Class: Key

Key()

Abstract class that represents an OpenPGP key. Must contain a primary key. Can contain additional subkeys, signatures, user ids, user attributes.

Constructor

new Key()

Source:

Methods

(async) applyRevocationCertificate(revocationCertificate, dateopt, configopt) → {Promise.<Key>}

Applies a revocation certificate to a key This adds the first signature packet in the armored text to the key, if it is a valid revocation signature.

Parameters:
Name Type Attributes Description
revocationCertificate String

armored revocation certificate
date Date <optional>

Date to verify the certificate
config Object <optional>

Full configuration, defaults to openpgp.config
Source:
Returns:

Revoked key.

Type
Promise.<Key>

clone(clonePrivateParamsopt) → {Promise.<Key>}

Clones the key object. The copy is shallow, as it references the same packet objects as the original. However, if the top-level API is used, the two key instances are effectively independent.

Parameters:
Name Type Attributes Default Description
clonePrivateParams Boolean <optional>
 false

Only relevant for private keys: whether the secret key paramenters should be deeply copied. This is needed if e.g. encrypt() is to be called either on the clone or the original key.
Source:
Returns:

Clone of the key.

Type
Promise.<Key>

getAlgorithmInfo() → {Object}

Returns algorithm information

Source:
Returns:

An object of the form {algorithm: String, bits:int, curve:String}.

Type
Object

getCreationTime() → {Date}

Returns the creation time of the key

Source:
Returns:
Type
Date

(async) getEncryptionKey(keyIDopt, dateopt, userIDopt, configopt) → {Promise.<(Key|Subkey)>}

Returns last created key or key by given keyID that is available for encryption or decryption

Parameters:
Name Type Attributes Description
keyID module:type/keyid~KeyID <optional>

key ID of a specific key to retrieve
date Date <optional>

use the fiven date date to to check key validity instead of the current date
userID Object <optional>

filter keys for the given user ID
config Object <optional>

Full configuration, defaults to openpgp.config
Source:
Throws:

if no valid encryption key was found

Returns:

encryption key

Type
Promise.<(Key|Subkey)>

(async) getExpirationTime(userIDopt, configopt) → {Promise.<(Date|Infinity|null)>}

Returns the expiration date of the primary key, considering self-certifications and direct-key signatures. Returns Infinity if the key doesn't expire, or null if the key is revoked or invalid.

Parameters:
Name Type Attributes Description
userID Object <optional>

User ID to consider instead of the primary user
config Object <optional>

Full configuration, defaults to openpgp.config
Source:
Returns:
Type
Promise.<(Date|Infinity|null)>

getFingerprint() → {String}

Calculates and returns the fingerprint of the key, as a string

Source:
Returns:

A string containing the fingerprint in lowercase hex

Type
String

getKeyID() → {module:type/keyid~KeyID}

Return the key ID of the key

Source:
Returns:

The 8-byte key ID

Type
module:type/keyid~KeyID

getKeyIDs() → {Array.<module:type/keyid~KeyID>}

Returns key IDs of all keys

Source:
Returns:
Type
Array.<module:type/keyid~KeyID>

getKeys(keyIDopt) → {Array.<(Key|Subkey)>}

Returns an array containing all public or private keys matching keyID. If no keyID is given, returns all keys, starting with the primary key.

Parameters:
Name Type Attributes Default Description
keyID type/keyid~KeyID <optional>
 null

key ID to look for
Source:
Returns:

array of keys

Type
Array.<(Key|Subkey)>

(async) getPrimarySelfSignature(dateopt, userIDopt, configopt) → {Promise.<SignaturePacket>}

For V4 keys, returns the self-signature of the primary user. For V5 keys, returns the latest valid direct-key self-signature. This self-signature is to be used to check the key expiration, algorithm preferences, and so on.

Parameters:
Name Type Attributes Description
date Date <optional>

Use the given date for verification instead of the current time
userID Object <optional>

User ID to get instead of the primary user for V4 keys, if it exists
config Object <optional>

Full configuration, defaults to openpgp.config
Source:
Returns:

The primary self-signature

Type
Promise.<SignaturePacket>

(async) getPrimaryUser(dateopt, userIDopt, configopt) → {Promise.<{user: User, selfCertification: SignaturePacket}>}

Returns primary user and most significant (latest valid) self signature

  • if multiple primary users exist, returns the one with the latest self signature
  • otherwise, returns the user with the latest self signature
Parameters:
Name Type Attributes Description
date Date <optional>

Use the given date for verification instead of the current time
userID Object <optional>

User ID to get instead of the primary user, if it exists
config Object <optional>

Full configuration, defaults to openpgp.config
Source:
Returns:

The primary user and the self signature

Type
Promise.<{user: User, selfCertification: SignaturePacket}>

(async) getRevocationCertificate(date, configopt) → {Promise.<String>}

Get revocation certificate from a revoked key. (To get a revocation certificate for an unrevoked key, call revoke() first.)

Parameters:
Name Type Attributes Description
date Date

Use the given date instead of the current time
config Object <optional>

Full configuration, defaults to openpgp.config
Source:
Returns:

Armored revocation certificate.

Type
Promise.<String>

(async) getSigningKey(keyIDopt, dateopt, userIDopt, configopt) → {Promise.<(Key|Subkey)>}

Returns last created key or key by given keyID that is available for signing and verification

Parameters:
Name Type Attributes Default Description
keyID module:type/keyid~KeyID <optional>
 null

key ID of a specific key to retrieve
date Date <optional>

use the fiven date date to to check key validity instead of the current date
userID Object <optional>

filter keys for the given user ID
config Object <optional>

Full configuration, defaults to openpgp.config
Source:
Throws:

if no valid signing key was found

Returns:

signing key

Type
Promise.<(Key|Subkey)>

getSubkeys(keyIDopt) → {Array.<Subkey>}

Returns an array containing all public or private subkeys matching keyID; If no keyID is given, returns all subkeys.

Parameters:
Name Type Attributes Default Description
keyID type/keyID <optional>
 null

key ID to look for
Source:
Returns:

array of subkeys

Type
Array.<Subkey>

getUserIDs() → {Array.<string>}

Returns userIDs

Source:
Returns:

Array of userIDs.

Type
Array.<string>

hasSameFingerprintAs() → {Boolean}

Calculates whether two keys have the same fingerprint without actually calculating the fingerprint

Source:
Returns:

Whether the two keys have the same version and public key data.

Type
Boolean

(async) isRevoked(signature, key,, dateopt, configopt) → {Promise.<Boolean>}

Checks if a signature on a key is revoked

Parameters:
Name Type Attributes Description
signature SignaturePacket

The signature to verify
key, PublicSubkeyPacket | SecretSubkeyPacket | PublicKeyPacket | SecretKeyPacket

optional The key to verify the signature
date Date <optional>

Use the given date for verification, instead of the current time
config Object <optional>

Full configuration, defaults to openpgp.config
Source:
Returns:

True if the certificate is revoked.

Type
Promise.<Boolean>

packetListToStructure(packetlist, disallowedPackets)

Transforms packetlist to structured key data

Parameters:
Name Type Description
packetlist PacketList

The packets that form a key
disallowedPackets Set.<enums.packet>

disallowed packet tags
Source:

(async) signAllUsers(privateKeys, dateopt, configopt) → {Promise.<Key>}

Signs all users of key

Parameters:
Name Type Attributes Description
privateKeys Array.<PrivateKey>

decrypted private keys for signing
date Date <optional>

Use the given date for signing, instead of the current time
config Object <optional>

Full configuration, defaults to openpgp.config
Source:
Returns:

Key with new certificate signature.

Type
Promise.<Key>

(async) signPrimaryUser(privateKeys, dateopt, userIDopt, configopt) → {Promise.<Key>}

Signs primary user of key

Parameters:
Name Type Attributes Description
privateKeys Array.<PrivateKey>

decrypted private keys for signing
date Date <optional>

Use the given date for verification instead of the current time
userID Object <optional>

User ID to get instead of the primary user, if it exists
config Object <optional>

Full configuration, defaults to openpgp.config
Source:
Returns:

Key with new certificate signature.

Type
Promise.<Key>

toPacketList() → {PacketList}

Transforms structured key data to packetlist

Source:
Returns:

The packets that form a key.

Type
PacketList

(async) update(sourceKey, dateopt, configopt) → {Promise.<Key>}

Update key with new components from specified key with same key ID: users, subkeys, certificates are merged into the destination key, duplicates and expired signatures are ignored.

If the source key is a private key and the destination key is public, a private key is returned.

Parameters:
Name Type Attributes Description
sourceKey Key

Source key to merge
date Date <optional>

Date to verify validity of signatures and keys
config Object <optional>

Full configuration, defaults to openpgp.config
Source:
Returns:

updated key

Type
Promise.<Key>

(async) verifyAllUsers(verificationKeysopt, dateopt, configopt) → {Promise.<Array.<{userID: String, keyID: module:type/keyid~KeyID, valid: (Boolean|null)}>>}

Verifies all users of key

  • if no arguments are given, verifies the self certificates;
  • otherwise, verifies all certificates signed with given keys.
Parameters:
Name Type Attributes Description
verificationKeys Array.<PublicKey> <optional>

array of keys to verify certificate signatures
date Date <optional>

Use the given date for verification instead of the current time
config Object <optional>

Full configuration, defaults to openpgp.config
Source:
Returns:

List of userID, signer's keyID and validity of signature. Signature validity is null if the verification keys do not correspond to the certificate.

Type
Promise.<Array.<{userID: String, keyID: module:type/keyid~KeyID, valid: (Boolean|null)}>>

(async) verifyPrimaryKey(dateopt, userIDopt, configopt)

Verify primary key. Checks for revocation signatures, expiration time and valid self signature. Throws if the primary key is invalid.

Parameters:
Name Type Attributes Description
date Date <optional>

Use the given date for verification instead of the current time
userID Object <optional>

User ID
config Object <optional>

Full configuration, defaults to openpgp.config
Source:
Throws:

If key verification failed

Type
Error

(async) verifyPrimaryUser(verificationKeysopt, dateopt, userIDopt, configopt) → {Promise.<Array.<{keyID: module:type/keyid~KeyID, valid: (Boolean|null)}>>}

Verifies primary user of key

  • if no arguments are given, verifies the self certificates;
  • otherwise, verifies all certificates signed with given keys.
Parameters:
Name Type Attributes Description
verificationKeys Array.<PublicKey> <optional>

array of keys to verify certificate signatures, instead of the primary key
date Date <optional>

Use the given date for verification instead of the current time
userID Object <optional>

User ID to get instead of the primary user, if it exists
config Object <optional>

Full configuration, defaults to openpgp.config
Source:
Returns:

List of signer's keyID and validity of signature. Signature validity is null if the verification keys do not correspond to the certificate.

Type
Promise.<Array.<{keyID: module:type/keyid~KeyID, valid: (Boolean|null)}>>

write() → {Uint8Array}

Returns binary encoded key

Source:
Returns:

Binary key.

Type
Uint8Array