diff --git a/openpgp.d.ts b/openpgp.d.ts index 46966373..eedd88a3 100644 --- a/openpgp.d.ts +++ b/openpgp.d.ts @@ -14,7 +14,7 @@ export function readKey(options: { binaryKey: Uint8Array, config?: PartialConfig export function readKeys(options: { armoredKeys: string, config?: PartialConfig }): Promise; export function readKeys(options: { binaryKeys: Uint8Array, config?: PartialConfig }): Promise; export function generateKey(options: KeyOptions): Promise; -export function generateSessionKey(options: { publicKeys: Key[], date?: Date, toUserIDs?: UserID[], config?: PartialConfig }): Promise; +export function generateSessionKey(options: { encryptionKeys: Key[], date?: Date, encryptionUserIDs?: UserID[], config?: PartialConfig }): Promise; export function decryptKey(options: { privateKey: Key; passphrase?: string | string[]; config?: PartialConfig }): Promise; export function encryptKey(options: { privateKey: Key; passphrase?: string | string[]; config?: PartialConfig }): Promise; export function reformatKey(options: { privateKey: Key; userIDs?: UserID|UserID[]; passphrase?: string; keyExpirationTime?: number; config?: PartialConfig }): Promise; @@ -212,14 +212,14 @@ export class Message> { public armor(config?: Config): string; /** Decrypt the message - @param privateKey private key with decrypted secret data + @param decryptionKeys array of private keys with decrypted secret data */ - public decrypt(privateKeys?: Key[], passwords?: string[], sessionKeys?: SessionKey[], config?: Config): Promise>>; + public decrypt(decryptionKeys?: Key[], passwords?: string[], sessionKeys?: SessionKey[], config?: Config): Promise>>; /** Encrypt the message - @param keys array of keys, used to encrypt the message + @param encryptionKeys array of public keys, used to encrypt the message */ - public encrypt(keys?: Key[], passwords?: string[], sessionKeys?: SessionKey[], wildcard?: boolean, encryptionKeyIDs?: KeyID[], date?: Date, userIDs?: UserID[], config?: Config): Promise>>; + public encrypt(encryptionKeys?: Key[], passwords?: string[], sessionKeys?: SessionKey[], wildcard?: boolean, encryptionKeyIDs?: KeyID[], date?: Date, userIDs?: UserID[], config?: Config): Promise>>; /** Returns the key IDs of the keys to which the session key is encrypted */ @@ -240,18 +240,18 @@ export class Message> { public getFilename(): string | null; /** Sign the message (the literal data packet of the message) - @param privateKey private keys with decrypted secret key data for signing + @param signingKeys private keys with decrypted secret key data for signing */ - public sign(privateKey: Key[], signature?: Signature, signingKeyIDs?: KeyID[], date?: Date, userIDs?: UserID[], config?: Config): Promise>; + public sign(signingKeys: Key[], signature?: Signature, signingKeyIDs?: KeyID[], date?: Date, userIDs?: UserID[], config?: Config): Promise>; /** Unwrap compressed message */ public unwrapCompressed(): Message; /** Verify message signatures - @param keys array of keys to verify signatures + @param verificationKeys array of public keys to verify signatures */ - public verify(keys: Key[], date?: Date, config?: Config): Promise; + public verify(verificationKeys: Key[], date?: Date, config?: Config): Promise; /** * Append signature to unencrypted message object @@ -525,9 +525,9 @@ interface EncryptOptions { /** message to be encrypted as created by createMessage */ message: Message>; /** (optional) array of keys or single key, used to encrypt the message */ - publicKeys?: Key | Key[]; + encryptionKeys?: Key | Key[]; /** (optional) private keys for signing. If omitted message will not be signed */ - privateKeys?: Key | Key[]; + signingKeys?: Key | Key[]; /** (optional) array of passwords or a single password to encrypt the message */ passwords?: string | string[]; /** (optional) session key in the form: { data:Uint8Array, algorithm:String } */ @@ -540,10 +540,14 @@ interface EncryptOptions { date?: Date; /** (optional) use a key ID of 0 instead of the public key IDs */ wildcard?: boolean; - /** (optional) user ID to sign with, e.g. { name:'Steve Sender', email:'steve@openpgp.org' } */ - fromUserID?: UserID; - /** (optional) user ID to encrypt for, e.g. { name:'Robert Receiver', email:'robert@openpgp.org' } */ - toUserID?: UserID; + /** (optional) Array of key IDs to use for signing. Each `signingKeyIDs[i]` corresponds to `signingKeys[i]` */ + signingKeyIDs?: KeyID[]; + /** (optional) Array of key IDs to use for encryption. Each `encryptionKeyIDs[i]` corresponds to `encryptionKeys[i]`*/ + encryptionKeyIDs?: KeyID[]; + /** (optional) Array of user IDs to sign with, e.g. { name:'Steve Sender', email:'steve@openpgp.org' } */ + signingUserIDs?: UserID[]; + /** (optional) array of user IDs to encrypt for, e.g. { name:'Robert Receiver', email:'robert@openpgp.org' } */ + encryptionUserIDs?: UserID[]; config?: PartialConfig; } @@ -551,13 +555,13 @@ interface DecryptOptions { /** the message object with the encrypted data */ message: Message>; /** (optional) private keys with decrypted secret key data or session key */ - privateKeys?: Key | Key[]; + decryptionKeys?: Key | Key[]; /** (optional) passwords to decrypt the message */ passwords?: string | string[]; /** (optional) session keys in the form: { data:Uint8Array, algorithm:String } */ sessionKeys?: SessionKey | SessionKey[]; /** (optional) array of public keys or single key, to verify signatures */ - publicKeys?: Key | Key[]; + verificationKeys?: Key | Key[]; /** (optional) whether data decryption should fail if the message is not signed with the provided publicKeys */ expectSigned?: boolean; /** (optional) whether to return data as a string(Stream) or Uint8Array(Stream). If 'utf8' (the default), also normalize newlines. */ @@ -571,12 +575,13 @@ interface DecryptOptions { interface SignOptions { message: CleartextMessage | Message>; - privateKeys?: Key | Key[]; + signingKeys?: Key | Key[]; armor?: boolean; dataType?: DataPacketType; detached?: boolean; + signingKeyIDs?: KeyID[]; date?: Date; - fromUserID?: UserID; + signingUserIDs?: UserID[]; config?: PartialConfig; } @@ -584,7 +589,7 @@ interface VerifyOptions { /** (cleartext) message object with signatures */ message: CleartextMessage | Message>; /** array of publicKeys or single key, to verify signatures */ - publicKeys: Key | Key[]; + verificationKeys: Key | Key[]; /** (optional) whether verification should throw if the message is not signed with the provided publicKeys */ expectSigned?: boolean; /** (optional) whether to return data as a string(Stream) or Uint8Array(Stream). If 'utf8' (the default), also normalize newlines. */ diff --git a/src/message.js b/src/message.js index 345c7509..b613c210 100644 --- a/src/message.js +++ b/src/message.js @@ -104,15 +104,15 @@ export class Message { /** * Decrypt the message. Either a private key, a session key, or a password must be specified. - * @param {Array} [privateKeys] - Private keys with decrypted secret data + * @param {Array} [decryptionKeys] - Private keys with decrypted secret data * @param {Array} [passwords] - Passwords used to decrypt * @param {Array} [sessionKeys] - Session keys in the form: { data:Uint8Array, algorithm:String, [aeadAlgorithm:String] } * @param {Object} [config] - Full configuration, defaults to openpgp.config * @returns {Promise} New message with decrypted content. * @async */ - async decrypt(privateKeys, passwords, sessionKeys, config = defaultConfig) { - const keyObjs = sessionKeys || await this.decryptSessionKeys(privateKeys, passwords, config); + async decrypt(decryptionKeys, passwords, sessionKeys, config = defaultConfig) { + const keyObjs = sessionKeys || await this.decryptSessionKeys(decryptionKeys, passwords, config); const symEncryptedPacketlist = this.packets.filterByTag( enums.packet.symmetricallyEncryptedData, @@ -155,7 +155,7 @@ export class Message { /** * Decrypt encrypted session keys either with private keys or passwords. - * @param {Array} [privateKeys] - Private keys with decrypted secret data + * @param {Array} [decryptionKeys] - Private keys with decrypted secret data * @param {Array} [passwords] - Passwords used to decrypt * @param {Object} [config] - Full configuration, defaults to openpgp.config * @returns {Promise>} array of object with potential sessionKey, algorithm pairs * @async */ - async decryptSessionKeys(privateKeys, passwords, config = defaultConfig) { + async decryptSessionKeys(decryptionKeys, passwords, config = defaultConfig) { let keyPackets = []; let exception; @@ -189,13 +189,13 @@ export class Message { } })); })); - } else if (privateKeys) { + } else if (decryptionKeys) { const pkESKeyPacketlist = this.packets.filterByTag(enums.packet.publicKeyEncryptedSessionKey); if (pkESKeyPacketlist.length === 0) { throw new Error('No public key encrypted session key packet found.'); } await Promise.all(pkESKeyPacketlist.map(async function(keyPacket) { - await Promise.all(privateKeys.map(async function(privateKey) { + await Promise.all(decryptionKeys.map(async function(decryptionKey) { let algos = [ enums.symmetric.aes256, // Old OpenPGP.js default fallback enums.symmetric.aes128, // RFC4880bis fallback @@ -203,23 +203,23 @@ export class Message { enums.symmetric.cast5 // Golang OpenPGP fallback ]; try { - const primaryUser = await privateKey.getPrimaryUser(undefined, undefined, config); // TODO: Pass userID from somewhere. + const primaryUser = await decryptionKey.getPrimaryUser(undefined, undefined, config); // TODO: Pass userID from somewhere. if (primaryUser.selfCertification.preferredSymmetricAlgorithms) { algos = algos.concat(primaryUser.selfCertification.preferredSymmetricAlgorithms); } } catch (e) {} // do not check key expiration to allow decryption of old messages - const privateKeyPackets = (await privateKey.getDecryptionKeys(keyPacket.publicKeyID, null, undefined, config)).map(key => key.keyPacket); - await Promise.all(privateKeyPackets.map(async function(privateKeyPacket) { - if (!privateKeyPacket || privateKeyPacket.isDummy()) { + const decryptionKeyPackets = (await decryptionKey.getDecryptionKeys(keyPacket.publicKeyID, null, undefined, config)).map(key => key.keyPacket); + await Promise.all(decryptionKeyPackets.map(async function(decryptionKeyPacket) { + if (!decryptionKeyPacket || decryptionKeyPacket.isDummy()) { return; } - if (!privateKeyPacket.isDecrypted()) { - throw new Error('Private key is not decrypted.'); + if (!decryptionKeyPacket.isDecrypted()) { + throw new Error('Decryption key is not decrypted.'); } try { - await keyPacket.decrypt(privateKeyPacket); + await keyPacket.decrypt(decryptionKeyPacket); if (!algos.includes(enums.write(enums.symmetric, keyPacket.sessionKeyAlgorithm))) { throw new Error('A non-preferred symmetric algorithm was used.'); } @@ -290,18 +290,18 @@ export class Message { } /** - * Generate a new session key object, taking the algorithm preferences of the passed public keys into account, if any. - * @param {Array} [keys] - Public key(s) to select algorithm preferences for + * Generate a new session key object, taking the algorithm preferences of the passed encryption keys into account, if any. + * @param {Array} [encryptionKeys] - Public key(s) to select algorithm preferences for * @param {Date} [date] - Date to select algorithm preferences at * @param {Array} [userIDs] - User IDs to select algorithm preferences for * @param {Object} [config] - Full configuration, defaults to openpgp.config * @returns {Promise<{ data: Uint8Array, algorithm: String }>} Object with session key data and algorithm. * @async */ - static async generateSessionKey(keys = [], date = new Date(), userIDs = [], config = defaultConfig) { - const algorithm = enums.read(enums.symmetric, await getPreferredAlgo('symmetric', keys, date, userIDs, config)); - const aeadAlgorithm = config.aeadProtect && await isAEADSupported(keys, date, userIDs, config) ? - enums.read(enums.aead, await getPreferredAlgo('aead', keys, date, userIDs, config)) : + static async generateSessionKey(encryptionKeys = [], date = new Date(), userIDs = [], config = defaultConfig) { + const algorithm = enums.read(enums.symmetric, await getPreferredAlgo('symmetric', encryptionKeys, date, userIDs, config)); + const aeadAlgorithm = config.aeadProtect && await isAEADSupported(encryptionKeys, date, userIDs, config) ? + enums.read(enums.aead, await getPreferredAlgo('aead', encryptionKeys, date, userIDs, config)) : undefined; const sessionKeyData = await crypto.generateSessionKey(algorithm); @@ -310,24 +310,24 @@ export class Message { /** * Encrypt the message either with public keys, passwords, or both at once. - * @param {Array} [keys] - Public key(s) for message encryption + * @param {Array} [encryptionKeys] - Public key(s) for message encryption * @param {Array} [passwords] - Password(s) for message encryption * @param {Object} [sessionKey] - Session key in the form: { data:Uint8Array, algorithm:String, [aeadAlgorithm:String] } * @param {Boolean} [wildcard] - Use a key ID of 0 instead of the public key IDs - * @param {Array} [encryptionKeyIDs] - Array of key IDs to use for encryption. Each encryptionKeyIDs[i] corresponds to publicKeys[i] + * @param {Array} [encryptionKeyIDs] - Array of key IDs to use for encryption. Each encryptionKeyIDs[i] corresponds to keys[i] * @param {Date} [date] - Override the creation date of the literal package * @param {Array} [userIDs] - User IDs to encrypt for, e.g. [{ name:'Robert Receiver', email:'robert@openpgp.org' }] * @param {Object} [config] - Full configuration, defaults to openpgp.config * @returns {Promise} New message with encrypted content. * @async */ - async encrypt(keys, passwords, sessionKey, wildcard = false, encryptionKeyIDs = [], date = new Date(), userIDs = [], config = defaultConfig) { + async encrypt(encryptionKeys, passwords, sessionKey, wildcard = false, encryptionKeyIDs = [], date = new Date(), userIDs = [], config = defaultConfig) { if (sessionKey) { if (!util.isUint8Array(sessionKey.data) || !util.isString(sessionKey.algorithm)) { throw new Error('Invalid session key for encryption.'); } - } else if (keys && keys.length) { - sessionKey = await Message.generateSessionKey(keys, date, userIDs, config); + } else if (encryptionKeys && encryptionKeys.length) { + sessionKey = await Message.generateSessionKey(encryptionKeys, date, userIDs, config); } else if (passwords && passwords.length) { sessionKey = await Message.generateSessionKey(undefined, undefined, undefined, config); } else { @@ -336,7 +336,7 @@ export class Message { const { data: sessionKeyData, algorithm, aeadAlgorithm } = sessionKey; - const msg = await Message.encryptSessionKey(sessionKeyData, algorithm, aeadAlgorithm, keys, passwords, wildcard, encryptionKeyIDs, date, userIDs, config); + const msg = await Message.encryptSessionKey(sessionKeyData, algorithm, aeadAlgorithm, encryptionKeys, passwords, wildcard, encryptionKeyIDs, date, userIDs, config); let symEncryptedPacket; if (aeadAlgorithm) { @@ -359,22 +359,22 @@ export class Message { * @param {Uint8Array} sessionKey - session key for encryption * @param {String} algorithm - session key algorithm * @param {String} [aeadAlgorithm] - AEAD algorithm, e.g. 'eax' or 'ocb' - * @param {Array} [publicKeys] - Public key(s) for message encryption + * @param {Array} [encryptionKeys] - Public key(s) for message encryption * @param {Array} [passwords] - For message encryption * @param {Boolean} [wildcard] - Use a key ID of 0 instead of the public key IDs - * @param {Array} [encryptionKeyIDs] - Array of key IDs to use for encryption. Each encryptionKeyIDs[i] corresponds to publicKeys[i] + * @param {Array} [encryptionKeyIDs] - Array of key IDs to use for encryption. Each encryptionKeyIDs[i] corresponds to encryptionKeys[i] * @param {Date} [date] - Override the date * @param {Array} [userIDs] - User IDs to encrypt for, e.g. [{ name:'Robert Receiver', email:'robert@openpgp.org' }] * @param {Object} [config] - Full configuration, defaults to openpgp.config * @returns {Promise} New message with encrypted content. * @async */ - static async encryptSessionKey(sessionKey, algorithm, aeadAlgorithm, publicKeys, passwords, wildcard = false, encryptionKeyIDs = [], date = new Date(), userIDs = [], config = defaultConfig) { + static async encryptSessionKey(sessionKey, algorithm, aeadAlgorithm, encryptionKeys, passwords, wildcard = false, encryptionKeyIDs = [], date = new Date(), userIDs = [], config = defaultConfig) { const packetlist = new PacketList(); - if (publicKeys) { - const results = await Promise.all(publicKeys.map(async function(publicKey, i) { - const encryptionKey = await publicKey.getEncryptionKey(encryptionKeyIDs[i], date, userIDs, config); + if (encryptionKeys) { + const results = await Promise.all(encryptionKeys.map(async function(primaryKey, i) { + const encryptionKey = await primaryKey.getEncryptionKey(encryptionKeyIDs[i], date, userIDs, config); const pkESKeyPacket = new PublicKeyEncryptedSessionKeyPacket(); pkESKeyPacket.publicKeyID = wildcard ? KeyID.wildcard() : encryptionKey.getKeyID(); pkESKeyPacket.publicKeyAlgorithm = encryptionKey.keyPacket.algorithm; @@ -427,16 +427,16 @@ export class Message { /** * Sign the message (the literal data packet of the message) - * @param {Array} privateKeys - private keys with decrypted secret key data for signing + * @param {Array} signingKeys - private keys with decrypted secret key data for signing * @param {Signature} [signature] - Any existing detached signature to add to the message - * @param {Array} [signingKeyIDs] - Array of key IDs to use for signing. Each signingKeyIDs[i] corresponds to privateKeys[i] + * @param {Array} [signingKeyIDs] - Array of key IDs to use for signing. Each signingKeyIDs[i] corresponds to signingKeys[i] * @param {Date} [date] - Override the creation time of the signature * @param {Array} [userIDs] - User IDs to sign with, e.g. [{ name:'Steve Sender', email:'steve@openpgp.org' }] * @param {Object} [config] - Full configuration, defaults to openpgp.config * @returns {Promise} New message with signed content. * @async */ - async sign(privateKeys = [], signature = null, signingKeyIDs = [], date = new Date(), userIDs = [], config = defaultConfig) { + async sign(signingKeys = [], signature = null, signingKeyIDs = [], date = new Date(), userIDs = [], config = defaultConfig) { const packetlist = new PacketList(); const literalDataPacket = this.packets.findPacket(enums.packet.literalData); @@ -459,25 +459,25 @@ export class Message { onePassSig.hashAlgorithm = signaturePacket.hashAlgorithm; onePassSig.publicKeyAlgorithm = signaturePacket.publicKeyAlgorithm; onePassSig.issuerKeyID = signaturePacket.issuerKeyID; - if (!privateKeys.length && i === 0) { + if (!signingKeys.length && i === 0) { onePassSig.flags = 1; } packetlist.push(onePassSig); } } - await Promise.all(Array.from(privateKeys).reverse().map(async function (privateKey, i) { - if (privateKey.isPublic()) { + await Promise.all(Array.from(signingKeys).reverse().map(async function (primaryKey, i) { + if (primaryKey.isPublic()) { throw new Error('Need private key for signing'); } - const signingKeyID = signingKeyIDs[privateKeys.length - 1 - i]; - const signingKey = await privateKey.getSigningKey(signingKeyID, date, userIDs, config); + const signingKeyID = signingKeyIDs[signingKeys.length - 1 - i]; + const signingKey = await primaryKey.getSigningKey(signingKeyID, date, userIDs, config); const onePassSig = new OnePassSignaturePacket(); onePassSig.signatureType = signatureType; - onePassSig.hashAlgorithm = await getPreferredHashAlgo(privateKey, signingKey.keyPacket, date, userIDs, config); + onePassSig.hashAlgorithm = await getPreferredHashAlgo(primaryKey, signingKey.keyPacket, date, userIDs, config); onePassSig.publicKeyAlgorithm = signingKey.keyPacket.algorithm; onePassSig.issuerKeyID = signingKey.getKeyID(); - if (i === privateKeys.length - 1) { + if (i === signingKeys.length - 1) { onePassSig.flags = 1; } return onePassSig; @@ -486,7 +486,7 @@ export class Message { }); packetlist.push(literalDataPacket); - packetlist.push(...(await createSignaturePackets(literalDataPacket, privateKeys, signature, signingKeyIDs, date, userIDs, false, config))); + packetlist.push(...(await createSignaturePackets(literalDataPacket, signingKeys, signature, signingKeyIDs, date, userIDs, false, config))); return new Message(packetlist); } @@ -514,26 +514,26 @@ export class Message { /** * Create a detached signature for the message (the literal data packet of the message) - * @param {Array} privateKeys - private keys with decrypted secret key data for signing + * @param {Array} signingKeys - private keys with decrypted secret key data for signing * @param {Signature} [signature] - Any existing detached signature - * @param {Array} [signingKeyIDs] - Array of key IDs to use for signing. Each signingKeyIDs[i] corresponds to privateKeys[i] + * @param {Array} [signingKeyIDs] - Array of key IDs to use for signing. Each signingKeyIDs[i] corresponds to signingKeys[i] * @param {Date} [date] - Override the creation time of the signature * @param {Array} [userIDs] - User IDs to sign with, e.g. [{ name:'Steve Sender', email:'steve@openpgp.org' }] * @param {Object} [config] - Full configuration, defaults to openpgp.config * @returns {Promise} New detached signature of message content. * @async */ - async signDetached(privateKeys = [], signature = null, signingKeyIDs = [], date = new Date(), userIDs = [], config = defaultConfig) { + async signDetached(signingKeys = [], signature = null, signingKeyIDs = [], date = new Date(), userIDs = [], config = defaultConfig) { const literalDataPacket = this.packets.findPacket(enums.packet.literalData); if (!literalDataPacket) { throw new Error('No literal data packet to sign.'); } - return new Signature(await createSignaturePackets(literalDataPacket, privateKeys, signature, signingKeyIDs, date, userIDs, true, config)); + return new Signature(await createSignaturePackets(literalDataPacket, signingKeys, signature, signingKeyIDs, date, userIDs, true, config)); } /** * Verify message signatures - * @param {Array} keys - Array of keys to verify signatures + * @param {Array} verificationKeys - Array of public keys to verify signatures * @param {Date} [date] - Verify the signature against the given date, i.e. check signature creation time < date < expiration time * @param {Object} [config] - Full configuration, defaults to openpgp.config * @returns {Promise>} List of signer's keyID and validity of signatures. * @async */ - async verify(keys, date = new Date(), config = defaultConfig) { + async verify(verificationKeys, date = new Date(), config = defaultConfig) { const msg = this.unwrapCompressed(); const literalDataList = msg.packets.filterByTag(enums.packet.literalData); if (literalDataList.length !== 1) { @@ -582,14 +582,14 @@ export class Message { await writer.abort(e); } }); - return createVerificationObjects(onePassSigList, literalDataList, keys, date, false, config); + return createVerificationObjects(onePassSigList, literalDataList, verificationKeys, date, false, config); } - return createVerificationObjects(signatureList, literalDataList, keys, date, false, config); + return createVerificationObjects(signatureList, literalDataList, verificationKeys, date, false, config); } /** * Verify detached message signature - * @param {Array} keys - Array of keys to verify signatures + * @param {Array} verificationKeys - Array of public keys to verify signatures * @param {Signature} signature * @param {Date} date - Verify the signature against the given date, i.e. check signature creation time < date < expiration time * @param {Object} [config] - Full configuration, defaults to openpgp.config @@ -600,14 +600,14 @@ export class Message { * }>>} List of signer's keyID and validity of signature. * @async */ - verifyDetached(signature, keys, date = new Date(), config = defaultConfig) { + verifyDetached(signature, verificationKeys, date = new Date(), config = defaultConfig) { const msg = this.unwrapCompressed(); const literalDataList = msg.packets.filterByTag(enums.packet.literalData); if (literalDataList.length !== 1) { throw new Error('Can only verify message with one literal data packet.'); } const signatureList = signature.packets; - return createVerificationObjects(signatureList, literalDataList, keys, date, true, config); + return createVerificationObjects(signatureList, literalDataList, verificationKeys, date, true, config); } /** @@ -656,9 +656,9 @@ export class Message { /** * Create signature packets for the message * @param {LiteralDataPacket} literalDataPacket - the literal data packet to sign - * @param {Array} privateKeys - private keys with decrypted secret key data for signing + * @param {Array} signingKeys - private keys with decrypted secret key data for signing * @param {Signature} [signature] - Any existing detached signature to append - * @param {Array} [signingKeyIDs] - Array of key IDs to use for signing. Each signingKeyIDs[i] corresponds to privateKeys[i] + * @param {Array} [signingKeyIDs] - Array of key IDs to use for signing. Each signingKeyIDs[i] corresponds to signingKeys[i] * @param {Date} [date] - Override the creationtime of the signature * @param {Array} [userIDs] - User IDs to sign with, e.g. [{ name:'Steve Sender', email:'steve@openpgp.org' }] * @param {Boolean} [detached] - Whether to create detached signature packets @@ -667,20 +667,20 @@ export class Message { * @async * @private */ -export async function createSignaturePackets(literalDataPacket, privateKeys, signature = null, signingKeyIDs = [], date = new Date(), userIDs = [], detached = false, config = defaultConfig) { +export async function createSignaturePackets(literalDataPacket, signingKeys, signature = null, signingKeyIDs = [], date = new Date(), userIDs = [], detached = false, config = defaultConfig) { const packetlist = new PacketList(); // If data packet was created from Uint8Array, use binary, otherwise use text const signatureType = literalDataPacket.text === null ? enums.signature.binary : enums.signature.text; - await Promise.all(privateKeys.map(async (privateKey, i) => { + await Promise.all(signingKeys.map(async (primaryKey, i) => { const userID = userIDs[i]; - if (privateKey.isPublic()) { + if (primaryKey.isPublic()) { throw new Error('Need private key for signing'); } - const signingKey = await privateKey.getSigningKey(signingKeyIDs[i], date, userID, config); - return createSignaturePacket(literalDataPacket, privateKey, signingKey.keyPacket, { signatureType }, date, userID, detached, config); + const signingKey = await primaryKey.getSigningKey(signingKeyIDs[i], date, userID, config); + return createSignaturePacket(literalDataPacket, primaryKey, signingKey.keyPacket, { signatureType }, date, userID, detached, config); })).then(signatureList => { signatureList.forEach(signaturePacket => packetlist.push(signaturePacket)); }); @@ -696,7 +696,7 @@ export async function createSignaturePackets(literalDataPacket, privateKeys, sig * Create object containing signer's keyID and validity of signature * @param {SignaturePacket} signature - Signature packet * @param {Array} literalDataList - Array of literal data packets - * @param {Array} keys - Array of keys to verify signatures + * @param {Array} verificationKeys - Array of public keys to verify signatures * @param {Date} date - Verify the signature against the given date, * i.e. check signature creation time < date < expiration time * @param {Boolean} [detached] - Whether to verify detached signature packets @@ -709,12 +709,12 @@ export async function createSignaturePackets(literalDataPacket, privateKeys, sig * @async * @private */ -async function createVerificationObject(signature, literalDataList, keys, date = new Date(), detached = false, config = defaultConfig) { +async function createVerificationObject(signature, literalDataList, verificationKeys, date = new Date(), detached = false, config = defaultConfig) { let primaryKey; let signingKey; let keyError; - for (const key of keys) { + for (const key of verificationKeys) { const issuerKeys = key.getKeys(signature.issuerKeyID); if (issuerKeys.length > 0) { primaryKey = key; @@ -772,7 +772,7 @@ async function createVerificationObject(signature, literalDataList, keys, date = * Create list of objects containing signer's keyID and validity of signature * @param {Array} signatureList - Array of signature packets * @param {Array} literalDataList - Array of literal data packets - * @param {Array} keys - Array of keys to verify signatures + * @param {Array} verificationKeys - Array of public keys to verify signatures * @param {Date} date - Verify the signature against the given date, * i.e. check signature creation time < date < expiration time * @param {Boolean} [detached] - Whether to verify detached signature packets @@ -785,11 +785,11 @@ async function createVerificationObject(signature, literalDataList, keys, date = * @async * @private */ -export async function createVerificationObjects(signatureList, literalDataList, keys, date = new Date(), detached = false, config = defaultConfig) { +export async function createVerificationObjects(signatureList, literalDataList, verificationKeys, date = new Date(), detached = false, config = defaultConfig) { return Promise.all(signatureList.filter(function(signature) { return ['text', 'binary'].includes(enums.read(enums.signature, signature.signatureType)); }).map(async function(signature) { - return createVerificationObject(signature, literalDataList, keys, date, detached, config); + return createVerificationObject(signature, literalDataList, verificationKeys, date, detached, config); })); } diff --git a/src/openpgp.js b/src/openpgp.js index 5233fcdd..5abc2f73 100644 --- a/src/openpgp.js +++ b/src/openpgp.js @@ -228,47 +228,47 @@ export async function encryptKey({ privateKey, passphrase, config }) { /** - * Encrypts message text/data with public keys, passwords or both at once. At least either public keys or passwords - * must be specified. If private keys are specified, those will be used to sign the message. + * Encrypts message text/data with public keys, passwords or both at once. At least either encryption keys or passwords + * must be specified. If signing keys are specified, those will be used to sign the message. * @param {Object} options * @param {Message} options.message - Message to be encrypted as created by {@link createMessage} - * @param {Key|Array} [options.publicKeys] - Array of keys or single key, used to encrypt the message - * @param {Key|Array} [options.privateKeys] - Private keys for signing. If omitted message will not be signed + * @param {Key|Array} [options.encryptionKeys] - Array of keys or single key, used to encrypt the message + * @param {Key|Array} [options.signingKeys] - Private keys for signing. If omitted message will not be signed * @param {String|Array} [options.passwords] - Array of passwords or a single password to encrypt the message * @param {Object} [options.sessionKey] - Session key in the form: `{ data:Uint8Array, algorithm:String }` * @param {Boolean} [options.armor=true] - Whether the return values should be ascii armored (true, the default) or binary (false) * @param {Signature} [options.signature] - A detached signature to add to the encrypted message * @param {Boolean} [options.wildcard=false] - Use a key ID of 0 instead of the public key IDs - * @param {Array} [options.signingKeyIDs=latest-created valid signing (sub)keys] - Array of key IDs to use for signing. Each `signingKeyIDs[i]` corresponds to `privateKeys[i]` - * @param {Array} [options.encryptionKeyIDs=latest-created valid encryption (sub)keys] - Array of key IDs to use for encryption. Each `encryptionKeyIDs[i]` corresponds to `publicKeys[i]` + * @param {Array} [options.signingKeyIDs=latest-created valid signing (sub)keys] - Array of key IDs to use for signing. Each `signingKeyIDs[i]` corresponds to `signingKeys[i]` + * @param {Array} [options.encryptionKeyIDs=latest-created valid encryption (sub)keys] - Array of key IDs to use for encryption. Each `encryptionKeyIDs[i]` corresponds to `encryptionKeys[i]` * @param {Date} [options.date=current date] - Override the creation date of the message signature - * @param {Array} [options.fromUserIDs=primary user IDs] - Array of user IDs to sign with, one per key in `privateKeys`, e.g. `[{ name: 'Steve Sender', email: 'steve@openpgp.org' }]` - * @param {Array} [options.toUserIDs=primary user IDs] - Array of user IDs to encrypt for, one per key in `publicKeys`, e.g. `[{ name: 'Robert Receiver', email: 'robert@openpgp.org' }]` + * @param {Array} [options.signingUserIDs=primary user IDs] - Array of user IDs to sign with, one per key in `signingKeys`, e.g. `[{ name: 'Steve Sender', email: 'steve@openpgp.org' }]` + * @param {Array} [options.encryptionUserIDs=primary user IDs] - Array of user IDs to encrypt for, one per key in `encryptionKeys`, e.g. `[{ name: 'Robert Receiver', email: 'robert@openpgp.org' }]` * @param {Object} [options.config] - Custom configuration settings to overwrite those in [config]{@link module:config} * @returns {Promise|NodeStream|Uint8Array|ReadableStream|NodeStream>} Encrypted message (string if `armor` was true, the default; Uint8Array if `armor` was false). * @async * @static */ -export function encrypt({ message, publicKeys, privateKeys, passwords, sessionKey, armor = true, detached = false, signature = null, wildcard = false, signingKeyIDs = [], encryptionKeyIDs = [], date = new Date(), fromUserIDs = [], toUserIDs = [], config }) { +export function encrypt({ message, encryptionKeys, signingKeys, passwords, sessionKey, armor = true, detached = false, signature = null, wildcard = false, signingKeyIDs = [], encryptionKeyIDs = [], date = new Date(), signingUserIDs = [], encryptionUserIDs = [], config }) { config = { ...defaultConfig, ...config }; - checkMessage(message); publicKeys = toArray(publicKeys); privateKeys = toArray(privateKeys); passwords = toArray(passwords); fromUserIDs = toArray(fromUserIDs); toUserIDs = toArray(toUserIDs); + checkMessage(message); encryptionKeys = toArray(encryptionKeys); signingKeys = toArray(signingKeys); passwords = toArray(passwords); signingUserIDs = toArray(signingUserIDs); encryptionUserIDs = toArray(encryptionUserIDs); if (detached) { throw new Error("detached option has been removed from openpgp.encrypt. Separately call openpgp.sign instead. Don't forget to remove privateKeys option as well."); } return Promise.resolve().then(async function() { const streaming = message.fromStream; - if (!privateKeys) { - privateKeys = []; + if (!signingKeys) { + signingKeys = []; } - if (privateKeys.length || signature) { // sign the message only if private keys or signature is specified - message = await message.sign(privateKeys, signature, signingKeyIDs, date, fromUserIDs, config); + if (signingKeys.length || signature) { // sign the message only if signing keys or signature is specified + message = await message.sign(signingKeys, signature, signingKeyIDs, date, signingUserIDs, config); } message = message.compress( - await getPreferredAlgo('compression', publicKeys, date, toUserIDs, config), + await getPreferredAlgo('compression', encryptionKeys, date, encryptionUserIDs, config), config ); - message = await message.encrypt(publicKeys, passwords, sessionKey, wildcard, encryptionKeyIDs, date, toUserIDs, config); + message = await message.encrypt(encryptionKeys, passwords, sessionKey, wildcard, encryptionKeyIDs, date, encryptionUserIDs, config); const data = armor ? message.armor(config) : message.write(); return convertStream(data, streaming, armor ? 'utf8' : 'binary'); }).catch(onError.bind(null, 'Error encrypting message')); @@ -279,10 +279,10 @@ export function encrypt({ message, publicKeys, privateKeys, passwords, sessionKe * a session key or a password must be specified. * @param {Object} options * @param {Message} options.message - The message object with the encrypted data - * @param {Key|Array} [options.privateKeys] - Private keys with decrypted secret key data or session key + * @param {Key|Array} [options.decryptionKeys] - Private keys with decrypted secret key data or session key * @param {String|Array} [options.passwords] - Passwords to decrypt the message * @param {Object|Array} [options.sessionKeys] - Session keys in the form: { data:Uint8Array, algorithm:String } - * @param {Key|Array} [options.publicKeys] - Array of public keys or single key, to verify signatures + * @param {Key|Array} [options.verificationKeys] - Array of public keys or single key, to verify signatures * @param {Boolean} [options.expectSigned=false] - If true, data decryption fails if the message is not signed with the provided publicKeys * @param {'utf8'|'binary'} [options.format='utf8'] - Whether to return data as a string(Stream) or Uint8Array(Stream). If 'utf8' (the default), also normalize newlines. * @param {Signature} [options.signature] - Detached signature for verification @@ -305,23 +305,23 @@ export function encrypt({ message, publicKeys, privateKeys, passwords, sessionKe * @async * @static */ -export function decrypt({ message, privateKeys, passwords, sessionKeys, publicKeys, expectSigned = false, format = 'utf8', signature = null, date = new Date(), config }) { +export function decrypt({ message, decryptionKeys, passwords, sessionKeys, verificationKeys, expectSigned = false, format = 'utf8', signature = null, date = new Date(), config }) { config = { ...defaultConfig, ...config }; - checkMessage(message); publicKeys = toArray(publicKeys); privateKeys = toArray(privateKeys); passwords = toArray(passwords); sessionKeys = toArray(sessionKeys); + checkMessage(message); verificationKeys = toArray(verificationKeys); decryptionKeys = toArray(decryptionKeys); passwords = toArray(passwords); sessionKeys = toArray(sessionKeys); - return message.decrypt(privateKeys, passwords, sessionKeys, config).then(async function(decrypted) { - if (!publicKeys) { - publicKeys = []; + return message.decrypt(decryptionKeys, passwords, sessionKeys, config).then(async function(decrypted) { + if (!verificationKeys) { + verificationKeys = []; } const result = {}; - result.signatures = signature ? await decrypted.verifyDetached(signature, publicKeys, date, config) : await decrypted.verify(publicKeys, date, config); + result.signatures = signature ? await decrypted.verifyDetached(signature, verificationKeys, date, config) : await decrypted.verify(verificationKeys, date, config); result.data = format === 'binary' ? decrypted.getLiteralData() : decrypted.getText(); result.filename = decrypted.getFilename(); linkStreams(result, message); if (expectSigned) { - if (publicKeys.length === 0) { - throw new Error('Public keys are required to verify message signatures'); + if (verificationKeys.length === 0) { + throw new Error('Verification keys are required to verify message signatures'); } if (result.signatures.length === 0) { throw new Error('Message is not signed'); @@ -351,30 +351,30 @@ export function decrypt({ message, privateKeys, passwords, sessionKeys, publicKe * Signs a message. * @param {Object} options * @param {CleartextMessage|Message} options.message - (cleartext) message to be signed - * @param {Key|Array} options.privateKeys - Array of keys or single key with decrypted secret key data to sign cleartext + * @param {Key|Array} options.signingKeys - Array of keys or single key with decrypted secret key data to sign cleartext * @param {Boolean} [options.armor=true] - Whether the return values should be ascii armored (true, the default) or binary (false) * @param {Boolean} [options.detached=false] - If the return value should contain a detached signature - * @param {Array} [options.signingKeyIDs=latest-created valid signing (sub)keys] - Array of key IDs to use for signing. Each signingKeyIDs[i] corresponds to privateKeys[i] + * @param {Array} [options.signingKeyIDs=latest-created valid signing (sub)keys] - Array of key IDs to use for signing. Each signingKeyIDs[i] corresponds to signingKeys[i] * @param {Date} [options.date=current date] - Override the creation date of the signature - * @param {Array} [options.fromUserIDs=primary user IDs] - Array of user IDs to sign with, one per key in `privateKeys`, e.g. `[{ name: 'Steve Sender', email: 'steve@openpgp.org' }]` + * @param {Array} [options.signingUserIDs=primary user IDs] - Array of user IDs to sign with, one per key in `signingKeys`, e.g. `[{ name: 'Steve Sender', email: 'steve@openpgp.org' }]` * @param {Object} [options.config] - Custom configuration settings to overwrite those in [config]{@link module:config} * @returns {Promise|NodeStream|Uint8Array|ReadableStream|NodeStream>} Signed message (string if `armor` was true, the default; Uint8Array if `armor` was false). * @async * @static */ -export function sign({ message, privateKeys, armor = true, detached = false, signingKeyIDs = [], date = new Date(), fromUserIDs = [], config }) { +export function sign({ message, signingKeys, armor = true, detached = false, signingKeyIDs = [], date = new Date(), signingUserIDs = [], config }) { config = { ...defaultConfig, ...config }; checkCleartextOrMessage(message); if (message instanceof CleartextMessage && !armor) throw new Error("Can't sign non-armored cleartext message"); if (message instanceof CleartextMessage && detached) throw new Error("Can't detach-sign a cleartext message"); - privateKeys = toArray(privateKeys); fromUserIDs = toArray(fromUserIDs); + signingKeys = toArray(signingKeys); signingUserIDs = toArray(signingUserIDs); return Promise.resolve().then(async function() { let signature; if (detached) { - signature = await message.signDetached(privateKeys, undefined, signingKeyIDs, date, fromUserIDs, config); + signature = await message.signDetached(signingKeys, undefined, signingKeyIDs, date, signingUserIDs, config); } else { - signature = await message.sign(privateKeys, undefined, signingKeyIDs, date, fromUserIDs, config); + signature = await message.sign(signingKeys, undefined, signingKeyIDs, date, signingUserIDs, config); } signature = armor ? signature.armor(config) : signature.write(); if (detached) { @@ -393,7 +393,7 @@ export function sign({ message, privateKeys, armor = true, detached = false, sig * Verifies signatures of cleartext signed message * @param {Object} options * @param {CleartextMessage|Message} options.message - (cleartext) message object with signatures - * @param {Key|Array} options.publicKeys - Array of publicKeys or single key, to verify signatures + * @param {Key|Array} options.verificationKeys - Array of publicKeys or single key, to verify signatures * @param {Boolean} [options.expectSigned=false] - If true, verification throws if the message is not signed with the provided publicKeys * @param {'utf8'|'binary'} [options.format='utf8'] - Whether to return data as a string(Stream) or Uint8Array(Stream). If 'utf8' (the default), also normalize newlines. * @param {Signature} [options.signature] - Detached signature for verification @@ -415,19 +415,19 @@ export function sign({ message, privateKeys, armor = true, detached = false, sig * @async * @static */ -export function verify({ message, publicKeys, expectSigned = false, format = 'utf8', signature = null, date = new Date(), config }) { +export function verify({ message, verificationKeys, expectSigned = false, format = 'utf8', signature = null, date = new Date(), config }) { config = { ...defaultConfig, ...config }; checkCleartextOrMessage(message); if (message instanceof CleartextMessage && format === 'binary') throw new Error("Can't return cleartext message data as binary"); if (message instanceof CleartextMessage && signature) throw new Error("Can't verify detached cleartext signature"); - publicKeys = toArray(publicKeys); + verificationKeys = toArray(verificationKeys); return Promise.resolve().then(async function() { const result = {}; if (signature) { - result.signatures = await message.verifyDetached(signature, publicKeys, date, config); + result.signatures = await message.verifyDetached(signature, verificationKeys, date, config); } else { - result.signatures = await message.verify(publicKeys, date, config); + result.signatures = await message.verify(verificationKeys, date, config); } result.data = format === 'binary' ? message.getLiteralData() : message.getText(); if (message.fromStream) linkStreams(result, message); @@ -458,21 +458,21 @@ export function verify({ message, publicKeys, expectSigned = false, format = 'ut /** * Generate a new session key object, taking the algorithm preferences of the passed public keys into account. * @param {Object} options - * @param {Key|Array} options.publicKeys - Array of public keys or single key used to select algorithm preferences for + * @param {Key|Array} options.encryptionKeys - Array of public keys or single key used to select algorithm preferences for * @param {Date} [options.date=current date] - Date to select algorithm preferences at - * @param {Array} [options.toUserIDs=primary user IDs] - User IDs to select algorithm preferences for + * @param {Array} [options.encryptionUserIDs=primary user IDs] - User IDs to select algorithm preferences for * @param {Object} [options.config] - Custom configuration settings to overwrite those in [config]{@link module:config} * @returns {Promise<{ data: Uint8Array, algorithm: String }>} Object with session key data and algorithm. * @async * @static */ -export function generateSessionKey({ publicKeys, date = new Date(), toUserIDs = [], config }) { +export function generateSessionKey({ encryptionKeys, date = new Date(), encryptionUserIDs = [], config }) { config = { ...defaultConfig, ...config }; - publicKeys = toArray(publicKeys); toUserIDs = toArray(toUserIDs); + encryptionKeys = toArray(encryptionKeys); encryptionUserIDs = toArray(encryptionUserIDs); return Promise.resolve().then(async function() { - return Message.generateSessionKey(publicKeys, date, toUserIDs, config); + return Message.generateSessionKey(encryptionKeys, date, encryptionUserIDs, config); }).catch(onError.bind(null, 'Error generating session key')); } @@ -484,25 +484,25 @@ export function generateSessionKey({ publicKeys, date = new Date(), toUserIDs = * @param {Uint8Array} options.data - The session key to be encrypted e.g. 16 random bytes (for aes128) * @param {String} options.algorithm - Algorithm of the symmetric session key e.g. 'aes128' or 'aes256' * @param {String} [options.aeadAlgorithm] - AEAD algorithm, e.g. 'eax' or 'ocb' - * @param {Key|Array} [options.publicKeys] - Array of public keys or single key, used to encrypt the key + * @param {Key|Array} [options.encryptionKeys] - Array of public keys or single key, used to encrypt the key * @param {String|Array} [options.passwords] - Passwords for the message * @param {Boolean} [options.armor=true] - Whether the return values should be ascii armored (true, the default) or binary (false) * @param {Boolean} [options.wildcard=false] - Use a key ID of 0 instead of the public key IDs - * @param {Array} [options.encryptionKeyIDs=latest-created valid encryption (sub)keys] - Array of key IDs to use for encryption. Each encryptionKeyIDs[i] corresponds to publicKeys[i] + * @param {Array} [options.encryptionKeyIDs=latest-created valid encryption (sub)keys] - Array of key IDs to use for encryption. Each encryptionKeyIDs[i] corresponds to encryptionKeys[i] * @param {Date} [options.date=current date] - Override the date - * @param {Array} [options.toUserIDs=primary user IDs] - Array of user IDs to encrypt for, one per key in `publicKeys`, e.g. `[{ name: 'Phil Zimmermann', email: 'phil@openpgp.org' }]` + * @param {Array} [options.encryptionUserIDs=primary user IDs] - Array of user IDs to encrypt for, one per key in `encryptionKeys`, e.g. `[{ name: 'Phil Zimmermann', email: 'phil@openpgp.org' }]` * @param {Object} [options.config] - Custom configuration settings to overwrite those in [config]{@link module:config} * @returns {Promise} Encrypted session keys (string if `armor` was true, the default; Uint8Array if `armor` was false). * @async * @static */ -export function encryptSessionKey({ data, algorithm, aeadAlgorithm, publicKeys, passwords, armor = true, wildcard = false, encryptionKeyIDs = [], date = new Date(), toUserIDs = [], config }) { +export function encryptSessionKey({ data, algorithm, aeadAlgorithm, encryptionKeys, passwords, armor = true, wildcard = false, encryptionKeyIDs = [], date = new Date(), encryptionUserIDs = [], config }) { config = { ...defaultConfig, ...config }; - checkBinary(data); checkString(algorithm, 'algorithm'); publicKeys = toArray(publicKeys); passwords = toArray(passwords); toUserIDs = toArray(toUserIDs); + checkBinary(data); checkString(algorithm, 'algorithm'); encryptionKeys = toArray(encryptionKeys); passwords = toArray(passwords); encryptionUserIDs = toArray(encryptionUserIDs); return Promise.resolve().then(async function() { - const message = await Message.encryptSessionKey(data, algorithm, aeadAlgorithm, publicKeys, passwords, wildcard, encryptionKeyIDs, date, toUserIDs, config); + const message = await Message.encryptSessionKey(data, algorithm, aeadAlgorithm, encryptionKeys, passwords, wildcard, encryptionKeyIDs, date, encryptionUserIDs, config); return armor ? message.armor(config) : message.write(); }).catch(onError.bind(null, 'Error encrypting session key')); @@ -513,7 +513,7 @@ export function encryptSessionKey({ data, algorithm, aeadAlgorithm, publicKeys, * a password must be specified. * @param {Object} options * @param {Message} options.message - A message object containing the encrypted session key packets - * @param {Key|Array} [options.privateKeys] - Private keys with decrypted secret key data + * @param {Key|Array} [options.decryptionKeys] - Private keys with decrypted secret key data * @param {String|Array} [options.passwords] - Passwords to decrypt the session key * @param {Object} [options.config] - Custom configuration settings to overwrite those in [config]{@link module:config} * @returns {Promise} Array of decrypted session key, algorithm pairs in the form: @@ -522,13 +522,13 @@ export function encryptSessionKey({ data, algorithm, aeadAlgorithm, publicKeys, * @async * @static */ -export function decryptSessionKeys({ message, privateKeys, passwords, config }) { +export function decryptSessionKeys({ message, decryptionKeys, passwords, config }) { config = { ...defaultConfig, ...config }; - checkMessage(message); privateKeys = toArray(privateKeys); passwords = toArray(passwords); + checkMessage(message); decryptionKeys = toArray(decryptionKeys); passwords = toArray(passwords); return Promise.resolve().then(async function() { - return message.decryptSessionKeys(privateKeys, passwords, config); + return message.decryptSessionKeys(decryptionKeys, passwords, config); }).catch(onError.bind(null, 'Error decrypting session keys')); } diff --git a/test/general/brainpool.js b/test/general/brainpool.js index e55e3666..488b0190 100644 --- a/test/general/brainpool.js +++ b/test/general/brainpool.js @@ -203,7 +203,7 @@ EJ4QcD/oQ6x1M/8X/iKQCtxZP8RnlrbH7ExkNON5s5g= it('Verify clear signed message', async function () { const pub = await load_pub_key('juliet'); const msg = await openpgp.readCleartextMessage({ cleartextMessage: data.juliet.message_signed }); - return openpgp.verify({ publicKeys: [pub], message: msg }).then(function(result) { + return openpgp.verify({ verificationKeys: [pub], message: msg }).then(function(result) { expect(result).to.exist; expect(result.data).to.equal(data.juliet.message); expect(result.signatures).to.have.length(1); @@ -212,10 +212,10 @@ EJ4QcD/oQ6x1M/8X/iKQCtxZP8RnlrbH7ExkNON5s5g= }); it('Sign message', async function () { const romeoPrivate = await load_priv_key('romeo'); - const signed = await openpgp.sign({ privateKeys: [romeoPrivate], message: await openpgp.createCleartextMessage({ text: data.romeo.message }) }); + const signed = await openpgp.sign({ signingKeys: [romeoPrivate], message: await openpgp.createCleartextMessage({ text: data.romeo.message }) }); const romeoPublic = await load_pub_key('romeo'); const msg = await openpgp.readCleartextMessage({ cleartextMessage: signed }); - const result = await openpgp.verify({ publicKeys: [romeoPublic], message: msg }); + const result = await openpgp.verify({ verificationKeys: [romeoPublic], message: msg }); expect(result).to.exist; expect(result.data).to.equal(data.romeo.message); @@ -226,7 +226,7 @@ EJ4QcD/oQ6x1M/8X/iKQCtxZP8RnlrbH7ExkNON5s5g= const juliet = await load_pub_key('juliet'); const romeo = await load_priv_key('romeo'); const msg = await openpgp.readMessage({ armoredMessage: data.romeo.message_encrypted }); - const result = await openpgp.decrypt({ privateKeys: romeo, publicKeys: [juliet], message: msg }); + const result = await openpgp.decrypt({ decryptionKeys: romeo, verificationKeys: [juliet], message: msg }); expect(result).to.exist; expect(result.data).to.equal(data.romeo.message); @@ -237,7 +237,7 @@ EJ4QcD/oQ6x1M/8X/iKQCtxZP8RnlrbH7ExkNON5s5g= const juliet = await load_priv_key('juliet'); const romeo = await load_pub_key('romeo'); const msg = await openpgp.readMessage({ armoredMessage: data.romeo.message_encrypted_with_leading_zero_in_hash }); - const result = await openpgp.decrypt({ privateKeys: juliet, publicKeys: [romeo], message: msg }); + const result = await openpgp.decrypt({ decryptionKeys: juliet, verificationKeys: [romeo], message: msg }); expect(result).to.exist; expect(result.data).to.equal(data.romeo.message_with_leading_zero_in_hash); @@ -252,7 +252,7 @@ EJ4QcD/oQ6x1M/8X/iKQCtxZP8RnlrbH7ExkNON5s5g= const juliet = await load_priv_key('juliet'); const romeo = await load_pub_key('romeo'); const msg = await openpgp.readMessage({ armoredMessage: data.romeo.message_encrypted_with_leading_zero_in_hash_signed_by_elliptic_with_old_implementation }); - const result = await openpgp.decrypt({ privateKeys: juliet, publicKeys: [romeo], message: msg }); + const result = await openpgp.decrypt({ decryptionKeys: juliet, verificationKeys: [romeo], message: msg }); expect(result).to.exist; expect(result.data).to.equal(data.romeo.message_with_leading_zero_in_hash_old_elliptic_implementation); expect(result.signatures).to.have.length(1); @@ -262,12 +262,12 @@ EJ4QcD/oQ6x1M/8X/iKQCtxZP8RnlrbH7ExkNON5s5g= it('Encrypt and sign message', async function () { const romeoPrivate = await load_priv_key('romeo'); const julietPublic = await load_pub_key('juliet'); - const encrypted = await openpgp.encrypt({ publicKeys: [julietPublic], privateKeys: [romeoPrivate], message: await openpgp.createMessage({ text: data.romeo.message }) }); + const encrypted = await openpgp.encrypt({ encryptionKeys: [julietPublic], signingKeys: [romeoPrivate], message: await openpgp.createMessage({ text: data.romeo.message }) }); const message = await openpgp.readMessage({ armoredMessage: encrypted }); const romeoPublic = await load_pub_key('romeo'); const julietPrivate = await load_priv_key('juliet'); - const result = await openpgp.decrypt({ privateKeys: julietPrivate, publicKeys: [romeoPublic], message: message }); + const result = await openpgp.decrypt({ decryptionKeys: julietPrivate, verificationKeys: [romeoPublic], message: message }); expect(result).to.exist; expect(result.data).to.equal(data.romeo.message); @@ -292,29 +292,29 @@ function omnibus() { const bye = secondKey.key; const pubBye = bye.toPublic(); - const cleartextMessage = await openpgp.sign({ message: await openpgp.createCleartextMessage({ text: testData }), privateKeys: hi }); + const cleartextMessage = await openpgp.sign({ message: await openpgp.createCleartextMessage({ text: testData }), signingKeys: hi }); await openpgp.verify({ message: await openpgp.readCleartextMessage({ cleartextMessage }), - publicKeys: pubHi + verificationKeys: pubHi }).then(output => expect(output.signatures[0].valid).to.be.true); // Verifying detached signature await openpgp.verify({ message: await openpgp.createMessage({ text: util.removeTrailingSpaces(testData) }), - publicKeys: pubHi, + verificationKeys: pubHi, signature: (await openpgp.readCleartextMessage({ cleartextMessage })).signature }).then(output => expect(output.signatures[0].valid).to.be.true); // Encrypting and signing const encrypted = await openpgp.encrypt({ message: await openpgp.createMessage({ text: testData2 }), - publicKeys: [pubBye], - privateKeys: [hi] + encryptionKeys: [pubBye], + signingKeys: [hi] }); // Decrypting and verifying return openpgp.decrypt({ message: await openpgp.readMessage({ armoredMessage: encrypted }), - privateKeys: bye, - publicKeys: [pubHi] + decryptionKeys: bye, + verificationKeys: [pubHi] }).then(output => { expect(output.data).to.equal(testData2); expect(output.signatures[0].valid).to.be.true; diff --git a/test/general/config.js b/test/general/config.js index 279f0683..2998a4c6 100644 --- a/test/general/config.js +++ b/test/general/config.js @@ -242,7 +242,7 @@ qDEdLyNWF30o6wD/fZYCV8aS4dAu2U3fpN5y5+PbuXFRYljA5gQ/1zrGN/UA const userIDs = { name: 'Test User', email: 'text2@example.com' }; const { key } = await openpgp.generateKey({ userIDs }); await expect(openpgp.encrypt({ - message, publicKeys: [key], config: { rejectPublicKeyAlgorithms: new Set([openpgp.enums.publicKey.ecdh]) } + message, encryptionKeys: [key], config: { rejectPublicKeyAlgorithms: new Set([openpgp.enums.publicKey.ecdh]) } })).to.be.eventually.rejectedWith(/ecdh keys are considered too weak/); } finally { openpgp.config.aeadProtect = aeadProtectVal; @@ -256,19 +256,19 @@ qDEdLyNWF30o6wD/fZYCV8aS4dAu2U3fpN5y5+PbuXFRYljA5gQ/1zrGN/UA const userIDs = { name: 'Test User', email: 'text2@example.com' }; const { key } = await openpgp.generateKey({ userIDs, type: 'rsa', rsaBits: 2048 }); - const armoredMessage = await openpgp.encrypt({ message, publicKeys:[key], privateKeys: [key] }); + const armoredMessage = await openpgp.encrypt({ message, encryptionKeys:[key], signingKeys: [key] }); const { data, signatures } = await openpgp.decrypt({ message: await openpgp.readMessage({ armoredMessage }), - privateKeys: [key], - publicKeys: [key] + decryptionKeys: [key], + verificationKeys: [key] }); expect(data).to.equal(plaintext); expect(signatures[0].valid).to.be.true; const { data: data2, signatures: signatures2 } = await openpgp.decrypt({ message: await openpgp.readMessage({ armoredMessage }), - privateKeys: [key], - publicKeys: [key], + decryptionKeys: [key], + verificationKeys: [key], config: { minRSABits: 4096 } }); expect(data2).to.equal(plaintext); @@ -277,8 +277,8 @@ qDEdLyNWF30o6wD/fZYCV8aS4dAu2U3fpN5y5+PbuXFRYljA5gQ/1zrGN/UA const { data: data3, signatures: signatures3 } = await openpgp.decrypt({ message: await openpgp.readMessage({ armoredMessage }), - privateKeys: [key], - publicKeys: [key], + decryptionKeys: [key], + verificationKeys: [key], config: { rejectPublicKeyAlgorithms: new Set([openpgp.enums.publicKey.rsaEncryptSign]) } }); expect(data3).to.equal(plaintext); @@ -294,7 +294,7 @@ qDEdLyNWF30o6wD/fZYCV8aS4dAu2U3fpN5y5+PbuXFRYljA5gQ/1zrGN/UA const message = await openpgp.createMessage({ text: "test" }); const opt = { message, - privateKeys: key, + signingKeys: key, config: { rejectHashAlgorithms: new Set([openpgp.enums.hash.sha256, openpgp.enums.hash.sha512]) } }; await expect(openpgp.sign(opt)).to.be.rejectedWith(/Insecure hash algorithm/); @@ -304,13 +304,13 @@ qDEdLyNWF30o6wD/fZYCV8aS4dAu2U3fpN5y5+PbuXFRYljA5gQ/1zrGN/UA const clearText = await openpgp.createCleartextMessage({ text: "test" }); const opt2 = { message: clearText, - privateKeys: key, + signingKeys: key, config: { rejectHashAlgorithms: new Set([openpgp.enums.hash.sha256, openpgp.enums.hash.sha512]) } }; await expect(openpgp.sign(opt2)).to.be.rejectedWith(/Insecure hash algorithm/); await expect(openpgp.sign({ - message, privateKeys: [key], config: { rejectPublicKeyAlgorithms: new Set([openpgp.enums.publicKey.eddsa]) } + message, signingKeys: [key], config: { rejectPublicKeyAlgorithms: new Set([openpgp.enums.publicKey.eddsa]) } })).to.be.eventually.rejectedWith(/eddsa keys are considered too weak/); }); @@ -322,29 +322,29 @@ qDEdLyNWF30o6wD/fZYCV8aS4dAu2U3fpN5y5+PbuXFRYljA5gQ/1zrGN/UA const message = await openpgp.createMessage({ text: "test" }); - const signed = await openpgp.sign({ message, privateKeys: key }); + const signed = await openpgp.sign({ message, signingKeys: key }); const opt = { message: await openpgp.readMessage({ armoredMessage: signed }), - publicKeys: key, + verificationKeys: key, config }; const { signatures: [sig] } = await openpgp.verify(opt); await expect(sig.error).to.match(/Insecure message hash algorithm/); - const armoredSignature = await openpgp.sign({ message, privateKeys: key, detached: true }); + const armoredSignature = await openpgp.sign({ message, signingKeys: key, detached: true }); const opt2 = { message, signature: await openpgp.readSignature({ armoredSignature }), - publicKeys: key, + verificationKeys: key, config }; const { signatures: [sig2] } = await openpgp.verify(opt2); await expect(sig2.error).to.match(/Insecure message hash algorithm/); const cleartext = await openpgp.createCleartextMessage({ text: "test" }); - const signedCleartext = await openpgp.sign({ message: cleartext, privateKeys: key }); + const signedCleartext = await openpgp.sign({ message: cleartext, signingKeys: key }); const opt3 = { message: await openpgp.readCleartextMessage({ cleartextMessage: signedCleartext }), - publicKeys: key, + verificationKeys: key, config }; const { signatures: [sig3] } = await openpgp.verify(opt3); @@ -352,7 +352,7 @@ qDEdLyNWF30o6wD/fZYCV8aS4dAu2U3fpN5y5+PbuXFRYljA5gQ/1zrGN/UA const opt4 = { message: await openpgp.readMessage({ armoredMessage: signed }), - publicKeys: [key], + verificationKeys: [key], config: { rejectPublicKeyAlgorithms: new Set([openpgp.enums.publicKey.eddsa]) } }; const { signatures: [sig4] } = await openpgp.verify(opt4); diff --git a/test/general/ecc_nist.js b/test/general/ecc_nist.js index 23cfc415..b6892f32 100644 --- a/test/general/ecc_nist.js +++ b/test/general/ecc_nist.js @@ -20,29 +20,29 @@ module.exports = () => describe('Elliptic Curve Cryptography for NIST P-256,P-38 const bye = secondKey.key; const pubBye = bye.toPublic(); - const cleartextMessage = await openpgp.sign({ message: await openpgp.createCleartextMessage({ text: testData }), privateKeys: hi }); + const cleartextMessage = await openpgp.sign({ message: await openpgp.createCleartextMessage({ text: testData }), signingKeys: hi }); await openpgp.verify({ message: await openpgp.readCleartextMessage({ cleartextMessage }), - publicKeys: pubHi + verificationKeys: pubHi }).then(output => expect(output.signatures[0].valid).to.be.true); // Verifying detached signature await openpgp.verify({ message: await openpgp.createMessage({ text: util.removeTrailingSpaces(testData) }), - publicKeys: pubHi, + verificationKeys: pubHi, signature: (await openpgp.readCleartextMessage({ cleartextMessage })).signature }).then(output => expect(output.signatures[0].valid).to.be.true); // Encrypting and signing const encrypted = await openpgp.encrypt({ message: await openpgp.createMessage({ text: testData2 }), - publicKeys: [pubBye], - privateKeys: [hi] + encryptionKeys: [pubBye], + signingKeys: [hi] }); // Decrypting and verifying return openpgp.decrypt({ message: await openpgp.readMessage({ armoredMessage: encrypted }), - privateKeys: bye, - publicKeys: [pubHi] + decryptionKeys: bye, + verificationKeys: [pubHi] }).then(output => { expect(output.data).to.equal(testData2); expect(output.signatures[0].valid).to.be.true; @@ -56,9 +56,9 @@ module.exports = () => describe('Elliptic Curve Cryptography for NIST P-256,P-38 const testData = input.createSomeMessage(); const options = { userIDs: { name: "Hi", email: "hi@hel.lo" }, curve: "p256" }; const firstKey = await openpgp.generateKey(options); - const signature = await openpgp.sign({ message: await openpgp.createCleartextMessage({ text: testData }), privateKeys: firstKey.key }); + const signature = await openpgp.sign({ message: await openpgp.createCleartextMessage({ text: testData }), signingKeys: firstKey.key }); const msg = await openpgp.readCleartextMessage({ cleartextMessage: signature }); - const result = await openpgp.verify({ message: msg, publicKeys: firstKey.key.toPublic() }); + const result = await openpgp.verify({ message: msg, verificationKeys: firstKey.key.toPublic() }); expect(result.signatures[0].valid).to.be.true; }); @@ -70,14 +70,14 @@ module.exports = () => describe('Elliptic Curve Cryptography for NIST P-256,P-38 const secondKey = await openpgp.generateKey(options); const encrypted = await openpgp.encrypt( { message: await openpgp.createMessage({ text: testData }), - publicKeys: [secondKey.key.toPublic()], - privateKeys: [firstKey.key] } + encryptionKeys: [secondKey.key.toPublic()], + signingKeys: [firstKey.key] } ); const msg = await openpgp.readMessage({ armoredMessage: encrypted }); const result = await openpgp.decrypt( { message: msg, - privateKeys: secondKey.key, - publicKeys: [firstKey.key.toPublic()] } + decryptionKeys: secondKey.key, + verificationKeys: [firstKey.key.toPublic()] } ); expect(result.signatures[0].valid).to.be.true; }); diff --git a/test/general/ecc_secp256k1.js b/test/general/ecc_secp256k1.js index 2eb6342b..0b0e7358 100644 --- a/test/general/ecc_secp256k1.js +++ b/test/general/ecc_secp256k1.js @@ -177,7 +177,7 @@ module.exports = () => describe('Elliptic Curve Cryptography for secp256k1 curve it('Verify clear signed message', async function () { const pub = await load_pub_key('juliet'); const msg = await openpgp.readCleartextMessage({ cleartextMessage: data.juliet.message_signed }); - return openpgp.verify({ publicKeys: [pub], message: msg }).then(function(result) { + return openpgp.verify({ verificationKeys: [pub], message: msg }).then(function(result) { expect(result).to.exist; expect(result.data).to.equal(data.juliet.message); expect(result.signatures).to.have.length(1); @@ -186,10 +186,10 @@ module.exports = () => describe('Elliptic Curve Cryptography for secp256k1 curve }); it('Sign message', async function () { const romeoPrivate = await load_priv_key('romeo'); - const signed = await openpgp.sign({ privateKeys: [romeoPrivate], message: await openpgp.createCleartextMessage({ text: data.romeo.message }) }); + const signed = await openpgp.sign({ signingKeys: [romeoPrivate], message: await openpgp.createCleartextMessage({ text: data.romeo.message }) }); const romeoPublic = await load_pub_key('romeo'); const msg = await openpgp.readCleartextMessage({ cleartextMessage: signed }); - const result = await openpgp.verify({ publicKeys: [romeoPublic], message: msg }); + const result = await openpgp.verify({ verificationKeys: [romeoPublic], message: msg }); expect(result).to.exist; expect(result.data).to.equal(data.romeo.message); @@ -200,7 +200,7 @@ module.exports = () => describe('Elliptic Curve Cryptography for secp256k1 curve const juliet = await load_pub_key('juliet'); const romeo = await load_priv_key('romeo'); const msg = await openpgp.readMessage({ armoredMessage: data.juliet.message_encrypted }); - const result = await openpgp.decrypt({ privateKeys: romeo, publicKeys: [juliet], message: msg }); + const result = await openpgp.decrypt({ decryptionKeys: romeo, verificationKeys: [juliet], message: msg }); expect(result).to.exist; expect(result.data).to.equal(data.juliet.message); @@ -210,12 +210,12 @@ module.exports = () => describe('Elliptic Curve Cryptography for secp256k1 curve it('Encrypt and sign message', async function () { const romeoPrivate = await load_priv_key('romeo'); const julietPublic = await load_pub_key('juliet'); - const encrypted = await openpgp.encrypt({ publicKeys: [julietPublic], privateKeys: [romeoPrivate], message: await openpgp.createMessage({ text: data.romeo.message }) }); + const encrypted = await openpgp.encrypt({ encryptionKeys: [julietPublic], signingKeys: [romeoPrivate], message: await openpgp.createMessage({ text: data.romeo.message }) }); const message = await openpgp.readMessage({ armoredMessage: encrypted }); const romeoPublic = await load_pub_key('romeo'); const julietPrivate = await load_priv_key('juliet'); - const result = await openpgp.decrypt({ privateKeys: julietPrivate, publicKeys: [romeoPublic], message: message }); + const result = await openpgp.decrypt({ decryptionKeys: julietPrivate, verificationKeys: [romeoPublic], message: message }); expect(result).to.exist; expect(result.data).to.equal(data.romeo.message); diff --git a/test/general/key.js b/test/general/key.js index 3fc84869..ccbc89a2 100644 --- a/test/general/key.js +++ b/test/general/key.js @@ -2167,12 +2167,12 @@ function versionSpecificTests() { const { key } = await openpgp.generateKey(opt); return openpgp.encrypt({ message: await openpgp.createMessage({ text: 'hello' }), - publicKeys: key + encryptionKeys: key }).then(async armoredMessage => openpgp.decrypt({ message: await openpgp.readMessage({ armoredMessage }), - privateKeys: key + decryptionKeys: key })).catch(function(err) { - expect(err.message).to.match(/Private key is not decrypted./); + expect(err.message).to.match(/Decryption key is not decrypted./); }); }); @@ -2600,9 +2600,9 @@ function versionSpecificTests() { expect(newKey.users.length).to.equal(1); expect(newKey.users[0].userID.userID).to.equal('test '); expect(newKey.isDecrypted()).to.be.true; - return openpgp.sign({ message: await openpgp.createCleartextMessage({ text: 'hello' }), privateKeys: newKey, armor: true }).then(async function(signed) { + return openpgp.sign({ message: await openpgp.createCleartextMessage({ text: 'hello' }), signingKeys: newKey, armor: true }).then(async function(signed) { return openpgp.verify( - { message: await openpgp.readCleartextMessage({ cleartextMessage: signed }), publicKeys: newKey.toPublic() } + { message: await openpgp.readCleartextMessage({ cleartextMessage: signed }), verificationKeys: newKey.toPublic() } ).then(async function(verified) { expect(verified.signatures[0].valid).to.be.true; const newSigningKey = await newKey.getSigningKey(); @@ -2641,8 +2641,8 @@ function versionSpecificTests() { opt.userIDs = userID2; return openpgp.reformatKey(opt).then(async function(newKey) { newKey = newKey.key; - return openpgp.encrypt({ message: await openpgp.createMessage({ text: 'hello' }), publicKeys: newKey.toPublic(), privateKeys: newKey, armor: true }).then(async function(encrypted) { - return openpgp.decrypt({ message: await openpgp.readMessage({ armoredMessage: encrypted }), privateKeys: newKey, publicKeys: newKey.toPublic() }).then(function(decrypted) { + return openpgp.encrypt({ message: await openpgp.createMessage({ text: 'hello' }), encryptionKeys: newKey.toPublic(), signingKeys: newKey, armor: true }).then(async function(encrypted) { + return openpgp.decrypt({ message: await openpgp.readMessage({ armoredMessage: encrypted }), decryptionKeys: newKey, verificationKeys: newKey.toPublic() }).then(function(decrypted) { expect(decrypted.data).to.equal('hello'); expect(decrypted.signatures[0].valid).to.be.true; }); @@ -2878,12 +2878,12 @@ module.exports = () => describe('Key', function() { await expect(openpgp.decrypt({ message: await openpgp.readMessage({ armoredMessage: encryptedRsaSignOnly }), - privateKeys: key + decryptionKeys: key })).to.be.rejectedWith(/Session key decryption failed/); await expect(openpgp.decrypt({ message: await openpgp.readMessage({ armoredMessage: encryptedRsaSignOnly }), - privateKeys: key, + decryptionKeys: key, config: { allowInsecureDecryptionWithSigningKeys: true } })).to.be.fulfilled; }); @@ -3021,7 +3021,7 @@ module.exports = () => describe('Key', function() { expect(key.primaryKey.isDummy()).to.be.false; key.primaryKey.makeDummy(); expect(key.primaryKey.isDummy()).to.be.true; - await expect(openpgp.sign({ message: await openpgp.createMessage({ text: 'test' }), privateKeys: [key], config: { minRSABits: 1024 } })).to.be.fulfilled; + await expect(openpgp.sign({ message: await openpgp.createMessage({ text: 'test' }), signingKeys: [key], config: { minRSABits: 1024 } })).to.be.fulfilled; }); it('makeDummy() - should work for encrypted keys', async function() { @@ -3410,7 +3410,7 @@ VYGdb3eNlV8CfoEC const publicKey = await openpgp.readKey({ armoredKey: multi_uid_key }); // Set second user to prefer aes128. We should select this user by default, since it was created later. publicKey.users[1].selfCertifications[0].preferredSymmetricAlgorithms = [openpgp.enums.symmetric.aes128]; - const sessionKey = await openpgp.generateSessionKey({ publicKeys: publicKey }); + const sessionKey = await openpgp.generateSessionKey({ encryptionKeys: publicKey }); expect(sessionKey.algorithm).to.equal('aes128'); }); @@ -3420,7 +3420,7 @@ VYGdb3eNlV8CfoEC publicKey.users[0].selfCertifications[0].isPrimaryUserID = true; // Set first user to prefer aes128. publicKey.users[0].selfCertifications[0].preferredSymmetricAlgorithms = [openpgp.enums.symmetric.aes128]; - const sessionKey = await openpgp.generateSessionKey({ publicKeys: publicKey }); + const sessionKey = await openpgp.generateSessionKey({ encryptionKeys: publicKey }); expect(sessionKey.algorithm).to.equal('aes128'); }); @@ -3434,14 +3434,14 @@ VYGdb3eNlV8CfoEC publicKey.users[0].selfCertifications[0].isPrimaryUserID = true; // Set second user to prefer aes128. We will select this user. publicKey.users[1].selfCertifications[0].preferredSymmetricAlgorithms = [openpgp.enums.symmetric.aes128]; - const sessionKey = await openpgp.generateSessionKey({ publicKeys: publicKey, toUserIDs: { name: 'Test User', email: 'b@c.com' } }); + const sessionKey = await openpgp.generateSessionKey({ encryptionKeys: publicKey, encryptionUserIDs: { name: 'Test User', email: 'b@c.com' } }); expect(sessionKey.algorithm).to.equal('aes128'); const config = { minRSABits: 1024 }; await openpgp.encrypt({ - message: await openpgp.createMessage({ text: 'hello' }), publicKeys: publicKey, privateKeys: privateKey, toUserIDs: { name: 'Test User', email: 'b@c.com' }, armor: false, config + message: await openpgp.createMessage({ text: 'hello' }), encryptionKeys: publicKey, signingKeys: privateKey, encryptionUserIDs: { name: 'Test User', email: 'b@c.com' }, armor: false, config }); await expect(openpgp.encrypt({ - message: await openpgp.createMessage({ text: 'hello' }), publicKeys: publicKey, privateKeys: privateKey, toUserIDs: { name: 'Test User', email: 'c@c.com' }, armor: false, config + message: await openpgp.createMessage({ text: 'hello' }), encryptionKeys: publicKey, signingKeys: privateKey, encryptionUserIDs: { name: 'Test User', email: 'c@c.com' }, armor: false, config })).to.be.rejectedWith('Could not find user that matches that user ID'); }); @@ -3452,7 +3452,7 @@ VYGdb3eNlV8CfoEC privateKey: await openpgp.readKey({ armoredKey: uidlessKey }), passphrase: 'correct horse battery staple' }); - await expect(openpgp.encrypt({ message: await openpgp.createMessage({ text: 'hello' }), publicKeys: publicKey, privateKeys: privateKey, armor: false })).to.be.rejectedWith('Could not find primary user'); + await expect(openpgp.encrypt({ message: await openpgp.createMessage({ text: 'hello' }), encryptionKeys: publicKey, signingKeys: privateKey, armor: false })).to.be.rejectedWith('Could not find primary user'); }); it('Sign - specific user', async function() { @@ -3472,17 +3472,17 @@ VYGdb3eNlV8CfoEC privateKey.users[1].selfCertifications[0].preferredHashAlgorithms = [openpgp.enums.hash.sha512]; const config = { minRSABits: 1024 }; const signed = await openpgp.sign({ - message: await openpgp.createMessage({ text: 'hello' }), privateKeys: privateKey, fromUserIDs: { name: 'Test McTestington', email: 'test@example.com' }, armor: false, config + message: await openpgp.createMessage({ text: 'hello' }), signingKeys: privateKey, signingUserIDs: { name: 'Test McTestington', email: 'test@example.com' }, armor: false, config }); const signature = await openpgp.readMessage({ binaryMessage: signed }); expect(signature.packets[0].hashAlgorithm).to.equal(openpgp.enums.hash.sha512); const encrypted = await openpgp.encrypt({ - message: await openpgp.createMessage({ text: 'hello' }), passwords: 'test', privateKeys: privateKey, fromUserIDs: { name: 'Test McTestington', email: 'test@example.com' }, armor: false, config + message: await openpgp.createMessage({ text: 'hello' }), passwords: 'test', signingKeys: privateKey, signingUserIDs: { name: 'Test McTestington', email: 'test@example.com' }, armor: false, config }); const { signatures } = await openpgp.decrypt({ message: await openpgp.readMessage({ binaryMessage: encrypted }), passwords: 'test' }); expect(signatures[0].signature.packets[0].hashAlgorithm).to.equal(openpgp.enums.hash.sha512); await expect(openpgp.encrypt({ - message: await openpgp.createMessage({ text: 'hello' }), publicKeys: publicKey, privateKeys: privateKey, fromUserIDs: { name: 'Not Test McTestington', email: 'test@example.com' }, armor: false, config + message: await openpgp.createMessage({ text: 'hello' }), encryptionKeys: publicKey, signingKeys: privateKey, signingUserIDs: { name: 'Not Test McTestington', email: 'test@example.com' }, armor: false, config })).to.be.rejectedWith('Could not find user that matches that user ID'); }); @@ -3518,7 +3518,7 @@ VYGdb3eNlV8CfoEC it('Reject encryption with revoked primary user', async function() { const key = await openpgp.readKey({ armoredKey: pub_revoked_subkeys }); - return openpgp.encrypt({ publicKeys: [key], message: await openpgp.createMessage({ text: 'random data' }) }).then(() => { + return openpgp.encrypt({ encryptionKeys: [key], message: await openpgp.createMessage({ text: 'random data' }) }).then(() => { throw new Error('encryptSessionKey should not encrypt with revoked public key'); }).catch(function(error) { expect(error.message).to.equal('Error encrypting message: Primary user is revoked'); @@ -3529,7 +3529,7 @@ VYGdb3eNlV8CfoEC const key = await openpgp.readKey({ armoredKey: pub_revoked_subkeys }); key.revocationSignatures = []; key.users[0].revocationSignatures = []; - return openpgp.encrypt({ publicKeys: [key], message: await openpgp.createMessage({ text: 'random data' }), date: new Date(1386842743000) }).then(() => { + return openpgp.encrypt({ encryptionKeys: [key], message: await openpgp.createMessage({ text: 'random data' }), date: new Date(1386842743000) }).then(() => { throw new Error('encryptSessionKey should not encrypt with revoked public key'); }).catch(error => { expect(error.message).to.equal('Error encrypting message: Could not find valid encryption key packet in key ' + key.getKeyID().toHex() + ': Subkey is revoked'); @@ -3538,7 +3538,7 @@ VYGdb3eNlV8CfoEC it('Reject encryption with key revoked with appended revocation cert', async function() { const key = await openpgp.readKey({ armoredKey: pub_revoked_with_cert }); - return openpgp.encrypt({ publicKeys: [key], message: await openpgp.createMessage({ text: 'random data' }) }).then(() => { + return openpgp.encrypt({ encryptionKeys: [key], message: await openpgp.createMessage({ text: 'random data' }) }).then(() => { throw new Error('encryptSessionKey should not encrypt with revoked public key'); }).catch(function(error) { expect(error.message).to.equal('Error encrypting message: Primary key is revoked'); @@ -3766,9 +3766,9 @@ VYGdb3eNlV8CfoEC expect(subKey.getAlgorithmInfo().algorithm).to.be.equal('eddsa'); await subKey.verify(newPrivateKey.primaryKey); expect(await newPrivateKey.getSigningKey()).to.be.equal(subKey); - const signed = await openpgp.sign({ message: await openpgp.createMessage({ text: 'the data to signed' }), privateKeys: newPrivateKey, armor:false }); + const signed = await openpgp.sign({ message: await openpgp.createMessage({ text: 'the data to signed' }), signingKeys: newPrivateKey, armor:false }); const message = await openpgp.readMessage({ binaryMessage: signed }); - const { signatures } = await openpgp.verify({ message, publicKeys: [newPrivateKey.toPublic()] }); + const { signatures } = await openpgp.verify({ message, verificationKeys: [newPrivateKey.toPublic()] }); expect(signatures).to.exist; expect(signatures.length).to.be.equal(1); expect(signatures[0].keyID.toHex()).to.be.equal(subKey.getKeyID().toHex()); @@ -3788,14 +3788,14 @@ VYGdb3eNlV8CfoEC const publicKey = newPrivateKey.toPublic(); await subKey.verify(newPrivateKey.primaryKey); expect(await newPrivateKey.getEncryptionKey()).to.be.equal(subKey); - const encrypted = await openpgp.encrypt({ message: await openpgp.createMessage({ text: vData }), publicKeys: publicKey, armor:false }); + const encrypted = await openpgp.encrypt({ message: await openpgp.createMessage({ text: vData }), encryptionKeys: publicKey, armor:false }); expect(encrypted).to.be.exist; const message = await openpgp.readMessage({ binaryMessage: encrypted }); const pkSessionKeys = message.packets.filterByTag(openpgp.enums.packet.publicKeyEncryptedSessionKey); expect(pkSessionKeys).to.exist; expect(pkSessionKeys.length).to.be.equal(1); expect(pkSessionKeys[0].publicKeyID.toHex()).to.be.equals(subKey.keyPacket.getKeyID().toHex()); - const decrypted = await openpgp.decrypt({ message, privateKeys: newPrivateKey }); + const decrypted = await openpgp.decrypt({ message, decryptionKeys: newPrivateKey }); expect(decrypted).to.exist; expect(decrypted.data).to.be.equal(vData); }); @@ -3814,9 +3814,9 @@ VYGdb3eNlV8CfoEC expect(subKey.getAlgorithmInfo().algorithm).to.be.equal('rsaEncryptSign'); await subKey.verify(newPrivateKey.primaryKey); expect(await newPrivateKey.getSigningKey()).to.be.equal(subKey); - const signed = await openpgp.sign({ message: await openpgp.createMessage({ text: 'the data to signed' }), privateKeys: newPrivateKey, armor:false }); + const signed = await openpgp.sign({ message: await openpgp.createMessage({ text: 'the data to signed' }), signingKeys: newPrivateKey, armor:false }); const message = await openpgp.readMessage({ binaryMessage: signed }); - const { signatures } = await openpgp.verify({ message, publicKeys: [newPrivateKey.toPublic()] }); + const { signatures } = await openpgp.verify({ message, verificationKeys: [newPrivateKey.toPublic()] }); expect(signatures).to.exist; expect(signatures.length).to.be.equal(1); expect(signatures[0].keyID.toHex()).to.be.equal(subKey.getKeyID().toHex()); @@ -3836,14 +3836,14 @@ VYGdb3eNlV8CfoEC const publicKey = newPrivateKey.toPublic(); const vData = 'the data to encrypted!'; expect(await newPrivateKey.getEncryptionKey()).to.be.equal(subKey); - const encrypted = await openpgp.encrypt({ message: await openpgp.createMessage({ text: vData }), publicKeys: publicKey, armor:false }); + const encrypted = await openpgp.encrypt({ message: await openpgp.createMessage({ text: vData }), encryptionKeys: publicKey, armor:false }); expect(encrypted).to.be.exist; const message = await openpgp.readMessage({ binaryMessage: encrypted }); const pkSessionKeys = message.packets.filterByTag(openpgp.enums.packet.publicKeyEncryptedSessionKey); expect(pkSessionKeys).to.exist; expect(pkSessionKeys.length).to.be.equal(1); expect(pkSessionKeys[0].publicKeyID.toHex()).to.be.equals(subKey.keyPacket.getKeyID().toHex()); - const decrypted = await openpgp.decrypt({ message, privateKeys: newPrivateKey }); + const decrypted = await openpgp.decrypt({ message, decryptionKeys: newPrivateKey }); expect(decrypted).to.exist; expect(decrypted.data).to.be.equal(vData); }); diff --git a/test/general/openpgp.js b/test/general/openpgp.js index 9af08f77..2232964f 100644 --- a/test/general/openpgp.js +++ b/test/general/openpgp.js @@ -982,13 +982,13 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { const encrypted = await openpgp.encrypt({ message: await openpgp.createMessage({ text: plaintext }), - privateKeys: privateKey, - publicKeys: publicKey + signingKeys: privateKey, + encryptionKeys: publicKey }); const { data, signatures } = await openpgp.decrypt({ message: await openpgp.readMessage({ armoredMessage: encrypted }), - privateKeys: privateKey, - publicKeys: publicKey, + decryptionKeys: privateKey, + verificationKeys: publicKey, expectSigned: true }); expect(data).to.equal(plaintext); @@ -1004,14 +1004,14 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { const encrypted = await openpgp.encrypt({ message: await openpgp.createMessage({ text: plaintext }), - publicKeys: publicKey, - privateKeys: privateKey + encryptionKeys: publicKey, + signingKeys: privateKey }); await expect(openpgp.decrypt({ message: await openpgp.readMessage({ armoredMessage: encrypted }), - privateKeys: privateKey, + decryptionKeys: privateKey, expectSigned: true - })).to.be.eventually.rejectedWith(/Public keys are required/); + })).to.be.eventually.rejectedWith(/Verification keys are required/); }); it('decrypt/verify should throw on missing signature (expectSigned=true)', async function () { @@ -1023,12 +1023,12 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { const encrypted = await openpgp.encrypt({ message: await openpgp.createMessage({ text: plaintext }), - publicKeys: publicKey + encryptionKeys: publicKey }); await expect(openpgp.decrypt({ message: await openpgp.readMessage({ armoredMessage: encrypted }), - privateKeys: privateKey, - publicKeys: publicKey, + decryptionKeys: privateKey, + verificationKeys: publicKey, expectSigned: true })).to.be.eventually.rejectedWith(/Message is not signed/); }); @@ -1043,13 +1043,13 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { const encrypted = await openpgp.encrypt({ message: await openpgp.createMessage({ text: plaintext }), - publicKeys: publicKey, - privateKeys: privateKey + encryptionKeys: publicKey, + signingKeys: privateKey }); await expect(openpgp.decrypt({ message: await openpgp.readMessage({ armoredMessage: encrypted }), - privateKeys: privateKey, - publicKeys: wrongPublicKey, + decryptionKeys: privateKey, + verificationKeys: wrongPublicKey, expectSigned: true })).to.be.eventually.rejectedWith(/Could not find signing key/); }); @@ -1063,13 +1063,13 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { const encrypted = await openpgp.encrypt({ message: await openpgp.createMessage({ text: plaintext }), - privateKeys: privateKey, - publicKeys: publicKey + signingKeys: privateKey, + encryptionKeys: publicKey }); const { data: streamedData, signatures } = await openpgp.decrypt({ message: await openpgp.readMessage({ armoredMessage: stream.toStream(encrypted) }), - privateKeys: privateKey, - publicKeys: publicKey, + decryptionKeys: privateKey, + verificationKeys: publicKey, expectSigned: true }); const data = await stream.readToEnd(streamedData); @@ -1086,14 +1086,14 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { const encrypted = await openpgp.encrypt({ message: await openpgp.createMessage({ text: plaintext }), - publicKeys: publicKey, - privateKeys: privateKey + encryptionKeys: publicKey, + signingKeys: privateKey }); await expect(openpgp.decrypt({ message: await openpgp.readMessage({ armoredMessage: stream.toStream(encrypted) }), - privateKeys: privateKey, + decryptionKeys: privateKey, expectSigned: true - })).to.be.eventually.rejectedWith(/Public keys are required/); + })).to.be.eventually.rejectedWith(/Verification keys are required/); }); it('decrypt/verify should throw on missing signature (expectSigned=true, with streaming)', async function () { @@ -1105,12 +1105,12 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { const encrypted = await openpgp.encrypt({ message: await openpgp.createMessage({ text: plaintext }), - publicKeys: publicKey + encryptionKeys: publicKey }); await expect(openpgp.decrypt({ message: await openpgp.readMessage({ armoredMessage: stream.toStream(encrypted) }), - privateKeys: privateKey, - publicKeys: publicKey, + decryptionKeys: privateKey, + verificationKeys: publicKey, expectSigned: true })).to.be.eventually.rejectedWith(/Message is not signed/); }); @@ -1125,13 +1125,13 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { const encrypted = await openpgp.encrypt({ message: await openpgp.createMessage({ text: plaintext }), - publicKeys: publicKey, - privateKeys: privateKey + encryptionKeys: publicKey, + signingKeys: privateKey }); const { data: streamedData } = await openpgp.decrypt({ message: await openpgp.readMessage({ armoredMessage: stream.toStream(encrypted) }), - privateKeys: privateKey, - publicKeys: wrongPublicKey, + decryptionKeys: privateKey, + verificationKeys: wrongPublicKey, expectSigned: true }); await expect( @@ -1178,11 +1178,11 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { const signed = await openpgp.sign({ message: await createMessage({ text }), - privateKeys: privateKey + signingKeys: privateKey }); const { data, signatures } = await openpgp.verify({ message: await readMessage({ armoredMessage: signed }), - publicKeys: publicKey, + verificationKeys: publicKey, expectSigned: true }); expect(data).to.equal(text); @@ -1194,7 +1194,7 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { await expect(openpgp.verify({ message: await createMessage({ text }), - publicKeys: publicKey, + verificationKeys: publicKey, expectSigned: true })).to.be.eventually.rejectedWith(/Message is not signed/); }); @@ -1208,11 +1208,11 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { const signed = await openpgp.sign({ message: await createMessage({ text }), - privateKeys: privateKey + signingKeys: privateKey }); await expect(openpgp.verify({ message: await readMessage({ armoredMessage: signed }), - publicKeys: wrongPublicKey, + verificationKeys: wrongPublicKey, expectSigned: true })).to.be.eventually.rejectedWith(/Could not find signing key/); }); @@ -1228,11 +1228,11 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { const signed = await openpgp.sign({ message: await createMessage({ text }), - privateKeys: privateKey + signingKeys: privateKey }); const { data: streamedData, signatures } = await openpgp.verify({ message: await readMessage({ armoredMessage: stream.toStream(signed) }), - publicKeys: publicKey, + verificationKeys: publicKey, expectSigned: true }); const data = await stream.readToEnd(streamedData); @@ -1247,7 +1247,7 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { await expect(openpgp.verify({ message: await createMessage({ text: stream.toStream(text) }), - publicKeys: publicKey, + verificationKeys: publicKey, expectSigned: true })).to.be.eventually.rejectedWith(/Message is not signed/); }); @@ -1263,11 +1263,11 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { const signed = await openpgp.sign({ message: await createMessage({ text }), - privateKeys: privateKey + signingKeys: privateKey }); const { data: streamedData } = await openpgp.verify({ message: await readMessage({ armoredMessage: stream.toStream(signed) }), - publicKeys: wrongPublicKey, + verificationKeys: wrongPublicKey, expectSigned: true }); await expect( @@ -1328,14 +1328,14 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { const commentStringVal = openpgp.config.commentString; try { - const encryptedDefault = await openpgp.encrypt({ publicKeys:publicKey, message:await openpgp.createMessage({ text: plaintext }) }); + const encryptedDefault = await openpgp.encrypt({ encryptionKeys:publicKey, message:await openpgp.createMessage({ text: plaintext }) }); expect(encryptedDefault).to.exist; expect(encryptedDefault).not.to.match(/^Version:/); expect(encryptedDefault).not.to.match(/^Comment:/); openpgp.config.showComment = true; openpgp.config.commentString = 'different'; - const encryptedWithComment = await openpgp.encrypt({ publicKeys:publicKey, message:await openpgp.createMessage({ text: plaintext }) }); + const encryptedWithComment = await openpgp.encrypt({ encryptionKeys:publicKey, message:await openpgp.createMessage({ text: plaintext }) }); expect(encryptedWithComment).to.exist; expect(encryptedWithComment).not.to.match(/^Version:/); expect(encryptedWithComment).to.match(/Comment: different/); @@ -1362,14 +1362,14 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { it('Calling decrypt with not decrypted key leads to exception', async function() { const encOpt = { message: await openpgp.createMessage({ text: plaintext }), - publicKeys: publicKey + encryptionKeys: publicKey }; const decOpt = { - privateKeys: privateKey + decryptionKeys: privateKey }; const encrypted = await openpgp.encrypt(encOpt); decOpt.message = await openpgp.readMessage({ armoredMessage: encrypted }); - await expect(openpgp.decrypt(decOpt)).to.be.rejectedWith('Error decrypting message: Private key is not decrypted.'); + await expect(openpgp.decrypt(decOpt)).to.be.rejectedWith('Error decrypting message: Decryption key is not decrypted.'); }); tryTests('CFB mode (asm.js)', tests, { @@ -1435,13 +1435,13 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { return openpgp.encryptSessionKey({ data: sk, algorithm: 'aes128', - publicKeys: publicKey, + encryptionKeys: publicKey, armor: false }).then(async function(encrypted) { const message = await openpgp.readMessage({ binaryMessage: encrypted }); return openpgp.decryptSessionKeys({ message, - privateKeys: privateKey + decryptionKeys: privateKey }); }).then(function(decrypted) { expect(decrypted[0].data).to.deep.equal(sk); @@ -1469,7 +1469,7 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { return openpgp.encryptSessionKey({ data: sk, algorithm: 'aes128', - publicKeys: publicKey, + encryptionKeys: publicKey, armor: false }).then(async function(encrypted) { const message = await openpgp.readMessage({ binaryMessage: encrypted }); @@ -1477,7 +1477,7 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { invalidPrivateKey.subKeys[0].bindingSignatures = []; return openpgp.decryptSessionKeys({ message, - privateKeys: invalidPrivateKey + decryptionKeys: invalidPrivateKey }).then(() => { throw new Error('Should not decrypt with invalid key'); }).catch(error => { @@ -1489,11 +1489,11 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { it('roundtrip workflow: encrypt, decryptSessionKeys, decrypt with pgp key pair', async function () { const encrypted = await openpgp.encrypt({ message: await openpgp.createMessage({ text: plaintext }), - publicKeys: publicKey + encryptionKeys: publicKey }); const decryptedSessionKeys = await openpgp.decryptSessionKeys({ message: await openpgp.readMessage({ armoredMessage: encrypted }), - privateKeys: privateKey + decryptionKeys: privateKey }); const decrypted = await openpgp.decrypt({ message: await openpgp.readMessage({ armoredMessage: encrypted }), @@ -1506,11 +1506,11 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { const plaintext = 'space: \nspace and tab: \t\nno trailing space\n \ntab:\t\ntab and space:\t '; const encrypted = await openpgp.encrypt({ message: await openpgp.createMessage({ text: plaintext }), - publicKeys: publicKey + encryptionKeys: publicKey }); const decryptedSessionKeys = await openpgp.decryptSessionKeys({ message: await openpgp.readMessage({ armoredMessage: encrypted }), - privateKeys: privateKey + decryptionKeys: privateKey }); const decrypted = await openpgp.decrypt({ message: await openpgp.readMessage({ armoredMessage: encrypted }), @@ -1593,10 +1593,10 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { it('should encrypt then decrypt', async function () { const encOpt = { message: await openpgp.createMessage({ text: plaintext }), - publicKeys: publicKey + encryptionKeys: publicKey }; const decOpt = { - privateKeys: privateKey + decryptionKeys: privateKey }; return openpgp.encrypt(encOpt).then(async function (encrypted) { expect(encrypted).to.match(/^-----BEGIN PGP MESSAGE/); @@ -1617,10 +1617,10 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { const encOpt = { message: await openpgp.createMessage({ text: plaintext }), - publicKeys: publicKey + encryptionKeys: publicKey }; const decOpt = { - privateKeys: [privKeyDE, privateKey] + decryptionKeys: [privKeyDE, privateKey] }; return openpgp.encrypt(encOpt).then(async function (encrypted) { expect(encrypted).to.match(/^-----BEGIN PGP MESSAGE/); @@ -1636,11 +1636,11 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { it('should encrypt then decrypt with wildcard', async function () { const encOpt = { message: await openpgp.createMessage({ text: plaintext }), - publicKeys: publicKey, + encryptionKeys: publicKey, wildcard: true }; const decOpt = { - privateKeys: privateKey + decryptionKeys: privateKey }; return openpgp.encrypt(encOpt).then(async function (encrypted) { expect(encrypted).to.match(/^-----BEGIN PGP MESSAGE/); @@ -1661,11 +1661,11 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { const encOpt = { message: await openpgp.createMessage({ text: plaintext }), - publicKeys: publicKey, + encryptionKeys: publicKey, wildcard: true }; const decOpt = { - privateKeys: [privKeyDE, privateKey] + decryptionKeys: [privKeyDE, privateKey] }; return openpgp.encrypt(encOpt).then(async function (encrypted) { expect(encrypted).to.match(/^-----BEGIN PGP MESSAGE/); @@ -1680,7 +1680,7 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { it('should encrypt then decrypt using returned session key', async function () { const sessionKey = await openpgp.generateSessionKey({ - publicKeys: publicKey + encryptionKeys: publicKey }); const encrypted = await openpgp.encrypt({ message: await openpgp.createMessage({ text: plaintext }), @@ -1704,7 +1704,7 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { const encOpt = { message: await openpgp.createMessage({ text: plaintext }), sessionKey: sessionKey, - publicKeys: publicKey + encryptionKeys: publicKey }; const decOpt = { sessionKeys: sessionKey @@ -1727,10 +1727,10 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { const encOpt = { message: await openpgp.createMessage({ text: plaintext }), sessionKey: sessionKey, - publicKeys: publicKey + encryptionKeys: publicKey }; const decOpt = { - privateKeys: privateKey + decryptionKeys: privateKey }; return openpgp.encrypt(encOpt).then(async function (encrypted) { expect(encrypted).to.match(/^-----BEGIN PGP MESSAGE/); @@ -1745,12 +1745,12 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { it('should encrypt/sign and decrypt/verify', async function () { const encOpt = { message: await openpgp.createMessage({ text: plaintext }), - publicKeys: publicKey, - privateKeys: privateKey + encryptionKeys: publicKey, + signingKeys: privateKey }; const decOpt = { - privateKeys: privateKey, - publicKeys: publicKey + decryptionKeys: privateKey, + verificationKeys: publicKey }; return openpgp.encrypt(encOpt).then(async function (encrypted) { decOpt.message = await openpgp.readMessage({ armoredMessage: encrypted }); @@ -1768,12 +1768,12 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { it('should encrypt/sign and decrypt/verify (expectSigned=true)', async function () { const encOpt = { message: await openpgp.createMessage({ text: plaintext }), - publicKeys: publicKey, - privateKeys: privateKey + encryptionKeys: publicKey, + signingKeys: privateKey }; const decOpt = { - privateKeys: privateKey, - publicKeys: publicKey, + decryptionKeys: privateKey, + verificationKeys: publicKey, expectSigned: true }; return openpgp.encrypt(encOpt).then(async function (encrypted) { @@ -1792,12 +1792,12 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { it('should encrypt/sign and decrypt/verify (no AEAD support)', async function () { const encOpt = { message: await openpgp.createMessage({ text: plaintext }), - publicKeys: publicKeyNoAEAD, - privateKeys: privateKey + encryptionKeys: publicKeyNoAEAD, + signingKeys: privateKey }; const decOpt = { - privateKeys: privateKey, - publicKeys: publicKeyNoAEAD + decryptionKeys: privateKey, + verificationKeys: publicKeyNoAEAD }; return openpgp.encrypt(encOpt).then(async function (encrypted) { decOpt.message = await openpgp.readMessage({ armoredMessage: encrypted }); @@ -1823,12 +1823,12 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { const encOpt = { message: await openpgp.createMessage({ text: plaintext }), - publicKeys: newPublicKey, - privateKeys: newPrivateKey + encryptionKeys: newPublicKey, + signingKeys: newPrivateKey }; const decOpt = { - privateKeys: newPrivateKey, - publicKeys: newPublicKey + decryptionKeys: newPrivateKey, + verificationKeys: newPublicKey }; return openpgp.encrypt(encOpt).then(async function (encrypted) { decOpt.message = await openpgp.readMessage({ armoredMessage: encrypted }); @@ -1853,11 +1853,11 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { const encrypted = await openpgp.encrypt({ message: await openpgp.createMessage({ text: plaintext }), - publicKeys: newPublicKey + encryptionKeys: newPublicKey }); const signed = await openpgp.sign({ message: await openpgp.createMessage({ text: plaintext }), - privateKeys: newPrivateKey, + signingKeys: newPrivateKey, detached: true }); const message = await openpgp.readMessage({ armoredMessage: encrypted }); @@ -1865,8 +1865,8 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { const decrypted = await openpgp.decrypt({ message, signature: await openpgp.readSignature({ armoredSignature: signed }), - privateKeys: newPrivateKey, - publicKeys: newPublicKey + decryptionKeys: newPrivateKey, + verificationKeys: newPublicKey }); expect(decrypted.data).to.equal(plaintext); expect(decrypted.signatures[0].valid).to.be.true; @@ -1878,12 +1878,12 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { it('should encrypt/sign and decrypt/verify with null string input', async function () { const encOpt = { message: await openpgp.createMessage({ text: '' }), - publicKeys: publicKey, - privateKeys: privateKey + encryptionKeys: publicKey, + signingKeys: privateKey }; const decOpt = { - privateKeys: privateKey, - publicKeys: publicKey + decryptionKeys: privateKey, + verificationKeys: publicKey }; return openpgp.encrypt(encOpt).then(async function (encrypted) { decOpt.message = await openpgp.readMessage({ armoredMessage: encrypted }); @@ -1900,18 +1900,18 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { it('should encrypt/sign and decrypt/verify with detached signatures', async function () { const encrypted = await openpgp.encrypt({ message: await openpgp.createMessage({ text: plaintext }), - publicKeys: publicKey + encryptionKeys: publicKey }); const signed = await openpgp.sign({ message: await openpgp.createMessage({ text: plaintext }), - privateKeys: privateKey, + signingKeys: privateKey, detached: true }); const decrypted = await openpgp.decrypt({ message: await openpgp.readMessage({ armoredMessage: encrypted }), signature: await openpgp.readSignature({ armoredSignature: signed }), - privateKeys: privateKey, - publicKeys: publicKey + decryptionKeys: privateKey, + verificationKeys: publicKey }); expect(decrypted.data).to.equal(plaintext); expect(decrypted.signatures[0].valid).to.be.true; @@ -1936,19 +1936,19 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { const signOpt = { message: await openpgp.createMessage({ text: plaintext }), - privateKeys: privKeyDE, + signingKeys: privKeyDE, detached: true }; const encOpt = { message: await openpgp.createMessage({ text: plaintext }), - publicKeys: publicKey, - privateKeys: privateKey + encryptionKeys: publicKey, + signingKeys: privateKey }; const decOpt = { - privateKeys: privateKey, - publicKeys: [publicKey, pubKeyDE] + decryptionKeys: privateKey, + verificationKeys: [publicKey, pubKeyDE] }; await openpgp.sign(signOpt).then(async function (armoredSignature) { @@ -1977,18 +1977,18 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { it('should fail to encrypt and decrypt/verify with detached signature as input for encryption with wrong public key', async function () { const signOpt = { message: await openpgp.createMessage({ text: plaintext }), - privateKeys: privateKey, + signingKeys: privateKey, detached: true }; const encOpt = { message: await openpgp.createMessage({ text: plaintext }), - publicKeys: publicKey + encryptionKeys: publicKey }; const decOpt = { - privateKeys: privateKey, - publicKeys: await openpgp.readKey({ armoredKey: wrong_pubkey }) + decryptionKeys: privateKey, + verificationKeys: await openpgp.readKey({ armoredKey: wrong_pubkey }) }; return openpgp.sign(signOpt).then(async function (armoredSignature) { @@ -2010,12 +2010,12 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { it('should fail to verify decrypted data with wrong public pgp key', async function () { const encOpt = { message: await openpgp.createMessage({ text: plaintext }), - publicKeys: publicKey, - privateKeys: privateKey + encryptionKeys: publicKey, + signingKeys: privateKey }; const decOpt = { - privateKeys: privateKey, - publicKeys: await openpgp.readKey({ armoredKey: wrong_pubkey }) + decryptionKeys: privateKey, + verificationKeys: await openpgp.readKey({ armoredKey: wrong_pubkey }) }; return openpgp.encrypt(encOpt).then(async function (encrypted) { decOpt.message = await openpgp.readMessage({ armoredMessage: encrypted }); @@ -2033,12 +2033,12 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { it('should fail to verify decrypted null string with wrong public pgp key', async function () { const encOpt = { message: await openpgp.createMessage({ text: '' }), - publicKeys: publicKey, - privateKeys: privateKey + encryptionKeys: publicKey, + signingKeys: privateKey }; const decOpt = { - privateKeys: privateKey, - publicKeys: await openpgp.readKey({ armoredKey: wrong_pubkey }) + decryptionKeys: privateKey, + verificationKeys: await openpgp.readKey({ armoredKey: wrong_pubkey }) }; return openpgp.encrypt(encOpt).then(async function (encrypted) { decOpt.message = await openpgp.readMessage({ armoredMessage: encrypted }); @@ -2056,11 +2056,11 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { it('should successfully decrypt signed message without public keys to verify', async function () { const encOpt = { message: await openpgp.createMessage({ text: plaintext }), - publicKeys: publicKey, - privateKeys: privateKey + encryptionKeys: publicKey, + signingKeys: privateKey }; const decOpt = { - privateKeys: privateKey + decryptionKeys: privateKey }; return openpgp.encrypt(encOpt).then(async function (encrypted) { decOpt.message = await openpgp.readMessage({ armoredMessage: encrypted }); @@ -2078,18 +2078,18 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { it('should fail to verify decrypted data with wrong public pgp key with detached signatures', async function () { const encrypted = await openpgp.encrypt({ message: await openpgp.createMessage({ text: plaintext }), - publicKeys: publicKey + encryptionKeys: publicKey }); const signed = await openpgp.sign({ message: await openpgp.createMessage({ text: plaintext }), - privateKeys: privateKey, + signingKeys: privateKey, detached: true }); const { signatures, data } = await openpgp.decrypt({ message: await openpgp.readMessage({ armoredMessage: encrypted }), signature: await openpgp.readSignature({ armoredSignature: signed }), - privateKeys: privateKey, - publicKeys: await openpgp.readKey({ armoredKey: wrong_pubkey }) + decryptionKeys: privateKey, + verificationKeys: await openpgp.readKey({ armoredKey: wrong_pubkey }) }); expect(data).to.equal(plaintext); expect(signatures[0].valid).to.be.false; @@ -2113,13 +2113,13 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { const encOpt = { message: await openpgp.createMessage({ text: plaintext }), - publicKeys: publicKey, - privateKeys: [privateKey, privKeyDE] + encryptionKeys: publicKey, + signingKeys: [privateKey, privKeyDE] }; const decOpt = { - privateKeys: privateKey, - publicKeys: [publicKey, pubKeyDE] + decryptionKeys: privateKey, + verificationKeys: [publicKey, pubKeyDE] }; await openpgp.encrypt(encOpt).then(async function (encrypted) { @@ -2145,7 +2145,7 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { it('should fail to decrypt modified message', async function() { const { privateKeyArmored } = await openpgp.generateKey({ curve: 'curve25519', userIDs: [{ email: 'test@email.com' }] }); const key = await openpgp.readKey({ armoredKey: privateKeyArmored }); - const data = await openpgp.encrypt({ message: await openpgp.createMessage({ binary: new Uint8Array(500) }), publicKeys: [key.toPublic()] }); + const data = await openpgp.encrypt({ message: await openpgp.createMessage({ binary: new Uint8Array(500) }), encryptionKeys: [key.toPublic()] }); let badSumEncrypted = data.replace(/\n=[a-zA-Z0-9/+]{4}/, '\n=aaaa'); if (badSumEncrypted === data) { // checksum was already =aaaa badSumEncrypted = data.replace(/\n=[a-zA-Z0-9/+]{4}/, '\n=bbbb'); @@ -2184,7 +2184,7 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { try { const message = await openpgp.readMessage({ armoredMessage: encrypted }); stepReached = 1; - const { data: decrypted } = await openpgp.decrypt({ message: message, privateKeys: [key] }); + const { data: decrypted } = await openpgp.decrypt({ message: message, decryptionKeys: [key] }); stepReached = 2; await stream.readToEnd(decrypted); } catch (e) { @@ -2204,10 +2204,10 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { it('should fail to decrypt unarmored message with garbage data appended', async function() { const { key } = await openpgp.generateKey({ userIDs: {} }); - const message = await openpgp.encrypt({ message: await openpgp.createMessage({ text: 'test' }), publicKeys: key, privateKeys: key, armor: false }); + const message = await openpgp.encrypt({ message: await openpgp.createMessage({ text: 'test' }), encryptionKeys: key, signingKeys: key, armor: false }); const encrypted = util.concat([message, new Uint8Array([11])]); await expect((async () => { - await openpgp.decrypt({ message: await openpgp.readMessage({ binaryMessage: encrypted }), privateKeys: key, publicKeys: key }); + await openpgp.decrypt({ message: await openpgp.readMessage({ binaryMessage: encrypted }), decryptionKeys: key, verificationKeys: key }); })()).to.be.rejectedWith('Error during parsing. This message / key probably does not conform to a valid OpenPGP format.'); }); }); @@ -2226,13 +2226,13 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { }); pubKeyDE.users[0].selfCertifications[0].features = [7]; // Monkey-patch AEAD feature flag await openpgp.encrypt({ - publicKeys: pubKeyDE, - privateKeys: privKeyDE, + encryptionKeys: pubKeyDE, + signingKeys: privKeyDE, message: await openpgp.createMessage({ text: plaintext }) }).then(async function (encrypted) { return openpgp.decrypt({ - privateKeys: privKeyDE, - publicKeys: pubKeyDE, + decryptionKeys: privKeyDE, + verificationKeys: pubKeyDE, message: await openpgp.readMessage({ armoredMessage: encrypted }) }); }).then(async function (decrypted) { @@ -2310,7 +2310,7 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { }); const message = await openpgp.readMessage({ armoredMessage: pgp_msg }); - return openpgp.decrypt({ privateKeys:privKey, message:message }).then(function(decrypted) { + return openpgp.decrypt({ decryptionKeys:privKey, message:message }).then(function(decrypted) { expect(decrypted.data).to.equal('hello 3des\n'); expect(decrypted.signatures.length).to.equal(0); }); @@ -2473,10 +2473,10 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { const message = await openpgp.createCleartextMessage({ text: plaintext }); const signOpt = { message, - privateKeys: privateKey + signingKeys: privateKey }; const verifyOpt = { - publicKeys: publicKey + verificationKeys: publicKey }; return openpgp.sign(signOpt).then(async function (signed) { expect(signed).to.match(/-----BEGIN PGP SIGNED MESSAGE-----/); @@ -2504,10 +2504,10 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { const message = await openpgp.createCleartextMessage({ text: plaintext }); const signOpt = { message, - privateKeys: [privateKey, privKeyDE] + signingKeys: [privateKey, privKeyDE] }; const verifyOpt = { - publicKeys: [publicKey, privKeyDE.toPublic()] + verificationKeys: [publicKey, privKeyDE.toPublic()] }; await openpgp.sign(signOpt).then(async function (signed) { expect(signed).to.match(/-----BEGIN PGP SIGNED MESSAGE-----/); @@ -2534,12 +2534,12 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { const message = await openpgp.createMessage({ text: plaintext }); const signOpt = { message, - privateKeys: privateKey, + signingKeys: privateKey, detached: true }; const verifyOpt = { message, - publicKeys: publicKey + verificationKeys: publicKey }; return openpgp.sign(signOpt).then(async function (armoredSignature) { verifyOpt.signature = await openpgp.readSignature({ armoredSignature }); @@ -2557,10 +2557,10 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { const message = await openpgp.createCleartextMessage({ text: plaintext }); const signOpt = { message, - privateKeys: privateKey + signingKeys: privateKey }; const verifyOpt = { - publicKeys: await openpgp.readKey({ armoredKey: wrong_pubkey }) + verificationKeys: await openpgp.readKey({ armoredKey: wrong_pubkey }) }; return openpgp.sign(signOpt).then(async function (signed) { verifyOpt.message = await openpgp.readCleartextMessage({ cleartextMessage: signed }); @@ -2579,12 +2579,12 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { const message = await openpgp.createMessage({ text: plaintext }); const signOpt = { message, - privateKeys: privateKey, + signingKeys: privateKey, detached: true }; const verifyOpt = { message, - publicKeys: await openpgp.readKey({ armoredKey: wrong_pubkey }) + verificationKeys: await openpgp.readKey({ armoredKey: wrong_pubkey }) }; return openpgp.sign(signOpt).then(async function (armoredSignature) { verifyOpt.signature = await openpgp.readSignature({ armoredSignature }); @@ -2603,11 +2603,11 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { const message = await openpgp.createMessage({ text: plaintext }); const signOpt = { message, - privateKeys: privateKey, + signingKeys: privateKey, armor: false }; const verifyOpt = { - publicKeys: publicKey + verificationKeys: publicKey }; return openpgp.sign(signOpt).then(async function (signed) { verifyOpt.message = await openpgp.readMessage({ binaryMessage: signed }); @@ -2626,13 +2626,13 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { const message = await openpgp.createMessage({ text: plaintext }); const signOpt = { message, - privateKeys: privateKey, + signingKeys: privateKey, detached: true, armor: false }; const verifyOpt = { message, - publicKeys: publicKey + verificationKeys: publicKey }; return openpgp.sign(signOpt).then(async function (signed) { verifyOpt.signature = await openpgp.readSignature({ binarySignature: signed }); @@ -2653,14 +2653,14 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { const past = new Date(2000); const signOpt = { message, - privateKeys: privateKey_1337, + signingKeys: privateKey_1337, detached: true, date: past, armor: false }; const verifyOpt = { message, - publicKeys: publicKey_1337, + verificationKeys: publicKey_1337, date: past }; return openpgp.sign(signOpt).then(async function (signed) { @@ -2691,13 +2691,13 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { const data = new Uint8Array([3, 14, 15, 92, 65, 35, 59]); const signOpt = { message: await openpgp.createMessage({ binary: data }), - privateKeys: privateKey_2038_2045, + signingKeys: privateKey_2038_2045, detached: true, date: future, armor: false }; const verifyOpt = { - publicKeys: publicKey_2038_2045, + verificationKeys: publicKey_2038_2045, date: future, format: 'binary' }; @@ -2719,11 +2719,11 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { const data = new Uint8Array([3, 14, 15, 92, 65, 35, 59]); const signOpt = { message: await openpgp.createMessage({ binary: data }), - privateKeys: privateKey, + signingKeys: privateKey, armor: false }; const verifyOpt = { - publicKeys: publicKey, + verificationKeys: publicKey, format: 'binary' }; return openpgp.sign(signOpt).then(async function (signed) { @@ -2758,11 +2758,11 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { }); const signOpt = { message: await openpgp.createMessage({ binary: dataStream }), - privateKeys: privateKey, + signingKeys: privateKey, armor: false }; const verifyOpt = { - publicKeys: publicKey, + verificationKeys: publicKey, format: 'binary' }; return openpgp.sign(signOpt).then(async function (signed) { @@ -2792,7 +2792,7 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { const future = new Date(2040, 5, 5, 5, 5, 5, 0); const encryptOpt = { message: await openpgp.createMessage({ text: plaintext, date: future }), - publicKeys: publicKey_2038_2045, + encryptionKeys: publicKey_2038_2045, date: future, armor: false }; @@ -2813,7 +2813,7 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { const data = new Uint8Array([3, 14, 15, 92, 65, 35, 59]); const encryptOpt = { message: await openpgp.createMessage({ binary: data, date: past }), - publicKeys: publicKey_2000_2008, + encryptionKeys: publicKey_2000_2008, date: past, armor: false }; @@ -2833,8 +2833,8 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { const past = new Date(2005, 5, 5, 5, 5, 5, 0); const encryptOpt = { message: await openpgp.createMessage({ text: plaintext, date: past }), - publicKeys: publicKey_2000_2008, - privateKeys: privateKey_2000_2008, + encryptionKeys: publicKey_2000_2008, + signingKeys: privateKey_2000_2008, date: past, armor: false }; @@ -2861,8 +2861,8 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { const data = new Uint8Array([3, 14, 15, 92, 65, 35, 59]); const encryptOpt = { message: await openpgp.createMessage({ binary: data, date: future }), - publicKeys: publicKey_2038_2045, - privateKeys: privateKey_2038_2045, + encryptionKeys: publicKey_2038_2045, + signingKeys: privateKey_2038_2045, date: future, armor: false }; @@ -2890,8 +2890,8 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { const data = new Uint8Array([3, 14, 15, 92, 65, 35, 59]); const encryptOpt = { message: await openpgp.createMessage({ binary: data, date: future, format: 'mime' }), - publicKeys: publicKey_2038_2045, - privateKeys: privateKey_2038_2045, + encryptionKeys: publicKey_2038_2045, + signingKeys: privateKey_2038_2045, date: future, armor: false }; @@ -2920,7 +2920,7 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { }).then(async function(revKey) { return openpgp.encrypt({ message: await openpgp.createMessage({ text: plaintext }), - publicKeys: revKey.publicKey + encryptionKeys: revKey.publicKey }).then(function() { throw new Error('Should not encrypt with revoked key'); }).catch(function(error) { @@ -2939,7 +2939,7 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { pubKeyDE.subKeys[0] = revSubKey; return openpgp.encrypt({ message: await openpgp.createMessage({ text: plaintext }), - publicKeys: pubKeyDE, + encryptionKeys: pubKeyDE, config: { rejectPublicKeyAlgorithms: new Set() } }).then(function() { throw new Error('Should not encrypt with revoked subkey'); @@ -2957,13 +2957,13 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { }); const encrypted = await openpgp.encrypt({ message: await openpgp.createMessage({ text: plaintext }), - publicKeys: pubKeyDE, + encryptionKeys: pubKeyDE, config: { rejectPublicKeyAlgorithms: new Set() } }); privKeyDE.subKeys[0] = await privKeyDE.subKeys[0].revoke(privKeyDE.primaryKey); const decOpt = { message: await openpgp.readMessage({ armoredMessage: encrypted }), - privateKeys: privKeyDE, + decryptionKeys: privKeyDE, config: { rejectPublicKeyAlgorithms: new Set() } }; const decrypted = await openpgp.decrypt(decOpt); @@ -2982,12 +2982,12 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { }); const encrypted = await openpgp.encrypt({ message: await openpgp.createMessage({ text: plaintext }), - publicKeys: pubKeyDE, + encryptionKeys: pubKeyDE, config: { rejectPublicKeyAlgorithms: new Set() } }); const decOpt = { message: await openpgp.readMessage({ armoredMessage: encrypted }), - privateKeys: decryptedKeyDE + decryptionKeys: decryptedKeyDE }; // binding signature is invalid await expect(openpgp.decrypt(decOpt)).to.be.rejectedWith(/Session key decryption failed/); @@ -3028,13 +3028,13 @@ J9I8AcH94nE77JUtCm7s1kOlo0EIshZsAqJwGveDGdAuabfViVwVxG4I24M6 const decOpt02 = { message: await openpgp.readMessage({ armoredMessage: padding02 }), - privateKeys: key + decryptionKeys: key }; await expect(openpgp.decrypt(decOpt02)).to.be.rejectedWith(/Decryption error/); const decOpt000002 = { message: await openpgp.readMessage({ armoredMessage: padding000002 }), - privateKeys: key + decryptionKeys: key }; await expect(openpgp.decrypt(decOpt000002)).to.be.rejectedWith(/Decryption error/); }); @@ -3064,7 +3064,7 @@ J9I8AcH94nE77JUtCm7s1kOlo0EIshZsAqJwGveDGdAuabfViVwVxG4I24M6 passphrase: '12345' }); const message = await openpgp.readMessage({ armoredMessage: ecdh_msg_bad }); - const decrypted = await openpgp.decrypt({ message, privateKeys: key }); + const decrypted = await openpgp.decrypt({ message, decryptionKeys: key }); expect(decrypted.data).to.equal('\n'); }); @@ -3074,7 +3074,7 @@ J9I8AcH94nE77JUtCm7s1kOlo0EIshZsAqJwGveDGdAuabfViVwVxG4I24M6 passphrase: '12345' }); const message = await openpgp.readMessage({ armoredMessage: ecdh_msg_bad_2 }); - const decrypted = await openpgp.decrypt({ message, privateKeys: key }); + const decrypted = await openpgp.decrypt({ message, decryptionKeys: key }); expect(decrypted.data).to.equal('Tesssst


Sent from ProtonMail mobile


'); }); @@ -3117,8 +3117,8 @@ amnR6g== it(`sign/verify with ${curve}`, async function() { const plaintext = 'short message'; const key = (await openpgp.generateKey({ curve, userIDs: { name: 'Alice', email: 'info@alice.com' } })).key; - const signed = await openpgp.sign({ privateKeys:[key], message: await openpgp.createCleartextMessage({ text: plaintext }) }); - const verified = await openpgp.verify({ publicKeys:[key], message: await openpgp.readCleartextMessage({ cleartextMessage: signed }) }); + const signed = await openpgp.sign({ signingKeys:[key], message: await openpgp.createCleartextMessage({ text: plaintext }) }); + const verified = await openpgp.verify({ verificationKeys:[key], message: await openpgp.readCleartextMessage({ cleartextMessage: signed }) }); expect(verified.signatures[0].valid).to.be.true; }); }); @@ -3154,7 +3154,7 @@ bsZgJWVlAa5eil6J9ePX2xbo1vVAkLQdzE9+1jL+l7PRIZuVBQ== -----END PGP MESSAGE-----` }); await expect( - openpgp.decrypt({ message, privateKeys: key, publicKeys: key }) + openpgp.decrypt({ message, decryptionKeys: key, verificationKeys: key }) ).to.be.rejectedWith('Error decrypting message: Message is not authenticated.'); }); @@ -3188,7 +3188,7 @@ bsZgJWVlAa5eil6J9ePX2xbo1vVAkLQdzE9+1jL+l7PRIZuVBQ== =T4iR -----END PGP MESSAGE-----` }); - const decrypted = await openpgp.decrypt({ message, privateKeys: key, publicKeys: key, config: { allowUnauthenticatedMessages: true } }); + const decrypted = await openpgp.decrypt({ message, decryptionKeys: key, verificationKeys: key, config: { allowUnauthenticatedMessages: true } }); expect(decrypted.data).to.equal('test'); }); @@ -3222,7 +3222,7 @@ bsZgJWVlAa5eil6J9ePX2xbo1vVAkLQdzE9+1jL+l7PRIZuVBQ== =T4iR -----END PGP MESSAGE-----`) }); - const decrypted = await openpgp.decrypt({ message, privateKeys: key, publicKeys: key, config: { allowUnauthenticatedMessages: true } }); + const decrypted = await openpgp.decrypt({ message, decryptionKeys: key, verificationKeys: key, config: { allowUnauthenticatedMessages: true } }); const data = await stream.readToEnd(decrypted.data); expect(data).to.equal('test'); }); @@ -3266,7 +3266,7 @@ bsZgJWVlAa5eil6J9ePX2xbo1vVAkLQdzE9+1jL+l7PRIZuVBQ== m = await openpgp.readMessage({ armoredMessage: await openpgp.encrypt({ message: await openpgp.createMessage({ text: "Hello World\n" }), - publicKeys: primaryKey, + encryptionKeys: primaryKey, encryptionKeyIDs: [encryptionKeyIDs[i]] }) }); @@ -3284,7 +3284,7 @@ bsZgJWVlAa5eil6J9ePX2xbo1vVAkLQdzE9+1jL+l7PRIZuVBQ== s = await openpgp.readSignature({ armoredSignature: await openpgp.sign({ message: await openpgp.createMessage({ text: "Hello World\n" }), - privateKeys: primaryKey, + signingKeys: primaryKey, signingKeyIDs: [signingKeyIDs[i]], detached: true }) @@ -3315,8 +3315,8 @@ bsZgJWVlAa5eil6J9ePX2xbo1vVAkLQdzE9+1jL+l7PRIZuVBQ== const message = await openpgp.readMessage({ armoredMessage: await openpgp.encrypt({ message: plaintextMessage, - privateKeys: [primaryKey, primaryKey, primaryKey], - publicKeys: [primaryKey, primaryKey, primaryKey], + signingKeys: [primaryKey, primaryKey, primaryKey], + encryptionKeys: [primaryKey, primaryKey, primaryKey], encryptionKeyIDs: kIds, signingKeyIDs: sIds }) @@ -3326,7 +3326,7 @@ bsZgJWVlAa5eil6J9ePX2xbo1vVAkLQdzE9+1jL+l7PRIZuVBQ== checkEncryptedPackets(kIds, pKESKList); const { signatures } = await openpgp.decrypt({ message, - privateKeys: [primaryKey, primaryKey, primaryKey] + decryptionKeys: [primaryKey, primaryKey, primaryKey] }); expect(signatures.length).equals(3); checkSignatures(sIds, signatures); diff --git a/test/general/signature.js b/test/general/signature.js index f703efdd..d2a6dbbb 100644 --- a/test/general/signature.js +++ b/test/general/signature.js @@ -859,7 +859,7 @@ hUhMKMuiM3pRwdIyDOItkUWQmjEEw7/XmhgInkXsCw== rejectMessageHashAlgorithms: new Set([openpgp.enums.hash.md5, openpgp.enums.hash.ripemd]), rejectPublicKeyAlgorithms: new Set() }; - const decrypted = await openpgp.decrypt({ privateKeys: privateKey, publicKeys: publicKey, message, config }); + const decrypted = await openpgp.decrypt({ decryptionKeys: privateKey, verificationKeys: publicKey, message, config }); expect(decrypted.data).to.exist; expect(decrypted.signatures[0].valid).to.be.true; expect(decrypted.signatures[0].signature.packets.length).to.equal(1); @@ -880,14 +880,14 @@ hUhMKMuiM3pRwdIyDOItkUWQmjEEw7/XmhgInkXsCw== const decryptedDummyKey = await openpgp.decryptKey({ privateKey: dummyKey, passphrase }); expect(decryptedDummyKey.isDecrypted()).to.be.true; // decrypting with a secret subkey works - const msg = await openpgp.decrypt({ message, privateKeys: decryptedDummyKey, publicKeys: publicKey, config: { rejectPublicKeyAlgorithms: new Set() } }); + const msg = await openpgp.decrypt({ message, decryptionKeys: decryptedDummyKey, verificationKeys: publicKey, config: { rejectPublicKeyAlgorithms: new Set() } }); expect(msg.signatures).to.exist; expect(msg.signatures).to.have.length(1); expect(msg.signatures[0].valid).to.be.true; expect(msg.signatures[0].signature.packets.length).to.equal(1); // secret key operations involving the primary key should fail await expect(openpgp.sign({ - message: await openpgp.createMessage({ text: 'test' }), privateKeys: decryptedDummyKey, config: { rejectPublicKeyAlgorithms: new Set() } + message: await openpgp.createMessage({ text: 'test' }), signingKeys: decryptedDummyKey, config: { rejectPublicKeyAlgorithms: new Set() } })).to.eventually.be.rejectedWith(/Cannot sign with a gnu-dummy key/); await expect( openpgp.reformatKey({ userIDs: { name: 'test' }, privateKey: decryptedDummyKey }) @@ -907,7 +907,7 @@ hUhMKMuiM3pRwdIyDOItkUWQmjEEw7/XmhgInkXsCw== privateKey: await openpgp.readKey({ armoredKey: flowcrypt_stripped_key }), passphrase: 'FlowCrypt' }); - const sig = await openpgp.sign({ message: await openpgp.createMessage({ text: 'test' }), privateKeys: dummyKey, date: new Date('2018-12-17T03:24:00') }); + const sig = await openpgp.sign({ message: await openpgp.createMessage({ text: 'test' }), signingKeys: dummyKey, date: new Date('2018-12-17T03:24:00') }); expect(sig).to.match(/-----END PGP MESSAGE-----\n$/); }); @@ -984,7 +984,7 @@ hUhMKMuiM3pRwdIyDOItkUWQmjEEw7/XmhgInkXsCw== }); return openpgp.decrypt({ - privateKeys: privKey, publicKeys: pubKey , message, config: { minRSABits: 1024 } + decryptionKeys: privKey, verificationKeys: pubKey , message, config: { minRSABits: 1024 } }).then(decrypted => { expect(decrypted.data).to.exist; expect(decrypted.data).to.equal(plaintext); @@ -1021,7 +1021,7 @@ hUhMKMuiM3pRwdIyDOItkUWQmjEEw7/XmhgInkXsCw== expect(pubKey2.getKeys(keyIDs[1])).to.not.be.empty; expect(pubKey3.getKeys(keyIDs[0])).to.not.be.empty; - const { data, signatures } = await openpgp.verify({ message: sMsg, publicKeys: [pubKey2, pubKey3], config: { minRSABits: 1024 } }); + const { data, signatures } = await openpgp.verify({ message: sMsg, verificationKeys: [pubKey2, pubKey3], config: { minRSABits: 1024 } }); expect(data).to.equal(plaintext); expect(signatures).to.exist; expect(signatures).to.have.length(2); @@ -1034,7 +1034,7 @@ hUhMKMuiM3pRwdIyDOItkUWQmjEEw7/XmhgInkXsCw== it('Verify fails with signed message with critical notations', async function() { const message = await openpgp.readMessage({ armoredMessage: signature_with_critical_notation }); const key = await openpgp.readKey({ armoredKey: pub_key_arm2 }); - const { signatures: [sig] } = await openpgp.verify({ message, publicKeys: key, config: { minRSABits: 1024 } }); + const { signatures: [sig] } = await openpgp.verify({ message, verificationKeys: key, config: { minRSABits: 1024 } }); expect(sig.valid).to.be.false; expect(sig.error).to.match(/Unknown critical notation: test@example.com/); }); @@ -1044,7 +1044,7 @@ hUhMKMuiM3pRwdIyDOItkUWQmjEEw7/XmhgInkXsCw== const key = await openpgp.readKey({ armoredKey: pub_key_arm2 }); const config = { knownNotations: ['test@example.com'], minRSABits: 1024 }; - const { signatures: [sig] } = await openpgp.verify({ message, publicKeys: key, config }); + const { signatures: [sig] } = await openpgp.verify({ message, verificationKeys: key, config }); expect(sig.valid).to.be.true; }); @@ -1082,7 +1082,7 @@ hUhMKMuiM3pRwdIyDOItkUWQmjEEw7/XmhgInkXsCw== expect(pubKey2.getKeys(keyIDs[0])).to.not.be.empty; expect(pubKey3.getKeys(keyIDs[1])).to.not.be.empty; - return openpgp.verify({ publicKeys:[pubKey2, pubKey3], message, config: { minRSABits: 1024 } }).then(function(cleartextSig) { + return openpgp.verify({ verificationKeys:[pubKey2, pubKey3], message, config: { minRSABits: 1024 } }).then(function(cleartextSig) { expect(cleartextSig).to.exist; expect(cleartextSig.data).to.equal(plaintext); expect(cleartextSig.signatures).to.have.length(2); @@ -1156,7 +1156,7 @@ zmuVOdNuWQqxT9Sqa84= expect(pubKey.getKeys(keyIDs[0])).to.not.be.empty; const cleartextSig = await openpgp.verify({ - publicKeys:[pubKey], + verificationKeys:[pubKey], message, config: { minRSABits: 1024, rejectMessageHashAlgorithms: new Set() } }); @@ -1189,7 +1189,7 @@ yYDnCgA= const keyIDs = message.getSigningKeyIDs(); expect(pubKey.getKeys(keyIDs[0])).to.not.be.empty; - return openpgp.verify({ publicKeys: [pubKey], message, config: { minRSABits: 1024 } }).then(({ data, signatures }) => { + return openpgp.verify({ verificationKeys: [pubKey], message, config: { minRSABits: 1024 } }).then(({ data, signatures }) => { expect(data).to.equal(plaintext); expect(signatures).to.have.length(1); expect(signatures[0].valid).to.equal(!openpgp.config.rejectMessageHashAlgorithms.has(openpgp.enums.hash.sha1)); @@ -1227,7 +1227,7 @@ yYDnCgA= const keyIDs = message.getSigningKeyIDs(); expect(pubKey.getKeys(keyIDs[0])).to.not.be.empty; - return openpgp.verify({ publicKeys: [pubKey], message, config: { minRSABits: 1024 } }).then(async function(cleartextSig) { + return openpgp.verify({ verificationKeys: [pubKey], message, config: { minRSABits: 1024 } }).then(async function(cleartextSig) { expect(cleartextSig).to.exist; expect(await stream.readToEnd(cleartextSig.data)).to.equal(plaintext); expect(cleartextSig.signatures).to.have.length(1); @@ -1259,7 +1259,7 @@ hkJiXopCSWKSlQInL1devkJJUWJmTmZeugJYlpdLAagQJM0JpsCqIQZwKgAA const keyIDs = message.getSigningKeyIDs(); expect(pubKey.getKeys(keyIDs[0])).to.not.be.empty; - return openpgp.verify({ publicKeys: [pubKey], message, config: { minRSABits: 1024 } }).then(async ({ data, signatures }) => { + return openpgp.verify({ verificationKeys: [pubKey], message, config: { minRSABits: 1024 } }).then(async ({ data, signatures }) => { expect(data).to.equal(plaintext); expect(signatures).to.have.length(0); }); @@ -1293,7 +1293,7 @@ hkJiXopCSWKSlQInL1devkJJUWJmTmZeugJYlpdLAagQJM0JpsCqIQZwKgAA const keyIDs = message.getSigningKeyIDs(); expect(pubKey.getKeys(keyIDs[0])).to.not.be.empty; - return openpgp.verify({ publicKeys: [pubKey], message, config: { minRSABits: 1024 } }).then(async ({ data, signatures }) => { + return openpgp.verify({ verificationKeys: [pubKey], message, config: { minRSABits: 1024 } }).then(async ({ data, signatures }) => { expect(await stream.readToEnd(data)).to.equal(plaintext); expect(signatures).to.have.length(1); await expect(signatures[0].verified).to.be.rejectedWith('Corresponding signature packet missing'); @@ -1325,10 +1325,10 @@ hkJiXopCSWKSlQInL1devkJJUWJmTmZeugJYlpdLAagQJM0JpsCqIQZwKgAA }); const config = { minRSABits: 1024 }; - return openpgp.sign({ privateKeys: privKey, message: await openpgp.createCleartextMessage({ text: plaintext }), config }).then(async signed => { + return openpgp.sign({ signingKeys: privKey, message: await openpgp.createCleartextMessage({ text: plaintext }), config }).then(async signed => { const message = await openpgp.readCleartextMessage({ cleartextMessage: signed }); - return openpgp.verify({ publicKeys:[pubKey], message, config }); + return openpgp.verify({ verificationKeys:[pubKey], message, config }); }).then(function({ data, signatures }) { expect(data).to.equal(plaintext.replace(/[ \t\r]+$/mg, '')); @@ -1347,10 +1347,10 @@ hkJiXopCSWKSlQInL1devkJJUWJmTmZeugJYlpdLAagQJM0JpsCqIQZwKgAA }); const config = { minRSABits: 1024 }; - return openpgp.sign({ privateKeys: privKey, message: await openpgp.createCleartextMessage({ text: plaintext }), config }).then(async signed => { + return openpgp.sign({ signingKeys: privKey, message: await openpgp.createCleartextMessage({ text: plaintext }), config }).then(async signed => { const message = await openpgp.readCleartextMessage({ cleartextMessage: signed }); - return openpgp.verify({ publicKeys: pubKey, message, config }); + return openpgp.verify({ verificationKeys: pubKey, message, config }); }).then(function({ data, signatures }) { expect(data).to.equal(plaintext); @@ -1369,10 +1369,10 @@ hkJiXopCSWKSlQInL1devkJJUWJmTmZeugJYlpdLAagQJM0JpsCqIQZwKgAA }); const config = { minRSABits: 1024 }; - return openpgp.sign({ privateKeys: privKey, message: await openpgp.createCleartextMessage({ text: plaintext }), config }).then(async signed => { + return openpgp.sign({ signingKeys: privKey, message: await openpgp.createCleartextMessage({ text: plaintext }), config }).then(async signed => { const message = await openpgp.readCleartextMessage({ cleartextMessage: signed }); - return openpgp.verify({ publicKeys: pubKey, message, config }); + return openpgp.verify({ verificationKeys: pubKey, message, config }); }).then(function({ data, signatures }) { expect(data).to.equal(plaintext.replace(/[ \t]+$/mg, '')); @@ -1391,10 +1391,10 @@ hkJiXopCSWKSlQInL1devkJJUWJmTmZeugJYlpdLAagQJM0JpsCqIQZwKgAA }); const config = { minRSABits: 1024 }; - return openpgp.sign({ privateKeys: privKey, message: await openpgp.createMessage({ binary: plaintext }), config }).then(async signed => { + return openpgp.sign({ signingKeys: privKey, message: await openpgp.createMessage({ binary: plaintext }), config }).then(async signed => { const message = await openpgp.readMessage({ armoredMessage: signed }); - return openpgp.verify({ publicKeys: pubKey, message, format: 'binary', config }); + return openpgp.verify({ verificationKeys: pubKey, message, format: 'binary', config }); }).then(function({ data, signatures }) { expect(data).to.deep.equal(plaintext); @@ -1413,10 +1413,10 @@ hkJiXopCSWKSlQInL1devkJJUWJmTmZeugJYlpdLAagQJM0JpsCqIQZwKgAA }); const config = { minRSABits: 1024 }; - return openpgp.sign({ privateKeys: privKey, message: await openpgp.createMessage({ binary: plaintext }), armor: false, config }).then(async signed => { + return openpgp.sign({ signingKeys: privKey, message: await openpgp.createMessage({ binary: plaintext }), armor: false, config }).then(async signed => { const message = await openpgp.readMessage({ binaryMessage: signed }); - return openpgp.verify({ publicKeys: pubKey, message, format: 'binary', config }); + return openpgp.verify({ verificationKeys: pubKey, message, format: 'binary', config }); }).then(function({ data, signatures }) { expect(data).to.deep.equal(plaintext); @@ -1435,9 +1435,9 @@ hkJiXopCSWKSlQInL1devkJJUWJmTmZeugJYlpdLAagQJM0JpsCqIQZwKgAA }); const config = { minRSABits: 1024 }; - return openpgp.sign({ privateKeys: privKey, message: await openpgp.createMessage({ text: plaintext }), detached: true, config }).then(async armoredSignature => { + return openpgp.sign({ signingKeys: privKey, message: await openpgp.createMessage({ text: plaintext }), detached: true, config }).then(async armoredSignature => { const signature = await openpgp.readSignature({ armoredSignature }); - return openpgp.verify({ publicKeys: pubKey, message: await openpgp.createMessage({ binary: util.encodeUTF8(plaintext) }), signature, config }); + return openpgp.verify({ verificationKeys: pubKey, message: await openpgp.createMessage({ binary: util.encodeUTF8(plaintext) }), signature, config }); }).then(function({ data, signatures }) { expect(data).to.equal(plaintext); expect(signatures).to.have.length(1); @@ -1456,9 +1456,9 @@ hkJiXopCSWKSlQInL1devkJJUWJmTmZeugJYlpdLAagQJM0JpsCqIQZwKgAA }); const config = { minRSABits: 1024 }; - return openpgp.sign({ privateKeys: privKey, message:await openpgp.createMessage({ binary: binaryPlaintext }), detached: true, config }).then(async armoredSignature => { + return openpgp.sign({ signingKeys: privKey, message:await openpgp.createMessage({ binary: binaryPlaintext }), detached: true, config }).then(async armoredSignature => { const signature = await openpgp.readSignature({ armoredSignature }); - return openpgp.verify({ publicKeys: pubKey, message: await openpgp.createMessage({ text: plaintext }), signature, config }); + return openpgp.verify({ verificationKeys: pubKey, message: await openpgp.createMessage({ text: plaintext }), signature, config }); }).then(function({ data, signatures }) { expect(data).to.equal(plaintext); @@ -1477,13 +1477,13 @@ hkJiXopCSWKSlQInL1devkJJUWJmTmZeugJYlpdLAagQJM0JpsCqIQZwKgAA }); const config = { minRSABits: 1024 }; - return openpgp.sign({ privateKeys: privKey, message: await openpgp.createMessage({ text: plaintext }), detached: true, config }).then(async armoredSignature => { + return openpgp.sign({ signingKeys: privKey, message: await openpgp.createMessage({ text: plaintext }), detached: true, config }).then(async armoredSignature => { const signature = await openpgp.readSignature({ armoredSignature }); - return openpgp.encrypt({ message: await openpgp.createMessage({ binary: util.encodeUTF8(plaintext) }), publicKeys: [pubKey], signature, config }); + return openpgp.encrypt({ message: await openpgp.createMessage({ binary: util.encodeUTF8(plaintext) }), encryptionKeys: [pubKey], signature, config }); }).then(async armoredMessage => { const message = await openpgp.readMessage({ armoredMessage }); - return openpgp.decrypt({ message, privateKeys: [privKey], publicKeys: [pubKey], config }); + return openpgp.decrypt({ message, decryptionKeys: [privKey], verificationKeys: [pubKey], config }); }).then(function({ data, signatures }) { expect(data).to.equal(plaintext); @@ -1496,7 +1496,7 @@ hkJiXopCSWKSlQInL1devkJJUWJmTmZeugJYlpdLAagQJM0JpsCqIQZwKgAA it('Verify test with expired verification public key', async function() { const pubKey = await openpgp.readKey({ armoredKey: pub_expired }); const message = await openpgp.readMessage({ armoredMessage: msg_sig_expired }); - return openpgp.verify({ publicKeys:[pubKey], message:message }).then(function(verified) { + return openpgp.verify({ verificationKeys:[pubKey], message:message }).then(function(verified) { expect(verified).to.exist; expect(verified.signatures).to.have.length(1); expect(verified.signatures[0].valid).to.be.true; @@ -1507,7 +1507,7 @@ hkJiXopCSWKSlQInL1devkJJUWJmTmZeugJYlpdLAagQJM0JpsCqIQZwKgAA it('Verify test with expired verification public key and disable expiration checks using null date', async function() { const pubKey = await openpgp.readKey({ armoredKey: pub_expired }); const message = await openpgp.readMessage({ armoredMessage: msg_sig_expired }); - return openpgp.verify({ publicKeys:[pubKey], message:message, date: null }).then(function(verified) { + return openpgp.verify({ verificationKeys:[pubKey], message:message, date: null }).then(function(verified) { expect(verified).to.exist; expect(verified.signatures).to.have.length(1); expect(verified.signatures[0].valid).to.be.true; @@ -1598,7 +1598,7 @@ hkJiXopCSWKSlQInL1devkJJUWJmTmZeugJYlpdLAagQJM0JpsCqIQZwKgAA const message = await openpgp.createMessage({ text: content }); await message.appendSignature(detachedSig); - const { data, signatures } = await openpgp.verify({ publicKeys:[publicKey], message, config: { minRSABits: 1024 } }); + const { data, signatures } = await openpgp.verify({ verificationKeys:[publicKey], message, config: { minRSABits: 1024 } }); expect(data).to.equal(content); expect(signatures).to.have.length(1); expect(signatures[0].valid).to.be.true; @@ -1616,9 +1616,9 @@ hkJiXopCSWKSlQInL1devkJJUWJmTmZeugJYlpdLAagQJM0JpsCqIQZwKgAA const opt = { rsaBits: 2048, userIDs: { name:'test', email:'a@b.com' }, passphrase: null }; const { key: generatedKey } = await openpgp.generateKey(opt); - const armoredSignature = await openpgp.sign({ privateKeys: [generatedKey, privKey], message, detached: true, config: { minRSABits: 1024 } }); + const armoredSignature = await openpgp.sign({ signingKeys: [generatedKey, privKey], message, detached: true, config: { minRSABits: 1024 } }); const signature = await openpgp.readSignature({ armoredSignature }); - const { data, signatures } = await openpgp.verify({ publicKeys: [generatedKey.toPublic(), pubKey], message, signature, config: { minRSABits: 1024 } }); + const { data, signatures } = await openpgp.verify({ verificationKeys: [generatedKey.toPublic(), pubKey], message, signature, config: { minRSABits: 1024 } }); expect(data).to.equal('hello'); expect(await signatures[0].verified).to.be.true; expect(await signatures[1].verified).to.be.true; @@ -1763,8 +1763,8 @@ oaBUyhCKt8tz6Q== const key = await openpgp.readKey({ armoredKey }); const decrypted = await openpgp.decrypt({ message: await openpgp.readMessage({ armoredMessage: encrypted }), - publicKeys: key, - privateKeys: key, + verificationKeys: key, + decryptionKeys: key, config: { minRSABits: 1024 } }); expect(decrypted.signatures[0].valid).to.be.true; @@ -1799,7 +1799,7 @@ j+GItrR+QbbN13ODlcR3hf66cwjLLsJCx5VcBaRspKF05O3ix/u9KVjJqtbi Ie6jnY0zP2ldtS4JmhKBa43qmOHCxHc= =7B58 -----END PGP MESSAGE-----`; - const decrypted = await openpgp.decrypt({ message: await openpgp.readMessage({ armoredMessage: encrypted }), privateKeys: key, publicKeys: key.toPublic() }); + const decrypted = await openpgp.decrypt({ message: await openpgp.readMessage({ armoredMessage: encrypted }), decryptionKeys: key, verificationKeys: key.toPublic() }); expect(decrypted.signatures[0].valid).to.be.true; }); @@ -1835,7 +1835,7 @@ JImeZLY02MctIpGZULbqgcUGK0P/yqrPL8Pe4lQM =Pacb -----END PGP SIGNATURE-----`; const message = await openpgp.readCleartextMessage({ cleartextMessage: signed }); - const verified = await openpgp.verify({ publicKeys: key, message }); + const verified = await openpgp.verify({ verificationKeys: key, message }); expect(verified.signatures[0].valid).to.be.true; }); }); diff --git a/test/general/streaming.js b/test/general/streaming.js index 3af012ce..4e853e02 100644 --- a/test/general/streaming.js +++ b/test/general/streaming.js @@ -240,7 +240,7 @@ function tests() { it('Sign: Input stream should be canceled when canceling encrypted stream', async function() { const signed = await openpgp.sign({ message: await openpgp.createMessage({ binary: data }), - privateKeys: privKey, + signingKeys: privKey, config: { minRSABits: 1024 } }); const reader = stream.getReader(signed); @@ -314,8 +314,8 @@ function tests() { try { const encrypted = await openpgp.encrypt({ message: await openpgp.createMessage({ binary: data }), - publicKeys: pubKey, - privateKeys: privKey, + encryptionKeys: pubKey, + signingKeys: privKey, armor: false, config: { minRSABits: 1024 } }); @@ -323,8 +323,8 @@ function tests() { const message = await openpgp.readMessage({ binaryMessage: encrypted }); const decrypted = await openpgp.decrypt({ - publicKeys: pubKey, - privateKeys: privKey, + verificationKeys: pubKey, + decryptionKeys: privKey, message, format: 'binary' }); @@ -350,16 +350,16 @@ function tests() { try { const encrypted = await openpgp.encrypt({ message: await openpgp.createMessage({ binary: data }), - publicKeys: pub, - privateKeys: priv, + encryptionKeys: pub, + signingKeys: priv, armor: false }); expect(stream.isStream(encrypted)).to.equal(expectedType); const message = await openpgp.readMessage({ binaryMessage: encrypted }); const decrypted = await openpgp.decrypt({ - publicKeys: pub, - privateKeys: priv, + verificationKeys: pub, + decryptionKeys: priv, message, format: 'binary' }); @@ -385,16 +385,16 @@ function tests() { try { const encrypted = await openpgp.encrypt({ message: await openpgp.createMessage({ binary: data }), - publicKeys: pub, - privateKeys: priv, + encryptionKeys: pub, + signingKeys: priv, armor: false }); expect(stream.isStream(encrypted)).to.equal(expectedType); const message = await openpgp.readMessage({ binaryMessage: encrypted }); const decrypted = await openpgp.decrypt({ - publicKeys: pub, - privateKeys: priv, + verificationKeys: pub, + decryptionKeys: priv, message, format: 'binary' }); @@ -452,8 +452,8 @@ function tests() { try { const encrypted = await openpgp.encrypt({ message: await openpgp.createMessage({ binary: data }), - publicKeys: pubKey, - privateKeys: privKey, + encryptionKeys: pubKey, + signingKeys: privKey, config: { minRSABits: 1024 } }); expect(stream.isStream(encrypted)).to.equal(expectedType); @@ -467,8 +467,8 @@ function tests() { }), { encoding: 'utf8' }) }); const decrypted = await openpgp.decrypt({ - publicKeys: pubKey, - privateKeys: privKey, + verificationKeys: pubKey, + decryptionKeys: privKey, message, format: 'binary' }); @@ -489,8 +489,8 @@ function tests() { try { const encrypted = await openpgp.encrypt({ message: await openpgp.createMessage({ binary: data }), - publicKeys: pubKey, - privateKeys: privKey, + encryptionKeys: pubKey, + signingKeys: privKey, config: { minRSABits: 1024 } }); expect(stream.isStream(encrypted)).to.equal(expectedType); @@ -504,7 +504,7 @@ function tests() { }), { encoding: 'utf8' }) }); const decrypted = await openpgp.decrypt({ - privateKeys: privKey, + decryptionKeys: privKey, message, format: 'binary' }); @@ -523,7 +523,7 @@ function tests() { it('Sign/verify: Detect armor checksum error', async function() { const signed = await openpgp.sign({ message: await openpgp.createMessage({ binary: data }), - privateKeys: privKey, + signingKeys: privKey, config: { minRSABits: 1024 } }); expect(stream.isStream(signed)).to.equal(expectedType); @@ -537,7 +537,7 @@ function tests() { }), { encoding: 'utf8' }) }); const verified = await openpgp.verify({ - publicKeys: pubKey, + verificationKeys: pubKey, message, format: 'binary', config: { minRSABits: 1024 } @@ -578,14 +578,14 @@ function tests() { it('Sign/verify: Input stream should be canceled when canceling verified stream', async function() { const signed = await openpgp.sign({ message: await openpgp.createMessage({ binary: data }), - privateKeys: privKey, + signingKeys: privKey, config: { minRSABits: 1024 } }); expect(stream.isStream(signed)).to.equal(expectedType); const message = await openpgp.readMessage({ armoredMessage: signed }); const verified = await openpgp.verify({ - publicKeys: pubKey, + verificationKeys: pubKey, message, format: 'binary', config: { minRSABits: 1024 } @@ -618,7 +618,7 @@ function tests() { it("Sign: Don't pull entire input stream when we're not pulling signed stream", async function() { const signed = await openpgp.sign({ message: await openpgp.createMessage({ binary: data }), - privateKeys: privKey, + signingKeys: privKey, config: { minRSABits: 1024 } }); expect(stream.isStream(signed)).to.equal(expectedType); @@ -633,13 +633,13 @@ function tests() { it("Sign/verify: Don't pull entire input stream when we're not pulling verified stream", async function() { const signed = await openpgp.sign({ message: await openpgp.createMessage({ binary: data }), - privateKeys: privKey, + signingKeys: privKey, config: { minRSABits: 1024 } }); expect(stream.isStream(signed)).to.equal(expectedType); const message = await openpgp.readMessage({ armoredMessage: signed }); const verified = await openpgp.verify({ - publicKeys: pubKey, + verificationKeys: pubKey, message, format: 'binary' }); @@ -668,7 +668,7 @@ function tests() { }); const signed = await openpgp.sign({ message: await openpgp.createMessage({ binary: data }), - privateKeys: privKey, + signingKeys: privKey, detached: true, config: { minRSABits: 1024 } }); @@ -677,7 +677,7 @@ function tests() { const signature = await openpgp.readSignature({ armoredSignature }); const verified = await openpgp.verify({ signature, - publicKeys: pubKey, + verificationKeys: pubKey, message: await openpgp.createMessage({ text: 'hello world' }), config: { minRSABits: 1024 } }); @@ -709,7 +709,7 @@ function tests() { const signed = await openpgp.sign({ message: await openpgp.createMessage({ binary: data }), - privateKeys: priv, + signingKeys: priv, detached: true }); expect(stream.isStream(signed)).to.equal(expectedType); @@ -717,7 +717,7 @@ function tests() { const signature = await openpgp.readSignature({ armoredSignature }); const verified = await openpgp.verify({ signature, - publicKeys: pub, + verificationKeys: pub, message: await openpgp.createMessage({ text: 'hello world' }) }); expect(verified.data).to.equal('hello world'); @@ -748,7 +748,7 @@ function tests() { const signed = await openpgp.sign({ message: await openpgp.createMessage({ binary: data }), - privateKeys: priv, + signingKeys: priv, detached: true }); expect(stream.isStream(signed)).to.equal(expectedType); @@ -756,7 +756,7 @@ function tests() { const signature = await openpgp.readSignature({ armoredSignature }); const verified = await openpgp.verify({ signature, - publicKeys: pub, + verificationKeys: pub, message: await openpgp.createMessage({ text: 'hello world' }) }); expect(verified.data).to.equal('hello world'); @@ -767,7 +767,7 @@ function tests() { it("Detached sign is expected to pull entire input stream when we're not pulling signed stream", async function() { const signed = await openpgp.sign({ message: await openpgp.createMessage({ binary: data }), - privateKeys: privKey, + signingKeys: privKey, detached: true, config: { minRSABits: 1024 } }); @@ -782,7 +782,7 @@ function tests() { it('Detached sign: Input stream should be canceled when canceling signed stream', async function() { const signed = await openpgp.sign({ message: await openpgp.createMessage({ binary: data }), - privateKeys: privKey, + signingKeys: privKey, detached: true, config: { minRSABits: 1024 } }); diff --git a/test/general/x25519.js b/test/general/x25519.js index 139de3e9..80b5af79 100644 --- a/test/general/x25519.js +++ b/test/general/x25519.js @@ -164,7 +164,7 @@ module.exports = () => (openpgp.config.ci ? describe.skip : describe)('X25519 Cr const name = 'light'; const pub = await load_pub_key(name); const msg = await openpgp.readCleartextMessage({ cleartextMessage: data[name].message_signed }); - return openpgp.verify({ publicKeys: [pub], message: msg }).then(function(result) { + return openpgp.verify({ verificationKeys: [pub], message: msg }).then(function(result) { expect(result).to.exist; expect(result.data).to.equal(data[name].message); expect(result.signatures).to.have.length(1); @@ -176,10 +176,10 @@ module.exports = () => (openpgp.config.ci ? describe.skip : describe)('X25519 Cr const name = 'light'; const randomData = input.createSomeMessage(); const priv = await load_priv_key(name); - const signed = await openpgp.sign({ privateKeys: [priv], message: await openpgp.createCleartextMessage({ text: randomData }) }); + const signed = await openpgp.sign({ signingKeys: [priv], message: await openpgp.createCleartextMessage({ text: randomData }) }); const pub = await load_pub_key(name); const msg = await openpgp.readCleartextMessage({ cleartextMessage: signed }); - const result = await openpgp.verify({ publicKeys: [pub], message: msg }); + const result = await openpgp.verify({ verificationKeys: [pub], message: msg }); expect(result).to.exist; expect(result.data).to.equal(randomData.replace(/[ \t]+$/mg, '')); @@ -191,7 +191,7 @@ module.exports = () => (openpgp.config.ci ? describe.skip : describe)('X25519 Cr const light = await load_pub_key('light'); const night = await load_priv_key('night'); const msg = await openpgp.readMessage({ armoredMessage: data.night.message_encrypted }); - const result = await openpgp.decrypt({ privateKeys: night, publicKeys: [light], message: msg }); + const result = await openpgp.decrypt({ decryptionKeys: night, verificationKeys: [light], message: msg }); expect(result).to.exist; expect(result.data).to.equal(data.night.message); @@ -203,12 +203,12 @@ module.exports = () => (openpgp.config.ci ? describe.skip : describe)('X25519 Cr const nightPublic = await load_pub_key('night'); const lightPrivate = await load_priv_key('light'); const randomData = input.createSomeMessage(); - const encrypted = await openpgp.encrypt({ publicKeys: [nightPublic], privateKeys: [lightPrivate], message: await openpgp.createMessage({ text: randomData }) }); + const encrypted = await openpgp.encrypt({ encryptionKeys: [nightPublic], signingKeys: [lightPrivate], message: await openpgp.createMessage({ text: randomData }) }); const message = await openpgp.readMessage({ armoredMessage: encrypted }); const lightPublic = await load_pub_key('light'); const nightPrivate = await load_priv_key('night'); - const result = await openpgp.decrypt({ privateKeys: nightPrivate, publicKeys: [lightPublic], message: message }); + const result = await openpgp.decrypt({ decryptionKeys: nightPrivate, verificationKeys: [lightPublic], message: message }); expect(result).to.exist; expect(result.data).to.equal(randomData); @@ -449,18 +449,18 @@ function omnibus() { }), // Signing message openpgp.sign( - { message: await openpgp.createCleartextMessage({ text: 'Hi, this is me, Hi!' }), privateKeys: hi } + { message: await openpgp.createCleartextMessage({ text: 'Hi, this is me, Hi!' }), signingKeys: hi } ).then(async signed => { const msg = await openpgp.readCleartextMessage({ cleartextMessage: signed }); // Verifying signed message return Promise.all([ openpgp.verify( - { message: msg, publicKeys: hi.toPublic() } + { message: msg, verificationKeys: hi.toPublic() } ).then(output => expect(output.signatures[0].valid).to.be.true), // Verifying detached signature openpgp.verify({ message: await openpgp.createMessage({ text: 'Hi, this is me, Hi!' }), - publicKeys: hi.toPublic(), + verificationKeys: hi.toPublic(), signature: msg.signature }).then(output => expect(output.signatures[0].valid).to.be.true) ]); @@ -469,8 +469,8 @@ function omnibus() { openpgp.encrypt( { message: await openpgp.createMessage({ text: 'Hi, Hi wrote this but only Bye can read it!' }), - publicKeys: [bye.toPublic()], - privateKeys: [hi] + encryptionKeys: [bye.toPublic()], + signingKeys: [hi] } ).then(async encrypted => { const msg = await openpgp.readMessage({ armoredMessage: encrypted }); @@ -478,8 +478,8 @@ function omnibus() { return openpgp.decrypt( { message: msg, - privateKeys: bye, - publicKeys: [hi.toPublic()] + decryptionKeys: bye, + verificationKeys: [hi.toPublic()] } ).then(output => { expect(output.data).to.equal('Hi, Hi wrote this but only Bye can read it!'); diff --git a/test/security/message_signature_bypass.js b/test/security/message_signature_bypass.js index 264aad6a..854721f2 100644 --- a/test/security/message_signature_bypass.js +++ b/test/security/message_signature_bypass.js @@ -97,7 +97,7 @@ async function fakeSignature() { // faked message now verifies correctly const res = await openpgp.verify({ message: fake, - publicKeys: await getOtherPubKey() + verificationKeys: await getOtherPubKey() }); const { signatures } = res; expect(signatures).to.have.length(0); diff --git a/test/security/preferred_algo_mismatch.js b/test/security/preferred_algo_mismatch.js index 46c46be2..99ad93b0 100644 --- a/test/security/preferred_algo_mismatch.js +++ b/test/security/preferred_algo_mismatch.js @@ -43,5 +43,5 @@ EnxUPL95HuMKoVkf4w== module.exports = () => it('Does not accept message encrypted with algo not mentioned in preferred algorithms', async function() { const message = await openpgp.readMessage({ armoredMessage }); const privKey = await openpgp.readKey({ armoredKey: privateKeyArmor }); - await expect(openpgp.decrypt({ message, privateKeys: [privKey] })).to.be.rejectedWith('A non-preferred symmetric algorithm was used.'); + await expect(openpgp.decrypt({ message, decryptionKeys: [privKey] })).to.be.rejectedWith('A non-preferred symmetric algorithm was used.'); }); diff --git a/test/security/subkey_trust.js b/test/security/subkey_trust.js index 79ff74ec..2235356d 100644 --- a/test/security/subkey_trust.js +++ b/test/security/subkey_trust.js @@ -28,7 +28,7 @@ async function generateTestData() { attackerPrivKey.revocationSignatures = []; const signed = await openpgp.sign({ message: await createCleartextMessage({ text: 'I am batman' }), - privateKeys: victimPrivKey, + signingKeys: victimPrivKey, armor: true }); return { @@ -67,7 +67,7 @@ async function testSubkeyTrust() { fakeKey = await readKey({ armoredKey: await fakeKey.toPublic().armor() }); const verifyAttackerIsBatman = await openpgp.verify({ message: await readCleartextMessage({ cleartextMessage: signed }), - publicKeys: fakeKey + verificationKeys: fakeKey }); expect(verifyAttackerIsBatman.signatures[0].keyID.equals(victimPubKey.subKeys[0].getKeyID())).to.be.true; expect(verifyAttackerIsBatman.signatures[0].valid).to.be.false; diff --git a/test/security/unsigned_subpackets.js b/test/security/unsigned_subpackets.js index f7c1e17e..919c0be1 100644 --- a/test/security/unsigned_subpackets.js +++ b/test/security/unsigned_subpackets.js @@ -59,7 +59,7 @@ async function makeKeyValid() { try { await openpgp.encrypt({ message: await createMessage({ text: 'Hello', filename: 'hello.txt' }), - publicKeys: k + encryptionKeys: k }); return false; } catch (e) { diff --git a/test/typescript/definitions.ts b/test/typescript/definitions.ts index 4e9f42b9..9e3de544 100644 --- a/test/typescript/definitions.ts +++ b/test/typescript/definitions.ts @@ -30,7 +30,7 @@ import { // Encrypt text message (armored) const text = 'hello'; const textMessage = await createMessage({ text: 'hello' }); - const encryptedArmor: string = await encrypt({ publicKeys, message: textMessage }); + const encryptedArmor: string = await encrypt({ encryptionKeys: publicKeys, message: textMessage }); expect(encryptedArmor).to.include('-----BEGIN PGP MESSAGE-----'); // Encrypt binary message (unarmored) @@ -38,18 +38,18 @@ import { binary[0] = 1; binary[1] = 2; const binaryMessage = await createMessage({ binary }); - const encryptedBinary: Uint8Array = await encrypt({ publicKeys, message: binaryMessage, armor: false }); + const encryptedBinary: Uint8Array = await encrypt({ encryptionKeys: publicKeys, message: binaryMessage, armor: false }); expect(encryptedBinary).to.be.instanceOf(Uint8Array); // Decrypt text message (armored) const encryptedTextMessage = await readMessage({ armoredMessage: encryptedArmor }); - const decryptedText = await decrypt({ privateKeys, message: encryptedTextMessage }); + const decryptedText = await decrypt({ decryptionKeys: privateKeys, message: encryptedTextMessage }); const decryptedTextData: string = decryptedText.data; expect(decryptedTextData).to.equal(text); // Decrypt binary message (unarmored) const encryptedBinaryMessage = await readMessage({ binaryMessage: encryptedBinary }); - const decryptedBinary = await decrypt({ privateKeys, message: encryptedBinaryMessage, format: 'binary' }); + const decryptedBinary = await decrypt({ decryptionKeys: privateKeys, message: encryptedBinaryMessage, format: 'binary' }); const decryptedBinaryData: Uint8Array = decryptedBinary.data; expect(decryptedBinaryData).to.deep.equal(binary); @@ -59,26 +59,26 @@ import { // Sign cleartext message (armored) const cleartextMessage = await createCleartextMessage({ text: 'hello' }); - const clearSignedArmor = await sign({ privateKeys, message: cleartextMessage }); + const clearSignedArmor = await sign({ signingKeys: privateKeys, message: cleartextMessage }); expect(clearSignedArmor).to.include('-----BEGIN PGP SIGNED MESSAGE-----'); // Sign text message (armored) - const textSignedArmor: string = await sign({ privateKeys, message: textMessage }); + const textSignedArmor: string = await sign({ signingKeys: privateKeys, message: textMessage }); expect(textSignedArmor).to.include('-----BEGIN PGP MESSAGE-----'); // Sign text message (unarmored) - const textSignedBinary: Uint8Array = await sign({ privateKeys, message: binaryMessage, armor: false }); + const textSignedBinary: Uint8Array = await sign({ signingKeys: privateKeys, message: binaryMessage, armor: false }); expect(textSignedBinary).to.be.instanceOf(Uint8Array); // Verify signed text message (armored) const signedMessage = await readMessage({ armoredMessage: textSignedArmor }); - const verifiedText = await verify({ publicKeys, message: signedMessage }); + const verifiedText = await verify({ verificationKeys: publicKeys, message: signedMessage }); const verifiedTextData: string = verifiedText.data; expect(verifiedTextData).to.equal(text); // Verify signed binary message (unarmored) const message = await readMessage({ binaryMessage: textSignedBinary }); - const verifiedBinary = await verify({ publicKeys, message, format: 'binary' }); + const verifiedBinary = await verify({ verificationKeys: publicKeys, message, format: 'binary' }); const verifiedBinaryData: Uint8Array = verifiedBinary.data; expect(verifiedBinaryData).to.deep.equal(binary); diff --git a/test/worker/worker_example.js b/test/worker/worker_example.js index f41eec6c..04f1026a 100644 --- a/test/worker/worker_example.js +++ b/test/worker/worker_example.js @@ -51,8 +51,8 @@ onmessage = async function({ data: { action, message }, ports: [port] }) { }); const data = await openpgp.encrypt({ message: await openpgp.createMessage({ text: message }), - publicKeys: publicKey, - privateKeys: privateKey + encryptionKeys: publicKey, + signingKeys: privateKey }); result = data; break; @@ -65,8 +65,8 @@ onmessage = async function({ data: { action, message }, ports: [port] }) { }); const { data, signatures } = await openpgp.decrypt({ message: await openpgp.readMessage({ armoredMessage: message }), - publicKeys: publicKey, - privateKeys: privateKey + verificationKeys: publicKey, + decryptionKeys: privateKey }); if (!signatures[0].valid) { throw new Error("Couldn't veriy signature");