suzanne.soy/fork-openpgpjs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Clean up README.md

Browse Source
This commit is contained in:
Daniel Huigens 2020-02-01 22:36:53 +01:00
parent 09e818763e
commit 7000d9db4b
1 changed files with 232 additions and 273 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

403
README.md
View File

@ -112,9 +112,9 @@ Here are some examples of how to use the v2.x+ API. For more elaborate examples
#### Set up #### Set up
```js ```js
var openpgp = require('openpgp'); // use as CommonJS, AMD, ES6 module or via window.openpgp const openpgp = require('openpgp'); // use as CommonJS, AMD, ES6 module or via window.openpgp
await openpgp.initWorker({ path:'openpgp.worker.js' }) // set the relative web worker path await openpgp.initWorker({ path: 'openpgp.worker.js' }); // set the relative web worker path
``` ```
#### Encrypt and decrypt *Uint8Array* data with a password #### Encrypt and decrypt *Uint8Array* data with a password
@ -122,29 +122,21 @@ await openpgp.initWorker({ path:'openpgp.worker.js' }) // set the relative web w
Encryption will use the algorithm specified in config.encryption_cipher (defaults to aes256), and decryption will use the algorithm used for encryption. Encryption will use the algorithm specified in config.encryption_cipher (defaults to aes256), and decryption will use the algorithm used for encryption.
```js ```js
var options, encrypted; (async () => {
const { message } = await openpgp.encrypt({
options = {
message: openpgp.message.fromBinary(new Uint8Array([0x01, 0x01, 0x01])), // input as Message object message: openpgp.message.fromBinary(new Uint8Array([0x01, 0x01, 0x01])), // input as Message object
passwords: ['secret stuff'], // multiple passwords possible passwords: ['secret stuff'], // multiple passwords possible
armor: false // don't ASCII armor (for Uint8Array output) armor: false // don't ASCII armor (for Uint8Array output)
};
openpgp.encrypt(options).then(function(ciphertext) {
encrypted = ciphertext.message.packets.write(); // get raw encrypted packets as Uint8Array
}); });
``` const encrypted = message.packets.write(); // get raw encrypted packets as Uint8Array
```js const { data: decrypted } = await openpgp.encrypt({
options = {
message: await openpgp.message.read(encrypted), // parse encrypted bytes message: await openpgp.message.read(encrypted), // parse encrypted bytes
passwords: ['secret stuff'], // decrypt with password passwords: ['secret stuff'], // decrypt with password
format: 'binary' // output as Uint8Array format: 'binary' // output as Uint8Array
};
openpgp.decrypt(options).then(function(plaintext) {
return plaintext.data // Uint8Array([0x01, 0x01, 0x01])
}); });
console.log(decrypted); // Uint8Array([0x01, 0x01, 0x01])
})();
``` ```
#### Encrypt and decrypt *String* data with PGP keys #### Encrypt and decrypt *String* data with PGP keys
@ -152,85 +144,70 @@ openpgp.decrypt(options).then(function(plaintext) {
Encryption will use the algorithm preferred by the public key (defaults to aes256 for keys generated in OpenPGP.js), and decryption will use the algorithm used for encryption. Encryption will use the algorithm preferred by the public key (defaults to aes256 for keys generated in OpenPGP.js), and decryption will use the algorithm used for encryption.
```js ```js
const openpgp = require('openpgp') // use as CommonJS, AMD, ES6 module or via window.openpgp const openpgp = require('openpgp'); // use as CommonJS, AMD, ES6 module or via window.openpgp
await openpgp.initWorker({ path:'openpgp.worker.js' }) // set the relative web worker path (async () => {
await openpgp.initWorker({ path: 'openpgp.worker.js' }); // set the relative web worker path
// put keys in backtick (``) to avoid errors caused by spaces or tabs // put keys in backtick (``) to avoid errors caused by spaces or tabs
const pubkey = `-----BEGIN PGP PUBLIC KEY BLOCK----- const publicKeyArmored = `-----BEGIN PGP PUBLIC KEY BLOCK-----
... ...
-----END PGP PUBLIC KEY BLOCK-----` -----END PGP PUBLIC KEY BLOCK-----`;
const privkey = `-----BEGIN PGP PRIVATE KEY BLOCK----- const privateKeyArmored = `-----BEGIN PGP PRIVATE KEY BLOCK-----
... ...
-----END PGP PRIVATE KEY BLOCK-----` //encrypted private key -----END PGP PRIVATE KEY BLOCK-----`; // encrypted private key
const passphrase = `yourPassphrase` //what the privKey is encrypted with const passphrase = `yourPassphrase`; // what the private key is encrypted with
const encryptDecryptFunction = async() => { const { keys: [privateKey] } = await openpgp.key.readArmored(privateKeyArmored);
const privKeyObj = (await openpgp.key.readArmored(privkey)).keys[0] await privateKey.decrypt(passphrase);
await privKeyObj.decrypt(passphrase)
const options = { const { data: encrypted } = await openpgp.encrypt({
message: openpgp.message.fromText('Hello, World!'), // input as Message object message: openpgp.message.fromText('Hello, World!'), // input as Message object
publicKeys: (await openpgp.key.readArmored(pubkey)).keys, // for encryption publicKeys: (await openpgp.key.readArmored(publicKeyArmored)).keys, // for encryption
privateKeys: [privKeyObj] // for signing (optional) privateKeys: [privateKey] // for signing (optional)
} });
console.log(encrypted); // '-----BEGIN PGP MESSAGE ... END PGP MESSAGE-----'
openpgp.encrypt(options).then(ciphertext => { const { data: decrypted } = await openpgp.decrypt({
encrypted = ciphertext.data // '-----BEGIN PGP MESSAGE ... END PGP MESSAGE-----'
return encrypted
})
.then(async encrypted => {
const options = {
message: await openpgp.message.readArmored(encrypted), // parse armored message message: await openpgp.message.readArmored(encrypted), // parse armored message
publicKeys: (await openpgp.key.readArmored(pubkey)).keys, // for verification (optional) publicKeys: (await openpgp.key.readArmored(publicKeyArmored)).keys, // for verification (optional)
privateKeys: [privKeyObj] // for decryption privateKeys: [privateKey] // for decryption
} });
console.log(decrypted); // 'Hello, World!'
openpgp.decrypt(options).then(plaintext => { })();
console.log(plaintext.data)
return plaintext.data // 'Hello, World!'
})
})
}
encryptDecryptFunction()
``` ```
Encrypt with multiple public keys: Encrypt with multiple public keys:
```js ```js
const pubkeys = [`-----BEGIN PGP PUBLIC KEY BLOCK----- (async () => {
const publicKeysArmored = [
`-----BEGIN PGP PUBLIC KEY BLOCK-----
... ...
-----END PGP PUBLIC KEY BLOCK-----`, -----END PGP PUBLIC KEY BLOCK-----`,
`-----BEGIN PGP PUBLIC KEY BLOCK----- `-----BEGIN PGP PUBLIC KEY BLOCK-----
... ...
-----END PGP PUBLIC KEY BLOCK-----` -----END PGP PUBLIC KEY BLOCK-----`
const privkey = `-----BEGIN PGP PRIVATE KEY BLOCK----- ];
const privateKeyArmored = `-----BEGIN PGP PRIVATE KEY BLOCK-----
... ...
-----END PGP PRIVATE KEY BLOCK-----` //encrypted private key -----END PGP PRIVATE KEY BLOCK-----`; // encrypted private key
const passphrase = `yourPassphrase` //what the privKey is encrypted with const passphrase = `yourPassphrase`; // what the private key is encrypted with
const message = 'Hello, World!' // input as Message object const message = 'Hello, World!';
async encryptWithMultiplePublicKeys(pubkeys, privkey, passphrase, message) { const { keys: [privateKey] } = await openpgp.key.readArmored(privateKeyArmored);
const privKeyObj = (await openpgp.key.readArmored(privkey)).keys[0] await privateKey.decrypt(passphrase)
await privKeyObj.decrypt(passphrase)
pubkeys = pubkeys.map(async (key) => { const publicKeys = await Promise.all(publicKeysArmored.map(async (key) => {
return (await openpgp.key.readArmored(key)).keys[0] return (await openpgp.key.readArmored(key)).keys[0];
}));
const { data: encrypted } = await openpgp.encrypt({
message: openpgp.message.fromText(message), // input as Message object
publicKeys, // for encryption
privateKeys: [privateKey] // for signing (optional)
}); });
console.log(encrypted); // '-----BEGIN PGP MESSAGE ... END PGP MESSAGE-----'
const options = { })();
message: openpgp.message.fromText(message),
publicKeys: pubkeys, // for encryption
privateKeys: [privKeyObj] // for signing (optional)
}
return openpgp.encrypt(options).then(ciphertext => {
encrypted = ciphertext.data // '-----BEGIN PGP MESSAGE ... END PGP MESSAGE-----'
return encrypted
})
};
``` ```
#### Encrypt with compression #### Encrypt with compression
@ -240,21 +217,19 @@ By default, `encrypt` will not use any compression. It's possible to override th
Either set the `compression` parameter in the options object when calling `encrypt`. Either set the `compression` parameter in the options object when calling `encrypt`.
```js ```js
var options, encrypted; (async () => {
const encrypted = await openpgp.encrypt({
options = {
message: openpgp.message.fromBinary(new Uint8Array([0x01, 0x02, 0x03])), // or .fromText('string') message: openpgp.message.fromBinary(new Uint8Array([0x01, 0x02, 0x03])), // or .fromText('string')
passwords: ['secret stuff'], // multiple passwords possible passwords: ['secret stuff'], // multiple passwords possible
compression: openpgp.enums.compression.zip // compress the data with zip compression: openpgp.enums.compression.zip // compress the data with zip
}; });
})();
ciphertext = await openpgp.encrypt(options); // use ciphertext
``` ```
Or, override the config to enable compression: Or, override the config to enable compression:
```js ```js
openpgp.config.compression = openpgp.enums.compression.zlib openpgp.config.compression = openpgp.enums.compression.zlib;
``` ```
Where the value can be any of: Where the value can be any of:
@ -265,6 +240,7 @@ Where the value can be any of:
#### Streaming encrypt *Uint8Array* data with a password #### Streaming encrypt *Uint8Array* data with a password
```js ```js
(async () => {
const readableStream = new ReadableStream({ const readableStream = new ReadableStream({
start(controller) { start(controller) {
controller.enqueue(new Uint8Array([0x01, 0x02, 0x03])); controller.enqueue(new Uint8Array([0x01, 0x02, 0x03]));
@ -272,14 +248,12 @@ const readableStream = new ReadableStream({
} }
}); });
const options = { const { message } = await openpgp.encrypt({
message: openpgp.message.fromBinary(readableStream), // input as Message object message: openpgp.message.fromBinary(readableStream), // input as Message object
passwords: ['secret stuff'], // multiple passwords possible passwords: ['secret stuff'], // multiple passwords possible
armor: false // don't ASCII armor (for Uint8Array output) armor: false // don't ASCII armor (for Uint8Array output)
}; });
const encrypted = message.packets.write(); // get raw encrypted packets as ReadableStream<Uint8Array>
openpgp.encrypt(options).then(async function(ciphertext) {
const encrypted = ciphertext.message.packets.write(); // get raw encrypted packets as ReadableStream<Uint8Array>
// Either pipe the above stream somewhere, pass it to another function, // Either pipe the above stream somewhere, pass it to another function,
// or read it manually as follows: // or read it manually as follows:
@ -289,7 +263,7 @@ openpgp.encrypt(options).then(async function(ciphertext) {
if (done) break; if (done) break;
console.log('new chunk:', value); // Uint8Array console.log('new chunk:', value); // Uint8Array
} }
}); })();
``` ```
For more information on creating ReadableStreams, see [the MDN Documentation on `new For more information on creating ReadableStreams, see [the MDN Documentation on `new
@ -303,18 +277,16 @@ its [Reader class](https://openpgpjs.org/web-stream-tools/Reader.html).
```js ```js
(async () => { (async () => {
let options; const publicKeyArmored = `-----BEGIN PGP PUBLIC KEY BLOCK-----
const pubkey = `-----BEGIN PGP PUBLIC KEY BLOCK-----
... ...
-----END PGP PUBLIC KEY BLOCK-----`; // Public key -----END PGP PUBLIC KEY BLOCK-----`; // Public key
const privkey = `-----BEGIN PGP PRIVATE KEY BLOCK----- const [privateKeyArmored] = `-----BEGIN PGP PRIVATE KEY BLOCK-----
... ...
-----END PGP PRIVATE KEY BLOCK-----`; // Encrypted private key -----END PGP PRIVATE KEY BLOCK-----`; // Encrypted private key
const passphrase = `yourPassphrase`; // Password that privKey is encrypted with const passphrase = `yourPassphrase`; // Password that private key is encrypted with
const privKeyObj = (await openpgp.key.readArmored(privkey)).keys[0]; const privateKey = (await openpgp.key.readArmored([privateKeyArmored])).keys[0];
await privKeyObj.decrypt(passphrase); await privateKey.decrypt(passphrase);
const readableStream = new ReadableStream({ const readableStream = new ReadableStream({
start(controller) { start(controller) {
@ -323,22 +295,18 @@ its [Reader class](https://openpgpjs.org/web-stream-tools/Reader.html).
} }
}); });
options = { const encrypted = await openpgp.encrypt({
message: openpgp.message.fromText(readableStream), // input as Message object message: openpgp.message.fromText(readableStream), // input as Message object
publicKeys: (await openpgp.key.readArmored(pubkey)).keys, // for encryption publicKeys: (await openpgp.key.readArmored(publicKeyArmored)).keys, // for encryption
privateKeys: [privKeyObj] // for signing (optional) privateKeys: [privateKey] // for signing (optional)
}; });
const encrypted = await openpgp.encrypt(options);
const ciphertext = encrypted.data; // ReadableStream containing '-----BEGIN PGP MESSAGE ... END PGP MESSAGE-----' const ciphertext = encrypted.data; // ReadableStream containing '-----BEGIN PGP MESSAGE ... END PGP MESSAGE-----'
options = { const decrypted = await openpgp.decrypt({
message: await openpgp.message.readArmored(ciphertext), // parse armored message message: await openpgp.message.readArmored(ciphertext), // parse armored message
publicKeys: (await openpgp.key.readArmored(pubkey)).keys, // for verification (optional) publicKeys: (await openpgp.key.readArmored(publicKeyArmored)).keys, // for verification (optional)
privateKeys: [privKeyObj] // for decryption privateKeys: [privateKey] // for decryption
}; });
const decrypted = await openpgp.decrypt(options);
const plaintext = await openpgp.stream.readToEnd(decrypted.data); // 'Hello, World!' const plaintext = await openpgp.stream.readToEnd(decrypted.data); // 'Hello, World!'
})(); })();
``` ```
@ -346,167 +314,162 @@ its [Reader class](https://openpgpjs.org/web-stream-tools/Reader.html).
#### Generate new key pair #### Generate new key pair
RSA keys:
```js
var options = {
userIds: [{ name:'Jon Smith', email:'jon@example.com' }], // multiple user IDs
rsaBits: 4096, // RSA key size
passphrase: 'super long and hard to guess secret' // protects the private key
};
```
ECC keys: ECC keys:
Possible values for curve are: `curve25519`, `ed25519`, `p256`, `p384`, `p521`, `secp256k1`, Possible values for `curve` are: `curve25519`, `ed25519`, `p256`, `p384`, `p521`, `secp256k1`,
`brainpoolP256r1`, `brainpoolP384r1`, or `brainpoolP512r1`. `brainpoolP256r1`, `brainpoolP384r1`, or `brainpoolP512r1`.
Note that options both `curve25519` and `ed25519` generate a primary key for signing using Ed25519 Note that both the `curve25519` and `ed25519` options generate a primary key for signing using Ed25519
and a subkey for encryption using Curve25519. and a subkey for encryption using Curve25519.
```js ```js
var options = { (async () => {
userIds: [{ name:'Jon Smith', email:'jon@example.com' }], // multiple user IDs const { privateKeyArmored, publicKeyArmored, revocationCertificate } = await openpgp.generateKey({
curve: "ed25519", // ECC curve name userIds: [{ name: 'Jon Smith', email: 'jon@example.com' }], // you can pass multiple user IDs
curve: 'ed25519', // ECC curve name
passphrase: 'super long and hard to guess secret' // protects the private key passphrase: 'super long and hard to guess secret' // protects the private key
}; });
console.log(privateKeyArmored); // '-----BEGIN PGP PRIVATE KEY BLOCK ... '
console.log(publicKeyArmored); // '-----BEGIN PGP PUBLIC KEY BLOCK ... '
console.log(revocationCertificate); // '-----BEGIN PGP PUBLIC KEY BLOCK ... '
})();
``` ```
RSA keys:
```js ```js
openpgp.generateKey(options).then(function(key) { (async () => {
var privkey = key.privateKeyArmored; // '-----BEGIN PGP PRIVATE KEY BLOCK ... ' const key = await openpgp.generateKey({
var pubkey = key.publicKeyArmored; // '-----BEGIN PGP PUBLIC KEY BLOCK ... ' userIds: [{ name: 'Jon Smith', email: 'jon@example.com' }], // you can pass multiple user IDs
var revocationCertificate = key.revocationCertificate; // '-----BEGIN PGP PUBLIC KEY BLOCK ... ' rsaBits: 4096, // RSA key size
passphrase: 'super long and hard to guess secret' // protects the private key
}); });
})();
``` ```
#### Revoke a key #### Revoke a key
Using a revocation certificate: Using a revocation certificate:
```js ```js
var options = { (async () => {
key: openpgp.key.readArmored(pubkey).keys[0], const { publicKeyArmored: revokedKeyArmored } = await openpgp.revokeKey({
revocationCertificate: revocationCertificate key: (await openpgp.key.readArmored(publicKeyArmored)).keys[0],
}; revocationCertificate
});
console.log(revokedKeyArmored); // '-----BEGIN PGP PUBLIC KEY BLOCK ... '
})();
``` ```
Using the private key: Using the private key:
```js ```js
var options = { (async () => {
key: openpgp.key.readArmored(privkey).keys[0] const { publicKeyArmored, publicKey } = await openpgp.revokeKey({
}; key: (await openpgp.key.readArmored(privateKeyArmored)).keys[0]
```
```js
openpgp.revokeKey(options).then(function(key) {
var pubkey = key.publicKeyArmored; // '-----BEGIN PGP PUBLIC KEY BLOCK ... '
}); });
})();
``` ```
#### Lookup public key on HKP server #### Lookup public key on HKP server
```js ```js
(async () => {
var hkp = new openpgp.HKP(); // Defaults to https://keyserver.ubuntu.com, or pass another keyserver URL as a string var hkp = new openpgp.HKP(); // Defaults to https://keyserver.ubuntu.com, or pass another keyserver URL as a string
var options = { let publicKeyArmored = await hkp.lookup({
query: 'alice@example.com' query: 'alice@example.com'
}; });
var { keys: [publicKey] } = await openpgp.key.readArmored(publicKeyArmored);
let armoredPubkey = await hkp.lookup(options); })();
var pubkey = await openpgp.key.readArmored(armoredPubkey);
``` ```
#### Upload public key to HKP server #### Upload public key to HKP server
```js ```js
(async () => {
var hkp = new openpgp.HKP('https://pgp.mit.edu'); var hkp = new openpgp.HKP('https://pgp.mit.edu');
var pubkey = '-----BEGIN PGP PUBLIC KEY BLOCK ... END PGP PUBLIC KEY BLOCK-----'; var publicKeyArmored = `-----BEGIN PGP PUBLIC KEY BLOCK-----
...
-----END PGP PUBLIC KEY BLOCK-----`;
hkp.upload(pubkey).then(function() { ... }); await hkp.upload(publicKeyArmored);
})();
``` ```
#### Sign and verify cleartext messages #### Sign and verify cleartext messages
```js ```js
var options, cleartext, validity; (async () => {
const publicKeyArmored = `-----BEGIN PGP PUBLIC KEY BLOCK-----
...
-----END PGP PUBLIC KEY BLOCK-----`;
const privateKeyArmored = `-----BEGIN PGP PRIVATE KEY BLOCK-----
...
-----END PGP PRIVATE KEY BLOCK-----`; // encrypted private key
const passphrase = `yourPassphrase`; // what the private key is encrypted with
var pubkey = '-----BEGIN PGP PUBLIC KEY BLOCK ... END PGP PUBLIC KEY BLOCK-----'; const { keys: [privateKey] } = await openpgp.key.readArmored(privateKeyArmored);
var privkey = '-----BEGIN PGP PRIVATE KEY BLOCK ... END PGP PRIVATE KEY BLOCK-----'; //encrypted private key await privateKey.decrypt(passphrase);
var passphrase = 'secret passphrase'; //what the privKey is encrypted with
var privKeyObj = (await openpgp.key.readArmored(privkey)).keys[0]; const { data: cleartext } = await openpgp.sign({
await privKeyObj.decrypt(passphrase);
```
```js
options = {
message: openpgp.cleartext.fromText('Hello, World!'), // CleartextMessage or Message object message: openpgp.cleartext.fromText('Hello, World!'), // CleartextMessage or Message object
privateKeys: [privKeyObj] // for signing privateKeys: [privateKey] // for signing
};
openpgp.sign(options).then(function(signed) {
cleartext = signed.data; // '-----BEGIN PGP SIGNED MESSAGE ... END PGP SIGNATURE-----'
}); });
``` console.log(cleartext); // '-----BEGIN PGP SIGNED MESSAGE ... END PGP SIGNATURE-----'
```js const { signatures } = await openpgp.verify({
options = {
message: await openpgp.cleartext.readArmored(cleartext), // parse armored message message: await openpgp.cleartext.readArmored(cleartext), // parse armored message
publicKeys: (await openpgp.key.readArmored(pubkey)).keys // for verification publicKeys: (await openpgp.key.readArmored(publicKeyArmored)).keys // for verification
};
openpgp.verify(options).then(function(verified) {
validity = verified.signatures[0].valid; // true
if (validity) {
console.log('signed by key id ' + verified.signatures[0].keyid.toHex());
}
}); });
const { valid } = verified.signatures[0];
if (valid) {
console.log('signed by key id ' + verified.signatures[0].keyid.toHex());
} else {
throw new Error('signature could not be verified');
}
})();
``` ```
#### Create and verify *detached* signatures #### Create and verify *detached* signatures
```js ```js
var options, detachedSig, validity; (async () => {
const publicKeyArmored = `-----BEGIN PGP PUBLIC KEY BLOCK-----
...
-----END PGP PUBLIC KEY BLOCK-----`;
const privateKeyArmored = `-----BEGIN PGP PRIVATE KEY BLOCK-----
...
-----END PGP PRIVATE KEY BLOCK-----`; // encrypted private key
const passphrase = `yourPassphrase`; // what the private key is encrypted with
var pubkey = '-----BEGIN PGP PUBLIC KEY BLOCK ... END PGP PUBLIC KEY BLOCK-----'; const { keys: [privateKey] } = await openpgp.key.readArmored(privateKeyArmored);
var privkey = '-----BEGIN PGP PRIVATE KEY BLOCK ... END PGP PRIVATE KEY BLOCK-----'; //encrypted private key await privateKey.decrypt(passphrase);
var passphrase = 'secret passphrase'; //what the privKey is encrypted with
var privKeyObj = (await openpgp.key.readArmored(privkey)).keys[0]; const { signature: detachedSignature } = await openpgp.sign({
await privKeyObj.decrypt(passphrase);
```
```js
options = {
message: openpgp.cleartext.fromText('Hello, World!'), // CleartextMessage or Message object message: openpgp.cleartext.fromText('Hello, World!'), // CleartextMessage or Message object
privateKeys: [privKeyObj], // for signing privateKeys: [privateKey], // for signing
detached: true detached: true
};
openpgp.sign(options).then(function(signed) {
detachedSig = signed.signature;
}); });
``` console.log(detachedSignature);
const { signatures } = await openpgp.verify({
```js
options = {
message: openpgp.cleartext.fromText('Hello, World!'), // CleartextMessage or Message object message: openpgp.cleartext.fromText('Hello, World!'), // CleartextMessage or Message object
signature: await openpgp.signature.readArmored(detachedSig), // parse detached signature signature: await openpgp.signature.readArmored(detachedSignature), // parse detached signature
publicKeys: (await openpgp.key.readArmored(pubkey)).keys // for verification publicKeys: (await openpgp.key.readArmored(publicKeyArmored)).keys // for verification
};
openpgp.verify(options).then(function(verified) {
validity = verified.signatures[0].valid; // true
if (validity) {
console.log('signed by key id ' + verified.signatures[0].keyid.toHex());
}
}); });
const { valid } = verified.signatures[0];
if (valid) {
console.log('signed by key id ' + verified.signatures[0].keyid.toHex());
} else {
throw new Error('signature could not be verified');
}
})();
``` ```
#### Streaming sign and verify *Uint8Array* data #### Streaming sign and verify *Uint8Array* data
```js ```js
(async () => {
var readableStream = new ReadableStream({ var readableStream = new ReadableStream({
start(controller) { start(controller) {
controller.enqueue(new Uint8Array([0x01, 0x02, 0x03])); controller.enqueue(new Uint8Array([0x01, 0x02, 0x03]));
@ -514,44 +477,40 @@ var readableStream = new ReadableStream({
} }
}); });
var options, signedArmor, validity; const publicKeyArmored = `-----BEGIN PGP PUBLIC KEY BLOCK-----
...
-----END PGP PUBLIC KEY BLOCK-----`;
const privateKeyArmored = `-----BEGIN PGP PRIVATE KEY BLOCK-----
...
-----END PGP PRIVATE KEY BLOCK-----`; // encrypted private key
const passphrase = `yourPassphrase`; // what the private key is encrypted with
var pubkey = '-----BEGIN PGP PUBLIC KEY BLOCK ... END PGP PUBLIC KEY BLOCK-----'; const { keys: [privateKey] } = await openpgp.key.readArmored(privateKeyArmored);
var privkey = '-----BEGIN PGP PRIVATE KEY BLOCK ... END PGP PRIVATE KEY BLOCK-----'; //encrypted private key await privateKey.decrypt(passphrase);
var passphrase = 'secret passphrase'; //what the privKey is encrypted with
var privKeyObj = (await openpgp.key.readArmored(privkey)).keys[0]; const { data: signatureArmored } = await openpgp.sign({
await privKeyObj.decrypt(passphrase);
```
```js
options = {
message: openpgp.message.fromBinary(readableStream), // or .fromText(readableStream: ReadableStream<String>) message: openpgp.message.fromBinary(readableStream), // or .fromText(readableStream: ReadableStream<String>)
privateKeys: [privKeyObj] // for signing privateKeys: [privateKey] // for signing
};
openpgp.sign(options).then(function(signed) {
signedArmor = signed.data; // ReadableStream containing '-----BEGIN PGP SIGNED MESSAGE ... END PGP SIGNATURE-----'
}); });
``` console.log(signatureArmored); // ReadableStream containing '-----BEGIN PGP MESSAGE ... END PGP MESSAGE-----'
```js const { signatures } = await openpgp.verify({
options = { message: await openpgp.message.readArmored(signatureArmored), // parse armored signature
message: await openpgp.message.readArmored(signedArmor), // parse armored message publicKeys: (await openpgp.key.readArmored(publicKeyArmored)).keys // for verification
publicKeys: (await openpgp.key.readArmored(pubkey)).keys // for verification });
};
openpgp.verify(options).then(async function(verified) {
await openpgp.stream.readToEnd(verified.data); await openpgp.stream.readToEnd(verified.data);
// Note: you *have* to read `verified.data` in some way or other, // Note: you *have* to read `verified.data` in some way or other,
// even if you don't need it, as that is what triggers the // even if you don't need it, as that is what triggers the
// verification of the data. // verification of the data.
validity = await verified.signatures[0].verified; // true const { valid } = verified.signatures[0];
if (validity) { if (valid) {
console.log('signed by key id ' + verified.signatures[0].keyid.toHex()); console.log('signed by key id ' + verified.signatures[0].keyid.toHex());
} else {
throw new Error('signature could not be verified');
} }
}); })();
``` ```
### Documentation ### Documentation