UNPKG

31.3 kBTypeScriptView Raw
1/**
2 * Type definitions for OpenPGP.js http://openpgpjs.org/
3 *
4 * Contributors:
5 * - FlowCrypt a. s. <https://flowcrypt.com>
6 * - Guillaume Lacasa <https://blog.lacasa.fr>
7 * - Errietta Kostala <https://github.com/errietta>
8 */
9
10/* ############## v5 KEY #################### */
11
12export function readKey(options: { armoredKey: string, config?: PartialConfig }): Promise<Key>;
13export function readKey(options: { binaryKey: Uint8Array, config?: PartialConfig }): Promise<Key>;
14export function readKeys(options: { armoredKeys: string, config?: PartialConfig }): Promise<Key[]>;
15export function readKeys(options: { binaryKeys: Uint8Array, config?: PartialConfig }): Promise<Key[]>;
16export function generateKey(options: KeyOptions): Promise<KeyPair>;
17export function generateSessionKey(options: { publicKeys: Key[], date?: Date, toUserIds?: UserID[], config?: PartialConfig }): Promise<SessionKey>;
18export function decryptKey(options: { privateKey: Key; passphrase?: string | string[]; config?: PartialConfig }): Promise<Key>;
19export function encryptKey(options: { privateKey: Key; passphrase?: string | string[]; config?: PartialConfig }): Promise<Key>;
20export function reformatKey(options: { privateKey: Key; userIds?: UserID|UserID[]; passphrase?: string; keyExpirationTime?: number; config?: PartialConfig }): Promise<KeyPair>;
21
22export class Key {
23 constructor(packetlist: PacketList<AnyPacket>);
24 public primaryKey: PublicKeyPacket | SecretKeyPacket;
25 public subKeys: SubKey[];
26 public users: User[];
27 public revocationSignatures: SignaturePacket[];
28 public keyPacket: PublicKeyPacket | SecretKeyPacket;
29 public armor(config?: Config): string;
30 public decrypt(passphrase: string | string[], keyId?: Keyid, config?: Config): Promise<void>; // throws on error
31 public encrypt(passphrase: string | string[], keyId?: Keyid, config?: Config): Promise<void>; // throws on error
32 public getExpirationTime(capability?: 'encrypt' | 'encrypt_sign' | 'sign', keyId?: Keyid, userId?: UserID, config?: Config): Promise<Date | typeof Infinity | null>; // Returns null if `capabilities` is passed and the key does not have the specified capabilities or is revoked or invalid.
33 public getKeyIds(): Keyid[];
34 public getPrimaryUser(date?: Date, userId?: UserID, config?: Config): Promise<PrimaryUser>; // throws on error
35 public getUserIds(): string[];
36 public isPrivate(): boolean;
37 public isPublic(): boolean;
38 public toPublic(): Key;
39 public update(key: Key, config?: Config): void;
40 public verifyPrimaryKey(date?: Date, userId?: UserID, config?: Config): Promise<void>; // throws on error
41 public isRevoked(signature: SignaturePacket, key?: AnyKeyPacket, date?: Date, config?: Config): Promise<boolean>;
42 public revoke(reason: { flag?: enums.reasonForRevocation; string?: string; }, date?: Date, config?: Config): Promise<Key>;
43 public getRevocationCertificate(date?: Date, config?: Config): Promise<Stream<string> | string | undefined>;
44 public getEncryptionKey(keyid?: Keyid, date?: Date | null, userId?: UserID, config?: Config): Promise<Key | SubKey>;
45 public getSigningKey(keyid?: Keyid, date?: Date | null, userId?: UserID, config?: Config): Promise<Key | SubKey>;
46 public getKeys(keyId?: Keyid): (Key | SubKey)[];
47 public getSubkeys(keyId?: Keyid): SubKey[];
48 public isDecrypted(): boolean;
49 public getFingerprint(): string;
50 public getCreationTime(): Date;
51 public getAlgorithmInfo(): AlgorithmInfo;
52 public getKeyId(): Keyid;
53 public addSubkey(options: SubKeyOptions): Promise<Key>;
54}
55
56export class SubKey {
57 constructor(subKeyPacket: SecretSubkeyPacket | PublicSubkeyPacket);
58 public keyPacket: SecretSubkeyPacket | PublicSubkeyPacket;
59 public bindingSignatures: SignaturePacket[];
60 public revocationSignatures: SignaturePacket[];
61 public verify(primaryKey: PublicKeyPacket | SecretKeyPacket, date?: Date, config?: Config): Promise<SignaturePacket>;
62 public isDecrypted(): boolean;
63 public getFingerprint(): string;
64 public getCreationTime(): Date;
65 public getAlgorithmInfo(): AlgorithmInfo;
66 public getKeyId(): Keyid;
67}
68
69export interface User {
70 userId: UserIDPacket | null;
71 userAttribute: UserAttributePacket | null;
72 selfCertifications: SignaturePacket[];
73 otherCertifications: SignaturePacket[];
74 revocationSignatures: SignaturePacket[];
75}
76
77export interface PrimaryUser {
78 index: number;
79 user: User;
80}
81
82type AlgorithmInfo = {
83 algorithm: enums.publicKeyNames;
84 bits?: number;
85 curve?: EllipticCurveName;
86};
87
88/* ############## v5 SIG #################### */
89
90export function readSignature(options: { armoredSignature: string, config?: PartialConfig }): Promise<Signature>;
91export function readSignature(options: { binarySignature: Uint8Array, config?: PartialConfig }): Promise<Signature>;
92
93export class Signature {
94 public packets: PacketList<SignaturePacket>;
95 constructor(packetlist: PacketList<SignaturePacket>);
96 public armor(config?: Config): string;
97}
98
99interface VerificationResult {
100 keyid: Keyid;
101 verified: Promise<null | boolean>;
102 signature: Promise<Signature>;
103}
104
105/* ############## v5 CLEARTEXT #################### */
106
107export function readCleartextMessage(options: { cleartextMessage: string, config?: PartialConfig }): Promise<CleartextMessage>;
108
109/** Class that represents an OpenPGP cleartext signed message.
110 */
111export class CleartextMessage {
112 /** Returns ASCII armored text of cleartext signed message
113 */
114 armor(config?: Config): string;
115
116 /** Returns the key IDs of the keys that signed the cleartext message
117 */
118 getSigningKeyIds(): Keyid[];
119
120 /** Get cleartext
121 */
122 getText(): string;
123
124 /** Sign the cleartext message
125 *
126 * @param privateKeys private keys with decrypted secret key data for signing
127 */
128 sign(privateKeys: Key[], signature?: Signature, signingKeyIds?: Keyid[], date?: Date, userIds?: UserID[], config?: Config): void;
129
130 /** Verify signatures of cleartext signed message
131 * @param keys array of keys to verify signatures
132 */
133 verify(keys: Key[], date?: Date, config?: Config): Promise<VerificationResult[]>;
134
135 static fromText(text: string): CleartextMessage;
136}
137
138/* ############## v5 MSG #################### */
139
140export function readMessage<T extends MaybeStream<string>>(options: { armoredMessage: T, config?: PartialConfig }): Promise<Message<T>>;
141export function readMessage<T extends MaybeStream<Uint8Array>>(options: { binaryMessage: T, config?: PartialConfig }): Promise<Message<T>>;
142
143export function encrypt<T extends 'web' | 'node' | false>(options: EncryptOptions & { streaming: T, armor: false }): Promise<
144 T extends 'web' ? WebStream<Uint8Array> :
145 T extends 'node' ? NodeStream<Uint8Array> :
146 Uint8Array
147>;
148export function encrypt<T extends 'web' | 'node' | false>(options: EncryptOptions & { streaming: T }): Promise<
149 T extends 'web' ? WebStream<string> :
150 T extends 'node' ? NodeStream<string> :
151 string
152>;
153export function encrypt<T extends MaybeStream<Data>>(options: EncryptOptions & { message: Message<T>, armor: false }): Promise<
154 T extends WebStream<infer X> ? WebStream<Uint8Array> :
155 T extends NodeStream<infer X> ? NodeStream<Uint8Array> :
156 Uint8Array
157>;
158export function encrypt<T extends MaybeStream<Data>>(options: EncryptOptions & { message: Message<T> }): Promise<
159 T extends WebStream<infer X> ? WebStream<string> :
160 T extends NodeStream<infer X> ? NodeStream<string> :
161 string
162>;
163
164export function sign<T extends 'web' | 'node' | false>(options: SignOptions & { streaming: T, armor: false }): Promise<
165 T extends 'web' ? WebStream<Uint8Array> :
166 T extends 'node' ? NodeStream<Uint8Array> :
167 Uint8Array
168>;
169export function sign<T extends 'web' | 'node' | false>(options: SignOptions & { streaming: T }): Promise<
170 T extends 'web' ? WebStream<string> :
171 T extends 'node' ? NodeStream<string> :
172 string
173>;
174export function sign<T extends MaybeStream<Data>>(options: SignOptions & { message: Message<T>, armor: false }): Promise<
175 T extends WebStream<infer X> ? WebStream<Uint8Array> :
176 T extends NodeStream<infer X> ? NodeStream<Uint8Array> :
177 Uint8Array
178>;
179export function sign<T extends MaybeStream<Data>>(options: SignOptions & { message: Message<T> }): Promise<
180 T extends WebStream<infer X> ? WebStream<string> :
181 T extends NodeStream<infer X> ? NodeStream<string> :
182 string
183>;
184export function sign(options: SignOptions & { message: CleartextMessage }): Promise<string>;
185
186export function decrypt<T extends 'web' | 'node' | false>(options: DecryptOptions & { streaming: T, format: 'binary' }): Promise<DecryptMessageResult & {
187 data:
188 T extends 'web' ? WebStream<Uint8Array> :
189 T extends 'node' ? NodeStream<Uint8Array> :
190 Uint8Array
191}>;
192export function decrypt<T extends 'web' | 'node' | false>(options: DecryptOptions & { streaming: T }): Promise<DecryptMessageResult & {
193 data:
194 T extends 'web' ? WebStream<string> :
195 T extends 'node' ? NodeStream<string> :
196 string
197}>;
198export function decrypt<T extends MaybeStream<Data>>(options: DecryptOptions & { message: Message<T>, format: 'binary' }): Promise<DecryptMessageResult & {
199 data:
200 T extends WebStream<infer X> ? WebStream<Uint8Array> :
201 T extends NodeStream<infer X> ? NodeStream<Uint8Array> :
202 Uint8Array
203}>;
204export function decrypt<T extends MaybeStream<Data>>(options: DecryptOptions & { message: Message<T> }): Promise<DecryptMessageResult & {
205 data:
206 T extends WebStream<infer X> ? WebStream<string> :
207 T extends NodeStream<infer X> ? NodeStream<string> :
208 string
209}>;
210
211export function verify<T extends 'web' | 'node' | false>(options: VerifyOptions & { streaming: T, format: 'binary' }): Promise<VerifyMessageResult & {
212 data:
213 T extends 'web' ? WebStream<Uint8Array> :
214 T extends 'node' ? NodeStream<Uint8Array> :
215 Uint8Array
216}>;
217export function verify<T extends 'web' | 'node' | false>(options: VerifyOptions & { streaming: T }): Promise<VerifyMessageResult & {
218 data:
219 T extends 'web' ? WebStream<string> :
220 T extends 'node' ? NodeStream<string> :
221 string
222}>;
223export function verify<T extends MaybeStream<Data>>(options: VerifyOptions & { message: Message<T>, format: 'binary' }): Promise<VerifyMessageResult & {
224 data:
225 T extends WebStream<infer X> ? WebStream<Uint8Array> :
226 T extends NodeStream<infer X> ? NodeStream<Uint8Array> :
227 Uint8Array
228}>;
229export function verify<T extends MaybeStream<Data>>(options: VerifyOptions & { message: Message<T> }): Promise<VerifyMessageResult & {
230 data:
231 T extends WebStream<infer X> ? WebStream<string> :
232 T extends NodeStream<infer X> ? NodeStream<string> :
233 string
234}>;
235
236/** Class that represents an OpenPGP message. Can be an encrypted message, signed message, compressed message or literal message
237 */
238export class Message<T extends MaybeStream<Data>> {
239
240 public packets: PacketList<AnyPacket>;
241 constructor(packetlist: PacketList<AnyPacket>);
242
243 /** Returns ASCII armored text of message
244 */
245 public armor(config?: Config): string;
246
247 /** Decrypt the message
248 @param privateKey private key with decrypted secret data
249 */
250 public decrypt(privateKeys?: Key[], passwords?: string[], sessionKeys?: SessionKey[], streaming?: boolean, config?: Config): Promise<Message<MaybeStream<Data>>>;
251
252 /** Encrypt the message
253 @param keys array of keys, used to encrypt the message
254 */
255 public encrypt(keys?: Key[], passwords?: string[], sessionKeys?: SessionKey[], wildcard?: boolean, encryptionKeyIds?: Keyid[], date?: Date, userIds?: UserID[], streaming?: boolean, config?: Config): Promise<Message<MaybeStream<Data>>>;
256
257 /** Returns the key IDs of the keys to which the session key is encrypted
258 */
259 public getEncryptionKeyIds(): Keyid[];
260
261 /** Get literal data that is the body of the message
262 */
263 public getLiteralData(): Uint8Array | Stream<Uint8Array> | null;
264
265 /** Returns the key IDs of the keys that signed the message
266 */
267 public getSigningKeyIds(): Keyid[];
268
269 /** Get literal data as text
270 */
271 public getText(): string | Stream<string> | null;
272
273 public getFilename(): string | null;
274
275 /** Sign the message (the literal data packet of the message)
276 @param privateKey private keys with decrypted secret key data for signing
277 */
278 public sign(privateKey: Key[], signature?: Signature, signingKeyIds?: Keyid[], date?: Date, userIds?: UserID[], streaming?: boolean, config?: Config): Promise<Message<T>>;
279
280 /** Unwrap compressed message
281 */
282 public unwrapCompressed(): Message<T>;
283
284 /** Verify message signatures
285 @param keys array of keys to verify signatures
286 */
287 public verify(keys: Key[], date?: Date, streaming?: boolean, config?: Config): Promise<VerificationResult[]>;
288
289 /**
290 * Append signature to unencrypted message object
291 * @param {String|Uint8Array} detachedSignature - The detached ASCII-armored or Uint8Array PGP signature
292 */
293 public appendSignature(detachedSignature: string | Uint8Array): Promise<void>;
294
295 static fromText<T extends MaybeStream<string>>(text: T, filename?: string, date?: Date, type?: DataPacketType): Message<T>;
296 static fromBinary<T extends MaybeStream<Uint8Array>>(bytes: T, filename?: string, date?: Date, type?: DataPacketType): Message<T>;
297}
298
299
300/* ############## v5 CONFIG #################### */
301
302interface Config {
303 preferHashAlgorithm: enums.hash;
304 encryptionCipher: enums.symmetric;
305 compression: enums.compression;
306 showVersion: boolean;
307 showComment: boolean;
308 deflateLevel: number;
309 aeadProtect: boolean;
310 allowUnauthenticatedMessages: boolean;
311 allowUnauthenticatedStream: boolean;
312 checksumRequired: boolean;
313 minRsaBits: number;
314 passwordCollisionCheck: boolean;
315 revocationsExpire: boolean;
316 tolerant: boolean;
317 versionString: string;
318 commentString: string;
319 allowInsecureDecryptionWithSigningKeys: boolean;
320 v5Keys: boolean;
321}
322export var config: Config;
323
324// PartialConfig has the same properties as Config, but declared as optional.
325// This interface is relevant for top-level functions, which accept a subset of configuration options
326interface PartialConfig extends Partial<Config> {}
327
328/* ############## v5 PACKET #################### */
329
330declare abstract class BasePacket {
331 public tag: enums.packet;
332 public read(bytes: Uint8Array): void;
333 public write(): Uint8Array;
334}
335
336/**
337 * The relationship between the KeyPacket classes is modeled by considering the following:
338 * - A Secret (Sub)Key Packet can always be used when a Public one is expected.
339 * - A Subkey Packet cannot always be used when a Primary Key Packet is expected (and vice versa).
340 */
341declare abstract class BasePublicKeyPacket extends BasePacket {
342 public algorithm: enums.publicKeyNames;
343 public created: Date;
344 public version: number;
345 public getAlgorithmInfo(): AlgorithmInfo;
346 public getFingerprint(): string;
347 public getFingerprintBytes(): Uint8Array | null;
348 public hasSameFingerprintAs(other: BasePublicKeyPacket): boolean;
349 public getCreationTime(): Date;
350 public getKeyId(): Keyid;
351 public isDecrypted(): boolean;
352 public publicParams: object;
353}
354
355export class PublicKeyPacket extends BasePublicKeyPacket {
356 public tag: enums.packet.publicKey;
357}
358
359export class PublicSubkeyPacket extends BasePublicKeyPacket {
360 public tag: enums.packet.publicSubkey;
361}
362
363declare abstract class BaseSecretKeyPacket extends BasePublicKeyPacket {
364 public privateParams: object | null;
365 public encrypt(passphrase: string, config?: Config): Promise<void>; // throws on error
366 public decrypt(passphrase: string): Promise<void>; // throws on error
367 public validate(): Promise<void>; // throws on error
368 public isDummy(): boolean;
369 public makeDummy(config?: Config): void;
370}
371
372export class SecretKeyPacket extends BaseSecretKeyPacket {
373 public tag: enums.packet.secretKey;
374}
375
376export class SecretSubkeyPacket extends BaseSecretKeyPacket {
377 public tag: enums.packet.secretSubkey;
378}
379
380export class CompressedDataPacket extends BasePacket {
381 public tag: enums.packet.compressedData;
382}
383
384export class SymEncryptedIntegrityProtectedDataPacket extends BasePacket {
385 public tag: enums.packet.symEncryptedIntegrityProtectedData;
386}
387
388export class AEADEncryptedDataPacket extends BasePacket {
389 public tag: enums.packet.AEADEncryptedData;
390}
391
392export class PublicKeyEncryptedSessionKeyPaclet extends BasePacket {
393 public tag: enums.packet.publicKeyEncryptedSessionKey;
394}
395
396export class SymEncryptedSessionKey extends BasePacket {
397 public tag: enums.packet.symEncryptedSessionKey;
398}
399
400export class LiteralDataPacket extends BasePacket {
401 public tag: enums.packet.literalData;
402}
403
404export class SymmetricallyEncryptedDataPacket extends BasePacket {
405 public tag: enums.packet.symmetricallyEncryptedData;
406}
407
408export class MarkerPacket extends BasePacket {
409 public tag: enums.packet.marker;
410}
411
412export class UserAttributePacket extends BasePacket {
413 public tag: enums.packet.userAttribute;
414}
415
416export class OnePassSignaturePacket extends BasePacket {
417 public tag: enums.packet.onePassSignature;
418 public correspondingSig?: Promise<SignaturePacket>;
419}
420
421export class UserIDPacket extends BasePacket {
422 public readonly tag: enums.packet.userID;
423 public readonly name: string;
424 public readonly comment: string;
425 public readonly email: string;
426 public readonly userid: string;
427 static fromObject(userId: UserID): UserIDPacket;
428}
429
430export class SignaturePacket extends BasePacket {
431 public tag: enums.packet.signature;
432 public version: number;
433 public signatureType: enums.signature | null;
434 public hashAlgorithm: enums.hash | null;
435 public publicKeyAlgorithm: enums.publicKey | null;
436 public signatureData: null | Uint8Array;
437 public unhashedSubpackets: null | Uint8Array;
438 public signedHashValue: null | Uint8Array;
439 public created: Date;
440 public signatureExpirationTime: null | number;
441 public signatureNeverExpires: boolean;
442 public exportable: null | boolean;
443 public trustLevel: null | number;
444 public trustAmount: null | number;
445 public regularExpression: null | number;
446 public revocable: null | boolean;
447 public keyExpirationTime: null | number;
448 public keyNeverExpires: null | boolean;
449 public preferredSymmetricAlgorithms: enums.symmetric[] | null;
450 public revocationKeyClass: null | number;
451 public revocationKeyAlgorithm: null | enums.publicKey;
452 public revocationKeyFingerprint: null | Uint8Array;
453 public issuerKeyId: Keyid;
454 public notation: null | { [name: string]: string };
455 public preferredHashAlgorithms: enums.hash[] | null;
456 public preferredCompressionAlgorithms: enums.compression[] | null;
457 public keyServerPreferences: null | number[];
458 public preferredKeyServer: null | string;
459 public isPrimaryUserID: null | boolean;
460 public policyURI: null | string;
461 public keyFlags: Uint8Array | null;
462 public signersUserId: null | string;
463 public reasonForRevocationFlag: null | enums.reasonForRevocation;
464 public reasonForRevocationString: null | string;
465 public features: Uint8Array | null;
466 public signatureTargetPublicKeyAlgorithm: enums.publicKey | null;
467 public signatureTargetHashAlgorithm: enums.hash | null;
468 public signatureTargetHash: null | string;
469 public embeddedSignature: null | SignaturePacket;
470 public issuerKeyVersion: null | number;
471 public issuerFingerprint: null | Uint8Array;
472 public preferredAeadAlgorithms: enums.aead[] | null;
473 public verified: null | boolean;
474 public revoked: null | boolean;
475 public sign(key: AnySecretKeyPacket, data: Uint8Array, detached?: boolean, streaming?: boolean): Promise<void>;
476 public verify(key: AnyKeyPacket, signatureType: enums.signature, data: Uint8Array, detached?: boolean, streaming?: boolean, config?: Config): Promise<void>; // throws on error
477 public isExpired(date?: Date): boolean;
478 public getExpirationTime(): Date | typeof Infinity;
479}
480
481export class TrustPacket extends BasePacket {
482 public tag: enums.packet.trust;
483}
484
485export type AnyPacket = BasePacket;
486export type AnySecretKeyPacket = SecretKeyPacket | SecretSubkeyPacket;
487export type AnyKeyPacket = BasePublicKeyPacket;
488
489type DataPacketType = 'utf8' | 'binary' | 'text' | 'mime';
490
491
492export class PacketList<PACKET_TYPE> extends Array<PACKET_TYPE> {
493 [index: number]: PACKET_TYPE;
494 public length: number;
495 public read(bytes: Uint8Array, allowedPackets?: object, streaming?: boolean, config?: Config): void;
496 public write(): Uint8Array;
497 public push(...packet: PACKET_TYPE[]): number;
498 public pop(): PACKET_TYPE;
499 public filter(callback: (packet: PACKET_TYPE, i: number, self: PacketList<PACKET_TYPE>) => void): PacketList<PACKET_TYPE>;
500 public filterByTag(...args: enums.packet[]): PacketList<PACKET_TYPE>;
501 public forEach(callback: (packet: PACKET_TYPE, i: number, self: PacketList<PACKET_TYPE>) => void): void;
502 public map<RETURN_TYPE>(callback: (packet: PACKET_TYPE, i: number, self: PacketList<PACKET_TYPE>) => RETURN_TYPE): PacketList<RETURN_TYPE>;
503 // some()
504 // every()
505 // findPacket()
506 // indexOfTag()
507 // slice()
508 // concat()
509 // fromStructuredClone()
510}
511
512/* ############## v5 STREAM #################### */
513
514type Data = Uint8Array | string;
515interface BaseStream<T extends Data> { }
516interface WebStream<T extends Data> extends BaseStream<T> { // copied+simplified version of ReadableStream from lib.dom.d.ts
517 readonly locked: boolean; getReader: Function; pipeThrough: Function; pipeTo: Function; tee: Function;
518 cancel(reason?: any): Promise<void>;
519}
520interface NodeStream<T extends Data> extends BaseStream<T> { // copied+simplified version of ReadableStream from @types/node/index.d.ts
521 readable: boolean; pipe: Function; unpipe: Function; wrap: Function;
522 read(size?: number): string | Uint8Array; setEncoding(encoding: string): this; pause(): this; resume(): this;
523 isPaused(): boolean; unshift(chunk: string | Uint8Array): void;
524}
525type Stream<T extends Data> = WebStream<T> | NodeStream<T>;
526type MaybeStream<T extends Data> = T | Stream<T>;
527
528export namespace stream {
529 function readToEnd<T extends Data>(input: MaybeStream<T>, concat?: (list: T[]) => T): Promise<T>;
530 // concat
531 // slice
532 // clone
533 // webToNode
534 // nodeToWeb
535}
536
537/* ############## v5 GENERAL #################### */
538
539export interface UserID { name?: string; email?: string; comment?: string; }
540export interface SessionKey { data: Uint8Array; algorithm: string; }
541
542
543interface EncryptOptions {
544 /** message to be encrypted as created by Message.fromText or Message.fromBinary */
545 message: Message<MaybeStream<Data>>;
546 /** (optional) array of keys or single key, used to encrypt the message */
547 publicKeys?: Key | Key[];
548 /** (optional) private keys for signing. If omitted message will not be signed */
549 privateKeys?: Key | Key[];
550 /** (optional) array of passwords or a single password to encrypt the message */
551 passwords?: string | string[];
552 /** (optional) session key in the form: { data:Uint8Array, algorithm:String } */
553 sessionKey?: SessionKey;
554 /** if the return values should be ascii armored or the message/signature objects */
555 armor?: boolean;
556 /** (optional) whether to return data as a stream. Defaults to the type of stream `message` was created from, if any. */
557 streaming?: 'web' | 'node' | false;
558 /** (optional) if the signature should be detached (if true, signature will be added to returned object) */
559 signature?: Signature;
560 /** (optional) encrypt as of a certain date */
561 date?: Date;
562 /** (optional) use a key ID of 0 instead of the public key IDs */
563 wildcard?: boolean;
564 /** (optional) user ID to sign with, e.g. { name:'Steve Sender', email:'steve@openpgp.org' } */
565 fromUserId?: UserID;
566 /** (optional) user ID to encrypt for, e.g. { name:'Robert Receiver', email:'robert@openpgp.org' } */
567 toUserId?: UserID;
568 config?: PartialConfig;
569}
570
571interface DecryptOptions {
572 /** the message object with the encrypted data */
573 message: Message<MaybeStream<Data>>;
574 /** (optional) private keys with decrypted secret key data or session key */
575 privateKeys?: Key | Key[];
576 /** (optional) passwords to decrypt the message */
577 passwords?: string | string[];
578 /** (optional) session keys in the form: { data:Uint8Array, algorithm:String } */
579 sessionKeys?: SessionKey | SessionKey[];
580 /** (optional) array of public keys or single key, to verify signatures */
581 publicKeys?: Key | Key[];
582 /** (optional) whether to return data as a string(Stream) or Uint8Array(Stream). If 'utf8' (the default), also normalize newlines. */
583 format?: 'utf8' | 'binary';
584 /** (optional) whether to return data as a stream. Defaults to the type of stream `message` was created from, if any. */
585 streaming?: 'web' | 'node' | false;
586 /** (optional) detached signature for verification */
587 signature?: Signature;
588 /** (optional) use the given date for verification instead of the current time */
589 date?: Date;
590 config?: PartialConfig;
591}
592
593interface SignOptions {
594 message: CleartextMessage | Message<MaybeStream<Data>>;
595 privateKeys?: Key | Key[];
596 armor?: boolean;
597 streaming?: 'web' | 'node' | false;
598 dataType?: DataPacketType;
599 detached?: boolean;
600 date?: Date;
601 fromUserId?: UserID;
602 config?: PartialConfig;
603}
604
605interface VerifyOptions {
606 /** array of publicKeys or single key, to verify signatures */
607 publicKeys: Key | Key[];
608 /** (cleartext) message object with signatures */
609 message: CleartextMessage | Message<MaybeStream<Data>>;
610 /** (optional) whether to return data as a string(Stream) or Uint8Array(Stream). If 'utf8' (the default), also normalize newlines. */
611 format?: 'utf8' | 'binary';
612 /** (optional) whether to return data as a stream. Defaults to the type of stream `message` was created from, if any. */
613 streaming?: 'web' | 'node' | false;
614 /** (optional) detached signature for verification */
615 signature?: Signature;
616 /** (optional) use the given date for verification instead of the current time */
617 date?: Date;
618 config?: PartialConfig;
619}
620
621interface KeyPair {
622 key: Key;
623 privateKeyArmored: string;
624 publicKeyArmored: string;
625 revocationCertificate: string;
626}
627
628export type EllipticCurveName = 'ed25519' | 'curve25519' | 'p256' | 'p384' | 'p521' | 'secp256k1' | 'brainpoolP256r1' | 'brainpoolP384r1' | 'brainpoolP512r1';
629
630interface KeyOptions {
631 userIds: UserID|UserID[];
632 passphrase?: string;
633 type?: 'ecc' | 'rsa';
634 curve?: EllipticCurveName;
635 rsaBits?: number;
636 keyExpirationTime?: number;
637 date?: Date;
638 subkeys?: SubKeyOptions[];
639 config?: PartialConfig;
640}
641
642interface SubKeyOptions {
643 type?: 'ecc' | 'rsa';
644 curve?: EllipticCurveName;
645 rsaBits?: number;
646 keyExpirationTime?: number;
647 date?: Date;
648 sign?: boolean;
649 config?: PartialConfig;
650}
651
652declare class Keyid {
653 bytes: string;
654 equals(keyid: Keyid, matchWildcard?: boolean): boolean;
655 toHex(): string;
656 static fromId(hex: string): Keyid;
657}
658
659interface DecryptMessageResult {
660 data: MaybeStream<Data>;
661 signatures: VerificationResult[];
662 filename: string;
663}
664
665interface VerifyMessageResult {
666 data: MaybeStream<Data>;
667 signatures: VerificationResult[];
668}
669
670
671/**
672 * Armor an OpenPGP binary packet block
673 */
674export function armor(messagetype: enums.armor, body: object, partindex: number, parttotal: number, config?: Config): string;
675
676/**
677 * DeArmor an OpenPGP armored message; verify the checksum and return the encoded bytes
678 */
679export function unarmor(input: string, config?: Config): Promise<{ text: string, data: Stream<Uint8Array>, type: enums.armor }>;
680
681/* ############## v5 ENUMS #################### */
682
683export namespace enums {
684
685 function read(type: typeof armor, e: armor): armorNames;
686 function read(type: typeof compression, e: compression): compressionNames;
687 function read(type: typeof hash, e: hash): hashNames;
688 function read(type: typeof packet, e: packet): packetNames;
689 function read(type: typeof publicKey, e: publicKey): publicKeyNames;
690 function read(type: typeof symmetric, e: symmetric): symmetricNames;
691 function read(type: typeof keyStatus, e: keyStatus): keyStatusNames;
692 function read(type: typeof keyFlags, e: keyFlags): keyFlagsNames;
693
694 export type armorNames = 'multipartSection' | 'multipartLast' | 'signed' | 'message' | 'publicKey' | 'privateKey';
695 enum armor {
696 multipartSection = 0,
697 multipartLast = 1,
698 signed = 2,
699 message = 3,
700 publicKey = 4,
701 privateKey = 5,
702 signature = 6,
703 }
704
705 enum reasonForRevocation {
706 noReason = 0, // No reason specified (key revocations or cert revocations)
707 keySuperseded = 1, // Key is superseded (key revocations)
708 keyCompromised = 2, // Key material has been compromised (key revocations)
709 keyRetired = 3, // Key is retired and no longer used (key revocations)
710 useridInvalid = 32, // User ID information is no longer valid (cert revocations)
711 }
712
713 export type compressionNames = 'uncompressed' | 'zip' | 'zlib' | 'bzip2';
714 enum compression {
715 uncompressed = 0,
716 zip = 1,
717 zlib = 2,
718 bzip2 = 3,
719 }
720
721 export type hashNames = 'md5' | 'sha1' | 'ripemd' | 'sha256' | 'sha384' | 'sha512' | 'sha224';
722 enum hash {
723 md5 = 1,
724 sha1 = 2,
725 ripemd = 3,
726 sha256 = 8,
727 sha384 = 9,
728 sha512 = 10,
729 sha224 = 11,
730 }
731
732 export type packetNames = 'publicKeyEncryptedSessionKey' | 'signature' | 'symEncryptedSessionKey' | 'onePassSignature' | 'secretKey' | 'publicKey'
733 | 'secretSubkey' | 'compressed' | 'symmetricallyEncrypted' | 'marker' | 'literal' | 'trust' | 'userid' | 'publicSubkey' | 'userAttribute'
734 | 'symEncryptedIntegrityProtected' | 'modificationDetectionCode' | 'AEADEncryptedDataPacket';
735 enum packet {
736 publicKeyEncryptedSessionKey = 1,
737 signature = 2,
738 symEncryptedSessionKey = 3,
739 onePassSignature = 4,
740 secretKey = 5,
741 publicKey = 6,
742 secretSubkey = 7,
743 compressedData = 8,
744 symmetricallyEncryptedData = 9,
745 marker = 10,
746 literalData = 11,
747 trust = 12,
748 userID = 13,
749 publicSubkey = 14,
750 userAttribute = 17,
751 symEncryptedIntegrityProtectedData = 18,
752 modificationDetectionCode = 19,
753 AEADEncryptedData = 20,
754 }
755
756 export type publicKeyNames = 'rsaEncryptSign' | 'rsaEncrypt' | 'rsaSign' | 'elgamal' | 'dsa' | 'ecdh' | 'ecdsa' | 'eddsa' | 'aedh' | 'aedsa';
757 enum publicKey {
758 rsaEncryptSign = 1,
759 rsaEncrypt = 2,
760 rsaSign = 3,
761 elgamal = 16,
762 dsa = 17,
763 ecdh = 18,
764 ecdsa = 19,
765 eddsa = 22,
766 aedh = 23,
767 aedsa = 24,
768 }
769
770 export type symmetricNames = 'plaintext' | 'idea' | 'tripledes' | 'cast5' | 'blowfish' | 'aes128' | 'aes192' | 'aes256' | 'twofish';
771 enum symmetric {
772 plaintext = 0,
773 idea = 1,
774 tripledes = 2,
775 cast5 = 3,
776 blowfish = 4,
777 aes128 = 7,
778 aes192 = 8,
779 aes256 = 9,
780 twofish = 10,
781 }
782
783 export type keyStatusNames = 'invalid' | 'expired' | 'revoked' | 'valid' | 'noSelfCert';
784 enum keyStatus {
785 invalid = 0,
786 expired = 1,
787 revoked = 2,
788 valid = 3,
789 noSelfCert = 4,
790 }
791
792 export type keyFlagsNames = 'certifyKeys' | 'signData' | 'encryptCommunication' | 'encryptStorage' | 'splitPrivateKey' | 'authentication'
793 | 'sharedPrivateKey';
794 enum keyFlags {
795 certifyKeys = 1,
796 signData = 2,
797 encryptCommunication = 4,
798 encryptStorage = 8,
799 splitPrivateKey = 16,
800 authentication = 32,
801 sharedPrivateKey = 128,
802 }
803
804 enum signature {
805 binary = 0,
806 text = 1,
807 standalone = 2,
808 certGeneric = 16,
809 certPersona = 17,
810 certCasual = 18,
811 certPositive = 19,
812 certRevocation = 48,
813 subkeyBinding = 24,
814 keyBinding = 25,
815 key = 31,
816 keyRevocation = 32,
817 subkeyRevocation = 40,
818 timestamp = 64,
819 thirdParty = 80
820 }
821
822 enum aead {
823 eax = 1,
824 ocb = 2,
825 experimentalGcm = 100 // Private algorithm
826 }
827}
828
\No newline at end of file