suzanne.soy/fork-openpgpjs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Support passing a non-array value to encryption/signingKeyIDs in top-level functions (#1342)

Browse Source 
- Support passing a single Key ID directly to the `encryption/signingKeyIDs`
options of `openpgp.encrypt`, `sign`, `generateSessionKey` and
`encryptSessionKey`.
- Add type definitions for `openpgp.encryptSessionKey` and `decryptSessionKeys`.
This commit is contained in:
larabr 2021-06-24 17:51:18 +02:00 committed by GitHub
parent 40542fd08a
commit f50abd81a1
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 71 additions and 58 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

60
openpgp.d.ts vendored
View File

@ -20,13 +20,11 @@ export function readPrivateKeys(options: { binaryKeys: Uint8Array, config?: Part
export function generateKey(options: KeyOptions & { format?: 'armor' }): Promise<SerializedKeyPair<string> & { revocationCertificate: string }>;
export function generateKey(options: KeyOptions & { format: 'binary' }): Promise<SerializedKeyPair<Uint8Array> & { revocationCertificate: string }>;
export function generateKey(options: KeyOptions & { format: 'object' }): Promise<KeyPair & { revocationCertificate: string }>;
export function generateSessionKey(options: { encryptionKeys: PublicKey[], date?: Date, encryptionUserIDs?: UserID[], config?: PartialConfig }): Promise<SessionKey>;
export function decryptKey(options: { privateKey: PrivateKey; passphrase?: string | string[]; config?: PartialConfig }): Promise<PrivateKey>;
export function encryptKey(options: { privateKey: PrivateKey; passphrase?: string | string[]; config?: PartialConfig }): Promise<PrivateKey>;
export function reformatKey(options: { privateKey: PrivateKey; userIDs?: UserID|UserID[]; passphrase?: string; keyExpirationTime?: number; date?: Date, format?: 'armor', config?: PartialConfig }): Promise<SerializedKeyPair<string> & { revocationCertificate: string }>;
export function reformatKey(options: { privateKey: PrivateKey; userIDs?: UserID|UserID[]; passphrase?: string; keyExpirationTime?: number; date?: Date, format: 'binary', config?: PartialConfig }): Promise<SerializedKeyPair<Uint8Array> & { revocationCertificate: string }>;
export function reformatKey(options: { privateKey: PrivateKey; userIDs?: UserID|UserID[]; passphrase?: string; keyExpirationTime?: number; date?: Date, format: 'object', config?: PartialConfig }): Promise<KeyPair & { revocationCertificate: string }>;
export function decryptKey(options: { privateKey: PrivateKey; passphrase?: MaybeArray<string>; config?: PartialConfig }): Promise<PrivateKey>;
export function encryptKey(options: { privateKey: PrivateKey; passphrase?: MaybeArray<string>; config?: PartialConfig }): Promise<PrivateKey>;
export function reformatKey(options: { privateKey: PrivateKey; userIDs?: MaybeArray<UserID>; passphrase?: string; keyExpirationTime?: number; date?: Date, format?: 'armor', config?: PartialConfig }): Promise<SerializedKeyPair<string> & { revocationCertificate: string }>;
export function reformatKey(options: { privateKey: PrivateKey; userIDs?: MaybeArray<UserID>; passphrase?: string; keyExpirationTime?: number; date?: Date, format: 'binary', config?: PartialConfig }): Promise<SerializedKeyPair<Uint8Array> & { revocationCertificate: string }>;
export function reformatKey(options: { privateKey: PrivateKey; userIDs?: MaybeArray<UserID>; passphrase?: string; keyExpirationTime?: number; date?: Date, format: 'object', config?: PartialConfig }): Promise<KeyPair & { revocationCertificate: string }>;
export function revokeKey(options: { key: PrivateKey, reasonForRevocation?: ReasonForRevocation, date?: Date, format?: 'armor', config?: PartialConfig }): Promise<SerializedKeyPair<string>>;
export function revokeKey(options: { key: PrivateKey, reasonForRevocation?: ReasonForRevocation, date?: Date, format: 'binary', config?: PartialConfig }): Promise<SerializedKeyPair<Uint8Array>>;
export function revokeKey(options: { key: PrivateKey, reasonForRevocation?: ReasonForRevocation, date?: Date, format: 'object', config?: PartialConfig }): Promise<KeyPair>;
@ -171,6 +169,14 @@ export class CleartextMessage {
}
/* ############## v5 MSG #################### */
export function generateSessionKey(options: { encryptionKeys: MaybeArray<PublicKey>, date?: Date, encryptionUserIDs?: MaybeArray<UserID>, config?: PartialConfig }): Promise<SessionKey>;
export function encryptSessionKey(options: SessionKey & {
encryptionKeys?: MaybeArray<PublicKey>, passwords?: MaybeArray<string>, armor?: true, wildcard?: boolean, encryptionKeyIDs?: MaybeArray<KeyID>, date?: Date, encryptionUserIDs?: MaybeArray<UserID>, config?: PartialConfig
}) : Promise<string>;
export function encryptSessionKey(options: SessionKey & {
encryptionKeys?: MaybeArray<PublicKey>, passwords?: MaybeArray<string>, armor: false, wildcard?: boolean, encryptionKeyIDs?: MaybeArray<KeyID>, date?: Date, encryptionUserIDs?: MaybeArray<UserID>, config?: PartialConfig
}) : Promise<Uint8Array>;
export function decryptSessionKeys<T extends MaybeStream<Data>>(options: { message: Message<T>, decryptionKeys?: MaybeArray<PrivateKey>, passwords?: MaybeArray<string>, date?: Date, config?: PartialConfig }): Promise<SessionKey[]>;
export function readMessage<T extends MaybeStream<string>>(options: { armoredMessage: T, config?: PartialConfig }): Promise<Message<T>>;
export function readMessage<T extends MaybeStream<Uint8Array>>(options: { binaryMessage: T, config?: PartialConfig }): Promise<Message<T>>;
@ -547,9 +553,14 @@ export namespace stream {
}
/* ############## v5 GENERAL #################### */
type MaybeArray<T> = T | Array<T>;
export interface UserID { name?: string; email?: string; comment?: string; }
export interface SessionKey { data: Uint8Array; algorithm: string; }
export interface SessionKey {
data: Uint8Array;
algorithm: enums.symmetricNames;
aeadAlgorithm?: enums.aeadNames;
}
export interface ReasonForRevocation { flag?: enums.reasonForRevocation, string?: string }
@ -557,12 +568,12 @@ interface EncryptOptions {
/** message to be encrypted as created by createMessage */
message: Message<MaybeStream<Data>>;
/** (optional) array of keys or single key, used to encrypt the message */
encryptionKeys?: PublicKey | PublicKey[];
encryptionKeys?: MaybeArray<PublicKey>;
/** (optional) private keys for signing. If omitted message will not be signed */
signingKeys?: PrivateKey | PrivateKey[];
signingKeys?: MaybeArray<PrivateKey>;
/** (optional) array of passwords or a single password to encrypt the message */
passwords?: string | string[];
/** (optional) session key in the form: { data:Uint8Array, algorithm:String } */
passwords?: MaybeArray<string>;
/** (optional) session key */
sessionKey?: SessionKey;
/** if the return values should be ascii armored or the message/signature objects */
armor?: boolean;
@ -573,13 +584,13 @@ interface EncryptOptions {
/** (optional) use a key ID of 0 instead of the public key IDs */
wildcard?: boolean;
/** (optional) Array of key IDs to use for signing. Each `signingKeyIDs[i]` corresponds to `signingKeys[i]` */
signingKeyIDs?: KeyID[];
signingKeyIDs?: MaybeArray<KeyID>;
/** (optional) Array of key IDs to use for encryption. Each `encryptionKeyIDs[i]` corresponds to `encryptionKeys[i]`*/
encryptionKeyIDs?: KeyID[];
encryptionKeyIDs?: MaybeArray<KeyID>;
/** (optional) Array of user IDs to sign with, e.g. { name:'Steve Sender', email:'steve@openpgp.org' } */
signingUserIDs?: UserID[];
signingUserIDs?: MaybeArray<UserID>;
/** (optional) array of user IDs to encrypt for, e.g. { name:'Robert Receiver', email:'robert@openpgp.org' } */
encryptionUserIDs?: UserID[];
encryptionUserIDs?: MaybeArray<UserID>;
config?: PartialConfig;
}
@ -587,13 +598,13 @@ interface DecryptOptions {
/** the message object with the encrypted data */
message: Message<MaybeStream<Data>>;
/** (optional) private keys with decrypted secret key data or session key */
decryptionKeys?: PrivateKey | PrivateKey[];
decryptionKeys?: MaybeArray<PrivateKey>;
/** (optional) passwords to decrypt the message */
passwords?: string | string[];
passwords?: MaybeArray<string>;
/** (optional) session keys in the form: { data:Uint8Array, algorithm:String } */
sessionKeys?: SessionKey | SessionKey[];
/** (optional) array of public keys or single key, to verify signatures */
verificationKeys?: PublicKey | PublicKey[];
verificationKeys?: MaybeArray<PublicKey>;
/** (optional) whether data decryption should fail if the message is not signed with the provided publicKeys */
expectSigned?: boolean;
/** (optional) whether to return data as a string(Stream) or Uint8Array(Stream). If 'utf8' (the default), also normalize newlines. */
@ -607,13 +618,13 @@ interface DecryptOptions {
interface SignOptions {
message: CleartextMessage | Message<MaybeStream<Data>>;
signingKeys?: PrivateKey | PrivateKey[];
signingKeys?: MaybeArray<PrivateKey>;
armor?: boolean;
dataType?: DataPacketType;
detached?: boolean;
signingKeyIDs?: KeyID[];
signingKeyIDs?: MaybeArray<KeyID>;
date?: Date;
signingUserIDs?: UserID[];
signingUserIDs?: MaybeArray<UserID>;
config?: PartialConfig;
}
@ -621,7 +632,7 @@ interface VerifyOptions {
/** (cleartext) message object with signatures */
message: CleartextMessage | Message<MaybeStream<Data>>;
/** array of publicKeys or single key, to verify signatures */
verificationKeys: PublicKey | PublicKey[];
verificationKeys: MaybeArray<PublicKey>;
/** (optional) whether verification should throw if the message is not signed with the provided publicKeys */
expectSigned?: boolean;
/** (optional) whether to return data as a string(Stream) or Uint8Array(Stream). If 'utf8' (the default), also normalize newlines. */
@ -646,7 +657,7 @@ interface KeyPair {
export type EllipticCurveName = 'ed25519' | 'curve25519' | 'p256' | 'p384' | 'p521' | 'secp256k1' | 'brainpoolP256r1' | 'brainpoolP384r1' | 'brainpoolP512r1';
interface KeyOptions {
userIDs: UserID|UserID[];
userIDs: MaybeArray<UserID>;
passphrase?: string;
type?: 'ecc' | 'rsa';
curve?: EllipticCurveName;
@ -837,6 +848,7 @@ export namespace enums {
thirdParty = 80
}
export type aeadNames = 'eax' | 'ocb' | 'gcm';
enum aead {
eax = 1,
ocb = 2,

2
src/message.js
View File

@ -291,7 +291,7 @@ export class Message {
* @param {Date} [date] - Date to select algorithm preferences at
* @param {Array<Object>} [userIDs] - User IDs to select algorithm preferences for
* @param {Object} [config] - Full configuration, defaults to openpgp.config
* @returns {Promise<{ data: Uint8Array, algorithm: String }>} Object with session key data and algorithm.
* @returns {Promise<{ data: Uint8Array, algorithm: String, aeadAlgorithm: undefined|String }>} Object with session key data and algorithms.
* @async
*/
static async generateSessionKey(encryptionKeys = [], date = new Date(), userIDs = [], config = defaultConfig) {

41
src/openpgp.js
View File

@ -225,7 +225,7 @@ export async function encryptKey({ privateKey, passphrase, config }) {
/**
* Encrypts message text/data with public keys, passwords or both at once. At least either encryption keys or passwords
* Encrypts a message using public keys, passwords or both at once. At least one of `encryptionKeys` or `passwords`
* must be specified. If signing keys are specified, those will be used to sign the message.
* @param {Object} options
* @param {Message} options.message - Message to be encrypted as created by {@link createMessage}
@ -236,11 +236,11 @@ export async function encryptKey({ privateKey, passphrase, config }) {
* @param {Boolean} [options.armor=true] - Whether the return values should be ascii armored (true, the default) or binary (false)
* @param {Signature} [options.signature] - A detached signature to add to the encrypted message
* @param {Boolean} [options.wildcard=false] - Use a key ID of 0 instead of the public key IDs
* @param {Array<module:type/keyid~KeyID>} [options.signingKeyIDs=latest-created valid signing (sub)keys] - Array of key IDs to use for signing. Each `signingKeyIDs[i]` corresponds to `signingKeys[i]`
* @param {Array<module:type/keyid~KeyID>} [options.encryptionKeyIDs=latest-created valid encryption (sub)keys] - Array of key IDs to use for encryption. Each `encryptionKeyIDs[i]` corresponds to `encryptionKeys[i]`
* @param {KeyID|KeyID[]} [options.signingKeyIDs=latest-created valid signing (sub)keys] - Array of key IDs to use for signing. Each `signingKeyIDs[i]` corresponds to `signingKeys[i]`
* @param {KeyID|KeyID[]} [options.encryptionKeyIDs=latest-created valid encryption (sub)keys] - Array of key IDs to use for encryption. Each `encryptionKeyIDs[i]` corresponds to `encryptionKeys[i]`
* @param {Date} [options.date=current date] - Override the creation date of the message signature
* @param {Array<Object>} [options.signingUserIDs=primary user IDs] - Array of user IDs to sign with, one per key in `signingKeys`, e.g. `[{ name: 'Steve Sender', email: 'steve@openpgp.org' }]`
* @param {Array<Object>} [options.encryptionUserIDs=primary user IDs] - Array of user IDs to encrypt for, one per key in `encryptionKeys`, e.g. `[{ name: 'Robert Receiver', email: 'robert@openpgp.org' }]`
* @param {Object|Object[]} [options.signingUserIDs=primary user IDs] - Array of user IDs to sign with, one per key in `signingKeys`, e.g. `[{ name: 'Steve Sender', email: 'steve@openpgp.org' }]`
* @param {Object|Object[]} [options.encryptionUserIDs=primary user IDs] - Array of user IDs to encrypt for, one per key in `encryptionKeys`, e.g. `[{ name: 'Robert Receiver', email: 'robert@openpgp.org' }]`
* @param {Object} [options.config] - Custom configuration settings to overwrite those in [config]{@link module:config}
* @returns {Promise<MaybeStream<String>|MaybeStream<Uint8Array>>} Encrypted message (string if `armor` was true, the default; Uint8Array if `armor` was false).
* @async
@ -248,7 +248,8 @@ export async function encryptKey({ privateKey, passphrase, config }) {
*/
export async function encrypt({ message, encryptionKeys, signingKeys, passwords, sessionKey, armor = true, signature = null, wildcard = false, signingKeyIDs = [], encryptionKeyIDs = [], date = new Date(), signingUserIDs = [], encryptionUserIDs = [], config, ...rest }) {
config = { ...defaultConfig, ...config };
checkMessage(message); encryptionKeys = toArray(encryptionKeys); signingKeys = toArray(signingKeys); passwords = toArray(passwords); signingUserIDs = toArray(signingUserIDs); encryptionUserIDs = toArray(encryptionUserIDs);
checkMessage(message); encryptionKeys = toArray(encryptionKeys); signingKeys = toArray(signingKeys); passwords = toArray(passwords);
signingKeyIDs = toArray(signingKeyIDs); encryptionKeyIDs = toArray(encryptionKeyIDs); signingUserIDs = toArray(signingUserIDs); encryptionUserIDs = toArray(encryptionUserIDs);
if (rest.detached) {
throw new Error("The `detached` option has been removed from openpgp.encrypt, separately call openpgp.sign instead. Don't forget to remove the `privateKeys` option as well.");
}
@ -277,8 +278,8 @@ export async function encrypt({ message, encryptionKeys, signingKeys, passwords,
}
/**
* Decrypts a message with the user's private key, a session key or a password. Either a private key,
* a session key or a password must be specified.
* Decrypts a message with the user's private key, a session key or a password.
* One of `decryptionKeys`, `sessionkeys` or `passwords` must be specified (passing a combination of these options is not supported).
* @param {Object} options
* @param {Message} options.message - The message object with the encrypted data
* @param {PrivateKey|PrivateKey[]} [options.decryptionKeys] - Private keys with decrypted secret key data or session key
@ -361,9 +362,9 @@ export async function decrypt({ message, decryptionKeys, passwords, sessionKeys,
* @param {PrivateKey|PrivateKey[]} options.signingKeys - Array of keys or single key with decrypted secret key data to sign cleartext
* @param {Boolean} [options.armor=true] - Whether the return values should be ascii armored (true, the default) or binary (false)
* @param {Boolean} [options.detached=false] - If the return value should contain a detached signature
* @param {Array<module:type/keyid~KeyID>} [options.signingKeyIDs=latest-created valid signing (sub)keys] - Array of key IDs to use for signing. Each signingKeyIDs[i] corresponds to signingKeys[i]
* @param {KeyID|KeyID[]} [options.signingKeyIDs=latest-created valid signing (sub)keys] - Array of key IDs to use for signing. Each signingKeyIDs[i] corresponds to signingKeys[i]
* @param {Date} [options.date=current date] - Override the creation date of the signature
* @param {Object[]} [options.signingUserIDs=primary user IDs] - Array of user IDs to sign with, one per key in `signingKeys`, e.g. `[{ name: 'Steve Sender', email: 'steve@openpgp.org' }]`
* @param {Object|Object[]} [options.signingUserIDs=primary user IDs] - Array of user IDs to sign with, one per key in `signingKeys`, e.g. `[{ name: 'Steve Sender', email: 'steve@openpgp.org' }]`
* @param {Object} [options.config] - Custom configuration settings to overwrite those in [config]{@link module:config}
* @returns {Promise<MaybeStream<String>|MaybeStream<Uint8Array>>} Signed message (string if `armor` was true, the default; Uint8Array if `armor` was false).
* @async
@ -376,7 +377,7 @@ export async function sign({ message, signingKeys, armor = true, detached = fals
if (message instanceof CleartextMessage && !armor) throw new Error("Can't sign non-armored cleartext message");
if (message instanceof CleartextMessage && detached) throw new Error("Can't detach-sign a cleartext message");
signingKeys = toArray(signingKeys); signingUserIDs = toArray(signingUserIDs);
signingKeys = toArray(signingKeys); signingKeyIDs = toArray(signingKeyIDs); signingUserIDs = toArray(signingUserIDs);
if (!signingKeys || signingKeys.length === 0) {
throw new Error('No signing keys provided');
}
@ -478,7 +479,7 @@ export async function verify({ message, verificationKeys, expectSigned = false,
* @param {Object} options
* @param {PublicKey|PublicKey[]} options.encryptionKeys - Array of public keys or single key used to select algorithm preferences for
* @param {Date} [options.date=current date] - Date to select algorithm preferences at
* @param {Array} [options.encryptionUserIDs=primary user IDs] - User IDs to select algorithm preferences for
* @param {Object|Object[]} [options.encryptionUserIDs=primary user IDs] - User IDs to select algorithm preferences for
* @param {Object} [options.config] - Custom configuration settings to overwrite those in [config]{@link module:config}
* @returns {Promise<{ data: Uint8Array, algorithm: String }>} Object with session key data and algorithm.
* @async
@ -498,8 +499,8 @@ export async function generateSessionKey({ encryptionKeys, date = new Date(), en
}
/**
* Encrypt a symmetric session key with public keys, passwords, or both at once. At least either public keys
* or passwords must be specified.
* Encrypt a symmetric session key with public keys, passwords, or both at once.
* At least one of `encryptionKeys` or `passwords` must be specified.
* @param {Object} options
* @param {Uint8Array} options.data - The session key to be encrypted e.g. 16 random bytes (for aes128)
* @param {String} options.algorithm - Algorithm of the symmetric session key e.g. 'aes128' or 'aes256'
@ -508,9 +509,9 @@ export async function generateSessionKey({ encryptionKeys, date = new Date(), en
* @param {String|String[]} [options.passwords] - Passwords for the message
* @param {Boolean} [options.armor=true] - Whether the return values should be ascii armored (true, the default) or binary (false)
* @param {Boolean} [options.wildcard=false] - Use a key ID of 0 instead of the public key IDs
* @param {Array<module:type/keyid~KeyID>} [options.encryptionKeyIDs=latest-created valid encryption (sub)keys] - Array of key IDs to use for encryption. Each encryptionKeyIDs[i] corresponds to encryptionKeys[i]
* @param {KeyID|KeyID[]} [options.encryptionKeyIDs=latest-created valid encryption (sub)keys] - Array of key IDs to use for encryption. Each encryptionKeyIDs[i] corresponds to encryptionKeys[i]
* @param {Date} [options.date=current date] - Override the date
* @param {Array} [options.encryptionUserIDs=primary user IDs] - Array of user IDs to encrypt for, one per key in `encryptionKeys`, e.g. `[{ name: 'Phil Zimmermann', email: 'phil@openpgp.org' }]`
* @param {Object|Object[]} [options.encryptionUserIDs=primary user IDs] - Array of user IDs to encrypt for, one per key in `encryptionKeys`, e.g. `[{ name: 'Phil Zimmermann', email: 'phil@openpgp.org' }]`
* @param {Object} [options.config] - Custom configuration settings to overwrite those in [config]{@link module:config}
* @returns {Promise<String|Uint8Array>} Encrypted session keys (string if `armor` was true, the default; Uint8Array if `armor` was false).
* @async
@ -518,7 +519,7 @@ export async function generateSessionKey({ encryptionKeys, date = new Date(), en
*/
export async function encryptSessionKey({ data, algorithm, aeadAlgorithm, encryptionKeys, passwords, armor = true, wildcard = false, encryptionKeyIDs = [], date = new Date(), encryptionUserIDs = [], config, ...rest }) {
config = { ...defaultConfig, ...config };
checkBinary(data); checkString(algorithm, 'algorithm'); encryptionKeys = toArray(encryptionKeys); passwords = toArray(passwords); encryptionUserIDs = toArray(encryptionUserIDs);
checkBinary(data); checkString(algorithm, 'algorithm'); encryptionKeys = toArray(encryptionKeys); passwords = toArray(passwords); encryptionKeyIDs = toArray(encryptionKeyIDs); encryptionUserIDs = toArray(encryptionUserIDs);
if (rest.publicKeys) throw new Error("The `publicKeys` option has been removed from openpgp.encryptSessionKey, pass `encryptionKeys` instead");
try {
@ -530,15 +531,15 @@ export async function encryptSessionKey({ data, algorithm, aeadAlgorithm, encryp
}
/**
* Decrypt symmetric session keys with a private key or password. Either a private key or
* a password must be specified.
* Decrypt symmetric session keys using private keys or passwords (not both).
* One of `decryptionKeys` or `passwords` must be specified.
* @param {Object} options
* @param {Message} options.message - A message object containing the encrypted session key packets
* @param {PrivateKey|PrivateKey[]} [options.decryptionKeys] - Private keys with decrypted secret key data
* @param {String|String[]} [options.passwords] - Passwords to decrypt the session key
* @param {Date} [options.date] - Date to use for key verification instead of the current time
* @param {Object} [options.config] - Custom configuration settings to overwrite those in [config]{@link module:config}
* @returns {Promise<Object>} Array of decrypted session key, algorithm pairs in the form:
* @returns {Promise<Object[]>} Array of decrypted session key, algorithm pairs in the form:
* { data:Uint8Array, algorithm:String }
* @throws if no session key could be found or decrypted
* @async

2
test/general/signature.js
View File

@ -703,7 +703,7 @@ hUhMKMuiM3pRwdIyDOItkUWQmjEEw7/XmhgInkXsCw==
const armoredSignature = await openpgp.sign({
message,
signingKeys: privateKey,
signingKeyIDs: [privateKey.getKeyID()],
signingKeyIDs: privateKey.getKeyID(),
detached: true,
config: { minRSABits: 1024 }
});

24
test/typescript/definitions.ts
View File

@ -11,6 +11,7 @@ import {
generateKey, readKey, readKeys, readPrivateKey, PrivateKey, Key, PublicKey, revokeKey,
readMessage, createMessage, Message, createCleartextMessage,
encrypt, decrypt, sign, verify, config, enums,
generateSessionKey, encryptSessionKey, decryptSessionKeys,
LiteralDataPacket, PacketList, CompressedDataPacket, PublicKeyPacket, PublicSubkeyPacket, SecretKeyPacket, SecretSubkeyPacket
} from '../..';
@ -57,9 +58,7 @@ import {
expect(encryptedArmor).to.include('-----BEGIN PGP MESSAGE-----');
// Encrypt binary message (unarmored)
const binary = new Uint8Array(2);
binary[0] = 1;
binary[1] = 2;
const binary = new Uint8Array([1, 2]);
const binaryMessage = await createMessage({ binary });
const encryptedBinary: Uint8Array = await encrypt({ encryptionKeys: publicKeys, message: binaryMessage, armor: false });
expect(encryptedBinary).to.be.instanceOf(Uint8Array);
@ -80,6 +79,15 @@ import {
const encryptedMessage = await readMessage({ binaryMessage: encryptedBinary });
expect(encryptedMessage).to.be.instanceOf(Message);
// Session key functions
const sessionKeys = await decryptSessionKeys({ message: await readMessage({ binaryMessage: encryptedBinary }), decryptionKeys: privateKeys });
expect(sessionKeys).to.have.length(1);
// eslint-disable-next-line no-unused-vars
const encryptedSessionKeys: string = await encryptSessionKey({ ...sessionKeys[0], passwords: 'pass', algorithm: 'aes128', aeadAlgorithm: 'eax' });
const newSessionKey = await generateSessionKey({ encryptionKeys: privateKey.toPublic() });
expect(newSessionKey.data).to.exist;
expect(newSessionKey.algorithm).to.exist;
// Sign cleartext message (armored)
const cleartextMessage = await createCleartextMessage({ text: 'hello' });
const clearSignedArmor = await sign({ signingKeys: privateKeys, message: cleartextMessage });
@ -137,7 +145,7 @@ import {
expect(LiteralDataPacket.tag).to.equal(enums.packet.literalData);
// // Detached - sign cleartext message (armored)
// // Detached - sign text message (armored)
// import { Message, sign } from 'openpgp';
// const message = await createMessage({ text: util.removeTrailingSpaces(text) });
// const signed = await sign({ privateKeys, message, detached: true });
@ -148,14 +156,6 @@ import {
// const signed = await sign({ privateKeys, message, detached: true, armor: false });
// console.log(signed); // Uint8Array
// // Encrypt session keys (armored)
// const encrypted = await encryptSessionKey({ publicKeys, data, algorithm });
// console.log(encrypted); // String
// // Encrypt session keys (unarmored)
// const encrypted = await encryptSessionKey({ publicKeys, data, algorithm, armor: false });
// console.log(encrypted); // Uint8Array
// // Streaming - encrypt text message on Node.js (armored)
// const data = fs.createReadStream(filename, { encoding: 'utf8' });
// const message = await createMessage({ text: data });