Provides helpers methods for key module
- Source:
Methods
(static) checkKeyRequirements(keyPacket, config)
Check key against blacklisted algorithms and minimum strength requirements.
Parameters:
| Name | Type | Description |
|---|---|---|
keyPacket |
SecretKeyPacket | PublicKeyPacket | SecretSubkeyPacket | PublicSubkeyPacket | |
config |
Config |
- Source:
Throws:
-
if the key packet does not meet the requirements
- Type
- Error
(static) createBindingSignature(subkey, primaryKey, options, config)
Create Binding signature to the key according to the https://tools.ietf.org/html/rfc4880#section-5.2.1
Parameters:
| Name | Type | Description |
|---|---|---|
subkey |
SecretSubkeyPacket | Subkey key packet |
primaryKey |
SecretKeyPacket | Primary key packet |
options |
Object | |
config |
Object | Full configuration |
- Source:
(static) createSignaturePacket(dataToSign, recipientKeys, signingKeyPacket, signaturePropertiesopt, dateopt, userIDopt, notationsopt, detachedopt, config) → {Promise.<SignaturePacket>}
Create signature packet
Parameters:
| Name | Type | Attributes | Description |
|---|---|---|---|
dataToSign |
Object | Contains packets to be signed |
|
recipientKeys |
Array.<Key> | keys to get preferences from |
|
signingKeyPacket |
SecretKeyPacket | SecretSubkeyPacket | secret key packet for signing |
|
signatureProperties |
Object |
<optional> |
Properties to write on the signature packet before signing |
date |
Date |
<optional> |
Override the creationtime of the signature |
userID |
Object |
<optional> |
User ID |
notations |
Array |
<optional> |
Notation Data to add to the signature, e.g. [{ name: 'test@example.org', value: new TextEncoder().encode('test'), humanReadable: true, critical: false }] |
detached |
Object |
<optional> |
Whether to create a detached signature packet |
config |
Object | full configuration |
- Source:
Returns:
Signature packet.
- Type
- Promise.<SignaturePacket>
(static) getKeyExpirationTime(keyPacket, signature) → {Date|Infinity}
Returns key expiration time based on the given certification signature. The expiration time of the signature is ignored.
Parameters:
| Name | Type | Description |
|---|---|---|
keyPacket |
PublicSubkeyPacket | PublicKeyPacket | key to check |
signature |
SignaturePacket | signature to process |
- Source:
Returns:
expiration time or infinity if the key does not expire
- Type
- Date | Infinity
(async, static) getLatestValidSignature(signatures, publicKey, signatureType, date, config) → {Promise.<SignaturePacket>}
Returns the valid and non-expired signature that has the latest creation date, while ignoring signatures created in the future.
Parameters:
| Name | Type | Description |
|---|---|---|
signatures |
Array.<SignaturePacket> | List of signatures |
publicKey |
PublicKeyPacket | PublicSubkeyPacket | Public key packet to verify the signature |
signatureType |
module:enums.signature | Signature type to determine how to hash the data (NB: for userID signatures,
|
date |
Date | Use the given date instead of the current time |
config |
Object | full configuration |
- Source:
Returns:
The latest valid signature.
- Type
- Promise.<SignaturePacket>
(async, static) getPreferredCipherSuite(keysopt, dateopt, userIDsopt, configopt) → {Promise.<{symmetricAlgo: module:enums.symmetric, aeadAlgo: (module:enums.aead|undefined)}>}
Returns the preferred symmetric and AEAD algorithm (if any) for a set of keys
Parameters:
| Name | Type | Attributes | Description |
|---|---|---|---|
keys |
Array.<Key> |
<optional> |
Set of keys |
date |
Date |
<optional> |
Use the given date for verification instead of the current time |
userIDs |
Array |
<optional> |
User IDs |
config |
Object |
<optional> |
Full configuration, defaults to openpgp.config |
- Source:
Returns:
Object containing the preferred symmetric algorithm, and the preferred AEAD algorithm, or undefined if CFB is preferred
- Type
- Promise.<{symmetricAlgo: module:enums.symmetric, aeadAlgo: (module:enums.aead|undefined)}>
(async, static) getPreferredCompressionAlgo(keysopt, dateopt, userIDsopt, configopt) → {Promise.<module:enums.compression>}
Returns the preferred compression algorithm for a set of keys
Parameters:
| Name | Type | Attributes | Description |
|---|---|---|---|
keys |
Array.<Key> |
<optional> |
Set of keys |
date |
Date |
<optional> |
Use the given date for verification instead of the current time |
userIDs |
Array |
<optional> |
User IDs |
config |
Object |
<optional> |
Full configuration, defaults to openpgp.config |
- Source:
Returns:
Preferred compression algorithm
- Type
- Promise.<module:enums.compression>
(async, static) getPreferredHashAlgo(targetKeysopt, signingKeyPacket, dateopt, targetUserIDopt, config) → {Promise.<enums.hash>}
Returns the preferred signature hash algorithm for a set of keys.
Parameters:
| Name | Type | Attributes | Description |
|---|---|---|---|
targetKeys |
Array.<Key> |
<optional> |
The keys to get preferences from |
signingKeyPacket |
SecretKeyPacket | SecretSubkeyPacket | key packet used for signing |
|
date |
Date |
<optional> |
Use the given date for verification instead of the current time |
targetUserID |
Object |
<optional> |
User IDs corresponding to |
config |
Object | full configuration |
- Source:
Returns:
- Type
- Promise.<enums.hash>
(async, static) isDataRevoked(primaryKey, dataToVerify, revocations, signature, key,, date, config) → {Promise.<Boolean>}
Checks if a given certificate or binding signature is revoked
Parameters:
| Name | Type | Description |
|---|---|---|
primaryKey |
SecretKeyPacket | PublicKeyPacket | The primary key packet |
dataToVerify |
Object | The data to check |
revocations |
Array.<SignaturePacket> | The revocation signatures to check |
signature |
SignaturePacket | The certificate or signature to check |
key, |
PublicSubkeyPacket | SecretSubkeyPacket | PublicKeyPacket | SecretKeyPacket | optional The key packet to verify the signature, instead of the primary key |
date |
Date | Use the given date instead of the current time |
config |
Object | Full configuration |
- Source:
Returns:
True if the signature revokes the data.
- Type
- Promise.<Boolean>
(static) mergeSignatures(source, dest, attr, dateopt, checkFnopt)
Merges signatures from source[attr] to dest[attr]
Parameters:
| Name | Type | Attributes | Description |
|---|---|---|---|
source |
Object | ||
dest |
Object | ||
attr |
String | ||
date |
Date |
<optional> |
date to use for signature expiration check, instead of the current time |
checkFn |
function |
<optional> |
signature only merged if true |
- Source: