Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
    Daniel Huigens
    @twiss
    That sounds like the message was truncated, or there was a bug somewhere. Could you post
    1) The script you're using to encrypt, and preferably also
    2) An example encrypted message that's giving this error?
    Vinicius Brito
    @vini-brito
    Hello everyone! I've been fighting to get a minimal setup done, tried several examples (including the github page one) and custom setups but been unable to move forward. Is there a detailed guide on the setup? My goal is to encrypt a string and nothing more, for now. Consider I already have the key generated somewhere.
    Every example I try or custom setup I do gets me the error: Parameter [message] needs to be of type Message
    Daniel Huigens
    @twiss
    Hey @vini-brito :wave: That's strange. Which example did you try? For encrypting a string, you pretty much only need
    const result = await openpgp.encrypt({
            message: openpgp.message.fromText('Hello, World!'),
            publicKeys: (await openpgp.key.readArmored(publicKeyArmored)).keys,
    });
    console.log(result.data);
    Vinicius Brito
    @vini-brito
    Oh thanks for the example! Well, about the examples I tried, pretty much anything on the first few pages in a google search :P
    However I spotted what was missing after working with your example: the "message" property I was just inserting a string, I wasn't using the openpgp.message.fromText("something").
    So this worked wonders, thanks a lot for the quick response!
    Daniel Huigens
    @twiss
    Alrighty :+1: Yeah, those examples are probably for an old version. The examples on https://github.com/openpgpjs/openpgpjs should all be up to date though, lmk if one of them doesn't work. And, no problem, glad you got it to work!
    Vincent den Boer
    @ShishKabab
    Hey people, anyone with experience here getting OpenPGP.js to work on React Native? We're trying to get there, but it seems that both OpenPGP.js and some of its dependencies depend on things that are not compatible with React Native :(
    skim-unique
    @skim-unique
    Hello hello! I have a react project that uses React Router and I'm getting these errors? Has anyone encountered them before or know the solution?
    Unhandled error in openpgp worker: SyntaxError: expected expression, got '<'
    Error: Error encrypting message: No keys, passwords, or session key provided.
    SAI PRASHANTH VUPPALA
    @its-VSP
    @skim-unique , please provide us some code snippet
    skim-unique
    @skim-unique
    @its-VSP
    class App extends Component {
    
      state = {
       pubKey: "key here"
    }
      render() {
        return (
          <div className="App">
            <header className="App-header">
              <input type="text" onChange={e=> {this.encryptFunction(e.target.value)}}></input>
    
            </header>
          </div>
        );
      }
    
      componentDidMount = async () => {
        this.initServiceWorker();
      }
    
      initServiceWorker = async () => {
        await openpgp.initWorker({ path:'openpgp.min.js' })
      }
    
    encryptFunction = async(value) => {
        const options = {
            message: openpgp.message.fromText(value),       // input as Message object
            publicKeys: (await openpgp.key.readArmored(this.state.pubkey)).keys, // for encrypt3ion
        }
    
        openpgp.encrypt(options).then(ciphertext => {
            var encrypted = ciphertext.data // '-----BEGIN PGP MESSAGE ... END PGP MESSAGE-----'
            console.log("Encrypted Message Below")
            console.log(encrypted)
            return encrypted
        })
    }
    }
    
    
    export default App;
    SAI PRASHANTH VUPPALA
    @its-VSP
    @skim-unique , it should be
    publicKeys: (await openpgp.key.readArmored(this.state.pubkey)).keys[0]
    TensorTom
    @TensorTom
    I was following this tutorial ( https://blog.castiel.me/posts/2016-11-16-play-with-cryptography-with-openpgpjs/ ) . I am able to create new key pairs but anytime I try to encrypt/sign I wind up with TypeError: openpgp.key.readArmored(...).keys is undefined when trying to run this test in browser:
    function crypt(){
        var options = {
            userIds: [{
                name: 'user'
            }],
            numBits: 2048,
            passphrase: 'password'
        }
        var pub_key, priv_key, revoc_cert
        openpgp.generateKey(options).then( async key => {
          priv_key = key.privateKeyArmored
          pub_key = key.publicKeyArmored
          revoc_cert = key.revocationCertificate
    
          var key = openpgp.key.readArmored(priv_key).keys[0]
          key.decrypt('password')
    
          var options = {
            data: "Secret message",
            publicKeys: openpgp.key.readArmored(pub_key).keys,
            privateKeys: [key]
          }
          openpgp.encrypt(options).then(encryptedData => {
            console.log(encryptedData.data)
            //sendResponse({test: encryptedData.data})
          })
    
        })
    }
    SAI PRASHANTH VUPPALA
    @its-VSP
    Hi @TensorTom
    i've modified your code a bit(that should be working) , see below :
    function crypt(){
        var options = {
            userIds: [{
                name: 'user'
            }],
            numBits: 2048,
            passphrase: 'password'
        }
        var pub_key, priv_key, revoc_cert
        openpgp.generateKey(options).then( async (key) => {
          priv_key = key.privateKeyArmored
          pub_key = key.publicKeyArmored
          revoc_cert = key.revocationCertificate
    
          var key1 = (await openpgp.key.readArmored(priv_key)).keys[0]
          key1.decrypt('password')
    
          var options = {
            data: "Secret message",
            publicKeys: [ (await openpgp.key.readArmored(pub_key)).keys[0] ],
            privateKeys: [key1]
          }
          openpgp.encrypt(options).then(encryptedData => {
            console.log(encryptedData.data)
            //sendResponse({test: encryptedData.data})
          })
    
        })
    }
    openpgp.key.readArmored is no more a synchronous call and it will return a promise , so you should use await / then(function)
    SAI PRASHANTH VUPPALA
    @its-VSP
    in above code snippet , please use
    message : 'secret message'
    instead of
    data : 'secret message'
    TensorTom
    @TensorTom
    thanks. will try it
    Rodrigo Panchiniak Fernandes
    @panchiniak
    If someone interested in Drupal out there, I've been writing this wrapper for a while: https://www.drupal.org/project/proc (versions for Drupal 8 and 9 to come this year). Running well so far. Just tested openpgpjs v4.7.2 and all went smooth. So I have updated my specs as well. Previously I was working over vs. 4.4.10. Could notice (but not surely) a slight increase in the performance for decrypting content encrypted towards multiple keys. Cool! thanks! :D
    If someone is struggling with encryption/decryption of files and/or key creation, this may help: https://git.drupalcode.org/project/proc/tree/7.x-1.x/js (any criticism very welcome)
    Michael Fuchs
    @theexiile1305
    Hey everyone,
    I've came up with a question according to my bachelor thesis in computer science, that I'm currently writing. Does this project support the Web Cryptography API?
    Daniel Huigens
    @twiss
    @theexiile1305 OpenPGP.js does use Web Crypto whenever possible, yes. Here's one example of that: https://github.com/openpgpjs/openpgpjs/blob/94a04eaa5ce51291941ae21848f9127387eaffe9/src/crypto/public_key/rsa.js#L181
    Philip A Senger
    @psenger

    I hope asking this question here is appropriate, my apologies if not.

    I'm using openpgp.js in Node 13 with Jest as it's testing framework.

    Much to my surprise, none of my tests that invoked OpenPGP passed. Errors always originated to any usage of Encrypt or Decrypt and ranged from signer key not found to flat out stack traces. I studied the tests in the OpenPGP project, to see if it was something I missed. I realized the tests are written to use chai. When I removed the Jest framework all of my tests passed.

    Anyone else successfully integrated Jest and OpenPGP in a project? I googled and can't find anything related to these two products.

    Thank you

    Daniel Huigens
    @twiss
    Hey @psenger! Could you post some of the error messages & stack traces you got? And could you perhaps post an example test case you wrote with and without Jest, respectively?
    Philip A Senger
    @psenger
    @twiss thank you for responding and I should have realized the problem was jest. turns out I was running jest version 24.9.0 when I upgraded to 25.1.0 everything started to work. With so many Async calls happening in anonymous functions the stack trace was useless. thank you
    ibsusu
    @ibsusu
    Hello, could someone help me figure out how to set an expiration date on a detached signature?

    right now this is what I have
    ```pgp.signStringDetached = async function(inString, privateKeyString, inDate) {
    let privateKeys = (await openpgp.key.readArmored(privateKeyString)).keys
    let options = {
    message: openpgp.cleartext.fromText(inString),
    privateKeys: privateKeys,
    detached: true,
    date: inDate
    }

    return openpgp.sign(options).then(function(signed) {
    return signed.signature
    })
    };```

    but including a date later than today makes the signature unable to be verified.
    ibsusu
    @ibsusu
    ok so I got that part working, just including the date in the options of verify
    but I still can't figure out the expiration date
    ibsusu
    @ibsusu
    screw it, i'm just going to combine the data and a date and sign both.
    i can't find this thing
    ibsusu
    @ibsusu
    I can't find it but I'm updating the code so that the sign method accepts an expirationTime.
    It's cleaner than what I was going to do.
    you guys don't talk much I guess
    ibsusu
    @ibsusu
    I made a pull request
    eyes on it would be appreciated.
    Daniel Huigens
    @twiss
    Hey @ibsusu :wave: Sorry for the late reply. Might I ask what your use case is for expiring signatures? This feature is rarely used in PGP.
    ibsusu
    @ibsusu
    I want to sign other people's public key for a short period of time. Doing so allows the signee to access some of my resources or services or act in my name so long as they continually come back for another sign. The purpose of this feature is so that a service with no knowledge of me can use the signature as a filter for posting in specific channels. I could rotate keys but that means I need to update all of the services I'm using and all of the other signees. It's better to just let it expire.
    in this usecase btw, there are no key servers involved - just pk1, detached pk1->pk2 signature, pk2
    thanks for replying btw
    Daniel Huigens
    @twiss

    I want to sign other people's public key for a short period of time. Doing so allows the signee to access some of my resources or services or act in my name so long as they continually come back for another sign.

    I see. That's not typically what signing another person's key "means" in PGP (typically, it means that you believe that their key belongs to them - which is why signature expiry is not often used, because it's not clear what that would mean). I would recommend that you go with your second plan, and sign some application-specific data structure (JSON?) which contains their public key, what they're allowed to do, and until when. IMHO that seems more flexible, and then you're not depending on an underused and undertested feature of OpenPGP.

    ibsusu
    @ibsusu
    i gotta fight you on this, how is it any different than If the key used for signing has an expiration date? The signature inherits that expiration date. In both cases the end result is the signature no longer being valid. Regardless of the "meaning", you can infer certain states in the web of trust considering the expiration time which in my opinion is underutilized.
    and if you need tests, I'll write them.
    Daniel Huigens
    @twiss

    how is it any different than If the key used for signing has an expiration date? The signature inherits that expiration date. In both cases the end result is the signature no longer being valid.

    This is up for debate, but that is not how OpenPGP.js currently works. It considers that if the key was valid and not expired at the time the signature was made, and the signature is not expired, then the signature is still valid. There are even some cases where it does not check for signature expiry at all (e.g. for revocation signatures)

    ibsusu
    @ibsusu
    you're right, there's nothing in the RFC either that states what I said is how it should work.
    Albakham
    @albakham
    Hello,
    Do you know if there is anything like this https://github.com/encrypt-to/secure.contactform.php still maintained?
    or I should I update the contact.html to make it work with the latest openpgp.min.js?
    Yarmo Mackenbach
    @YarmoM
    Hey :) I was trying to figure out how to extract photos from public keys using openpgpjs but didn't succeed. Has anyone else managed to do this?
    Wiktor Kwapisiewicz
    @wiktor-k
    @YarmoM photos are stored as userAttributes, check out user.userAttribute and then do some magic based on user attribute tag (1). I did some magic removing attribute framing so that'd be something like this:
    if (userAttribute.attributes[0][0] === String.fromCharCode(1)) {
      imgUri = "data:image/jpeg;base64," + btoa(userAttribute.attributes[0].substring(17));
    }
    @albakham encrypt.to is definitely not maintained last time I checked but fortunately making an encrypt box with openpgp.js is actually quite easy, check out https://metacode.biz/sandbox/encrypt for inspiration :)