Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
    the fact that openpgp.js depends on navigator causes trouble when packaging it for a Cloudflare worker.
    19 replies
    Oussema Zouaghi
    @Mellywins
    14 replies
    Rodrigo Panchiniak Fernandes
    @panchiniak
    Hi everyone. I'm coming from vs. 4.10 into 5.2. So, I'm 100% newbie in 5.x. Question: don't we have a dist folder anymore? But 5.2 documentation still mentions "The dist/openpgp.min.js [...]". Any help on that? Do I need to generate it? Thank you.
    3 replies
    Rodrigo Panchiniak Fernandes
    @panchiniak
    FYI: I may have found a bug affecting versions 5.1 and 5.2 and NOT affecting version 5.0 nor 5.0.1. In those versions I get "Uncaught (in promise) TypeError: Error encrypting message: crypto.getCipher is not a function" when doing openpgp.encrypt against public keys and with a text message bigger than 3MB. However I don't have the time right now for digging it further... :/ One remark that perhaps is relevant: the public keys were generated with version 4.2.
    5 replies
    This message was deleted
    harishav
    @harishav
    Hi Everyone, i have requirement where i have an encrypted file on Azure Blob Container, need to use NodeJS Script to decrypt the file and upload to a different container. Can openpgp library help on this requirement with Streams, so that i don't need to load whole file to in memory, as the file size i would be using is high (~6GB unencrypted, ~2GB after encryption)
    harishav
    @harishav

    To start with, i am trying to write code for decrypting the local file with something like below code:

    (async () => {
        const readableStream = fs.createReadStream('<localEncryptedFile>');
        const writableStream = fs.createWriteStream('<localReferenceForDecryptedFile>);
        const decrypted = await openpgp.decrypt({
            message: await openpgp.readMessage({armoredMessage : readableStream}),
            decryptionKeys: privateKey,
        });
        const plaintext = decrypted.data;
        plaintext.pipe(writableStream);
    })();

    Looks this is somehow loading full data into inmemory and resulting in "JavaScript heap out of memory" error. Need some help to understand what is missing here
    @twiss
    Referred to this snippet for reference: https://github.com/openpgpjs/openpgpjs/issues/485#issuecomment-616357295

    Chris Basham
    @basham

    Just today, I noticed a similar issue to @harishav on one of my projects. The browser downloads an encrypted file, processes the response body as a ReadableStream, and decodes it to UTF-8. That stream object passes to openpgp.

    const message = await openpgp.readMessage({ armoredMessage: stream });
    const decrypted = await openpgp.decrypt({
      message,
      passwords: [password],
      format: 'binary'
    });

    The decryption method (openpgp.decrypt()) buffers the message in memory, decrypts, and outputs a ReadableStream (decrypted.data) once the decryption is complete. Based on some testing, I'm pretty sure openpgp.readMessage() is not the problem.

    Ideally, the decryption method would immediately return the ReadableStream, then push decrypted chunks through it as it processes them. As I don't have experience in encryption, I don't know if this is possible. I don't know if you need the entire file in memory in order to decrypt it. If it is possible, then I'd want to know how we can make progress to updating the library to make this work.

    Here are a couple of functions in which I suspect contribute to the problem:

    harishav
    @harishav
    @basham
    After multiple tries and going through github issues, able to solve the issue. Adding "allowUnauthenticatedStream" in the decrypt config works for me.
    Below is the full piece of code:
    const decrypt = async (readableStream, privateKey) => await openpgp.decrypt({
        message: await openpgp.readMessage({armoredMessage : readableStream}),
        decryptionKeys: privateKey,
        config: {allowUnauthenticatedStream: true }
    });
    2 replies
    Phorcys
    @phorcys:phorcys.net
    [m]
    Hello everyone ! I am currently working on a project that requires signing keys, I can't really understand what to do even after looking in the docs.
    What I am trying to achieve: gpg --local-user 0xMASTERKEY --sign-key DESTKEY
    3 replies
    Phorcys
    @phorcys:phorcys.net
    [m]
    actually no, not trust levels
    the usage flags
    as in, SEA, SCEA
    larabr
    @larabr
    the usage flags are set by the private key owner, when signing a key you just certify the relationship between the key and the user IDs it declares
    1 reply
    what kind of usage flags do you need on DESTKEY (assuming you own the private key)?
    2 replies
    Phorcys
    @phorcys:phorcys.net
    [m]
    my idea was to generate the master key and subkeys inside openpgp.js
    yes
    each subkey has a different usage
    Phorcys
    @phorcys:phorcys.net
    [m]
    well, i'm calling them subkeys when they
    my element crashed, I meant to say that they're just signed
    the simplified version would probably be "how do I generate a key and set it's usage flags"
    larabr
    @larabr
    by default, a generated key will have SC flags on the primary key, and E or S flags on the subkeys (based on the sign: true/false value given as subkeys options, see https://docs.openpgpjs.org/global.html#generateKey ) . we don't support setting the encryption flag on the primary key (since thats only technically possible in a RSA key, but still not recommended). we also don't support setting A flags.
    1 reply
    larabr
    @larabr
    but i am not sure i follow whether you mean "subkeys" in the openpgp sense, or as standalone/independent key entities that are signed/certified by another openpgp key entity.
    an openpgp key entity is in itself made up of a primary key, and zero or more subkeys
    7 replies
    Phorcys
    @phorcys:phorcys.net
    [m]
    all of them are RSA if that's what you're asking
    Phorcys
    @phorcys:phorcys.net
    [m]
    thanks, I will try
    codersbet
    @codersbet

    how can i get a stream.Readable from

    const decrypted = await openpgp.decrypt({
    message: await openpgp.readMessage({
    armoredMessage: this.s3.getObject(or).createReadStream(),
    }),
    decryptionKeys: privateKey,
    });

        const dataStream = decrypted.data; // this needs to be Readable instead of webstream
    1 reply
    Phorcys
    @phorcys:phorcys.net
    [m]
    atleast I assume it's a Deno issue
    wait, no
    it can't be
    yeah my bad I was not giving it a key lol
    Phorcys
    @phorcys:phorcys.net
    [m]
    what if I want to save multiple keys in a single file ?
    1 reply
    Phorcys
    @phorcys:phorcys.net
    [m]
    alright, thank you for your help
    Arkoprabho Chakraborti
    @Arkoprabho
    New to OpenPGPJs.
    Can we (or should we) get the object returned by decrypt method to be MaybeStream<Uint8Array> instead of MaybeStream<String> when decrypting an armor file?
    1 reply
    varsha123
    @varsha123

    Hi Team

    we are facing below error : while decrypting signencrypted file generated using Bouncycastle library

    Error decrypting message: Session key decryption failed.

    Also same file we have tried with GPG tool: we received below detail: plz suggest what's wrong here in this file or our process

    gpg: encrypted with rsa3072 key, ID ###############, created 2021-10-26
    "Tazapay Devops (Tazapay SCB dev PGP) <#########>"
    gpg: used key is not marked for encryption use.
    File 'doc' exists. Overwrite? (y/N) n
    Enter new filename: doc1
    gpg: Signature made 12-May-22 11:31:45 AM India Standard Time
    gpg: using RSA key ###################
    gpg: issuer "##############"
    gpg: Good signature from "###############" [unknown]
    gpg: WARNING: This key is not certified with a trusted signature!
    gpg: There is no indication that the signature belongs to the owner.
    Primary key fingerprint: #########################################
    gpg: WARNING: message was not integrity protected
    gpg: decryption forced to fail!

    GPG version :
    gpg (GnuPG) 2.3.6
    libgcrypt 1.10.1
    Copyright (C) 2021 g10 Code GmbH
    License GNU GPL-3.0-or-later https://gnu.org/licenses/gpl.html
    This is free software: you are free to change and redistribute it.

    Please let us know how to fix this.

    below is our decryption code

    const messagedecrypt:any =fs.readFileSync("TESTPGP_PGPOUT", "utf8");
    const message:any = await openpgp.readMessage({
    armoredMessage: messagedecrypt, // parse armored message
    });

    const { data: decrypted, signatures } = await openpgp.decrypt({
    message,
    verificationKeys: publicKey, // optional
    decryptionKeys: privateKey1
    });
    console.log("decrypted-----");
    console.log(decrypted); // 'Hello, World!'
    console.log(message.packets[0].publicKeyId);

    try {
    await signatures[0].verified; // throws on invalid signature
    console.log('Signature is valid');
    } catch (e) {
    throw new Error('Signature could not be verified: ' + e.message);
    }
    Thanks
    Varsha

    Juan Marín
    @juanpmarin
    Hi!
    We're trying to decrypt a file using PGP, the file was encrypted with our public key only, so we're trying to decrypt it with our private key only,
    We're getting this error Session key decryption failed
    import { readFile, writeFile } from "fs/promises";
    import * as openpgp from "openpgp";
    
    openpgp.config.ignore_mdc_error = false;
    
    (async () => {
      const privateKeyContent = await readFile(
        "private_key.pgp"
      );
    
      const newPrivateKey = await openpgp.decryptKey({
        privateKey: await openpgp.readPrivateKey({
          armoredKey: privateKeyContent.toString(),
        }),
        passphrase: `our_password`,
      });
    
      const file = await readFile(
        "encrypted.xlsx.pgp"
      );
    
      const encryptedMessage = await openpgp.readMessage({
        binaryMessage: file,
      });
    
      const { data: decrypted } = await openpgp.decrypt({
        message: encryptedMessage,
        format: "binary",
        decryptionKeys: newPrivateKey,
      });
    
      await writeFile("decrypted.xlsx", decrypted);
    })();
    And this is the example code
    1 reply
    Juan Marín
    @juanpmarin
    We fixed it with
        config: {
          allowInsecureDecryptionWithSigningKeys: true,
        },
    Sumit Vatekar
    @SumitVatekar
    Hello,
    I need to understand a process to push some modification in openPGP library , I've made some changes in openPGP library as per my requirement and now i want to make those changes publicly available. can anyone help me with the process ?
    1 reply
    PankajSharma
    @sharmapn

    I would like to encrypt a zip file using OpenPGP.js (https://browserpgp.github.io/). All processing needs to be done on the client-side, without involvement of Node.js. Using the javascript-based browserpgp.js, encryption of plaintext file is easy, but encryption of zip files are challenging.

    I am attaching the code I use to encrypt the zip file. Since, the contents of zip file are not text, so I have used guides for working with binary data from https://github.com/openpgpjs/openpgpjs. I believe the resulting file after encryption of a zip file should be in raw/binary format, and the resulting file saved from the following encryption code is in binary. However, I verified it and its cannot be decrypted.

    I am using the Kleopatra desktop OpenPGP tool (https://www.openpgp.org/software/kleopatra/) to verify if the resulting encrypted file. Using the tool, I tested to see if I can decrypt the encrypted file using my private key. The resulting binary file cannot be decrypted using the Kleopatra tool. So I was wondering what is wrong with this code, as the resulting file should be decryptable using Kleopatra.

    You can create two public keys using the tool here: https://browserpgp.github.io

    function openpgp_encryptZIPFile(){  
      var zip = new JSZip();
      zip.file("Hello.txt", "Hello World\n");
      var img = zip.folder("images");
      zip.generateAsync({type:"blob"})
      .then(function(content) {
          console.log('contents: ' + content);     
          encryptedZipFile = OpenPGPEncryptDataZipFile(content);
      });  
    }
    
    async function OpenPGPEncryptDataZipFile(zipBlob) 
    {    
      //This is my public key
      const key1 = `somekey1`;  //you would have to put a public key here 
        //This is the testuser public key
      const key2 = `somekey2`; //you would have to put another public key here 
      const publicKeysArmored = [key1, key2];
      //create a combined key
      const publicKeys = await Promise.all(publicKeysArmored.map(armoredKey => openpgp.readKey({ armoredKey }))); 
    
      var binaryData = new Uint8Array(zipBlob);  
    
      //https://github.com/openpgpjs/openpgpjs/blob/main/README.md
      //For OpenPGP.js v4 syntax is:  const message = openpgp.Message.fromBinary(binaryData); 
      //For OpenPGP.js v5 syntax is:  const message2 = await openpgp.createMessage({ binary: binaryData });
      //`const {data: encrypted}' OR `const { message }' OR just `const encrypted'
      const  encrypted  = await openpgp.encrypt({
      message: await openpgp.createMessage({ binary: binaryData }),      
         encryptionKeys: publicKeys,
         //signingKeys: privateKey // optional
         format: 'binary'
      });
      console.log('encrypted: ' + encrypted);
      var encryptedBlob = new Blob([encrypted],{type: 'text/plain'});    
      //var encryptedBlob = new Blob([encrypted], {type: "octet/stream"});
      saveAs(encryptedBlob, 'test.zip.enc' ); 
    }
    ERIC HANSEN
    @eric-lancelot
    Hello everyone am trying to encrypt a JSON String with openpgp.min.js with a receiver public key but am failing. does anyone here have a sample snippet i can use. THANKS !
    any help
    ERIC HANSEN
    @eric-lancelot

    Hello This Error Is What Am Currently Facing With OpenPgp.js

    Error Is : Uncaught TypeError: openpgp.key is undefined

    1 reply
    any help
    vjsrikar
    @Vijaysreekar4994
    Hello everyone,
    I'm not able to decrypt the data which is exncrypted in cipher text.
    posting here after many tries.
    it would be a great help if anyone give me any idea what wrong am i doing.
    example :
    
    const encryptedCipherText = '��YZ#cf��g=W��YZ#cf��"�KRR� �+��$���z�'; 
    
    let armoredKey = Buffer.from(PGP_PRIVATE_KEY, 'base64').toString();
    const privateKey = await openpgp.readKey({ armoredKey });
    const decryptionKeys = await openpgp.decryptKey({ privateKey, passphrase: PGP_PASSPHRASE });
        const decrypted = await openpgp.decrypt({
            message: await openpgp.readMessage({ binaryMessage: encryptedCipherText  }),
            decryptionKeys,
            format: 'binary',
        });
    
    ERROR : "readMessage: options.binaryMessage must be a Uint8Array or stream"
    
    again i have an error, if i change the code as follows
    
    const body = new Buffer.from(encryptedCipherText ); //Uint8Array 
        let armoredKey = Buffer.from(PGP_PRIVATE_KEY, 'base64').toString();
        const privateKey = await openpgp.readKey({ armoredKey });
        const decryptionKeys = await openpgp.decryptKey({ privateKey, passphrase: PGP_PASSPHRASE });
        const decrypted = await openpgp.decrypt({
            message: await openpgp.readMessage({ binaryMessage: body }),
            decryptionKeys,
            format: 'binary',
        });
    ERROR: Error during parsing. This message / key probably does not conform to a valid OpenPGP format
    13 replies
    Szczepan Zalega (nitro.chat)
    @szszszsz:nitro.chat
    [m]
    Hey! While calling readMessage on a freshly generated message, as in examples, I get TypeError: a is not a constructor. Do you have any ideas how can I debug this? I am using OpenPGP.js v5.3.1-3-ge862d5f2.
    Szczepan Zalega (nitro.chat)
    @szszszsz:nitro.chat
    [m]
    Here is the failing snippet:
    import {readKey, encrypt, createMessage, generateKey, readMessage, decrypt} from "openpgp";
    
        const { privateKey, publicKey, revocationCertificate } = await generateKey({
            type: 'ecc', // Type of the key, defaults to ECC
            curve: 'curve25519', // ECC curve name, defaults to curve25519
            userIDs: [{ name: 'Jon Smith', email: 'jon@example.com' }], // you can pass multiple user IDs
            format: 'object' // output key format, defaults to 'armored' (other options: 'binary' or 'object')
        });
    
        const encrypted = await encrypt({
            message: await createMessage({ text: 'Hello, World!' }), // input as Message object
            encryptionKeys: publicKey,
            format: 'binary'
        });
    
        const message = await readMessage({
            binaryMessage: encrypted // parse binary message
        });
    Szczepan Zalega (nitro.chat)
    @szszszsz:nitro.chat
    [m]
    Snippet started working after updating libraries to newer versions (via yarn update). Perhaps the cause simply lied in outdated libraries usage.