAGE-----'
    const decrypted = await openpgp.decrypt({
-        message: await openpgp.message.readArmored(encrypted),              // parse armored message
+        message: await openpgp.message.readArmored(encrypted),       // parse armored message
-        publicKeys: (await openpgp.key.readArmored(publicKeyArmored)).keys, // for verification (optional)
+        publicKeys: await openpgp.key.readArmored(publicKeyArmored), // for verification (optional)
-        privateKeys: [privateKey]                                           // for decryption
+        privateKeys: privateKey                                      // for decryption
    });
    const plaintext = await openpgp.stream.readToEnd(decrypted.data);
    console.log(plaintext); // 'Hello, World!'
@ -397,7 +395,7 @@ Using a revocation certificate:
 ```js
 (async () => {
    const { publicKeyArmored: revokedKeyArmored } = await openpgp.revokeKey({
-        key: (await openpgp.key.readArmored(publicKeyArmored)).keys[0],
+        key: await openpgp.key.readArmored(publicKeyArmored),
        revocationCertificate
    });
    console.log(revokedKeyArmored); // '-----BEGIN PGP PUBLIC KEY BLOCK ... '
@ -408,7 +406,7 @@ Using the private key:
 ```js
 (async () => {
    const { publicKeyArmored, publicKey } = await openpgp.revokeKey({
-        key: (await openpgp.key.readArmored(privateKeyArmored)).keys[0]
+        key: await openpgp.key.readArmored(privateKeyArmored)
    });
 })();
 ```
@ -422,7 +420,7 @@ Using the private key:
    let publicKeyArmored = await hkp.lookup({
        query: 'alice@example.com'
    });
-    var { keys: [publicKey] } = await openpgp.key.readArmored(publicKeyArmored);
+    let publicKey = await openpgp.key.readArmored(publicKeyArmored);
 })();
 ```
@ -452,18 +450,18 @@ Using the private key:
 -----END PGP PRIVATE KEY BLOCK-----`; // encrypted private key
    const passphrase = `yourPassphrase`; // what the private key is encrypted with
-    const { keys: [privateKey] } = await openpgp.key.readArmored(privateKeyArmored);
+    const privateKey = await openpgp.key.readArmored(privateKeyArmored);
    await privateKey.decrypt(passphrase);
    const cleartext = await openpgp.sign({
        message: openpgp.cleartext.fromText('Hello, World!'), // CleartextMessage or Message object
-        privateKeys: [privateKey]                             // for signing
+        privateKeys: privateKey                               // for signing
    });
    console.log(cleartext); // '-----BEGIN PGP SIGNED MESSAGE ... END PGP SIGNATURE-----'
    const verified = await openpgp.verify({
-        message: await openpgp.cleartext.readArmored(cleartext),           // parse armored message
+        message: await openpgp.cleartext.readArmored(cleartext),    // parse armored message
-        publicKeys: (await openpgp.key.readArmored(publicKeyArmored)).keys // for verification
+        publicKeys: await openpgp.key.readArmored(publicKeyArmored) // for verification
    });
    const { valid } = verified.signatures[0];
    if (valid) {
@ -486,12 +484,12 @@ Using the private key:
 -----END PGP PRIVATE KEY BLOCK-----`; // encrypted private key
    const passphrase = `yourPassphrase`; // what the private key is encrypted with
-    const { keys: [privateKey] } = await openpgp.key.readArmored(privateKeyArmored);
+    const privateKey = await openpgp.key.readArmored(privateKeyArmored);
    await privateKey.decrypt(passphrase);
    const { signature: detachedSignature } = await openpgp.sign({
        message: openpgp.cleartext.fromText('Hello, World!'), // CleartextMessage or Message object
-        privateKeys: [privateKey],                            // for signing
+        privateKeys: privateKey  ,                            // for signing
        detached: true
    });
    console.log(detachedSignature);
@ -499,7 +497,7 @@ Using the private key:
    const verified = await openpgp.verify({
        message: openpgp.cleartext.fromText('Hello, World!'),              // CleartextMessage or Message object
        signature: await openpgp.signature.readArmored(detachedSignature), // parse detached signature
-        publicKeys: (await openpgp.key.readArmored(publicKeyArmored)).keys // for verification
+        publicKeys: await openpgp.key.readArmored(publicKeyArmored)        // for verification
    });
    const { valid } = verified.signatures[0];
    if (valid) {
@ -529,18 +527,18 @@ Using the private key:
 -----END PGP PRIVATE KEY BLOCK-----`; // encrypted private key
    const passphrase = `yourPassphrase`; // what the private key is encrypted with
-    const { keys: [privateKey] } = await openpgp.key.readArmored(privateKeyArmored);
+    const privateKey = await openpgp.key.readArmored(privateKeyArmored);
    await privateKey.decrypt(passphrase);
    const signatureArmored = await openpgp.sign({
-        message: openpgp.message.fromBinary(readableStream),  // or .fromText(readableStream: ReadableStream<String>)
+        message: openpgp.message.fromBinary(readableStream), // or .fromText(readableStream: ReadableStream<String>)
-        privateKeys: [privateKey]                             // for signing
+        privateKeys: privateKey                              // for signing
    });
    console.log(signatureArmored); // ReadableStream containing '-----BEGIN PGP MESSAGE ... END PGP MESSAGE-----'
    const verified = await openpgp.verify({
-        message: await openpgp.message.readArmored(signatureArmored),       // parse armored signature
+        message: await openpgp.message.readArmored(signatureArmored), // parse armored signature
-        publicKeys: (await openpgp.key.readArmored(publicKeyArmored)).keys  // for verification
+        publicKeys: await openpgp.key.readArmored(publicKeyArmored)   // for verification
    });
    await openpgp.stream.readToEnd(verified.data);
--- a/src/key/factory.js
+++ b/src/key/factory.js
@ -266,61 +266,67 @@ async function wrapKeyObject(secretKeyPacket, secretSubkeyPackets, options) {
 }
 /**
- * Reads an unarmored OpenPGP key list and returns one or multiple key objects
+ * Reads an unarmored OpenPGP key and returns a key object
 * @param {Uint8Array} data to be parsed
- * @returns {Promise<{keys: Array<module:key.Key>,
+ * @returns {Promise<module:key.Key>} key object
 *            err: (Array<Error>|null)}>} result object with key and error arrays
 * @async
 * @static
 */
 export async function read(data) {
-  const result = {};
+  const packetlist = new packet.List();
-  result.keys = [];
+  await packetlist.read(data);
-  const err = [];
+  return new Key(packetlist);
  try {
    const packetlist = new packet.List();
    await packetlist.read(data);
    const keyIndex = packetlist.indexOfTag(enums.packet.publicKey, enums.packet.secretKey);
    if (keyIndex.length === 0) {
      throw new Error('No key packet found');
    }
    for (let i = 0; i < keyIndex.length; i++) {
      const oneKeyList = packetlist.slice(keyIndex[i], keyIndex[i + 1]);
      try {
        const newKey = new Key(oneKeyList);
        result.keys.push(newKey);
      } catch (e) {
        err.push(e);
      }
    }
  } catch (e) {
    err.push(e);
  }
  if (err.length) {
    result.err = err;
  }
  return result;
 }
 /**
- * Reads an OpenPGP armored text and returns one or multiple key objects
+ * Reads an OpenPGP armored key and returns a key object
- * @param {String | ReadableStream<String>} armoredText text to be parsed
+ * @param {String | ReadableStream<String>} armoredKey text to be parsed
- * @returns {Promise<{keys: Array<module:key.Key>,
+ * @returns {Promise<module:key.Key>} key object
 *            err: (Array<Error>|null)}>} result object with key and error arrays
 * @async
 * @static
 */
-export async function readArmored(armoredText) {
+export async function readArmored(armoredKey) {
-  try {
+  const input = await armor.decode(armoredKey);
-    const input = await armor.decode(armoredText);
+  if (!(input.type === enums.armor.public_key || input.type === enums.armor.private_key)) {
-    if (!(input.type === enums.armor.public_key || input.type === enums.armor.private_key)) {
+    throw new Error('Armored text not of type key');
      throw new Error('Armored text not of type key');
    }
    return read(input.data);
  } catch (e) {
    const result = { keys: [], err: [] };
    result.err.push(e);
    return result;
  }
  return read(input.data);
 }
 /**
 * Reads an unarmored OpenPGP key block and returns a list of key objects
 * @param {Uint8Array} data to be parsed
 * @returns {Promise<Array<module:key.Key>>} key object
 * @async
 * @static
 */
 export async function readAll(data) {
  const keys = [];
  const packetlist = new packet.List();
  await packetlist.read(data);
  const keyIndex = packetlist.indexOfTag(enums.packet.publicKey, enums.packet.secretKey);
  if (keyIndex.length === 0) {
    throw new Error('No key packet found');
  }
  for (let i = 0; i < keyIndex.length; i++) {
    const oneKeyList = packetlist.slice(keyIndex[i], keyIndex[i + 1]);
    const newKey = new Key(oneKeyList);
    keys.push(newKey);
  }
  return keys;
 }
 /**
 * Reads an OpenPGP armored key block and returns a list of key objects
 * @param {String | ReadableStream<String>} armoredKey text to be parsed
 * @returns {Promise<Array<module:key.Key>>} key objects
 * @async
 * @static
 */
 export async function readAllArmored(armoredKey) {
  const input = await armor.decode(armoredKey);
  if (!(input.type === enums.armor.public_key || input.type === enums.armor.private_key)) {
    throw new Error('Armored text not of type key');
  }
  return readAll(input.data);
 }
--- a/src/key/index.js
+++ b/src/key/index.js
@ -4,9 +4,9 @@
 */
 import {
-  readArmored,
+  read, readArmored,
  readAll, readAllArmored,
  generate,
  read,
  reformat
 } from './factory';
@ -20,9 +20,9 @@ import {
 import Key from './key.js';
 export {
-  readArmored,
+  read, readArmored,
  readAll, readAllArmored,
  generate,
  read,
  reformat,
  getPreferredAlgo,
  isAeadSupported,
--- a/src/key/key.js
+++ b/src/key/key.js
@ -81,6 +81,9 @@ Key.prototype.packetlist2structure = function(packetlist) {
    switch (packetlist[i].tag) {
      case enums.packet.publicKey:
      case enums.packet.secretKey:
        if (this.keyPacket) {
          throw new Error('Key block contains multiple keys');
        }
        this.keyPacket = packetlist[i];
        primaryKeyId = this.getKeyId();
        break;
--- a/src/keyring/keyring.js
+++ b/src/keyring/keyring.js
@ -22,7 +22,7 @@
 * @module keyring/keyring
 */
-import { readArmored } from '../key';
+import { readAllArmored } from '../key';
 import LocalStore from './localstore';
 /**
@ -183,13 +183,12 @@ KeyArray.prototype.getForId = function (keyId, deep) {
 /**
 * Imports a key from an ascii armored message
 * @param {String} armored message to read the keys/key from
 * @returns {Promise<Array<Error>|null>} array of error objects or null
 * @async
 */
 KeyArray.prototype.importKey = async function (armored) {
-  const imported = await readArmored(armored);
+  const imported = await readAllArmored(armored);
-  for (let i = 0; i < imported.keys.length; i++) {
+  for (let i = 0; i < imported.length; i++) {
-    const key = imported.keys[i];
+    const key = imported[i];
    // check if key already in key array
    const keyidHex = key.getKeyId().toHex();
    const keyFound = this.getForId(keyidHex);
@ -199,7 +198,6 @@ KeyArray.prototype.importKey = async function (armored) {
      this.push(key);
    }
  }
  return imported.err ? imported.err : null;
 };
 /**
--- a/src/keyring/localstore.js
+++ b/src/keyring/localstore.js
@ -20,14 +20,12 @@
 * @requires web-stream-tools
 * @requires config
 * @requires key
 * @requires util
 * @module keyring/localstore
 */
 import stream from 'web-stream-tools';
 import config from '../config';
 import { readArmored } from '../key';
 import util from '../util';
 /**
 * The class that deals with storage of the keyring.
@ -77,11 +75,7 @@ async function loadKeys(storage, itemname) {
    let key;
    for (let i = 0; i < armoredKeys.length; i++) {
      key = await readArmored(armoredKeys[i]);
-      if (!key.err) {
+      keys.push(key);
        keys.push(key.keys[0]);
      } else {
        util.print_debug("Error reading armored key from keyring index: " + i);
      }
    }
  }
  return keys;
--- a/src/wkd.js
+++ b/src/wkd.js
@ -78,7 +78,7 @@ WKD.prototype.lookup = async function(options) {
  if (options.rawBytes) {
    return rawBytes;
  }
-  return keyMod.read(rawBytes);
+  return keyMod.readAll(rawBytes);
 };
 export default WKD;
--- a/test/general/armor.js
+++ b/test/general/armor.js
@ -167,15 +167,11 @@ describe("ASCII armor", function() {
      '-----END PGP PRIVATE KEY BLOCK-----'].join('\n');
    // try with default config
-    const result_1 = await openpgp.key.readArmored(privKey);
+    await expect(openpgp.key.readArmored(privKey)).to.be.rejectedWith(/Ascii armor integrity check on message failed/);
    expect(result_1.err).to.exist;
    expect(result_1.err[0].message).to.match(/Ascii armor integrity check on message failed/);
    // try opposite config
    openpgp.config.checksum_required = !openpgp.config.checksum_required;
-    const result_2 = await openpgp.key.readArmored(privKey);
+    await expect(openpgp.key.readArmored(privKey)).to.be.rejectedWith(/Ascii armor integrity check on message failed/);
    expect(result_2.err).to.exist;
    expect(result_2.err[0].message).to.match(/Ascii armor integrity check on message failed/);
    // back to default
    openpgp.config.checksum_required = !openpgp.config.checksum_required;
@ -203,13 +199,11 @@ describe("ASCII armor", function() {
        '-----END PGP PRIVATE KEY BLOCK-----'].join('\n');
    // try with default config
-    const result_1 = await openpgp.key.readArmored(privKey);
+    await openpgp.key.readArmored(privKey);
    expect(result_1.err).to.not.exist;
    // try opposite config
    openpgp.config.checksum_required = !openpgp.config.checksum_required;
-    const result_2 = await openpgp.key.readArmored(privKey);
+    await openpgp.key.readArmored(privKey);
    expect(result_2.err).to.not.exist;
    // back to default
    openpgp.config.checksum_required = !openpgp.config.checksum_required;
@ -236,22 +230,18 @@ describe("ASCII armor", function() {
        '-----END PGP PRIVATE KEY BLOCK-----'].join('\n');
    // try with default config
-    const result_1 = await openpgp.key.readArmored(privKeyNoCheckSum);
+    if (openpgp.config.checksum_required) {
-    if(openpgp.config.checksum_required) {
+      await expect(openpgp.key.readArmored(privKeyNoCheckSum)).to.be.rejectedWith(/Ascii armor integrity check on message failed/);
      expect(result_1.err).to.exist;
      expect(result_1.err[0].message).to.match(/Ascii armor integrity check on message failed/);
    } else {
-      expect(result_1.err).to.not.exist;
+      await openpgp.key.readArmored(privKeyNoCheckSum);
    }
    // try opposite config
    openpgp.config.checksum_required = !openpgp.config.checksum_required;
-    const result_2 = await openpgp.key.readArmored(privKeyNoCheckSum);
+    if (openpgp.config.checksum_required) {
-    if(openpgp.config.checksum_required) {
+      await expect(openpgp.key.readArmored(privKeyNoCheckSum)).to.be.rejectedWith(/Ascii armor integrity check on message failed/);
      expect(result_2.err).to.exist;
      expect(result_2.err[0].message).to.match(/Ascii armor integrity check on message failed/);
    } else {
-      expect(result_2.err).to.not.exist;
+      await openpgp.key.readArmored(privKeyNoCheckSum);
    }
    // back to default
@ -280,22 +270,18 @@ describe("ASCII armor", function() {
        ''].join('\n');
    // try with default config
-    const result_1 = await openpgp.key.readArmored(privKeyNoCheckSumWithTrailingNewline);
+    if (openpgp.config.checksum_required) {
-    if(openpgp.config.checksum_required) {
+      await expect(openpgp.key.readArmored(privKeyNoCheckSumWithTrailingNewline)).to.be.rejectedWith(/Ascii armor integrity check on message failed/);
      expect(result_1.err).to.exist;
      expect(result_1.err[0].message).to.match(/Ascii armor integrity check on message failed/);
    } else {
-      expect(result_1.err).to.not.exist;
+      await openpgp.key.readArmored(privKeyNoCheckSumWithTrailingNewline);
    }
    // try opposite config
    openpgp.config.checksum_required = !openpgp.config.checksum_required;
-    const result_2 = await openpgp.key.readArmored(privKeyNoCheckSumWithTrailingNewline);
+    if (openpgp.config.checksum_required) {
-    if(openpgp.config.checksum_required) {
+      await expect(openpgp.key.readArmored(privKeyNoCheckSumWithTrailingNewline)).to.be.rejectedWith(/Ascii armor integrity check on message failed/);
      expect(result_2.err).to.exist;
      expect(result_2.err[0].message).to.match(/Ascii armor integrity check on message failed/);
    } else {
-      expect(result_2.err).to.not.exist;
+      await openpgp.key.readArmored(privKeyNoCheckSumWithTrailingNewline);
    }
    // back to default
@ -325,8 +311,7 @@ describe("ASCII armor", function() {
      ''].join('\t \r\n');
    const result = await openpgp.key.readArmored(privKey);
-    expect(result.err).to.not.exist;
+    expect(result).to.be.an.instanceof(openpgp.key.Key);
    expect(result.keys[0]).to.be.an.instanceof(openpgp.key.Key);
  });
  it('Do not filter blank lines after header', async function () {
--- a/test/general/brainpool.js
+++ b/test/general/brainpool.js
@ -173,12 +173,9 @@ EJ4QcD/oQ6x1M/8X/iKQCtxZP8RnlrbH7ExkNON5s5g=
      return data[name].pub_key;
    }
    const pub = await openpgp.key.readArmored(data[name].pub);
-    expect(pub).to.exist;
+    expect(pub.getKeyId().toHex()).to.equal(data[name].id);
-    expect(pub.err).to.not.exist;
+    data[name].pub_key = pub;
-    expect(pub.keys).to.have.length(1);
+    return pub;
    expect(pub.keys[0].getKeyId().toHex()).to.equal(data[name].id);
    data[name].pub_key = pub.keys[0];
    return data[name].pub_key;
  }
  async function load_priv_key(name) {
    if (data[name].priv_key) {
@ -186,12 +183,10 @@ EJ4QcD/oQ6x1M/8X/iKQCtxZP8RnlrbH7ExkNON5s5g=
    }
    const pk = await openpgp.key.readArmored(data[name].priv);
    expect(pk).to.exist;
-    expect(pk.err).to.not.exist;
+    expect(pk.getKeyId().toHex()).to.equal(data[name].id);
-    expect(pk.keys).to.have.length(1);
+    expect(await pk.decrypt(data[name].pass)).to.be.true;
-    expect(pk.keys[0].getKeyId().toHex()).to.equal(data[name].id);
+    data[name].priv_key = pk;
-    expect(await pk.keys[0].decrypt(data[name].pass)).to.be.true;
+    return pk;
    data[name].priv_key = pk.keys[0];
    return data[name].priv_key;
  }
  it('Load public key', async function () {
    await load_pub_key('romeo');
--- a/test/general/ecc_secp256k1.js
+++ b/test/general/ecc_secp256k1.js
@ -143,11 +143,9 @@ describe('Elliptic Curve Cryptography for secp256k1 curve @lightweight', functio
    }
    const pub = await openpgp.key.readArmored(data[name].pub);
    expect(pub).to.exist;
-    expect(pub.err).to.not.exist;
+    expect(pub.getKeyId().toHex()).to.equal(data[name].id);
-    expect(pub.keys).to.have.length(1);
+    data[name].pub_key = pub;
-    expect(pub.keys[0].getKeyId().toHex()).to.equal(data[name].id);
+    return pub;
    data[name].pub_key = pub.keys[0];
    return data[name].pub_key;
  }
  async function load_priv_key(name) {
    if (data[name].priv_key) {
@ -155,12 +153,10 @@ describe('Elliptic Curve Cryptography for secp256k1 curve @lightweight', functio
    }
    const pk = await openpgp.key.readArmored(data[name].priv);
    expect(pk).to.exist;
-    expect(pk.err).to.not.exist;
+    expect(pk.getKeyId().toHex()).to.equal(data[name].id);
-    expect(pk.keys).to.have.length(1);
+    expect(await pk.decrypt(data[name].pass)).to.be.true;
-    expect(pk.keys[0].getKeyId().toHex()).to.equal(data[name].id);
+    data[name].priv_key = pk;
-    expect(await pk.keys[0].decrypt(data[name].pass)).to.be.true;
+    return pk;
    data[name].priv_key = pk.keys[0];
    return data[name].priv_key;
  }
  it('Load public key', async function () {
    const romeoPublic = await load_pub_key('romeo');
--- a/test/general/key.js
+++ b/test/general/key.js
@ -1990,7 +1990,7 @@ function versionSpecificTests() {
    if (openpgp.util.getWebCryptoAll()) { opt.numBits = 2048; } // webkit webcrypto accepts minimum 2048 bit keys
    return openpgp.generateKey(opt).then(async function(key) {
      testPref(key.key);
-      testPref((await openpgp.key.readArmored(key.publicKeyArmored)).keys[0]);
+      testPref(await openpgp.key.readArmored(key.publicKeyArmored));
    });
  });
@ -2033,7 +2033,7 @@ function versionSpecificTests() {
    try {
      const key = await openpgp.generateKey(opt);
      testPref(key.key);
-      testPref((await openpgp.key.readArmored(key.publicKeyArmored)).keys[0]);
+      testPref(await openpgp.key.readArmored(key.publicKeyArmored));
    } finally {
      openpgp.config.encryption_cipher = encryption_cipherVal;
      openpgp.config.prefer_hash_algorithm = prefer_hash_algorithmVal;
@ -2186,7 +2186,7 @@ function versionSpecificTests() {
    const userId = 'test <a@b.com>';
    const opt = {curve: 'curve25519', userIds: [userId], passphrase: '123', subkeys:[{}, {sign: true}]};
    return openpgp.generateKey(opt).then(async function({ privateKeyArmored }) {
-      const { keys: [key] } = await openpgp.key.readArmored(privateKeyArmored);
+      const key = await openpgp.key.readArmored(privateKeyArmored);
      expect(key.users.length).to.equal(1);
      expect(key.users[0].userId.userid).to.equal(userId);
      expect(key.users[0].selfCertifications[0].isPrimaryUserID).to.be.true;
@ -2205,7 +2205,7 @@ function versionSpecificTests() {
      await key.decrypt('123');
      return openpgp.reformatKey({ privateKey: key, userIds: [userId] });
    }).then(async function({ privateKeyArmored }) {
-      const { keys: [key] } = await openpgp.key.readArmored(privateKeyArmored);
+      const key = await openpgp.key.readArmored(privateKeyArmored);
      expect(key.users.length).to.equal(1);
      expect(key.users[0].userId.userid).to.equal(userId);
      expect(key.users[0].selfCertifications[0].isPrimaryUserID).to.be.true;
@ -2276,8 +2276,8 @@ function versionSpecificTests() {
  });
  it('Sign and verify key - primary user', async function() {
-    let publicKey = (await openpgp.key.readArmored(pub_sig_test)).keys[0];
+    let publicKey = await openpgp.key.readArmored(pub_sig_test);
-    const privateKey = (await openpgp.key.readArmored(priv_key_rsa)).keys[0];
+    const privateKey = await openpgp.key.readArmored(priv_key_rsa);
    await privateKey.decrypt('hello world');
    publicKey = await publicKey.signPrimaryUser([privateKey]);
    const signatures = await publicKey.verifyPrimaryUser([privateKey]);
@ -2291,9 +2291,9 @@ function versionSpecificTests() {
  });
  it('Sign key and verify with wrong key - primary user', async function() {
-    let publicKey = (await openpgp.key.readArmored(pub_sig_test)).keys[0];
+    let publicKey = await openpgp.key.readArmored(pub_sig_test);
-    const privateKey = (await openpgp.key.readArmored(priv_key_rsa)).keys[0];
+    const privateKey = await openpgp.key.readArmored(priv_key_rsa);
-    const wrongKey = (await openpgp.key.readArmored(wrong_key)).keys[0];
+    const wrongKey = await openpgp.key.readArmored(wrong_key);
    await privateKey.decrypt('hello world');
    publicKey = await publicKey.signPrimaryUser([privateKey]);
    const signatures = await publicKey.verifyPrimaryUser([wrongKey]);
@ -2307,8 +2307,8 @@ function versionSpecificTests() {
  });
  it('Sign and verify key - all users', async function() {
-    let publicKey = (await openpgp.key.readArmored(multi_uid_key)).keys[0];
+    let publicKey = await openpgp.key.readArmored(multi_uid_key);
-    const privateKey = (await openpgp.key.readArmored(priv_key_rsa)).keys[0];
+    const privateKey = await openpgp.key.readArmored(priv_key_rsa);
    await privateKey.decrypt('hello world');
    publicKey = await publicKey.signAllUsers([privateKey]);
    const signatures = await publicKey.verifyAllUsers([privateKey]);
@ -2330,9 +2330,9 @@ function versionSpecificTests() {
  });
  it('Sign key and verify with wrong key - all users', async function() {
-    let publicKey = (await openpgp.key.readArmored(multi_uid_key)).keys[0];
+    let publicKey = await openpgp.key.readArmored(multi_uid_key);
-    const privateKey = (await openpgp.key.readArmored(priv_key_rsa)).keys[0];
+    const privateKey = await openpgp.key.readArmored(priv_key_rsa);
-    const wrongKey = (await openpgp.key.readArmored(wrong_key)).keys[0];
+    const wrongKey = await openpgp.key.readArmored(wrong_key);
    await privateKey.decrypt('hello world');
    publicKey = await publicKey.signAllUsers([privateKey]);
    const signatures = await publicKey.verifyAllUsers([wrongKey]);
@ -2376,8 +2376,8 @@ function versionSpecificTests() {
  it('Reformat key with no subkey with passphrase', async function() {
    const userId = 'test1 <a@b.com>';
-    const keys = (await openpgp.key.readArmored(key_without_subkey)).keys;
+    const key = await openpgp.key.readArmored(key_without_subkey);
-    const opt = {privateKey: keys[0], userIds: [userId], passphrase: "test"};
+    const opt = {privateKey: key, userIds: [userId], passphrase: "test"};
    return openpgp.reformatKey(opt).then(function(newKey) {
      newKey = newKey.key;
      expect(newKey.users.length).to.equal(1);
@ -2410,8 +2410,8 @@ function versionSpecificTests() {
  it('Reformat key with no subkey without passphrase', async function() {
    const userId = 'test1 <a@b.com>';
-    const keys = (await openpgp.key.readArmored(key_without_subkey)).keys;
+    const key = await openpgp.key.readArmored(key_without_subkey);
-    const opt = {privateKey: keys[0], userIds: [userId]};
+    const opt = {privateKey: key, userIds: [userId]};
    return openpgp.reformatKey(opt).then(function(newKey) {
      newKey = newKey.key;
      expect(newKey.users.length).to.equal(1);
@ -2518,7 +2518,7 @@ function versionSpecificTests() {
    // uid                      emma.goldman@example.net
    // ssb   cv25519 2019-03-20 [E]
    //       E4557C2B02FFBF4B04F87401EC336AF7133D0F85BE7FD09BAEFD9CAEB8C93965
-    const { keys: [key] } = await openpgp.key.readArmored(v5_sample_key);
+    const key = await openpgp.key.readArmored(v5_sample_key);
    expect(key.primaryKey.getFingerprint()).to.equal('19347bc9872464025f99df3ec2e0000ed9884892e1f7b3ea4c94009159569b54');
    expect(key.subKeys[0].getFingerprint()).to.equal('e4557c2b02ffbf4b04f87401ec336af7133d0f85be7fd09baefd9caeb8c93965');
    await key.verifyPrimaryKey();
@ -2574,29 +2574,27 @@ describe('Key', function() {
  it('Parsing armored text with RSA key and ECC subkey', async function() {
    openpgp.config.tolerant = true;
-    const pubKeys = await openpgp.key.readArmored(rsa_ecc_pub);
+    const pubKeys = await openpgp.key.readAllArmored(rsa_ecc_pub);
    expect(pubKeys).to.exist;
-    expect(pubKeys.err).to.not.exist;
+    expect(pubKeys).to.have.length(1);
-    expect(pubKeys.keys).to.have.length(1);
+    expect(pubKeys[0].getKeyId().toHex()).to.equal('b8e4105cc9dedc77');
    expect(pubKeys.keys[0].getKeyId().toHex()).to.equal('b8e4105cc9dedc77');
  });
  it('Parsing armored text with two keys', async function() {
-    const pubKeys = await openpgp.key.readArmored(twoKeys);
+    const pubKeys = await openpgp.key.readAllArmored(twoKeys);
    expect(pubKeys).to.exist;
-    expect(pubKeys.err).to.not.exist;
+    expect(pubKeys).to.have.length(2);
-    expect(pubKeys.keys).to.have.length(2);
+    expect(pubKeys[0].getKeyId().toHex()).to.equal('4a63613a4d6e4094');
-    expect(pubKeys.keys[0].getKeyId().toHex()).to.equal('4a63613a4d6e4094');
+    expect(pubKeys[1].getKeyId().toHex()).to.equal('dbf223e870534df4');
    expect(pubKeys.keys[1].getKeyId().toHex()).to.equal('dbf223e870534df4');
  });
  it('Parsing armored key with an authorized revocation key in a User ID self-signature', async function() {
-    const { keys: [pubKey] } = await openpgp.key.readArmored(key_with_authorized_revocation_key);
+    const pubKey = await openpgp.key.readArmored(key_with_authorized_revocation_key);
    await expect(pubKey.getPrimaryUser()).to.be.rejectedWith('This key is intended to be revoked with an authorized key, which OpenPGP.js does not support.');
  });
  it('Parsing armored key with an authorized revocation key in a direct-key signature', async function() {
-    const { keys: [pubKey] } = await openpgp.key.readArmored(key_with_authorized_revocation_key_in_separate_sig);
+    const pubKey = await openpgp.key.readArmored(key_with_authorized_revocation_key_in_separate_sig);
    const primaryUser = await pubKey.getPrimaryUser();
    expect(primaryUser).to.exist;
  });
@ -2617,12 +2615,11 @@ describe('Key', function() {
  });
  it('Testing key ID and fingerprint for V4 keys', async function() {
-    const pubKeysV4 = await openpgp.key.readArmored(twoKeys);
+    const pubKeysV4 = await openpgp.key.readAllArmored(twoKeys);
    expect(pubKeysV4).to.exist;
-    expect(pubKeysV4.err).to.not.exist;
+    expect(pubKeysV4).to.have.length(2);
    expect(pubKeysV4.keys).to.have.length(2);
-    const pubKeyV4 = pubKeysV4.keys[0];
+    const pubKeyV4 = pubKeysV4[0];
    expect(pubKeyV4).to.exist;
    expect(pubKeyV4.getKeyId().toHex()).to.equal('4a63613a4d6e4094');
@ -2630,20 +2627,14 @@ describe('Key', function() {
  });
  it('Create new key ID with fromId()', async function() {
-    const pubKeyV4 = (await openpgp.key.readArmored(twoKeys)).keys[0];
+    const [pubKeyV4] = await openpgp.key.readAllArmored(twoKeys);
    const keyId = pubKeyV4.getKeyId();
    const newKeyId = keyId.constructor.fromId(keyId.toHex());
    expect(newKeyId.toHex()).to.equal(keyId.toHex());
  });
  it('Testing key method getSubkeys', async function() {
-    const pubKeys = await openpgp.key.readArmored(pub_sig_test);
+    const pubKey = await openpgp.key.readArmored(pub_sig_test);
    expect(pubKeys).to.exist;
    expect(pubKeys.err).to.not.exist;
    expect(pubKeys.keys).to.have.length(1);
    const pubKey = pubKeys.keys[0];
    expect(pubKey).to.exist;
    const packetlist = new openpgp.packet.List();
@ -2658,17 +2649,12 @@ describe('Key', function() {
  });
  it('Verify status of revoked primary key', async function() {
-    const pubKey = (await openpgp.key.readArmored(pub_revoked_subkeys)).keys[0];
+    const pubKey = await openpgp.key.readArmored(pub_revoked_subkeys);
    await expect(pubKey.verifyPrimaryKey()).to.be.rejectedWith('Primary key is revoked');
  });
  it('Verify status of revoked subkey', async function() {
-    const pubKeys = await openpgp.key.readArmored(pub_sig_test);
+    const pubKey = await openpgp.key.readArmored(pub_sig_test);
    expect(pubKeys).to.exist;
    expect(pubKeys.err).to.not.exist;
    expect(pubKeys.keys).to.have.length(1);
    const pubKey = pubKeys.keys[0];
    expect(pubKey).to.exist;
    expect(pubKey.subKeys).to.exist;
    expect(pubKey.subKeys).to.have.length(2);
@ -2679,13 +2665,13 @@ describe('Key', function() {
  });
  it('Verify status of key with non-self revocation signature', async function() {
-    const { keys: [pubKey] } = await openpgp.key.readArmored(key_with_revoked_third_party_cert);
+    const pubKey = await openpgp.key.readArmored(key_with_revoked_third_party_cert);
    const [selfCertification] = await pubKey.verifyPrimaryUser();
    const publicSigningKey = await pubKey.getSigningKey();
    expect(selfCertification.keyid.toHex()).to.equal(publicSigningKey.getKeyId().toHex());
    expect(selfCertification.valid).to.be.true;
-    const { keys: [certifyingKey] } = await openpgp.key.readArmored(certifying_key);
+    const certifyingKey = await openpgp.key.readArmored(certifying_key);
    const certifyingSigningKey = await certifyingKey.getSigningKey();
    const signatures = await pubKey.verifyPrimaryUser([certifyingKey]);
    expect(signatures.length).to.equal(2);
@ -2699,7 +2685,7 @@ describe('Key', function() {
  });
  it('Verify certificate of key with future creation date', async function() {
-    const { keys: [pubKey] } = await openpgp.key.readArmored(key_created_2030);
+    const pubKey = await openpgp.key.readArmored(key_created_2030);
    const user = pubKey.users[0];
    await user.verifyCertificate(pubKey.primaryKey, user.selfCertifications[0], [pubKey], pubKey.primaryKey.created);
    const verifyAllResult = await user.verifyAllCertifications(pubKey.primaryKey, [pubKey], pubKey.primaryKey.created);
@ -2708,12 +2694,7 @@ describe('Key', function() {
  });
  it('Evaluate key flags to find valid encryption key packet', async function() {
-    const pubKeys = await openpgp.key.readArmored(pub_sig_test);
+    const pubKey = await openpgp.key.readArmored(pub_sig_test);
    expect(pubKeys).to.exist;
    expect(pubKeys.err).to.not.exist;
    expect(pubKeys.keys).to.have.length(1);
    const pubKey = pubKeys.keys[0];
    // remove subkeys
    pubKey.subKeys = [];
    // primary key has only key flags for signing
@ -2722,7 +2703,7 @@ describe('Key', function() {
  it('should not decrypt using a sign-only RSA key, unless explicitly configured', async function () {
    const allowSigningKeyDecryption = openpgp.config.allow_insecure_decryption_with_signing_keys;
-    const { keys: [key] } = await openpgp.key.readArmored(rsaSignOnly);
+    const key = await openpgp.key.readArmored(rsaSignOnly);
    try {
      openpgp.config.allow_insecure_decryption_with_signing_keys = false;
      await expect(openpgp.decrypt({
@ -2741,7 +2722,7 @@ describe('Key', function() {
  });
  it('Method getExpirationTime V4 Key', async function() {
-    const pubKey = (await openpgp.key.readArmored(twoKeys)).keys[1];
+    const [, pubKey] = await openpgp.key.readAllArmored(twoKeys);
    expect(pubKey).to.exist;
    expect(pubKey).to.be.an.instanceof(openpgp.key.Key);
    const expirationTime = await pubKey.getExpirationTime();
@ -2749,7 +2730,7 @@ describe('Key', function() {
  });
  it('Method getExpirationTime expired V4 Key', async function() {
-    const pubKey = (await openpgp.key.readArmored(expiredKey)).keys[0];
+    const pubKey = await openpgp.key.readArmored(expiredKey);
    expect(pubKey).to.exist;
    expect(pubKey).to.be.an.instanceof(openpgp.key.Key);
    const expirationTime = await pubKey.getExpirationTime();
@ -2757,7 +2738,7 @@ describe('Key', function() {
  });
  it('Method getExpirationTime V4 SubKey', async function() {
-    const pubKey = (await openpgp.key.readArmored(twoKeys)).keys[1];
+    const [, pubKey] = await openpgp.key.readAllArmored(twoKeys);
    expect(pubKey).to.exist;
    expect(pubKey).to.be.an.instanceof(openpgp.key.Key);
    const expirationTime = await pubKey.subKeys[0].getExpirationTime(pubKey.primaryKey);
@ -2765,7 +2746,7 @@ describe('Key', function() {
  });
  it('Method getExpirationTime V4 Key with capabilities', async function() {
-    const pubKey = (await openpgp.key.readArmored(priv_key_2000_2008)).keys[0];
+    const pubKey = await openpgp.key.readArmored(priv_key_2000_2008);
    expect(pubKey).to.exist;
    expect(pubKey).to.be.an.instanceof(openpgp.key.Key);
    pubKey.users[0].selfCertifications[0].keyFlags = [1];
@ -2776,7 +2757,7 @@ describe('Key', function() {
  });
  it('Method getExpirationTime V4 Key with capabilities - capable primary key', async function() {
-    const pubKey = (await openpgp.key.readArmored(priv_key_2000_2008)).keys[0];
+    const pubKey = await openpgp.key.readArmored(priv_key_2000_2008);
    expect(pubKey).to.exist;
    expect(pubKey).to.be.an.instanceof(openpgp.key.Key);
    const expirationTime = await pubKey.getExpirationTime();
@ -2786,12 +2767,12 @@ describe('Key', function() {
  });
  it("decrypt() - throw if key parameters don't correspond", async function() {
-    const { keys: [key] } = await openpgp.key.readArmored(mismatchingKeyParams);
+    const key = await openpgp.key.readArmored(mismatchingKeyParams);
    await expect(key.decrypt('userpass')).to.be.rejectedWith('Key is invalid');
  });
  it("decrypt(keyId) - throw if key parameters don't correspond", async function() {
-    const { keys: [key] } = await openpgp.key.readArmored(mismatchingKeyParams);
+    const key = await openpgp.key.readArmored(mismatchingKeyParams);
    const subKeyId = key.subKeys[0].getKeyId()
    await expect(key.decrypt('userpass', subKeyId)).to.be.rejectedWith('Key is invalid');
  });
@ -2802,22 +2783,22 @@ describe('Key', function() {
  });
  it("validate() - throw if all-gnu-dummy key", async function() {
-    const { keys: [key] } = await openpgp.key.readArmored(gnuDummyKey);
+    const key = await openpgp.key.readArmored(gnuDummyKey);
    await expect(key.validate()).to.be.rejectedWith('Cannot validate an all-gnu-dummy key');
  });
  it("validate() - gnu-dummy primary key with signing subkey", async function() {
-    const { keys: [key] } = await openpgp.key.readArmored(gnuDummyKeySigningSubkey);
+    const key = await openpgp.key.readArmored(gnuDummyKeySigningSubkey);
    await expect(key.validate()).to.not.be.rejected;
  });
  it("validate() - gnu-dummy primary key with encryption subkey", async function() {
-    const { keys: [key] } = await openpgp.key.readArmored(dsaGnuDummyKeyWithElGamalSubkey);
+    const key = await openpgp.key.readArmored(dsaGnuDummyKeyWithElGamalSubkey);
    await expect(key.validate()).to.not.be.rejected;
  });
  it("validate() - curve ed25519 (eddsa) cannot be used for ecdsa", async function() {
-    const { keys: [key] } = await openpgp.key.readArmored(eddsaKeyAsEcdsa);
+    const key = await openpgp.key.readArmored(eddsaKeyAsEcdsa);
    await expect(key.validate()).to.be.rejectedWith('Key is invalid');
  });
@ -2840,7 +2821,7 @@ describe('Key', function() {
  });
  it('makeDummy() - the converted key is valid but can no longer sign', async function() {
-    const { keys: [key] } = await openpgp.key.readArmored(priv_key_rsa);
+    const key = await openpgp.key.readArmored(priv_key_rsa);
    await key.decrypt('hello world');
    expect(key.primaryKey.isDummy()).to.be.false;
    key.primaryKey.makeDummy();
@ -2850,7 +2831,7 @@ describe('Key', function() {
  });
  it('makeDummy() - subkeys of the converted key can still sign', async function() {
-    const { keys: [key] } = await openpgp.key.readArmored(priv_key_rsa);
+    const key = await openpgp.key.readArmored(priv_key_rsa);
    await key.decrypt('hello world');
    expect(key.primaryKey.isDummy()).to.be.false;
    key.primaryKey.makeDummy();
@ -2859,14 +2840,14 @@ describe('Key', function() {
  });
  it('clearPrivateParams() - check that private key can no longer be used', async function() {
-    const { keys: [key] } = await openpgp.key.readArmored(priv_key_rsa);
+    const key = await openpgp.key.readArmored(priv_key_rsa);
    await key.decrypt('hello world');
    await key.clearPrivateParams();
    await expect(key.validate()).to.be.rejectedWith('Key is not decrypted');
  });
  it('clearPrivateParams() - detect that private key parameters were removed', async function() {
-    const { keys: [key] } = await openpgp.key.readArmored(priv_key_rsa);
+    const key = await openpgp.key.readArmored(priv_key_rsa);
    await key.decrypt('hello world');
    const params = key.primaryKey.params;
    await key.clearPrivateParams();
@ -2890,15 +2871,15 @@ describe('Key', function() {
  });
  it('update() - throw error if fingerprints not equal', async function() {
-    const keys = (await openpgp.key.readArmored(twoKeys)).keys;
+    const keys = await openpgp.key.readAllArmored(twoKeys);
    await expect(keys[0].update.bind(
      keys[0], keys[1]
    )()).to.be.rejectedWith('Key update method: fingerprints of keys not equal');
  });
  it('update() - merge revocation signatures', async function() {
-    const source = (await openpgp.key.readArmored(pub_revoked_subkeys)).keys[0];
+    const source = await openpgp.key.readArmored(pub_revoked_subkeys);
-    const dest = (await openpgp.key.readArmored(pub_revoked_subkeys)).keys[0];
+    const dest = await openpgp.key.readArmored(pub_revoked_subkeys);
    expect(source.revocationSignatures).to.exist;
    dest.revocationSignatures = [];
    return dest.update(source).then(() => {
@ -2907,8 +2888,8 @@ describe('Key', function() {
  });
  it('update() - merge user', async function() {
-    const source = (await openpgp.key.readArmored(pub_sig_test)).keys[0];
+    const source = await openpgp.key.readArmored(pub_sig_test);
-    const dest = (await openpgp.key.readArmored(pub_sig_test)).keys[0];
+    const dest = await openpgp.key.readArmored(pub_sig_test);
    expect(source.users[1]).to.exist;
    dest.users.pop();
    return dest.update(source).then(() => {
@ -2918,8 +2899,8 @@ describe('Key', function() {
  });
  it('update() - merge user - other and certification revocation signatures', async function() {
-    const source = (await openpgp.key.readArmored(pub_sig_test)).keys[0];
+    const source = await openpgp.key.readArmored(pub_sig_test);
-    const dest = (await openpgp.key.readArmored(pub_sig_test)).keys[0];
+    const dest = await openpgp.key.readArmored(pub_sig_test);
    expect(source.users[1].otherCertifications).to.exist;
    expect(source.users[1].revocationSignatures).to.exist;
    dest.users[1].otherCertifications = [];
@ -2933,8 +2914,8 @@ describe('Key', function() {
  });
  it('update() - merge subkey', async function() {
-    const source = (await openpgp.key.readArmored(pub_sig_test)).keys[0];
+    const source = await openpgp.key.readArmored(pub_sig_test);
-    const dest = (await openpgp.key.readArmored(pub_sig_test)).keys[0];
+    const dest = await openpgp.key.readArmored(pub_sig_test);
    expect(source.subKeys[1]).to.exist;
    dest.subKeys.pop();
    return dest.update(source).then(() => {
@ -2946,8 +2927,8 @@ describe('Key', function() {
  });
  it('update() - merge subkey - revocation signature', async function() {
-    const source = (await openpgp.key.readArmored(pub_sig_test)).keys[0];
+    const source = await openpgp.key.readArmored(pub_sig_test);
-    const dest = (await openpgp.key.readArmored(pub_sig_test)).keys[0];
+    const dest = await openpgp.key.readArmored(pub_sig_test);
    expect(source.subKeys[0].revocationSignatures).to.exist;
    dest.subKeys[0].revocationSignatures = [];
    return dest.update(source).then(() => {
@ -2957,8 +2938,8 @@ describe('Key', function() {
  });
  it('update() - merge private key into public key', async function() {
-    const source = (await openpgp.key.readArmored(priv_key_rsa)).keys[0];
+    const source = await openpgp.key.readArmored(priv_key_rsa);
-    const dest = (await openpgp.key.readArmored(twoKeys)).keys[0];
+    const [dest] = await openpgp.key.readAllArmored(twoKeys);
    expect(dest.isPublic()).to.be.true;
    return dest.update(source).then(() => {
      expect(dest.isPrivate()).to.be.true;
@ -2977,8 +2958,8 @@ describe('Key', function() {
  });
  it('update() - merge private key into public key - no subkeys', async function() {
-    const source = (await openpgp.key.readArmored(priv_key_rsa)).keys[0];
+    const source = await openpgp.key.readArmored(priv_key_rsa);
-    const dest = (await openpgp.key.readArmored(twoKeys)).keys[0];
+    const [dest] = await openpgp.key.readAllArmored(twoKeys);
    source.subKeys = [];
    dest.subKeys = [];
    expect(dest.isPublic()).to.be.true;
@ -2996,8 +2977,8 @@ describe('Key', function() {
  });
  it('update() - merge private key into public key - mismatch throws error', async function() {
-    const source = (await openpgp.key.readArmored(priv_key_rsa)).keys[0];
+    const source = await openpgp.key.readArmored(priv_key_rsa);
-    const dest = (await openpgp.key.readArmored(twoKeys)).keys[0];
+    const [dest] = await openpgp.key.readAllArmored(twoKeys);
    source.subKeys = [];
    expect(dest.subKeys).to.exist;
    expect(dest.isPublic()).to.be.true;
@ -3006,8 +2987,8 @@ describe('Key', function() {
  });
  it('update() - merge subkey binding signatures', async function() {
-    const source = (await openpgp.key.readArmored(pgp_desktop_pub)).keys[0];
+    const source = await openpgp.key.readArmored(pgp_desktop_pub);
-    const dest = (await openpgp.key.readArmored(pgp_desktop_priv)).keys[0];
+    const dest = await openpgp.key.readArmored(pgp_desktop_priv);
    expect(source.subKeys[0].bindingSignatures[0]).to.exist;
    await source.subKeys[0].verify(source.primaryKey);
    expect(dest.subKeys[0].bindingSignatures[0]).to.not.exist;
@ -3017,8 +2998,8 @@ describe('Key', function() {
  });
  it('update() - merge multiple subkey binding signatures', async function() {
-    const source = (await openpgp.key.readArmored(multipleBindingSignatures)).keys[0];
+    const source = await openpgp.key.readArmored(multipleBindingSignatures);
-    const dest = (await openpgp.key.readArmored(multipleBindingSignatures)).keys[0];
+    const dest = await openpgp.key.readArmored(multipleBindingSignatures);
    // remove last subkey binding signature of destination subkey
    dest.subKeys[0].bindingSignatures.length = 1;
    expect((await source.subKeys[0].getExpirationTime(source.primaryKey)).toISOString()).to.equal('2015-10-18T07:41:30.000Z');
@ -3031,7 +3012,7 @@ describe('Key', function() {
  });
  it('revoke() - primary key', async function() {
-    const privKey = (await openpgp.key.readArmored(priv_key_arm2)).keys[0];
+    const privKey = await openpgp.key.readArmored(priv_key_arm2);
    await privKey.decrypt('hello world');
    await privKey.revoke({
@ -3049,8 +3030,8 @@ describe('Key', function() {
  });
  it('revoke() - subkey', async function() {
-    const pubKey = (await openpgp.key.readArmored(pub_key_arm2)).keys[0];
+    const pubKey = await openpgp.key.readArmored(pub_key_arm2);
-    const privKey = (await openpgp.key.readArmored(priv_key_arm2)).keys[0];
+    const privKey = await openpgp.key.readArmored(priv_key_arm2);
    await privKey.decrypt('hello world');
    const subKey = pubKey.subKeys[0];
@ -3068,15 +3049,15 @@ describe('Key', function() {
  });
  it('applyRevocationCertificate() should produce the same revoked key as GnuPG', async function() {
-    const pubKey = (await openpgp.key.readArmored(pub_key_arm4)).keys[0];
+    const pubKey = await openpgp.key.readArmored(pub_key_arm4);
    return pubKey.applyRevocationCertificate(revocation_certificate_arm4).then(async revKey => {
-      expect(revKey.armor()).to.equal((await openpgp.key.readArmored(revoked_key_arm4)).keys[0].armor());
+      expect(revKey.armor()).to.equal((await openpgp.key.readArmored(revoked_key_arm4)).armor());
    });
  });
  it('getRevocationCertificate() should produce the same revocation certificate as GnuPG', async function() {
-    const revKey = (await openpgp.key.readArmored(revoked_key_arm4)).keys[0];
+    const revKey = await openpgp.key.readArmored(revoked_key_arm4);
    const revocationCertificate = await revKey.getRevocationCertificate();
    const input = await openpgp.armor.decode(revocation_certificate_arm4);
@ -3088,7 +3069,7 @@ describe('Key', function() {
  });
  it('getRevocationCertificate() should have an appropriate comment', async function() {
-    const revKey = (await openpgp.key.readArmored(revoked_key_arm4)).keys[0];
+    const revKey = await openpgp.key.readArmored(revoked_key_arm4);
    const revocationCertificate = await revKey.getRevocationCertificate();
    expect(revocationCertificate).to.match(/Comment: This is a revocation certificate/);
@ -3096,13 +3077,13 @@ describe('Key', function() {
  });
  it("getPreferredAlgo('symmetric') - one key - AES256", async function() {
-    const key1 = (await openpgp.key.readArmored(twoKeys)).keys[0];
+    const [key1] = await openpgp.key.readAllArmored(twoKeys);
    const prefAlgo = await openpgp.key.getPreferredAlgo('symmetric', [key1]);
    expect(prefAlgo).to.equal(openpgp.enums.symmetric.aes256);
  });
  it("getPreferredAlgo('symmetric') - two key - AES192", async function() {
-    const keys = (await openpgp.key.readArmored(twoKeys)).keys;
+    const keys = await openpgp.key.readAllArmored(twoKeys);
    const key1 = keys[0];
    const key2 = keys[1];
    const primaryUser = await key2.getPrimaryUser();
@ -3112,7 +3093,7 @@ describe('Key', function() {
  });
  it("getPreferredAlgo('symmetric') - two key - one without pref", async function() {
-    const keys = (await openpgp.key.readArmored(twoKeys)).keys;
+    const keys = await openpgp.key.readAllArmored(twoKeys);
    const key1 = keys[0];
    const key2 = keys[1];
    const primaryUser = await key2.getPrimaryUser();
@ -3122,7 +3103,7 @@ describe('Key', function() {
  });
  it("getPreferredAlgo('aead') - one key - OCB", async function() {
-    const key1 = (await openpgp.key.readArmored(twoKeys)).keys[0];
+    const [key1] = await openpgp.key.readAllArmored(twoKeys);
    const primaryUser = await key1.getPrimaryUser();
    primaryUser.selfCertification.features = [7]; // Monkey-patch AEAD feature flag
    primaryUser.selfCertification.preferredAeadAlgorithms = [2,1];
@ -3133,7 +3114,7 @@ describe('Key', function() {
  });
  it("getPreferredAlgo('aead') - two key - one without pref", async function() {
-    const keys = (await openpgp.key.readArmored(twoKeys)).keys;
+    const keys = await openpgp.key.readAllArmored(twoKeys);
    const key1 = keys[0];
    const key2 = keys[1];
    const primaryUser = await key1.getPrimaryUser();
@ -3148,7 +3129,7 @@ describe('Key', function() {
  });
  it("getPreferredAlgo('aead') - two key - one with no support", async function() {
-    const keys = (await openpgp.key.readArmored(twoKeys)).keys;
+    const keys = await openpgp.key.readAllArmored(twoKeys);
    const key1 = keys[0];
    const key2 = keys[1];
    const primaryUser = await key1.getPrimaryUser();
@ -3161,13 +3142,13 @@ describe('Key', function() {
  });
  it('User attribute packet read & write', async function() {
-    const key = (await openpgp.key.readArmored(user_attr_key)).keys[0];
+    const key = await openpgp.key.readArmored(user_attr_key);
-    const key2 = (await openpgp.key.readArmored(key.armor())).keys[0];
+    const key2 = await openpgp.key.readArmored(key.armor());
    expect(key.users[1].userAttribute).eql(key2.users[1].userAttribute);
  });
  it('getPrimaryUser()', async function() {
-    const key = (await openpgp.key.readArmored(pub_sig_test)).keys[0];
+    const key = await openpgp.key.readArmored(pub_sig_test);
    const primUser = await key.getPrimaryUser();
    expect(primUser).to.exist;
    expect(primUser.user.userId.userid).to.equal('Signature Test <signature@test.com>');
@ -3190,13 +3171,13 @@ Vz/bMCJoAShgybW1r6kRWejybzIjFSLnx/YA/iLZeo5UNdlXRJco+15RbFiNSAbw
 VYGdb3eNlV8CfoEC
 =FYbP
 -----END PGP PRIVATE KEY BLOCK-----`;
-    const key = (await openpgp.key.readArmored(keyWithoutUserID)).keys[0];
+    const key = await openpgp.key.readArmored(keyWithoutUserID);
    await expect(key.getPrimaryUser()).to.be.rejectedWith('Could not find valid self-signature in key 3ce893915c44212f');
  });
  it('Generate session key - latest created user', async function() {
-    let publicKey = (await openpgp.key.readArmored(multi_uid_key)).keys[0];
+    let publicKey = await openpgp.key.readArmored(multi_uid_key);
-    const privateKey = (await openpgp.key.readArmored(priv_key_rsa)).keys[0];
+    const privateKey = await openpgp.key.readArmored(priv_key_rsa);
    await privateKey.decrypt('hello world');
    // Set second user to prefer aes128. We should select this user by default, since it was created later.
    publicKey.users[1].selfCertifications[0].preferredSymmetricAlgorithms = [openpgp.enums.symmetric.aes128];
@ -3205,8 +3186,8 @@ VYGdb3eNlV8CfoEC
  });
  it('Generate session key - primary user', async function() {
-    let publicKey = (await openpgp.key.readArmored(multi_uid_key)).keys[0];
+    let publicKey = await openpgp.key.readArmored(multi_uid_key);
-    const privateKey = (await openpgp.key.readArmored(priv_key_rsa)).keys[0];
+    const privateKey = await openpgp.key.readArmored(priv_key_rsa);
    await privateKey.decrypt('hello world');
    // Set first user to primary. We should select this user by default.
    publicKey.users[0].selfCertifications[0].isPrimaryUserID = true;
@ -3217,8 +3198,8 @@ VYGdb3eNlV8CfoEC
  });
  it('Generate session key - specific user', async function() {
-    let publicKey = (await openpgp.key.readArmored(multi_uid_key)).keys[0];
+    let publicKey = await openpgp.key.readArmored(multi_uid_key);
-    const privateKey = (await openpgp.key.readArmored(priv_key_rsa)).keys[0];
+    const privateKey = await openpgp.key.readArmored(priv_key_rsa);
    await privateKey.decrypt('hello world');
    // Set first user to primary. We won't select this user, this is to test that.
    publicKey.users[0].selfCertifications[0].isPrimaryUserID = true;
@ -3231,10 +3212,10 @@ VYGdb3eNlV8CfoEC
  });
  it('Sign - specific user', async function() {
-    let publicKey = (await openpgp.key.readArmored(multi_uid_key)).keys[0];
+    let publicKey = await openpgp.key.readArmored(multi_uid_key);
-    const privateKey = (await openpgp.key.readArmored(priv_key_rsa)).keys[0];
+    const privateKey = await openpgp.key.readArmored(priv_key_rsa);
    await privateKey.decrypt('hello world');
-    const privateKeyClone = (await openpgp.key.readArmored(priv_key_rsa)).keys[0];
+    const privateKeyClone = await openpgp.key.readArmored(priv_key_rsa);
    // Duplicate user
    privateKey.users.push(privateKeyClone.users[0]);
    // Set first user to primary. We won't select this user, this is to test that.
@ -3253,37 +3234,37 @@ VYGdb3eNlV8CfoEC
  });
  it('Find a valid subkey binding signature among many invalid ones', async function() {
-    const key = (await openpgp.key.readArmored(valid_binding_sig_among_many_expired_sigs_pub)).keys[0];
+    const key = await openpgp.key.readArmored(valid_binding_sig_among_many_expired_sigs_pub);
    expect(await key.getEncryptionKey()).to.not.be.null;
  });
  it('Selects the most recent subkey binding signature', async function() {
-    const key = (await openpgp.key.readArmored(multipleBindingSignatures)).keys[0];
+    const key = await openpgp.key.readArmored(multipleBindingSignatures);
    expect((await key.subKeys[0].getExpirationTime(key.primaryKey)).toISOString()).to.equal('2015-10-18T07:41:30.000Z');
  });
  it('Selects the most recent non-expired subkey binding signature', async function() {
-    const key = (await openpgp.key.readArmored(multipleBindingSignatures)).keys[0];
+    const key = await openpgp.key.readArmored(multipleBindingSignatures);
    key.subKeys[0].bindingSignatures[1].signatureNeverExpires = false;
    key.subKeys[0].bindingSignatures[1].signatureExpirationTime = 0;
    expect((await key.subKeys[0].getExpirationTime(key.primaryKey)).toISOString()).to.equal('2018-09-07T06:03:37.000Z');
  });
  it('Selects the most recent valid subkey binding signature', async function() {
-    const key = (await openpgp.key.readArmored(multipleBindingSignatures)).keys[0];
+    const key = await openpgp.key.readArmored(multipleBindingSignatures);
    key.subKeys[0].bindingSignatures[1].signatureData[0]++;
    expect((await key.subKeys[0].getExpirationTime(key.primaryKey)).toISOString()).to.equal('2018-09-07T06:03:37.000Z');
  });
  it('Handles a key with no valid subkey binding signatures gracefully', async function() {
-    const key = (await openpgp.key.readArmored(multipleBindingSignatures)).keys[0];
+    const key = await openpgp.key.readArmored(multipleBindingSignatures);
    key.subKeys[0].bindingSignatures[0].signatureData[0]++;
    key.subKeys[0].bindingSignatures[1].signatureData[0]++;
    expect(await key.subKeys[0].getExpirationTime(key.primaryKey)).to.be.null;
  });
  it('Reject encryption with revoked primary user', async function() {
-    const key = (await openpgp.key.readArmored(pub_revoked_subkeys)).keys[0];
+    const key = await openpgp.key.readArmored(pub_revoked_subkeys);
    return openpgp.encrypt({publicKeys: [key], message: openpgp.message.fromText('random data')}).then(() => {
      throw new Error('encryptSessionKey should not encrypt with revoked public key');
    }).catch(function(error) {
@ -3292,7 +3273,7 @@ VYGdb3eNlV8CfoEC
  });
  it('Reject encryption with revoked subkey', async function() {
-    const key = (await openpgp.key.readArmored(pub_revoked_subkeys)).keys[0];
+    const key = await openpgp.key.readArmored(pub_revoked_subkeys);
    key.revocationSignatures = [];
    key.users[0].revocationSignatures = [];
    return openpgp.encrypt({publicKeys: [key], message: openpgp.message.fromText('random data'), date: new Date(1386842743000)}).then(() => {
@ -3303,7 +3284,7 @@ VYGdb3eNlV8CfoEC
  });
  it('Reject encryption with key revoked with appended revocation cert', async function() {
-    const key = (await openpgp.key.readArmored(pub_revoked_with_cert)).keys[0];
+    const key = await openpgp.key.readArmored(pub_revoked_with_cert);
    return openpgp.encrypt({publicKeys: [key], message: openpgp.message.fromText('random data')}).then(() => {
      throw new Error('encryptSessionKey should not encrypt with revoked public key');
    }).catch(function(error) {
@ -3312,8 +3293,8 @@ VYGdb3eNlV8CfoEC
  });
  it('Merge key with another key with non-ID user attributes', async function() {
-    const key = (await openpgp.key.readArmored(mergeKey1)).keys[0];
+    const key = await openpgp.key.readArmored(mergeKey1);
-    const updateKey = (await openpgp.key.readArmored(mergeKey2)).keys[0];
+    const updateKey = await openpgp.key.readArmored(mergeKey2);
    expect(key).to.exist;
    expect(updateKey).to.exist;
    expect(key.users).to.have.length(1);
@ -3328,7 +3309,7 @@ VYGdb3eNlV8CfoEC
  it("Should throw when trying to encrypt a key that's already encrypted", async function() {
    await expect((async function() {
      let { privateKeyArmored } = await openpgp.generateKey({ userIds: [{ email: 'hello@user.com' }], passphrase: 'pass', numBits: openpgp.util.getWebCryptoAll() ? 2048 : 512 });
-      let { keys: [k] } = await openpgp.key.readArmored(privateKeyArmored);
+      let k = await openpgp.key.readArmored(privateKeyArmored);
      await k.decrypt('pass');
      await k.encrypt('pass');
      await k.encrypt('pass');
@ -3344,12 +3325,12 @@ describe('addSubkey functionality testing', function(){
    rsaOpt = { rsaBits: rsaBits };
  }
  it('create and add a new rsa subkey to stored rsa key', async function() {
-    const privateKey = (await openpgp.key.readArmored(priv_key_rsa)).keys[0];
+    const privateKey = await openpgp.key.readArmored(priv_key_rsa);
    await privateKey.decrypt('hello world');
    const total = privateKey.subKeys.length;
    let newPrivateKey = await privateKey.addSubkey(rsaOpt);
    const armoredKey = newPrivateKey.armor();
-    newPrivateKey = (await openpgp.key.readArmored(armoredKey)).keys[0];
+    newPrivateKey = await openpgp.key.readArmored(armoredKey);
    const subKey = newPrivateKey.subKeys[total];
    expect(subKey).to.exist;
    expect(newPrivateKey.subKeys.length).to.be.equal(total+1);
@ -3362,21 +3343,21 @@ describe('addSubkey functionality testing', function(){
  });
  it('should throw when trying to encrypt a subkey separately from key', async function() {
-    const privateKey = (await openpgp.key.readArmored(priv_key_rsa)).keys[0];
+    const privateKey = await openpgp.key.readArmored(priv_key_rsa);
    await privateKey.decrypt('hello world');
    const opt = { rsaBits: rsaBits, passphrase: 'subkey passphrase'};
    await expect(privateKey.addSubkey(opt)).to.be.rejectedWith('Subkey could not be encrypted here, please encrypt whole key');
  });
  it('encrypt and decrypt key with added subkey', async function() {
-    const privateKey = (await openpgp.key.readArmored(priv_key_rsa)).keys[0];
+    const privateKey = await openpgp.key.readArmored(priv_key_rsa);
    await privateKey.decrypt('hello world');
    const total = privateKey.subKeys.length;
    let newPrivateKey = await privateKey.addSubkey(rsaOpt);
-    newPrivateKey = (await openpgp.key.readArmored(newPrivateKey.armor())).keys[0];
+    newPrivateKey = await openpgp.key.readArmored(newPrivateKey.armor());
    await newPrivateKey.encrypt('12345678');
    const armoredKey = newPrivateKey.armor();
-    let importedPrivateKey = (await openpgp.key.readArmored(armoredKey)).keys[0];
+    let importedPrivateKey = await openpgp.key.readArmored(armoredKey);
    await importedPrivateKey.decrypt('12345678');
    const subKey = importedPrivateKey.subKeys[total];
    expect(subKey).to.exist;
@ -3394,7 +3375,7 @@ describe('addSubkey functionality testing', function(){
    const subKey1 = newPrivateKey.subKeys[total];
    await newPrivateKey.encrypt('12345678');
    const armoredKey = newPrivateKey.armor();
-    newPrivateKey = (await openpgp.key.readArmored(armoredKey)).keys[0];
+    newPrivateKey = await openpgp.key.readArmored(armoredKey);
    await newPrivateKey.decrypt('12345678');
    const subKey = newPrivateKey.subKeys[total];
    expect(subKey.isDecrypted()).to.be.true;
@ -3409,13 +3390,13 @@ describe('addSubkey functionality testing', function(){
  });
  it('create and add a new ec subkey to a rsa key', async function() {
-    const privateKey = (await openpgp.key.readArmored(priv_key_rsa)).keys[0];
+    const privateKey = await openpgp.key.readArmored(priv_key_rsa);
    await privateKey.decrypt('hello world');
    const total = privateKey.subKeys.length;
    const opt2 = {curve: 'curve25519'};
    let newPrivateKey = await privateKey.addSubkey(opt2);
    const armoredKey = newPrivateKey.armor();
-    newPrivateKey = (await openpgp.key.readArmored(armoredKey)).keys[0];
+    newPrivateKey = await openpgp.key.readArmored(armoredKey);
    const subKey = newPrivateKey.subKeys[total];
    expect(subKey).to.exist;
    expect(newPrivateKey.subKeys.length).to.be.equal(total+1);
@ -3432,7 +3413,7 @@ describe('addSubkey functionality testing', function(){
    const opt2 = {sign: true};
    let newPrivateKey = await privateKey.addSubkey(opt2);
    const armoredKey = newPrivateKey.armor();
-    newPrivateKey = (await openpgp.key.readArmored(armoredKey)).keys[0];
+    newPrivateKey = await openpgp.key.readArmored(armoredKey);
    const subKey = newPrivateKey.subKeys[total];
    const subkeyOid = subKey.keyPacket.params[0];
    const pkOid = newPrivateKey.primaryKey.params[0];
@ -3457,7 +3438,7 @@ describe('addSubkey functionality testing', function(){
    const total = privateKey.subKeys.length;
    let newPrivateKey = await privateKey.addSubkey();
    const armoredKey = newPrivateKey.armor();
-    newPrivateKey = (await openpgp.key.readArmored(armoredKey)).keys[0];
+    newPrivateKey = await openpgp.key.readArmored(armoredKey);
    const subKey = newPrivateKey.subKeys[total];
    const publicKey = newPrivateKey.toPublic();
    await subKey.verify(newPrivateKey.primaryKey);
@ -3475,13 +3456,13 @@ describe('addSubkey functionality testing', function(){
  });
  it('sign/verify data with the new subkey correctly using rsa', async function() {
-    const privateKey = (await openpgp.key.readArmored(priv_key_rsa)).keys[0];
+    const privateKey = await openpgp.key.readArmored(priv_key_rsa);
    await privateKey.decrypt('hello world');
    const total = privateKey.subKeys.length;
    const opt2 = { sign: true, rsaBits: rsaBits };
    let newPrivateKey = await privateKey.addSubkey(opt2);
    const armoredKey = newPrivateKey.armor();
-    newPrivateKey = (await openpgp.key.readArmored(armoredKey)).keys[0];
+    newPrivateKey = await openpgp.key.readArmored(armoredKey);
    const subKey = newPrivateKey.subKeys[total];
    expect(subKey.getAlgorithmInfo().algorithm).to.be.equal('rsa_encrypt_sign');
    await subKey.verify(newPrivateKey.primaryKey);
@ -3496,12 +3477,12 @@ describe('addSubkey functionality testing', function(){
  });
  it('encrypt/decrypt data with the new subkey correctly using rsa', async function() {
-    const privateKey = (await openpgp.key.readArmored(priv_key_rsa)).keys[0];
+    const privateKey = await openpgp.key.readArmored(priv_key_rsa);
    await privateKey.decrypt('hello world');
    const total = privateKey.subKeys.length;
    let newPrivateKey = await privateKey.addSubkey(rsaOpt);
    const armoredKey = newPrivateKey.armor();
-    newPrivateKey = (await openpgp.key.readArmored(armoredKey)).keys[0];
+    newPrivateKey = await openpgp.key.readArmored(armoredKey);
    const subKey = newPrivateKey.subKeys[total];
    const publicKey = newPrivateKey.toPublic();
    const vData = 'the data to encrypted!';
--- a/test/general/keyring.js
+++ b/test/general/keyring.js
@ -273,14 +273,14 @@ describe("Keyring", async function() {
    const localstore2 = new openpgp.Keyring.localstore('my-custom-prefix-');
    const localstore3 = new openpgp.Keyring.localstore();
    await localstore3.storePublic([]);
-    const key = (await openpgp.key.readArmored(pubkey)).keys[0];
+    const key = await openpgp.key.readArmored(pubkey);
    await localstore1.storePublic([key]);
    expect((await localstore2.loadPublic())[0].getKeyId().equals(key.getKeyId())).to.be.true;
    expect(await localstore3.loadPublic()).to.have.length(0);
  });
  it('emptying keyring and storing removes keys', async function() {
-    const key = (await openpgp.key.readArmored(pubkey)).keys[0];
+    const key = await openpgp.key.readArmored(pubkey);
    const localstore = new openpgp.Keyring.localstore('remove-prefix-');
--- a/test/general/openpgp.js
+++ b/test/general/openpgp.js
--- a/test/general/packet.js
+++ b/test/general/packet.js
@ -817,7 +817,7 @@ V+HOQJQxXJkVRYa3QrFUehiMzTeqqMdgC6ZqJy7+
 =et/d
 -----END PGP PUBLIC KEY BLOCK-----`;
-    const key = (await openpgp.key.readArmored(pubkey)).keys[0];
+    const key = await openpgp.key.readArmored(pubkey);
    const { notations, rawNotations } = key.users[0].selfCertifications[0];
--- a/test/general/signature.js
+++ b/test/general/signature.js
@ -844,8 +844,8 @@ hUhMKMuiM3pRwdIyDOItkUWQmjEEw7/XmhgInkXsCw==
    const { reject_message_hash_algorithms } = openpgp.config;
    Object.assign(openpgp.config, { reject_message_hash_algorithms: new Set([openpgp.enums.hash.md5, openpgp.enums.hash.ripemd]) });
    try {
-      const priv_key = (await openpgp.key.readArmored(priv_key_arm1)).keys[0];
+      const priv_key = await openpgp.key.readArmored(priv_key_arm1);
-      const pub_key = (await openpgp.key.readArmored(pub_key_arm1)).keys[0];
+      const pub_key = await openpgp.key.readArmored(pub_key_arm1);
      const msg = await openpgp.message.readArmored(msg_arm1);
      await priv_key.decrypt("abcd");
      const decrypted = await openpgp.decrypt({ privateKeys: priv_key, publicKeys:[pub_key], message:msg });
@ -863,9 +863,9 @@ hUhMKMuiM3pRwdIyDOItkUWQmjEEw7/XmhgInkXsCw==
    try {
      // exercises the GnuPG s2k type 1001 extension:
      // the secrets on the primary key have been stripped.
-      const priv_key_gnupg_ext = (await openpgp.key.readArmored(priv_key_arm1_stripped)).keys[0];
+      const priv_key_gnupg_ext = await openpgp.key.readArmored(priv_key_arm1_stripped);
-      const priv_key_gnupg_ext_2 = (await openpgp.key.readArmored(priv_key_arm1_stripped)).keys[0];
+      const priv_key_gnupg_ext_2 = await openpgp.key.readArmored(priv_key_arm1_stripped);
-      const pub_key = (await openpgp.key.readArmored(pub_key_arm1)).keys[0];
+      const pub_key = await openpgp.key.readArmored(pub_key_arm1);
      const message = await openpgp.message.readArmored(msg_arm1);
      const primaryKey_packet = priv_key_gnupg_ext.primaryKey.write();
      expect(priv_key_gnupg_ext.isDecrypted()).to.be.false;
@ -890,7 +890,7 @@ hUhMKMuiM3pRwdIyDOItkUWQmjEEw7/XmhgInkXsCw==
  });
  it('Supports signing with GnuPG stripped-key extension', async function() {
-    const priv_key_gnupg_ext = (await openpgp.key.readArmored(flowcrypt_stripped_key)).keys[0];
+    const priv_key_gnupg_ext = await openpgp.key.readArmored(flowcrypt_stripped_key);
    await priv_key_gnupg_ext.decrypt('FlowCrypt');
    const sig = await openpgp.sign({ message: openpgp.message.fromText('test'), privateKeys: [priv_key_gnupg_ext], date: new Date('2018-12-17T03:24:00') });
    expect(sig).to.match(/-----END PGP MESSAGE-----\r\n$/);
@ -954,7 +954,7 @@ bwM=
          '-----END PGP MESSAGE-----'].join('\n');
      const sMsg = await openpgp.message.readArmored(signedArmor);
-      const pub_key = (await openpgp.key.readArmored(pub_key_arm2)).keys[0];
+      const pub_key = await openpgp.key.readArmored(pub_key_arm2);
      const verified = await sMsg.verify([pub_key]);
      openpgp.stream.pipe(sMsg.getLiteralData(), new openpgp.stream.WritableStream());
      expect(verified).to.exist;
@ -985,8 +985,8 @@ bwM=
    const plaintext = 'short message\nnext line\n한국어/조선말';
    const esMsg = await openpgp.message.readArmored(msg_armor);
-    const pubKey = (await openpgp.key.readArmored(pub_key_arm2)).keys[0];
+    const pubKey = await openpgp.key.readArmored(pub_key_arm2);
-    const privKey = (await openpgp.key.readArmored(priv_key_arm2)).keys[0];
+    const privKey = await openpgp.key.readArmored(priv_key_arm2);
    await Promise.all(esMsg.getEncryptionKeyIds().map(keyId => privKey.decrypt('hello world', keyId)));
@ -1020,8 +1020,8 @@ bwM=
    const plaintext = 'short message\nnext line\n한국어/조선말';
    const sMsg = await openpgp.message.readArmored(msg_armor);
-    const pubKey2 = (await openpgp.key.readArmored(pub_key_arm2)).keys[0];
+    const pubKey2 = await openpgp.key.readArmored(pub_key_arm2);
-    const pubKey3 = (await openpgp.key.readArmored(pub_key_arm3)).keys[0];
+    const pubKey3 = await openpgp.key.readArmored(pub_key_arm3);
    const keyids = sMsg.getSigningKeyIds();
@ -1044,7 +1044,7 @@ bwM=
    try {
      openpgp.config.tolerant = false;
      const sMsg = await openpgp.message.readArmored(signature_with_critical_notation);
-      const pub_key = (await openpgp.key.readArmored(pub_key_arm2)).keys[0];
+      const pub_key = await openpgp.key.readArmored(pub_key_arm2);
      const verified = await sMsg.verify([pub_key]);
      await verified[0].verified;
      testFailed = false;
@ -1062,7 +1062,7 @@ bwM=
    openpgp.config.known_notations.push('test@example.com');
    try {
      const sMsg = await openpgp.message.readArmored(signature_with_critical_notation);
-      const pub_key = (await openpgp.key.readArmored(pub_key_arm2)).keys[0];
+      const pub_key = await openpgp.key.readArmored(pub_key_arm2);
      const verified = await sMsg.verify([pub_key]);
      openpgp.stream.pipe(sMsg.getLiteralData(), new openpgp.stream.WritableStream());
      expect(await verified[0].verified).to.be.true;
@ -1098,8 +1098,8 @@ bwM=
    const plaintext = 'short message\nnext line\n한국어/조선말';
    const csMsg = await openpgp.cleartext.readArmored(msg_armor);
-    const pubKey2 = (await openpgp.key.readArmored(pub_key_arm2)).keys[0];
+    const pubKey2 = await openpgp.key.readArmored(pub_key_arm2);
-    const pubKey3 = (await openpgp.key.readArmored(pub_key_arm3)).keys[0];
+    const pubKey3 = await openpgp.key.readArmored(pub_key_arm3);
    const keyids = csMsg.getSigningKeyIds();
@ -1138,7 +1138,7 @@ PAAeuQTUrcJdZeJ86eQ9cCUB216HCwSKOWTQRzL+hBWKXij4WD4=
 =ZEFm
 -----END PGP SIGNATURE-----`);
-    const pubKey = (await openpgp.key.readArmored(pub_latin1_msg)).keys[0];
+    const pubKey = await openpgp.key.readArmored(pub_latin1_msg);
    return message.verify([pubKey]).then(async verifiedSig => {
      expect(await openpgp.stream.readToEnd(message.getLiteralData())).to.equal(latin1Binary);
@ -1176,7 +1176,7 @@ zmuVOdNuWQqxT9Sqa84=
      const plaintext = 'space: \nspace and tab: \t\nno trailing space\n  \ntab:\t\ntab and space:\t ';
      const csMsg = await openpgp.cleartext.readArmored(msg_armor);
-      const pubKey = (await openpgp.key.readArmored(pub_key_arm2)).keys[0];
+      const pubKey = await openpgp.key.readArmored(pub_key_arm2);
      const keyids = csMsg.getSigningKeyIds();
@ -1210,7 +1210,7 @@ yYDnCgA=
      const plaintext = 'space: \nspace and tab: \t\nno trailing space\n  \ntab:\t\ntab and space:\t ';
      const sMsg = await openpgp.message.readArmored(msg_armor);
-      const pubKey = (await openpgp.key.readArmored(pub_key_arm2)).keys[0];
+      const pubKey = await openpgp.key.readArmored(pub_key_arm2);
      const keyids = sMsg.getSigningKeyIds();
@ -1247,7 +1247,7 @@ yYDnCgA=
          if (!msg_armor.length) controller.close();
        }
      }));
-      const pubKey = (await openpgp.key.readArmored(pub_key_arm2)).keys[0];
+      const pubKey = await openpgp.key.readArmored(pub_key_arm2);
      const keyids = sMsg.getSigningKeyIds();
@ -1280,7 +1280,7 @@ hkJiXopCSWKSlQInL1devkJJUWJmTmZeugJYlpdLAagQJM0JpsCqIQZwKgAA
      const plaintext = 'space: \nspace and tab: \t\nno trailing space\n  \ntab:\t\ntab and space:\t ';
      const sMsg = await openpgp.message.readArmored(msg_armor);
-      const pubKey = (await openpgp.key.readArmored(pub_key_arm2)).keys[0];
+      const pubKey = await openpgp.key.readArmored(pub_key_arm2);
      const keyids = sMsg.getSigningKeyIds();
@ -1313,7 +1313,7 @@ hkJiXopCSWKSlQInL1devkJJUWJmTmZeugJYlpdLAagQJM0JpsCqIQZwKgAA
          if (!msg_armor.length) controller.close();
        }
      }));
-      const pubKey = (await openpgp.key.readArmored(pub_key_arm2)).keys[0];
+      const pubKey = await openpgp.key.readArmored(pub_key_arm2);
      const keyids = sMsg.getSigningKeyIds();
@ -1359,8 +1359,8 @@ hkJiXopCSWKSlQInL1devkJJUWJmTmZeugJYlpdLAagQJM0JpsCqIQZwKgAA
  it('Sign text with openpgp.sign and verify with openpgp.verify leads to same string cleartext and valid signatures', async function() {
    const plaintext = 'short message\nnext line \n한국어/조선말';
-    const pubKey = (await openpgp.key.readArmored(pub_key_arm2)).keys[0];
+    const pubKey = await openpgp.key.readArmored(pub_key_arm2);
-    const privKey = (await openpgp.key.readArmored(priv_key_arm2)).keys[0];
+    const privKey = await openpgp.key.readArmored(priv_key_arm2);
    await privKey.decrypt('hello world');
    return openpgp.sign({ privateKeys:[privKey], message: openpgp.cleartext.fromText(plaintext) }).then(async function(signed) {
@ -1379,8 +1379,8 @@ hkJiXopCSWKSlQInL1devkJJUWJmTmZeugJYlpdLAagQJM0JpsCqIQZwKgAA
  it('Sign text with openpgp.sign and verify with openpgp.verify leads to same string cleartext and valid signatures -- escape armored message', async function() {
    const plaintext = pub_key_arm2;
-    const pubKey = (await openpgp.key.readArmored(pub_key_arm2)).keys[0];
+    const pubKey = await openpgp.key.readArmored(pub_key_arm2);
-    const privKey = (await openpgp.key.readArmored(priv_key_arm2)).keys[0];
+    const privKey = await openpgp.key.readArmored(priv_key_arm2);
    await privKey.decrypt('hello world');
    return openpgp.sign({ privateKeys:[privKey], message: openpgp.cleartext.fromText(plaintext) }).then(async function(signed) {
@ -1399,8 +1399,8 @@ hkJiXopCSWKSlQInL1devkJJUWJmTmZeugJYlpdLAagQJM0JpsCqIQZwKgAA
  it('Sign text with openpgp.sign and verify with openpgp.verify leads to same string cleartext and valid signatures -- trailing spaces', async function() {
    const plaintext = 'space: \nspace and tab: \t\nno trailing space\n  \ntab:\t\ntab and space:\t ';
-    const pubKey = (await openpgp.key.readArmored(pub_key_arm2)).keys[0];
+    const pubKey = await openpgp.key.readArmored(pub_key_arm2);
-    const privKey = (await openpgp.key.readArmored(priv_key_arm2)).keys[0];
+    const privKey = await openpgp.key.readArmored(priv_key_arm2);
    await privKey.decrypt('hello world');
    return openpgp.sign({ privateKeys:[privKey], message: openpgp.cleartext.fromText(plaintext) }).then(async function(signed) {
@ -1419,8 +1419,8 @@ hkJiXopCSWKSlQInL1devkJJUWJmTmZeugJYlpdLAagQJM0JpsCqIQZwKgAA
  it('Sign text with openpgp.sign and verify with openpgp.verify leads to same bytes cleartext and valid signatures - armored', async function() {
    const plaintext = openpgp.util.str_to_Uint8Array('short message\nnext line \n한국어/조선말');
-    const pubKey = (await openpgp.key.readArmored(pub_key_arm2)).keys[0];
+    const pubKey = await openpgp.key.readArmored(pub_key_arm2);
-    const privKey = (await openpgp.key.readArmored(priv_key_arm2)).keys[0];
+    const privKey = await openpgp.key.readArmored(priv_key_arm2);
    await privKey.decrypt('hello world');
    return openpgp.sign({ privateKeys:[privKey], message: openpgp.message.fromBinary(plaintext) }).then(async function(signed) {
@ -1439,8 +1439,8 @@ hkJiXopCSWKSlQInL1devkJJUWJmTmZeugJYlpdLAagQJM0JpsCqIQZwKgAA
  it('Sign text with openpgp.sign and verify with openpgp.verify leads to same bytes cleartext and valid signatures - not armored', async function() {
    const plaintext = openpgp.util.str_to_Uint8Array('short message\nnext line \n한국어/조선말');
-    const pubKey = (await openpgp.key.readArmored(pub_key_arm2)).keys[0];
+    const pubKey = await openpgp.key.readArmored(pub_key_arm2);
-    const privKey = (await openpgp.key.readArmored(priv_key_arm2)).keys[0];
+    const privKey = await openpgp.key.readArmored(priv_key_arm2);
    await privKey.decrypt('hello world');
    return openpgp.sign({ privateKeys:[privKey], message: openpgp.message.fromBinary(plaintext), armor:false }).then(async function(signed) {
@ -1459,8 +1459,8 @@ hkJiXopCSWKSlQInL1devkJJUWJmTmZeugJYlpdLAagQJM0JpsCqIQZwKgAA
  it('Should verify cleartext message correctly when using a detached cleartext signature and binary literal data', async function () {
    const plaintext = 'short message\nnext line \n한국어/조선말';
-    const pubKey = (await openpgp.key.readArmored(pub_key_arm2)).keys[0];
+    const pubKey = await openpgp.key.readArmored(pub_key_arm2);
-    const privKey = (await openpgp.key.readArmored(priv_key_arm2)).keys[0];
+    const privKey = await openpgp.key.readArmored(priv_key_arm2);
    await privKey.decrypt('hello world');
    return openpgp.sign({ privateKeys:[privKey], message: openpgp.message.fromText(plaintext), detached: true}).then(async function(signed) {
      const signature = await openpgp.signature.readArmored(signed);
@ -1476,8 +1476,8 @@ hkJiXopCSWKSlQInL1devkJJUWJmTmZeugJYlpdLAagQJM0JpsCqIQZwKgAA
  it('Should verify cleartext message correctly when using a detached binary signature and text literal data', async function () {
    const plaintext = 'short message\nnext line \n한국어/조선말';
    const plaintextArray = openpgp.util.encode_utf8(plaintext);
-    const pubKey = (await openpgp.key.readArmored(pub_key_arm2)).keys[0];
+    const pubKey = await openpgp.key.readArmored(pub_key_arm2);
-    const privKey = (await openpgp.key.readArmored(priv_key_arm2)).keys[0];
+    const privKey = await openpgp.key.readArmored(priv_key_arm2);
    await privKey.decrypt('hello world');
    return openpgp.sign({ privateKeys:[privKey], message:openpgp.message.fromBinary(plaintextArray), detached: true}).then(async function(signed) {
      const signature = await openpgp.signature.readArmored(signed);
@ -1492,8 +1492,8 @@ hkJiXopCSWKSlQInL1devkJJUWJmTmZeugJYlpdLAagQJM0JpsCqIQZwKgAA
  it('Should verify encrypted cleartext message correctly when encrypting binary literal data with a canonical text signature', async function () {
    const plaintext = 'short message\nnext line \n한국어/조선말';
-    const pubKey = (await openpgp.key.readArmored(pub_key_arm2)).keys[0];
+    const pubKey = await openpgp.key.readArmored(pub_key_arm2);
-    const privKey = (await openpgp.key.readArmored(priv_key_arm2)).keys[0];
+    const privKey = await openpgp.key.readArmored(priv_key_arm2);
    await Promise.all([privKey.primaryKey.decrypt('hello world'), privKey.subKeys[0].keyPacket.decrypt('hello world')]);
    return openpgp.sign({ privateKeys:[privKey], message: openpgp.message.fromText(plaintext), detached: true}).then(async function(signed) {
      const signature = await openpgp.signature.readArmored(signed);
@ -1510,7 +1510,7 @@ hkJiXopCSWKSlQInL1devkJJUWJmTmZeugJYlpdLAagQJM0JpsCqIQZwKgAA
  });
  it('Verify test with expired verification public key', async function() {
-    const pubKey = (await openpgp.key.readArmored(pub_expired)).keys[0];
+    const pubKey = await openpgp.key.readArmored(pub_expired);
    const message = await openpgp.message.readArmored(msg_sig_expired);
    return openpgp.verify({ publicKeys:[pubKey], message:message }).then(function(verified) {
      expect(verified).to.exist;
@ -1521,7 +1521,7 @@ hkJiXopCSWKSlQInL1devkJJUWJmTmZeugJYlpdLAagQJM0JpsCqIQZwKgAA
  });
  it('Verify test with expired verification public key and disable expiration checks using null date', async function() {
-    const pubKey = (await openpgp.key.readArmored(pub_expired)).keys[0];
+    const pubKey = await openpgp.key.readArmored(pub_expired);
    const message = await openpgp.message.readArmored(msg_sig_expired);
    return openpgp.verify({ publicKeys:[pubKey], message:message, date: null }).then(function(verified) {
      expect(verified).to.exist;
@ -1533,7 +1533,7 @@ hkJiXopCSWKSlQInL1devkJJUWJmTmZeugJYlpdLAagQJM0JpsCqIQZwKgAA
  // TODO add test with multiple revocation signatures
  it('Verify primary key revocation signatures', async function() {
-    const pubKey = (await openpgp.key.readArmored(pub_revoked)).keys[0];
+    const pubKey = await openpgp.key.readArmored(pub_revoked);
    await expect(pubKey.revocationSignatures[0].verify(
      pubKey.primaryKey, openpgp.enums.signature.key_revocation, {key: pubKey.primaryKey}
    )).to.eventually.be.true;
@ -1541,14 +1541,14 @@ hkJiXopCSWKSlQInL1devkJJUWJmTmZeugJYlpdLAagQJM0JpsCqIQZwKgAA
  // TODO add test with multiple revocation signatures
  it('Verify subkey revocation signatures', async function() {
-    const pubKey = (await openpgp.key.readArmored(pub_revoked)).keys[0];
+    const pubKey = await openpgp.key.readArmored(pub_revoked);
    await expect(pubKey.subKeys[0].revocationSignatures[0].verify(
      pubKey.primaryKey, openpgp.enums.signature.subkey_revocation, {key: pubKey.primaryKey, bind: pubKey.subKeys[0].keyPacket}
    )).to.eventually.be.true;
  });
  it('Verify key expiration date', async function() {
-    const pubKey = (await openpgp.key.readArmored(pub_revoked)).keys[0];
+    const pubKey = await openpgp.key.readArmored(pub_revoked);
    expect(pubKey).to.exist;
    expect(pubKey.users[0].selfCertifications[0].keyNeverExpires).to.be.false;
@ -1556,15 +1556,15 @@ hkJiXopCSWKSlQInL1devkJJUWJmTmZeugJYlpdLAagQJM0JpsCqIQZwKgAA
  });
  it('Write unhashed subpackets', async function() {
-    let pubKey = (await openpgp.key.readArmored(pub_key_arm2)).keys[0];
+    let pubKey = await openpgp.key.readArmored(pub_key_arm2);
    expect(pubKey.users[0].selfCertifications).to.exist;
-    pubKey = (await openpgp.key.readArmored(pubKey.armor())).keys[0];
+    pubKey = await openpgp.key.readArmored(pubKey.armor());
    expect(pubKey.users[0].selfCertifications).to.exist;
  });
  it('Write V4 signatures', async function() {
-    const pubKey = (await openpgp.key.readArmored(pub_key_arm2)).keys[0];
+    const pubKey = await openpgp.key.readArmored(pub_key_arm2);
-    const pubKey2 = (await openpgp.key.readArmored(pubKey.armor())).keys[0];
+    const pubKey2 = await openpgp.key.readArmored(pubKey.armor());
    expect(pubKey2).to.exist;
    expect(pubKey.users[0].selfCertifications).to.eql(pubKey2.users[0].selfCertifications);
  });
@ -1606,12 +1606,12 @@ hkJiXopCSWKSlQInL1devkJJUWJmTmZeugJYlpdLAagQJM0JpsCqIQZwKgAA
      ''].join('\r\n');
    const publicKeyArmored = '-----BEGIN PGP PUBLIC KEY BLOCK-----\r\nVersion: OpenPGP.js v.1.20131116\r\nComment: Whiteout Mail - https://whiteout.io\r\n\r\nxsBNBFKODs4BB/9iOF4THsjQMY+WEpT7ShgKxj4bHzRRaQkqczS4nZvP0U3g\r\nqeqCnbpagyeKXA+bhWFQW4GmXtgAoeD5PXs6AZYrw3tWNxLKu2Oe6Tp9K/XI\r\nxTMQ2wl4qZKDXHvuPsJ7cmgaWqpPyXtxA4zHHS3WrkI/6VzHAcI/y6x4szSB\r\nKgSuhI3hjh3s7TybUC1U6AfoQGx/S7e3WwlCOrK8GTClirN/2mCPRC5wuIft\r\nnkoMfA6jK8d2OPrJ63shy5cgwHOjQg/xuk46dNS7tkvGmbaa+X0PgqSKB+Hf\r\nYPPNS/ylg911DH9qa8BqYU2QpNh9jUKXSF+HbaOM+plWkCSAL7czV+R3ABEB\r\nAAHNLVdoaXRlb3V0IFVzZXIgPHNhZmV3aXRobWUudGVzdHVzZXJAZ21haWwu\r\nY29tPsLAXAQQAQgAEAUCUo4O2gkQ1/uT/N+/wjwAAN2cB/9gFRmAfvEQ2qz+\r\nWubmT2EsSSnjPMxzG4uyykFoa+TaZCWo2Xa2tQghmU103kEkQb1OEjRjpgwJ\r\nYX9Kghnl8DByM686L5AXnRyHP78qRJCLXSXl0AGicboUDp5sovaa4rswQceH\r\nvcdWgZ/mgHTRoiQeJddy9k+H6MPFiyFaVcFwegVsmpc+dCcC8yT+qh8ZIbyG\r\nRJU60PmKKN7LUusP+8DbSv39zCGJCBlVVKyA4MzdF5uM+sqTdXbKzOrT5DGd\r\nCZaox4s+w16Sq1rHzZKFWfQPfKLDB9pyA0ufCVRA3AF6BUi7G3ZqhZiHNhMP\r\nNvE45V/hS1PbZcfPVoUjE2qc1Ix1\r\n=7Wpe\r\n-----END PGP PUBLIC KEY BLOCK-----';
-    const publicKeys = (await openpgp.key.readArmored(publicKeyArmored)).keys;
+    const publicKey = await openpgp.key.readArmored(publicKeyArmored);
    // Text
    const msg = openpgp.message.fromText(content);
    await msg.appendSignature(detachedSig);
-    return msg.verify(publicKeys).then(async result => {
+    return msg.verify([publicKey]).then(async result => {
      openpgp.stream.pipe(msg.getLiteralData(), new openpgp.stream.WritableStream());
      expect(await result[0].verified).to.be.true;
    });
@ -1619,8 +1619,8 @@ hkJiXopCSWKSlQInL1devkJJUWJmTmZeugJYlpdLAagQJM0JpsCqIQZwKgAA
  it('Detached signature signing and verification', async function() {
    const msg = openpgp.message.fromText('hello');
-    const pubKey2 = (await openpgp.key.readArmored(pub_key_arm2)).keys[0];
+    const pubKey2 = await openpgp.key.readArmored(pub_key_arm2);
-    const privKey2 = (await openpgp.key.readArmored(priv_key_arm2)).keys[0];
+    const privKey2 = await openpgp.key.readArmored(priv_key_arm2);
    await privKey2.decrypt('hello world');
    const opt = {numBits: 512, userIds: { name:'test', email:'a@b.com' }, passphrase: null};
@ -1675,8 +1675,8 @@ hkJiXopCSWKSlQInL1devkJJUWJmTmZeugJYlpdLAagQJM0JpsCqIQZwKgAA
      '-----END PGP PUBLIC KEY BLOCK-----'
    ].join('\n');
-    const signedKey = (await openpgp.key.readArmored(signedArmor)).keys[0];
+    const signedKey = await openpgp.key.readArmored(signedArmor);
-    const signerKey = (await openpgp.key.readArmored(priv_key_arm1)).keys[0];
+    const signerKey = await openpgp.key.readArmored(priv_key_arm1);
    return signedKey.verifyPrimaryUser([signerKey]).then(signatures => {
      expect(signatures[0].valid).to.be.null;
      expect(signatures[0].keyid.toHex()).to.equal(signedKey.getKeyId().toHex());
@ -1710,7 +1710,7 @@ iTuGu4fEU1UligAXSrZmCdE=
 =VK6I
 -----END PGP PUBLIC KEY BLOCK-----`;
-    const key = (await openpgp.key.readArmored(armoredKeyWithPhoto)).keys[0];
+    const key = await openpgp.key.readArmored(armoredKeyWithPhoto);
    for (const user of key.users) {
      await user.verify(key.primaryKey);
    }
--- a/test/general/streaming.js
+++ b/test/general/streaming.js
@ -316,8 +316,8 @@ function tests() {
  it('Encrypt and decrypt larger message roundtrip using curve x25519 (allow_unauthenticated_stream=true)', async function() {
    let allow_unauthenticated_streamValue = openpgp.config.allow_unauthenticated_stream;
    openpgp.config.allow_unauthenticated_stream = true;
-    const priv = (await openpgp.key.readArmored(xPriv)).keys[0];
+    const priv = await openpgp.key.readArmored(xPriv);
-    const pub = (await openpgp.key.readArmored(xPub)).keys[0];
+    const pub = await openpgp.key.readArmored(xPub);
    await priv.decrypt(xPass);
    try {
      const encrypted = await openpgp.encrypt({
@ -348,8 +348,8 @@ function tests() {
  it('Encrypt and decrypt larger message roundtrip using curve brainpool (allow_unauthenticated_stream=true)', async function() {
    let allow_unauthenticated_streamValue = openpgp.config.allow_unauthenticated_stream;
    openpgp.config.allow_unauthenticated_stream = true;
-    const priv = (await openpgp.key.readArmored(brainpoolPriv)).keys[0];
+    const priv = await openpgp.key.readArmored(brainpoolPriv);
-    const pub = (await openpgp.key.readArmored(brainpoolPub)).keys[0];
+    const pub = await openpgp.key.readArmored(brainpoolPub);
    await priv.decrypt(brainpoolPass);
    try {
      const encrypted = await openpgp.encrypt({
@ -806,8 +806,8 @@ function tests() {
        controller.close();
      }
    });
-    const priv = (await openpgp.key.readArmored(brainpoolPriv)).keys[0];
+    const priv = await openpgp.key.readArmored(brainpoolPriv);
-    const pub = (await openpgp.key.readArmored(brainpoolPub)).keys[0];
+    const pub = await openpgp.key.readArmored(brainpoolPub);
    await priv.decrypt(brainpoolPass);
    const signed = await openpgp.sign({
      message: openpgp.message.fromBinary(data),
@ -837,8 +837,8 @@ function tests() {
        controller.close();
      }
    });
-    const priv = (await openpgp.key.readArmored(xPriv)).keys[0];
+    const priv = await openpgp.key.readArmored(xPriv);
-    const pub = (await openpgp.key.readArmored(xPub)).keys[0];
+    const pub = await openpgp.key.readArmored(xPub);
    await priv.decrypt(xPass);
    const signed = await openpgp.sign({
      message: openpgp.message.fromBinary(data),
@ -893,8 +893,8 @@ describe('Streaming', function() {
  let currentTest = 0;
  before(async function() {
-    pubKey = (await openpgp.key.readArmored(pub_key)).keys[0];
+    pubKey = await openpgp.key.readArmored(pub_key);
-    privKey = (await openpgp.key.readArmored(priv_key)).keys[0];
+    privKey = await openpgp.key.readArmored(priv_key);
    await privKey.decrypt(passphrase);
  });
--- a/test/general/wkd.js
+++ b/test/general/wkd.js
@ -20,27 +20,26 @@ describe.skip('WKD unit tests', function() {
      return wkd.lookup({
        email: 'test-wkd@metacode.biz',
        rawBytes: true
-      }).then(function(key) {
+      }).then(function(keys) {
-        expect(key).to.exist;
+        expect(keys).to.exist;
-        expect(key).to.be.an.instanceof(Uint8Array);
+        expect(keys).to.be.an.instanceof(Uint8Array);
      });
    });
    it('by email address should work', function() {
      return wkd.lookup({
        email: 'test-wkd@metacode.biz'
-      }).then(function(key) {
+      }).then(function(keys) {
-        expect(key).to.exist;
+        expect(keys).to.exist;
-        expect(key).to.have.property('keys');
+        expect(keys).to.have.length(1);
        expect(key.keys).to.have.length(1);
      });
    });
    it('by email address should not find a key', function() {
      return wkd.lookup({
        email: 'test-wkd-does-not-exist@metacode.biz'
-      }).then(function(key) {
+      }).then(function(keys) {
-        expect(key).to.be.undefined;
+        expect(keys).to.be.undefined;
      });
    });
  });
--- a/test/general/x25519.js
+++ b/test/general/x25519.js
@ -124,11 +124,9 @@ const input = require('./testInputs');
    }
    const pub = await openpgp.key.readArmored(data[name].pub);
    expect(pub).to.exist;
-    expect(pub.err).to.not.exist;
+    expect(pub.getKeyId().toHex()).to.equal(data[name].id);
-    expect(pub.keys).to.have.length(1);
+    data[name].pub_key = pub;
-    expect(pub.keys[0].getKeyId().toHex()).to.equal(data[name].id);
+    return pub;
    data[name].pub_key = pub.keys[0];
    return data[name].pub_key;
  }
  async function load_priv_key(name) {
@ -137,12 +135,10 @@ const input = require('./testInputs');
    }
    const pk = await openpgp.key.readArmored(data[name].priv);
    expect(pk).to.exist;
-    expect(pk.err).to.not.exist;
+    expect(pk.getKeyId().toHex()).to.equal(data[name].id);
-    expect(pk.keys).to.have.length(1);
+    expect(await pk.decrypt(data[name].pass)).to.be.true;
-    expect(pk.keys[0].getKeyId().toHex()).to.equal(data[name].id);
+    data[name].priv_key = pk;
-    expect(await pk.keys[0].decrypt(data[name].pass)).to.be.true;
+    return pk;
    data[name].priv_key = pk.keys[0];
    return data[name].priv_key;
  }
  it('Load public key', async function () {
@ -417,7 +413,7 @@ const input = require('./testInputs');
      'Gbm1oe83ZB+0aSp5m34YkpHQNb80y8PGFy7nIexiAA==',
      '=xeG/',
      '-----END PGP PUBLIC KEY BLOCK-----'].join('\n');
-    const hi = (await openpgp.key.readArmored(pubKey)).keys[0];
+    const hi = await openpgp.key.readArmored(pubKey);
    const results = hi.getPrimaryUser();
    expect(results).to.exist;
    expect(results.user).to.exist;
--- a/test/security/message_signature_bypass.js
+++ b/test/security/message_signature_bypass.js
@ -67,7 +67,7 @@ fhGyl7nA7UCwgsqf7ZPBhRg=
 =nbjQ
 -----END PGP SIGNATURE-----`;
 async function getOtherPubKey() {
-  return (await key.readArmored(OTHERPUBKEY)).keys[0];
+  return await key.readArmored(OTHERPUBKEY);
 }
 /**
--- a/test/security/preferred_algo_mismatch.js
+++ b/test/security/preferred_algo_mismatch.js
@ -44,6 +44,6 @@ EnxUPL95HuMKoVkf4w==
 it('Does not accept message encrypted with algo not mentioned in preferred algorithms', async function() {
  const message = await openpgp.message.readArmored(messageArmor);
-  const privKey = (await openpgp.key.readArmored(privateKeyArmor)).keys[0];
+  const privKey = await openpgp.key.readArmored(privateKeyArmor);
  await expect(openpgp.decrypt({ message, privateKeys: [privKey] })).to.be.rejectedWith('A non-preferred symmetric algorithm was used.');
 });
--- a/test/security/subkey_trust.js
+++ b/test/security/subkey_trust.js
@ -63,7 +63,7 @@ async function testSubkeyTrust() {
    fakeBindingSignature // faked key binding
  ]);
  let fakeKey = new key.Key(newList);
-  fakeKey = (await key.readArmored(await fakeKey.toPublic().armor())).keys[0];
+  fakeKey = await key.readArmored(await fakeKey.toPublic().armor());
  const verifyAttackerIsBatman = await openpgp.verify({
    message: (await cleartext.readArmored(signed)),
    publicKeys: fakeKey,
--- a/test/security/unsigned_subpackets.js
+++ b/test/security/unsigned_subpackets.js
@ -49,7 +49,7 @@ Dc2vwS83Aja9iWrIEg==
 -----END PGP PRIVATE KEY BLOCK-----`;
 async function getInvalidKey() {
-  return (await key.readArmored(INVALID_KEY)).keys[0];
+  return await key.readArmored(INVALID_KEY);
 }
 async function makeKeyValid() {
  /**
@ -85,8 +85,7 @@ async function makeKeyValid() {
  let modifiedkey = new key.Key(newlist);
  // re-read the message to eliminate any
  // behaviour due to cached values.
-  modifiedkey = (await key.readArmored(
+  modifiedkey = await key.readArmored(await modifiedkey.armor());
    await modifiedkey.armor())).keys[0];
  expect(await encryptFails(invalidkey)).to.be.true;
  expect(await encryptFails(modifiedkey)).to.be.true;
--- a/test/worker/async_proxy.js
+++ b/test/worker/async_proxy.js
@ -42,7 +42,7 @@ tryTests('Async Proxy', tests, {
    } catch (e) {
      openpgp.util.print_debug_error(e);
    }
-    pubKey = (await openpgp.key.readArmored(pub_key)).keys[0];
+    pubKey = await openpgp.key.readArmored(pub_key);
  },
  after: async function() {
    await openpgp.destroyWorker();
--- a/test/worker/worker_example.js
+++ b/test/worker/worker_example.js
@ -42,25 +42,25 @@ onmessage = async function({ data: { action, message }, ports: [port] }) {
    let result;
    switch (action) {
      case 'encrypt': {
-        const { keys: publicKeys } = await openpgp.key.readArmored(publicKeyArmored);
+        const publicKey = await openpgp.key.readArmored(publicKeyArmored);
-        const { keys: privateKeys } = await openpgp.key.readArmored(privateKeyArmored);
+        const privateKey = await openpgp.key.readArmored(privateKeyArmored);
-        await privateKeys[0].decrypt('test');
+        await privateKey.decrypt('test');
        const data = await openpgp.encrypt({
          message: openpgp.message.fromText(message),
-          publicKeys,
+          publicKeys: publicKey,
-          privateKeys
+          privateKeys: privateKey
        });
        result = data;
        break;
      }
      case 'decrypt': {
-        const { keys: publicKeys } = await openpgp.key.readArmored(publicKeyArmored);
+        const publicKey = await openpgp.key.readArmored(publicKeyArmored);
-        const { keys: privateKeys } = await openpgp.key.readArmored(privateKeyArmored);
+        const privateKey = await openpgp.key.readArmored(privateKeyArmored);
-        await privateKeys[0].decrypt('test');
+        await privateKey.decrypt('test');
        const { data, signatures } = await openpgp.decrypt({
          message: await openpgp.message.readArmored(message),
-          publicKeys,
+          publicKeys: publicKey,
-          privateKeys
+          privateKeys: privateKey
        });
        if (!signatures[0].valid) {
          throw new Error("Couldn't veriy signature");