Class: Key

Key()

Abstract class that represents an OpenPGP key. Must contain a primary key. Can contain additional subkeys, signatures, user ids, user attributes.

Constructor

new Key()

Source:

Methods

(async) applyRevocationCertificate(revocationCertificate, configopt) → {Promise.<Key>}

Applies a revocation certificate to a key This adds the first signature packet in the armored text to the key, if it is a valid revocation signature.

Parameters:
Name Type Attributes Description
revocationCertificate String

armored revocation certificate
config Object <optional>

Full configuration, defaults to openpgp.config
Source:
Returns:

Revoked key.

Type
Promise.<Key>

clone(deepopt) → {Promise.<Key>}

Clones the key object

Parameters:
Name Type Attributes Default Description
deep Boolean <optional>
 false

Whether to return a deep clone
Source:
Returns:

Clone of the key.

Type
Promise.<Key>

getAlgorithmInfo() → {Object}

Returns algorithm information

Source:
Returns:

An object of the form {algorithm: String, bits:int, curve:String}.

Type
Object

getCreationTime() → {Date}

Returns the creation time of the key

Source:
Returns:
Type
Date

(async) getEncryptionKey(keyID,, date,, userID,, configopt) → {Promise.<(Key|SubKey)>}

Returns last created key or key by given keyID that is available for encryption or decryption

Parameters:
Name Type Attributes Description
keyID, module:type/keyid~KeyID

optional
date, Date

optional
userID, String

optional
config Object <optional>

Full configuration, defaults to openpgp.config
Source:
Throws:

if no valid encryption key was found

Returns:

encryption key

Type
Promise.<(Key|SubKey)>

(async) getExpirationTime(capabilities,, keyID,, userID,, configopt) → {Promise.<(Date|Infinity|null)>}

Returns the latest date when the key can be used for encrypting, signing, or both, depending on the capabilities paramater. When capabilities is null, defaults to returning the expiry date of the primary key. Returns null if capabilities is passed and the key does not have the specified capabilities or is revoked or invalid. Returns Infinity if the key doesn't expire.

Parameters:
Name Type Attributes Description
capabilities, encrypt | sign | encrypt_sign

optional
keyID, module:type/keyid~KeyID

optional
userID, Object

optional user ID
config Object <optional>

Full configuration, defaults to openpgp.config
Source:
Returns:
Type
Promise.<(Date|Infinity|null)>

getFingerprint() → {String}

Calculates and returns the fingerprint of the key, as a string

Source:
Returns:

A string containing the fingerprint in lowercase hex

Type
String

getKeyID() → {module:type/keyid~KeyID}

Return the key ID of the key

Source:
Returns:

The 8-byte key ID

Type
module:type/keyid~KeyID

getKeyIDs() → {Array.<module:type/keyid~KeyID>}

Returns key IDs of all keys

Source:
Returns:
Type
Array.<module:type/keyid~KeyID>

getKeys(keyIDopt) → {Array.<(Key|SubKey)>}

Returns an array containing all public or private keys matching keyID. If no keyID is given, returns all keys, starting with the primary key.

Parameters:
Name Type Attributes Default Description
keyID type/keyid~KeyID <optional>
 null

key ID to look for
Source:
Returns:

array of keys

Type
Array.<(Key|SubKey)>

(async) getPrimaryUser(dateopt, userIDopt, configopt) → {Promise.<{user: User, selfCertification: SignaturePacket}>}

Returns primary user and most significant (latest valid) self signature

  • if multiple primary users exist, returns the one with the latest self signature
  • otherwise, returns the user with the latest self signature
Parameters:
Name Type Attributes Description
date Date <optional>

Use the given date for verification instead of the current time
userID Object <optional>

User ID to get instead of the primary user, if it exists
config Object <optional>

Full configuration, defaults to openpgp.config
Source:
Returns:

The primary user and the self signature

Type
Promise.<{user: User, selfCertification: SignaturePacket}>

(async) getRevocationCertificate(date, configopt) → {Promise.<String>}

Get revocation certificate from a revoked key. (To get a revocation certificate for an unrevoked key, call revoke() first.)

Parameters:
Name Type Attributes Description
date Date

Use the given date instead of the current time
config Object <optional>

Full configuration, defaults to openpgp.config
Source:
Returns:

Armored revocation certificate.

Type
Promise.<String>

(async) getSigningKey(keyID,, dateopt, userID,, configopt) → {Promise.<(Key|SubKey)>}

Returns last created key or key by given keyID that is available for signing and verification

Parameters:
Name Type Attributes Description
keyID, module:type/keyid~KeyID

optional
date Date <optional>

Use the given date for verification instead of the current time
userID, Object

optional user ID
config Object <optional>

Full configuration, defaults to openpgp.config
Source:
Throws:

if no valid signing key was found

Returns:

signing key

Type
Promise.<(Key|SubKey)>

getSubkeys(keyIDopt) → {Array.<SubKey>}

Returns an array containing all public or private subkeys matching keyID; If no keyID is given, returns all subkeys.

Parameters:
Name Type Attributes Default Description
keyID type/keyID <optional>
 null

key ID to look for
Source:
Returns:

array of subkeys

Type
Array.<SubKey>

getUserIDs() → {Array.<string>}

Returns userIDs

Source:
Returns:

Array of userIDs.

Type
Array.<string>

hasSameFingerprintAs() → {Boolean}

Calculates whether two keys have the same fingerprint without actually calculating the fingerprint

Source:
Returns:

Whether the two keys have the same version and public key data.

Type
Boolean

(async) isRevoked(signature, key,, date, configopt) → {Promise.<Boolean>}

Checks if a signature on a key is revoked

Parameters:
Name Type Attributes Description
signature SignaturePacket

The signature to verify
key, PublicSubkeyPacket | SecretSubkeyPacket | PublicKeyPacket | SecretKeyPacket

optional The key to verify the signature
date Date

Use the given date instead of the current time
config Object <optional>

Full configuration, defaults to openpgp.config
Source:
Returns:

True if the certificate is revoked.

Type
Promise.<Boolean>

packetListToStructure(packetlist, disallowedPackets)

Transforms packetlist to structured key data

Parameters:
Name Type Description
packetlist PacketList

The packets that form a key
disallowedPackets Set.<enums.packet>

disallowed packet tags
Source:

(async) signAllUsers(privateKeys, configopt) → {Promise.<Key>}

Signs all users of key

Parameters:
Name Type Attributes Description
privateKeys Array.<PrivateKey>

decrypted private keys for signing
config Object <optional>

Full configuration, defaults to openpgp.config
Source:
Returns:

Key with new certificate signature.

Type
Promise.<Key>

(async) signPrimaryUser(privateKeys, dateopt, userIDopt, configopt) → {Promise.<Key>}

Signs primary user of key

Parameters:
Name Type Attributes Description
privateKeys Array.<PrivateKey>

decrypted private keys for signing
date Date <optional>

Use the given date for verification instead of the current time
userID Object <optional>

User ID to get instead of the primary user, if it exists
config Object <optional>

Full configuration, defaults to openpgp.config
Source:
Returns:

Key with new certificate signature.

Type
Promise.<Key>

toPacketList() → {PacketList}

Transforms structured key data to packetlist

Source:
Returns:

The packets that form a key.

Type
PacketList

(async) update(sourceKey, configopt) → {Promise.<Key>}

Update key with new components from specified key with same key ID: users, subkeys, certificates are merged into the destination key, duplicates and expired signatures are ignored.

If the source key is a private key and the destination key is public, a private key is returned.

Parameters:
Name Type Attributes Description
sourceKey Key

Source key to merge
config Object <optional>

Full configuration, defaults to openpgp.config
Source:
Returns:

updated key

Type
Promise.<Key>

(async) verifyAllUsers(keys, configopt) → {Promise.<Array.<{userID: String, keyID: module:type/keyid~KeyID, valid: Boolean}>>}

Verifies all users of key

  • if no arguments are given, verifies the self certificates;
  • otherwise, verifies all certificates signed with given keys.
Parameters:
Name Type Attributes Description
keys Array.<Key>

array of keys to verify certificate signatures
config Object <optional>

Full configuration, defaults to openpgp.config
Source:
Returns:

List of userID, signer's keyID and validity of signature

Type
Promise.<Array.<{userID: String, keyID: module:type/keyid~KeyID, valid: Boolean}>>

(async) verifyPrimaryKey(dateopt, userIDopt, configopt)

Verify primary key. Checks for revocation signatures, expiration time and valid self signature. Throws if the primary key is invalid.

Parameters:
Name Type Attributes Description
date Date <optional>

Use the given date for verification instead of the current time
userID Object <optional>

User ID
config Object <optional>

Full configuration, defaults to openpgp.config
Source:
Throws:

If key verification failed

Type
Error

(async) verifyPrimaryUser(keys, dateopt, userIDopt, configopt) → {Promise.<Array.<{keyID: module:type/keyid~KeyID, valid: Boolean}>>}

Verifies primary user of key

  • if no arguments are given, verifies the self certificates;
  • otherwise, verifies all certificates signed with given keys.
Parameters:
Name Type Attributes Description
keys Array.<Key>

array of keys to verify certificate signatures
date Date <optional>

Use the given date for verification instead of the current time
userID Object <optional>

User ID to get instead of the primary user, if it exists
config Object <optional>

Full configuration, defaults to openpgp.config
Source:
Returns:

List of signer's keyID and validity of signature

Type
Promise.<Array.<{keyID: module:type/keyid~KeyID, valid: Boolean}>>

write() → {Uint8Array}

Returns binary encoded key

Source:
Returns:

Binary key.

Type
Uint8Array