Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

openpgp

Package Overview
Dependencies
Maintainers
5
Versions
179
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

openpgp

OpenPGP.js is a Javascript implementation of the OpenPGP protocol. This is defined in RFC 4880.

  • 5.0.0-6
  • Source
  • npm
  • Socket score

Version published
Weekly downloads
231K
decreased by-38.07%
Maintainers
5
Weekly downloads
 
Created

What is openpgp?

The openpgp npm package is a JavaScript implementation of the OpenPGP standard, which allows for encryption, decryption, signing, and verification of messages and files. It is widely used for secure communication and data protection.

What are openpgp's main functionalities?

Encrypting a message

This feature allows you to encrypt a message using a public key. The code sample demonstrates how to read a public key, create a message, and then encrypt it.

const openpgp = require('openpgp');
(async () => {
  const publicKeyArmored = '-----BEGIN PGP PUBLIC KEY BLOCK ... END PGP PUBLIC KEY BLOCK-----';
  const message = 'Hello, world!';
  const publicKey = await openpgp.readKey({ armoredKey: publicKeyArmored });
  const encrypted = await openpgp.encrypt({ message: await openpgp.createMessage({ text: message }), encryptionKeys: publicKey });
  console.log(encrypted);
})();

Decrypting a message

This feature allows you to decrypt a message using a private key and passphrase. The code sample demonstrates how to read a private key, decrypt it with a passphrase, read an encrypted message, and then decrypt it.

const openpgp = require('openpgp');
(async () => {
  const privateKeyArmored = '-----BEGIN PGP PRIVATE KEY BLOCK ... END PGP PRIVATE KEY BLOCK-----';
  const passphrase = 'yourPassphrase';
  const encryptedMessage = '-----BEGIN PGP MESSAGE ... END PGP MESSAGE-----';
  const privateKey = await openpgp.decryptKey({ privateKey: await openpgp.readPrivateKey({ armoredKey: privateKeyArmored }), passphrase });
  const message = await openpgp.readMessage({ armoredMessage: encryptedMessage });
  const { data: decrypted } = await openpgp.decrypt({ message, decryptionKeys: privateKey });
  console.log(decrypted);
})();

Signing a message

This feature allows you to sign a message using a private key and passphrase. The code sample demonstrates how to read a private key, decrypt it with a passphrase, create a message, and then sign it.

const openpgp = require('openpgp');
(async () => {
  const privateKeyArmored = '-----BEGIN PGP PRIVATE KEY BLOCK ... END PGP PRIVATE KEY BLOCK-----';
  const passphrase = 'yourPassphrase';
  const message = 'Hello, world!';
  const privateKey = await openpgp.decryptKey({ privateKey: await openpgp.readPrivateKey({ armoredKey: privateKeyArmored }), passphrase });
  const signedMessage = await openpgp.sign({ message: await openpgp.createMessage({ text: message }), signingKeys: privateKey });
  console.log(signedMessage);
})();

Verifying a signed message

This feature allows you to verify a signed message using a public key. The code sample demonstrates how to read a public key, read a signed message, and then verify the signature.

const openpgp = require('openpgp');
(async () => {
  const publicKeyArmored = '-----BEGIN PGP PUBLIC KEY BLOCK ... END PGP PUBLIC KEY BLOCK-----';
  const signedMessage = '-----BEGIN PGP SIGNED MESSAGE ... END PGP SIGNED MESSAGE-----';
  const publicKey = await openpgp.readKey({ armoredKey: publicKeyArmored });
  const message = await openpgp.readMessage({ armoredMessage: signedMessage });
  const verificationResult = await openpgp.verify({ message, verificationKeys: publicKey });
  const { verified } = verificationResult.signatures[0];
  try {
    await verified;
    console.log('Signature is valid');
  } catch (e) {
    console.log('Signature is invalid');
  }
})();

Other packages similar to openpgp

Keywords

FAQs

Package last updated on 20 Aug 2021

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc