suzanne.soy/fork-openpgpjs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Clean up README.md

Browse Source
This commit is contained in:
Daniel Huigens 2020-02-01 22:36:53 +01:00
parent 09e818763e
commit 7000d9db4b
1 changed files with 232 additions and 273 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

505
README.md
View File

@ -112,9 +112,9 @@ Here are some examples of how to use the v2.x+ API. For more elaborate examples
#### Set up #### Set up
```js ```js
var openpgp = require('openpgp'); // use as CommonJS, AMD, ES6 module or via window.openpgp const openpgp = require('openpgp'); // use as CommonJS, AMD, ES6 module or via window.openpgp
await openpgp.initWorker({ path:'openpgp.worker.js' }) // set the relative web worker path await openpgp.initWorker({ path: 'openpgp.worker.js' }); // set the relative web worker path
``` ```
#### Encrypt and decrypt *Uint8Array* data with a password #### Encrypt and decrypt *Uint8Array* data with a password
@ -122,29 +122,21 @@ await openpgp.initWorker({ path:'openpgp.worker.js' }) // set the relative web w
Encryption will use the algorithm specified in config.encryption_cipher (defaults to aes256), and decryption will use the algorithm used for encryption. Encryption will use the algorithm specified in config.encryption_cipher (defaults to aes256), and decryption will use the algorithm used for encryption.
```js ```js
var options, encrypted; (async () => {
const { message } = await openpgp.encrypt({
message: openpgp.message.fromBinary(new Uint8Array([0x01, 0x01, 0x01])), // input as Message object
passwords: ['secret stuff'], // multiple passwords possible
armor: false // don't ASCII armor (for Uint8Array output)
});
const encrypted = message.packets.write(); // get raw encrypted packets as Uint8Array
options = { const { data: decrypted } = await openpgp.encrypt({
message: openpgp.message.fromBinary(new Uint8Array([0x01, 0x01, 0x01])), // input as Message object message: await openpgp.message.read(encrypted), // parse encrypted bytes
passwords: ['secret stuff'], // multiple passwords possible passwords: ['secret stuff'], // decrypt with password
armor: false // don't ASCII armor (for Uint8Array output) format: 'binary' // output as Uint8Array
}; });
console.log(decrypted); // Uint8Array([0x01, 0x01, 0x01])
openpgp.encrypt(options).then(function(ciphertext) { })();
encrypted = ciphertext.message.packets.write(); // get raw encrypted packets as Uint8Array
});
```
```js
options = {
message: await openpgp.message.read(encrypted), // parse encrypted bytes
passwords: ['secret stuff'], // decrypt with password
format: 'binary' // output as Uint8Array
};
openpgp.decrypt(options).then(function(plaintext) {
return plaintext.data // Uint8Array([0x01, 0x01, 0x01])
});
``` ```
#### Encrypt and decrypt *String* data with PGP keys #### Encrypt and decrypt *String* data with PGP keys
@ -152,85 +144,70 @@ openpgp.decrypt(options).then(function(plaintext) {
Encryption will use the algorithm preferred by the public key (defaults to aes256 for keys generated in OpenPGP.js), and decryption will use the algorithm used for encryption. Encryption will use the algorithm preferred by the public key (defaults to aes256 for keys generated in OpenPGP.js), and decryption will use the algorithm used for encryption.
```js ```js
const openpgp = require('openpgp') // use as CommonJS, AMD, ES6 module or via window.openpgp const openpgp = require('openpgp'); // use as CommonJS, AMD, ES6 module or via window.openpgp
await openpgp.initWorker({ path:'openpgp.worker.js' }) // set the relative web worker path (async () => {
await openpgp.initWorker({ path: 'openpgp.worker.js' }); // set the relative web worker path
// put keys in backtick (``) to avoid errors caused by spaces or tabs // put keys in backtick (``) to avoid errors caused by spaces or tabs
const pubkey = `-----BEGIN PGP PUBLIC KEY BLOCK----- const publicKeyArmored = `-----BEGIN PGP PUBLIC KEY BLOCK-----
... ...
-----END PGP PUBLIC KEY BLOCK-----` -----END PGP PUBLIC KEY BLOCK-----`;
const privkey = `-----BEGIN PGP PRIVATE KEY BLOCK----- const privateKeyArmored = `-----BEGIN PGP PRIVATE KEY BLOCK-----
... ...
-----END PGP PRIVATE KEY BLOCK-----` //encrypted private key -----END PGP PRIVATE KEY BLOCK-----`; // encrypted private key
const passphrase = `yourPassphrase` //what the privKey is encrypted with const passphrase = `yourPassphrase`; // what the private key is encrypted with
const encryptDecryptFunction = async() => { const { keys: [privateKey] } = await openpgp.key.readArmored(privateKeyArmored);
const privKeyObj = (await openpgp.key.readArmored(privkey)).keys[0] await privateKey.decrypt(passphrase);
await privKeyObj.decrypt(passphrase)
const options = { const { data: encrypted } = await openpgp.encrypt({
message: openpgp.message.fromText('Hello, World!'), // input as Message object message: openpgp.message.fromText('Hello, World!'), // input as Message object
publicKeys: (await openpgp.key.readArmored(pubkey)).keys, // for encryption publicKeys: (await openpgp.key.readArmored(publicKeyArmored)).keys, // for encryption
privateKeys: [privKeyObj] // for signing (optional) privateKeys: [privateKey] // for signing (optional)
} });
console.log(encrypted); // '-----BEGIN PGP MESSAGE ... END PGP MESSAGE-----'
openpgp.encrypt(options).then(ciphertext => { const { data: decrypted } = await openpgp.decrypt({
encrypted = ciphertext.data // '-----BEGIN PGP MESSAGE ... END PGP MESSAGE-----' message: await openpgp.message.readArmored(encrypted), // parse armored message
return encrypted publicKeys: (await openpgp.key.readArmored(publicKeyArmored)).keys, // for verification (optional)
}) privateKeys: [privateKey] // for decryption
.then(async encrypted => { });
const options = { console.log(decrypted); // 'Hello, World!'
message: await openpgp.message.readArmored(encrypted), // parse armored message })();
publicKeys: (await openpgp.key.readArmored(pubkey)).keys, // for verification (optional)
privateKeys: [privKeyObj] // for decryption
}
openpgp.decrypt(options).then(plaintext => {
console.log(plaintext.data)
return plaintext.data // 'Hello, World!'
})
})
}
encryptDecryptFunction()
``` ```
Encrypt with multiple public keys: Encrypt with multiple public keys:
```js ```js
const pubkeys = [`-----BEGIN PGP PUBLIC KEY BLOCK----- (async () => {
const publicKeysArmored = [
`-----BEGIN PGP PUBLIC KEY BLOCK-----
... ...
-----END PGP PUBLIC KEY BLOCK-----`, -----END PGP PUBLIC KEY BLOCK-----`,
`-----BEGIN PGP PUBLIC KEY BLOCK----- `-----BEGIN PGP PUBLIC KEY BLOCK-----
... ...
-----END PGP PUBLIC KEY BLOCK-----` -----END PGP PUBLIC KEY BLOCK-----`
const privkey = `-----BEGIN PGP PRIVATE KEY BLOCK----- ];
const privateKeyArmored = `-----BEGIN PGP PRIVATE KEY BLOCK-----
... ...
-----END PGP PRIVATE KEY BLOCK-----` //encrypted private key -----END PGP PRIVATE KEY BLOCK-----`; // encrypted private key
const passphrase = `yourPassphrase` //what the privKey is encrypted with const passphrase = `yourPassphrase`; // what the private key is encrypted with
const message = 'Hello, World!' // input as Message object const message = 'Hello, World!';
async encryptWithMultiplePublicKeys(pubkeys, privkey, passphrase, message) { const { keys: [privateKey] } = await openpgp.key.readArmored(privateKeyArmored);
const privKeyObj = (await openpgp.key.readArmored(privkey)).keys[0] await privateKey.decrypt(passphrase)
await privKeyObj.decrypt(passphrase)
pubkeys = pubkeys.map(async (key) => { const publicKeys = await Promise.all(publicKeysArmored.map(async (key) => {
return (await openpgp.key.readArmored(key)).keys[0] return (await openpgp.key.readArmored(key)).keys[0];
}));
const { data: encrypted } = await openpgp.encrypt({
message: openpgp.message.fromText(message), // input as Message object
publicKeys, // for encryption
privateKeys: [privateKey] // for signing (optional)
}); });
console.log(encrypted); // '-----BEGIN PGP MESSAGE ... END PGP MESSAGE-----'
const options = { })();
message: openpgp.message.fromText(message),
publicKeys: pubkeys, // for encryption
privateKeys: [privKeyObj] // for signing (optional)
}
return openpgp.encrypt(options).then(ciphertext => {
encrypted = ciphertext.data // '-----BEGIN PGP MESSAGE ... END PGP MESSAGE-----'
return encrypted
})
};
``` ```
#### Encrypt with compression #### Encrypt with compression
@ -240,21 +217,19 @@ By default, `encrypt` will not use any compression. It's possible to override th
Either set the `compression` parameter in the options object when calling `encrypt`. Either set the `compression` parameter in the options object when calling `encrypt`.
```js ```js
var options, encrypted; (async () => {
const encrypted = await openpgp.encrypt({
options = { message: openpgp.message.fromBinary(new Uint8Array([0x01, 0x02, 0x03])), // or .fromText('string')
message: openpgp.message.fromBinary(new Uint8Array([0x01, 0x02, 0x03])), // or .fromText('string') passwords: ['secret stuff'], // multiple passwords possible
passwords: ['secret stuff'], // multiple passwords possible compression: openpgp.enums.compression.zip // compress the data with zip
compression: openpgp.enums.compression.zip // compress the data with zip });
}; })();
ciphertext = await openpgp.encrypt(options); // use ciphertext
``` ```
Or, override the config to enable compression: Or, override the config to enable compression:
```js ```js
openpgp.config.compression = openpgp.enums.compression.zlib openpgp.config.compression = openpgp.enums.compression.zlib;
``` ```
Where the value can be any of: Where the value can be any of:
@ -265,21 +240,20 @@ Where the value can be any of:
#### Streaming encrypt *Uint8Array* data with a password #### Streaming encrypt *Uint8Array* data with a password
```js ```js
const readableStream = new ReadableStream({ (async () => {
start(controller) { const readableStream = new ReadableStream({
controller.enqueue(new Uint8Array([0x01, 0x02, 0x03])); start(controller) {
controller.close(); controller.enqueue(new Uint8Array([0x01, 0x02, 0x03]));
} controller.close();
}); }
});
const options = { const { message } = await openpgp.encrypt({
message: openpgp.message.fromBinary(readableStream), // input as Message object message: openpgp.message.fromBinary(readableStream), // input as Message object
passwords: ['secret stuff'], // multiple passwords possible passwords: ['secret stuff'], // multiple passwords possible
armor: false // don't ASCII armor (for Uint8Array output) armor: false // don't ASCII armor (for Uint8Array output)
}; });
const encrypted = message.packets.write(); // get raw encrypted packets as ReadableStream<Uint8Array>
openpgp.encrypt(options).then(async function(ciphertext) {
const encrypted = ciphertext.message.packets.write(); // get raw encrypted packets as ReadableStream<Uint8Array>
// Either pipe the above stream somewhere, pass it to another function, // Either pipe the above stream somewhere, pass it to another function,
// or read it manually as follows: // or read it manually as follows:
@ -289,7 +263,7 @@ openpgp.encrypt(options).then(async function(ciphertext) {
if (done) break; if (done) break;
console.log('new chunk:', value); // Uint8Array console.log('new chunk:', value); // Uint8Array
} }
}); })();
``` ```
For more information on creating ReadableStreams, see [the MDN Documentation on `new For more information on creating ReadableStreams, see [the MDN Documentation on `new
@ -303,18 +277,16 @@ its [Reader class](https://openpgpjs.org/web-stream-tools/Reader.html).
```js ```js
(async () => { (async () => {
let options; const publicKeyArmored = `-----BEGIN PGP PUBLIC KEY BLOCK-----
...
-----END PGP PUBLIC KEY BLOCK-----`; // Public key
const [privateKeyArmored] = `-----BEGIN PGP PRIVATE KEY BLOCK-----
...
-----END PGP PRIVATE KEY BLOCK-----`; // Encrypted private key
const passphrase = `yourPassphrase`; // Password that private key is encrypted with
const pubkey = `-----BEGIN PGP PUBLIC KEY BLOCK----- const privateKey = (await openpgp.key.readArmored([privateKeyArmored])).keys[0];
... await privateKey.decrypt(passphrase);
-----END PGP PUBLIC KEY BLOCK-----`; // Public key
const privkey = `-----BEGIN PGP PRIVATE KEY BLOCK-----
...
-----END PGP PRIVATE KEY BLOCK-----`; // Encrypted private key
const passphrase = `yourPassphrase`; // Password that privKey is encrypted with
const privKeyObj = (await openpgp.key.readArmored(privkey)).keys[0];
await privKeyObj.decrypt(passphrase);
const readableStream = new ReadableStream({ const readableStream = new ReadableStream({
start(controller) { start(controller) {
@ -323,22 +295,18 @@ its [Reader class](https://openpgpjs.org/web-stream-tools/Reader.html).
} }
}); });
options = { const encrypted = await openpgp.encrypt({
message: openpgp.message.fromText(readableStream), // input as Message object message: openpgp.message.fromText(readableStream), // input as Message object
publicKeys: (await openpgp.key.readArmored(pubkey)).keys, // for encryption publicKeys: (await openpgp.key.readArmored(publicKeyArmored)).keys, // for encryption
privateKeys: [privKeyObj] // for signing (optional) privateKeys: [privateKey] // for signing (optional)
}; });
const encrypted = await openpgp.encrypt(options);
const ciphertext = encrypted.data; // ReadableStream containing '-----BEGIN PGP MESSAGE ... END PGP MESSAGE-----' const ciphertext = encrypted.data; // ReadableStream containing '-----BEGIN PGP MESSAGE ... END PGP MESSAGE-----'
options = { const decrypted = await openpgp.decrypt({
message: await openpgp.message.readArmored(ciphertext), // parse armored message message: await openpgp.message.readArmored(ciphertext), // parse armored message
publicKeys: (await openpgp.key.readArmored(pubkey)).keys, // for verification (optional) publicKeys: (await openpgp.key.readArmored(publicKeyArmored)).keys, // for verification (optional)
privateKeys: [privKeyObj] // for decryption privateKeys: [privateKey] // for decryption
}; });
const decrypted = await openpgp.decrypt(options);
const plaintext = await openpgp.stream.readToEnd(decrypted.data); // 'Hello, World!' const plaintext = await openpgp.stream.readToEnd(decrypted.data); // 'Hello, World!'
})(); })();
``` ```
@ -346,212 +314,203 @@ its [Reader class](https://openpgpjs.org/web-stream-tools/Reader.html).
#### Generate new key pair #### Generate new key pair
RSA keys:
```js
var options = {
userIds: [{ name:'Jon Smith', email:'jon@example.com' }], // multiple user IDs
rsaBits: 4096, // RSA key size
passphrase: 'super long and hard to guess secret' // protects the private key
};
```
ECC keys: ECC keys:
Possible values for curve are: `curve25519`, `ed25519`, `p256`, `p384`, `p521`, `secp256k1`, Possible values for `curve` are: `curve25519`, `ed25519`, `p256`, `p384`, `p521`, `secp256k1`,
`brainpoolP256r1`, `brainpoolP384r1`, or `brainpoolP512r1`. `brainpoolP256r1`, `brainpoolP384r1`, or `brainpoolP512r1`.
Note that options both `curve25519` and `ed25519` generate a primary key for signing using Ed25519 Note that both the `curve25519` and `ed25519` options generate a primary key for signing using Ed25519
and a subkey for encryption using Curve25519. and a subkey for encryption using Curve25519.
```js ```js
var options = { (async () => {
userIds: [{ name:'Jon Smith', email:'jon@example.com' }], // multiple user IDs const { privateKeyArmored, publicKeyArmored, revocationCertificate } = await openpgp.generateKey({
curve: "ed25519", // ECC curve name userIds: [{ name: 'Jon Smith', email: 'jon@example.com' }], // you can pass multiple user IDs
passphrase: 'super long and hard to guess secret' // protects the private key curve: 'ed25519', // ECC curve name
}; passphrase: 'super long and hard to guess secret' // protects the private key
});
console.log(privateKeyArmored); // '-----BEGIN PGP PRIVATE KEY BLOCK ... '
console.log(publicKeyArmored); // '-----BEGIN PGP PUBLIC KEY BLOCK ... '
console.log(revocationCertificate); // '-----BEGIN PGP PUBLIC KEY BLOCK ... '
})();
``` ```
RSA keys:
```js ```js
openpgp.generateKey(options).then(function(key) { (async () => {
var privkey = key.privateKeyArmored; // '-----BEGIN PGP PRIVATE KEY BLOCK ... ' const key = await openpgp.generateKey({
var pubkey = key.publicKeyArmored; // '-----BEGIN PGP PUBLIC KEY BLOCK ... ' userIds: [{ name: 'Jon Smith', email: 'jon@example.com' }], // you can pass multiple user IDs
var revocationCertificate = key.revocationCertificate; // '-----BEGIN PGP PUBLIC KEY BLOCK ... ' rsaBits: 4096, // RSA key size
}); passphrase: 'super long and hard to guess secret' // protects the private key
});
})();
``` ```
#### Revoke a key #### Revoke a key
Using a revocation certificate: Using a revocation certificate:
```js ```js
var options = { (async () => {
key: openpgp.key.readArmored(pubkey).keys[0], const { publicKeyArmored: revokedKeyArmored } = await openpgp.revokeKey({
revocationCertificate: revocationCertificate key: (await openpgp.key.readArmored(publicKeyArmored)).keys[0],
}; revocationCertificate
});
console.log(revokedKeyArmored); // '-----BEGIN PGP PUBLIC KEY BLOCK ... '
})();
``` ```
Using the private key: Using the private key:
```js ```js
var options = { (async () => {
key: openpgp.key.readArmored(privkey).keys[0] const { publicKeyArmored, publicKey } = await openpgp.revokeKey({
}; key: (await openpgp.key.readArmored(privateKeyArmored)).keys[0]
``` });
})();
```js
openpgp.revokeKey(options).then(function(key) {
var pubkey = key.publicKeyArmored; // '-----BEGIN PGP PUBLIC KEY BLOCK ... '
});
``` ```
#### Lookup public key on HKP server #### Lookup public key on HKP server
```js ```js
var hkp = new openpgp.HKP(); // Defaults to https://keyserver.ubuntu.com, or pass another keyserver URL as a string (async () => {
var hkp = new openpgp.HKP(); // Defaults to https://keyserver.ubuntu.com, or pass another keyserver URL as a string
var options = { let publicKeyArmored = await hkp.lookup({
query: 'alice@example.com' query: 'alice@example.com'
}; });
var { keys: [publicKey] } = await openpgp.key.readArmored(publicKeyArmored);
let armoredPubkey = await hkp.lookup(options); })();
var pubkey = await openpgp.key.readArmored(armoredPubkey);
``` ```
#### Upload public key to HKP server #### Upload public key to HKP server
```js ```js
var hkp = new openpgp.HKP('https://pgp.mit.edu'); (async () => {
var hkp = new openpgp.HKP('https://pgp.mit.edu');
var pubkey = '-----BEGIN PGP PUBLIC KEY BLOCK ... END PGP PUBLIC KEY BLOCK-----'; var publicKeyArmored = `-----BEGIN PGP PUBLIC KEY BLOCK-----
...
-----END PGP PUBLIC KEY BLOCK-----`;
hkp.upload(pubkey).then(function() { ... }); await hkp.upload(publicKeyArmored);
})();
``` ```
#### Sign and verify cleartext messages #### Sign and verify cleartext messages
```js ```js
var options, cleartext, validity; (async () => {
const publicKeyArmored = `-----BEGIN PGP PUBLIC KEY BLOCK-----
...
-----END PGP PUBLIC KEY BLOCK-----`;
const privateKeyArmored = `-----BEGIN PGP PRIVATE KEY BLOCK-----
...
-----END PGP PRIVATE KEY BLOCK-----`; // encrypted private key
const passphrase = `yourPassphrase`; // what the private key is encrypted with
var pubkey = '-----BEGIN PGP PUBLIC KEY BLOCK ... END PGP PUBLIC KEY BLOCK-----'; const { keys: [privateKey] } = await openpgp.key.readArmored(privateKeyArmored);
var privkey = '-----BEGIN PGP PRIVATE KEY BLOCK ... END PGP PRIVATE KEY BLOCK-----'; //encrypted private key await privateKey.decrypt(passphrase);
var passphrase = 'secret passphrase'; //what the privKey is encrypted with
var privKeyObj = (await openpgp.key.readArmored(privkey)).keys[0]; const { data: cleartext } = await openpgp.sign({
await privKeyObj.decrypt(passphrase); message: openpgp.cleartext.fromText('Hello, World!'), // CleartextMessage or Message object
``` privateKeys: [privateKey] // for signing
});
console.log(cleartext); // '-----BEGIN PGP SIGNED MESSAGE ... END PGP SIGNATURE-----'
```js const { signatures } = await openpgp.verify({
options = { message: await openpgp.cleartext.readArmored(cleartext), // parse armored message
message: openpgp.cleartext.fromText('Hello, World!'), // CleartextMessage or Message object publicKeys: (await openpgp.key.readArmored(publicKeyArmored)).keys // for verification
privateKeys: [privKeyObj] // for signing });
}; const { valid } = verified.signatures[0];
if (valid) {
openpgp.sign(options).then(function(signed) { console.log('signed by key id ' + verified.signatures[0].keyid.toHex());
cleartext = signed.data; // '-----BEGIN PGP SIGNED MESSAGE ... END PGP SIGNATURE-----' } else {
}); throw new Error('signature could not be verified');
``` }
})();
```js
options = {
message: await openpgp.cleartext.readArmored(cleartext), // parse armored message
publicKeys: (await openpgp.key.readArmored(pubkey)).keys // for verification
};
openpgp.verify(options).then(function(verified) {
validity = verified.signatures[0].valid; // true
if (validity) {
console.log('signed by key id ' + verified.signatures[0].keyid.toHex());
}
});
``` ```
#### Create and verify *detached* signatures #### Create and verify *detached* signatures
```js ```js
var options, detachedSig, validity; (async () => {
const publicKeyArmored = `-----BEGIN PGP PUBLIC KEY BLOCK-----
...
-----END PGP PUBLIC KEY BLOCK-----`;
const privateKeyArmored = `-----BEGIN PGP PRIVATE KEY BLOCK-----
...
-----END PGP PRIVATE KEY BLOCK-----`; // encrypted private key
const passphrase = `yourPassphrase`; // what the private key is encrypted with
var pubkey = '-----BEGIN PGP PUBLIC KEY BLOCK ... END PGP PUBLIC KEY BLOCK-----'; const { keys: [privateKey] } = await openpgp.key.readArmored(privateKeyArmored);
var privkey = '-----BEGIN PGP PRIVATE KEY BLOCK ... END PGP PRIVATE KEY BLOCK-----'; //encrypted private key await privateKey.decrypt(passphrase);
var passphrase = 'secret passphrase'; //what the privKey is encrypted with
var privKeyObj = (await openpgp.key.readArmored(privkey)).keys[0]; const { signature: detachedSignature } = await openpgp.sign({
await privKeyObj.decrypt(passphrase); message: openpgp.cleartext.fromText('Hello, World!'), // CleartextMessage or Message object
``` privateKeys: [privateKey], // for signing
detached: true
});
console.log(detachedSignature);
```js const { signatures } = await openpgp.verify({
options = { message: openpgp.cleartext.fromText('Hello, World!'), // CleartextMessage or Message object
message: openpgp.cleartext.fromText('Hello, World!'), // CleartextMessage or Message object signature: await openpgp.signature.readArmored(detachedSignature), // parse detached signature
privateKeys: [privKeyObj], // for signing publicKeys: (await openpgp.key.readArmored(publicKeyArmored)).keys // for verification
detached: true });
}; const { valid } = verified.signatures[0];
if (valid) {
openpgp.sign(options).then(function(signed) {
detachedSig = signed.signature;
});
```
```js
options = {
message: openpgp.cleartext.fromText('Hello, World!'), // CleartextMessage or Message object
signature: await openpgp.signature.readArmored(detachedSig), // parse detached signature
publicKeys: (await openpgp.key.readArmored(pubkey)).keys // for verification
};
openpgp.verify(options).then(function(verified) {
validity = verified.signatures[0].valid; // true
if (validity) {
console.log('signed by key id ' + verified.signatures[0].keyid.toHex()); console.log('signed by key id ' + verified.signatures[0].keyid.toHex());
} else {
throw new Error('signature could not be verified');
} }
}); })();
``` ```
#### Streaming sign and verify *Uint8Array* data #### Streaming sign and verify *Uint8Array* data
```js ```js
var readableStream = new ReadableStream({ (async () => {
start(controller) { var readableStream = new ReadableStream({
controller.enqueue(new Uint8Array([0x01, 0x02, 0x03])); start(controller) {
controller.close(); controller.enqueue(new Uint8Array([0x01, 0x02, 0x03]));
} controller.close();
}); }
});
var options, signedArmor, validity; const publicKeyArmored = `-----BEGIN PGP PUBLIC KEY BLOCK-----
...
-----END PGP PUBLIC KEY BLOCK-----`;
const privateKeyArmored = `-----BEGIN PGP PRIVATE KEY BLOCK-----
...
-----END PGP PRIVATE KEY BLOCK-----`; // encrypted private key
const passphrase = `yourPassphrase`; // what the private key is encrypted with
var pubkey = '-----BEGIN PGP PUBLIC KEY BLOCK ... END PGP PUBLIC KEY BLOCK-----'; const { keys: [privateKey] } = await openpgp.key.readArmored(privateKeyArmored);
var privkey = '-----BEGIN PGP PRIVATE KEY BLOCK ... END PGP PRIVATE KEY BLOCK-----'; //encrypted private key await privateKey.decrypt(passphrase);
var passphrase = 'secret passphrase'; //what the privKey is encrypted with
var privKeyObj = (await openpgp.key.readArmored(privkey)).keys[0]; const { data: signatureArmored } = await openpgp.sign({
await privKeyObj.decrypt(passphrase); message: openpgp.message.fromBinary(readableStream), // or .fromText(readableStream: ReadableStream<String>)
``` privateKeys: [privateKey] // for signing
});
console.log(signatureArmored); // ReadableStream containing '-----BEGIN PGP MESSAGE ... END PGP MESSAGE-----'
```js const { signatures } = await openpgp.verify({
options = { message: await openpgp.message.readArmored(signatureArmored), // parse armored signature
message: openpgp.message.fromBinary(readableStream), // or .fromText(readableStream: ReadableStream<String>) publicKeys: (await openpgp.key.readArmored(publicKeyArmored)).keys // for verification
privateKeys: [privKeyObj] // for signing });
};
openpgp.sign(options).then(function(signed) {
signedArmor = signed.data; // ReadableStream containing '-----BEGIN PGP SIGNED MESSAGE ... END PGP SIGNATURE-----'
});
```
```js
options = {
message: await openpgp.message.readArmored(signedArmor), // parse armored message
publicKeys: (await openpgp.key.readArmored(pubkey)).keys // for verification
};
openpgp.verify(options).then(async function(verified) {
await openpgp.stream.readToEnd(verified.data); await openpgp.stream.readToEnd(verified.data);
// Note: you *have* to read `verified.data` in some way or other, // Note: you *have* to read `verified.data` in some way or other,
// even if you don't need it, as that is what triggers the // even if you don't need it, as that is what triggers the
// verification of the data. // verification of the data.
validity = await verified.signatures[0].verified; // true const { valid } = verified.signatures[0];
if (validity) { if (valid) {
console.log('signed by key id ' + verified.signatures[0].keyid.toHex()); console.log('signed by key id ' + verified.signatures[0].keyid.toHex());
} else {
throw new Error('signature could not be verified');
} }
}); })();
``` ```
### Documentation ### Documentation