UNPKG

@types/openpgp

Version:
1,489 lines (1,349 loc) 191 kB
import BN = require("bn.js"); import stream = require("stream"); export {}; type NodeStream = stream; type Integer = number; type Infinity = any; type ReadableStream<T> = any; export namespace cleartext { /** * Class that represents an OpenPGP cleartext signed message. * See {@link https://tools.ietf.org/html/rfc4880#section-7} */ class CleartextMessage { /** * @param text The cleartext of the signed message * @param signature The detached signature or an empty signature for unsigned messages */ constructor(text: string, signature: signature.Signature); /** * Returns the key IDs of the keys that signed the cleartext message * @returns array of keyid objects */ getSigningKeyIds(): any[]; /** * Sign the cleartext message * @param privateKeys private keys with decrypted secret key data for signing * @param signature (optional) any existing detached signature * @param date (optional) The creation time of the signature that should be created * @param userIds (optional) user IDs to sign with, e.g. [ { name:'Steve Sender', email:'steve@openpgp.org' }] * @returns new cleartext message with signed content */ sign(privateKeys: any[], signature: signature.Signature, date: Date, userIds: any[]): Promise<CleartextMessage>; /** * Sign the cleartext message * @param privateKeys private keys with decrypted secret key data for signing * @param signature (optional) any existing detached signature * @param date (optional) The creation time of the signature that should be created * @param userIds (optional) user IDs to sign with, e.g. [ { name:'Steve Sender', email:'steve@openpgp.org' }] * @returns new detached signature of message content */ signDetached( privateKeys: any[], signature: signature.Signature, date: Date, userIds: any[], ): Promise<signature.Signature>; /** * Verify signatures of cleartext signed message * @param keys array of keys to verify signatures * @param date (optional) Verify the signature against the given date, i.e. check signature creation time < date < expiration time * @returns list of signer's keyid and validity of signature */ verify(keys: any[], date: Date): Promise<Array<{ keyid: type.keyid.Keyid; valid: boolean }>>; /** * Verify signatures of cleartext signed message * @param keys array of keys to verify signatures * @param date (optional) Verify the signature against the given date, i.e. check signature creation time < date < expiration time * @returns list of signer's keyid and validity of signature */ verifyDetached(keys: any[], date: Date): Promise<Array<{ keyid: type.keyid.Keyid; valid: boolean }>>; /** * Get cleartext * @returns cleartext of message */ getText(): string; /** * Returns ASCII armored text of cleartext signed message * @returns ASCII armor */ armor(): string | ReadableStream<String>; } /** * reads an OpenPGP cleartext signed message and returns a CleartextMessage object * @param armoredText text to be parsed * @returns new cleartext message object */ function readArmored(armoredText: string | ReadableStream<String>): Promise<CleartextMessage>; /** * Creates a new CleartextMessage object from text * @param text */ function fromText(text: string): CleartextMessage; } /** * @see module:config/config */ export namespace config { var prefer_hash_algorithm: any; var encryption_cipher: any; var compression: any; var deflate_level: any; /** * Use Authenticated Encryption with Additional Data (AEAD) protection for symmetric encryption. * **NOT INTEROPERABLE WITH OTHER OPENPGP IMPLEMENTATIONS** * **FUTURE OPENPGP.JS VERSIONS MAY BREAK COMPATIBILITY WHEN USING THIS OPTION** */ var aead_protect: any; /** * Use Authenticated Encryption with Additional Data (AEAD) protection for symmetric encryption. * 0 means we implement a variant of {@link https://tools.ietf.org/html/draft-ford-openpgp-format-00|this IETF draft}. * 4 means we implement {@link https://tools.ietf.org/html/draft-ietf-openpgp-rfc4880bis-04|RFC4880bis-04}. * Note that this determines how AEAD packets are parsed even when aead_protect is set to false */ var aead_protect_version: any; /** * Default Authenticated Encryption with Additional Data (AEAD) encryption mode * Only has an effect when aead_protect is set to true. */ var aead_mode: any; /** * Chunk Size Byte for Authenticated Encryption with Additional Data (AEAD) mode * Only has an effect when aead_protect is set to true. * Must be an integer value from 0 to 56. */ var aead_chunk_size_byte: any; /** * {@link https://tools.ietf.org/html/rfc4880#section-3.7.1.3|RFC4880 3.7.1.3}: * Iteration Count Byte for S2K (String to Key) */ var s2k_iteration_count_byte: any; /** * Use integrity protection for symmetric encryption */ var integrity_protect: any; var ignore_mdc_error: any; var allow_unauthenticated_stream: any; var checksum_required: any; var rsa_blinding: any; /** * Work-around for rare GPG decryption bug when encrypting with multiple passwords. * **Slower and slightly less secure** */ var password_collision_check: any; var revocations_expire: any; var use_native: any; var min_bytes_for_web_crypto: any; var zero_copy: any; var debug: any; var tolerant: any; var show_version: any; var show_comment: any; var versionstring: any; var commentstring: any; var keyserver: any; var node_store: any; /** * Max userid string length (used for parsing) */ var max_userid_length: any; namespace localStorage { class LocalStorage { /** * This object is used for storing and retrieving configuration from HTML5 local storage. */ constructor(); /** * Reads the config out of the HTML5 local storage * and initializes the object config. * if config is null the default config will be used */ read(): void; /** * Writes the config to HTML5 local storage */ write(): void; } } } export class LocalStorage { /** * This object is used for storing and retrieving configuration from HTML5 local storage. */ constructor(); /** * Reads the config out of the HTML5 local storage * and initializes the object config. * if config is null the default config will be used */ read(): void; /** * Writes the config to HTML5 local storage */ write(): void; } /** * @see module:crypto/crypto * @see module:crypto/signature * @see module:crypto/public_key * @see module:crypto/cipher * @see module:crypto/random * @see module:crypto/hash */ export namespace crypto { /** * @see module:crypto/public_key/elliptic/ecdh */ namespace aes_kw { /** * AES key wrap * @param key * @param data * @returns */ function wrap(key: string, data: string): Uint8Array; /** * AES key unwrap * @param key * @param data * @returns * @throws */ function unwrap(key: string, data: string): Uint8Array; } namespace cfb { function encrypt(algo: any, key: any, plaintext: any, iv: any): any; function decrypt(algo: any, key: any, ciphertext: any, iv: any): Promise<any>; } namespace cipher { /** * AES-128 encryption and decryption (ID 7) * @param key 128-bit key * @see * @see * @returns */ function aes128(key: string): object; /** * AES-128 Block Cipher (ID 8) * @param key 192-bit key * @see * @see * @returns */ function aes192(key: string): object; /** * AES-128 Block Cipher (ID 9) * @param key 256-bit key * @see * @see * @returns */ function aes256(key: string): object; /** * Triple DES Block Cipher (ID 2) * @param key 192-bit key * @see * @returns */ function tripledes(key: string): object; /** * CAST-128 Block Cipher (ID 3) * @param key 128-bit key * @see * @returns */ function cast5(key: string): object; /** * Twofish Block Cipher (ID 10) * @param key 256-bit key * @see * @returns */ function twofish(key: string): object; /** * Blowfish Block Cipher (ID 4) * @param key 128-bit key * @see * @returns */ function blowfish(key: string): object; /** * Not implemented * @throws */ function idea(): void; } namespace cmac { /** * This implementation of CMAC is based on the description of OMAC in * http://web.cs.ucdavis.edu/~rogaway/papers/eax.pdf. As per that * document: * We have made a small modification to the OMAC algorithm as it was * originally presented, changing one of its two constants. * Specifically, the constant 4 at line 85 was the constant 1/2 (the * multiplicative inverse of 2) in the original definition of OMAC [14]. * The OMAC authors indicate that they will promulgate this modification * [15], which slightly simplifies implementations. */ const blockLength: any; /** * xor `padding` into the end of `data`. This function implements "the * operation xor→ [which] xors the shorter string into the end of longer * one". Since data is always as least as long as padding, we can * simplify the implementation. * @param data * @param padding */ function rightXorMut(data: Uint8Array, padding: Uint8Array): void; } namespace crypto { /** * Encrypts data using specified algorithm and public key parameters. * See {@link https://tools.ietf.org/html/rfc4880#section-9.1|RFC 4880 9.1} for public key algorithms. * @param algo Public key algorithm * @param pub_params Algorithm-specific public key parameters * @param data Data to be encrypted as MPI * @param fingerprint Recipient fingerprint * @returns encrypted session key parameters */ function publicKeyEncrypt( algo: enums.publicKey, pub_params: Array<type.mpi.MPI | type.oid.OID | type.kdf_params.KDFParams>, data: type.mpi.MPI, fingerprint: string, ): any[]; /** * Decrypts data using specified algorithm and private key parameters. * See {@link https://tools.ietf.org/html/rfc4880#section-9.1|RFC 4880 9.1} for public key algorithms. * @param algo Public key algorithm * @param key_params Algorithm-specific public, private key parameters * @param data_params encrypted session key parameters * @param fingerprint Recipient fingerprint * @returns An MPI containing the decrypted data */ function publicKeyDecrypt( algo: enums.publicKey, key_params: Array<type.mpi.MPI | type.oid.OID | type.kdf_params.KDFParams>, data_params: Array<type.mpi.MPI | type.oid.OID | type.kdf_params.KDFParams>, fingerprint: string, ): type.mpi.MPI; /** * Returns the types comprising the private key of an algorithm * @param algo The public key algorithm * @returns The array of types */ function getPrivKeyParamTypes(algo: string): any[]; /** * Returns the types comprising the public key of an algorithm * @param algo The public key algorithm * @returns The array of types */ function getPubKeyParamTypes(algo: string): any[]; /** * Returns the types comprising the encrypted session key of an algorithm * @param algo The public key algorithm * @returns The array of types */ function getEncSessionKeyParamTypes(algo: string): any[]; /** * Generate algorithm-specific key parameters * @param algo The public key algorithm * @param bits Bit length for RSA keys * @param oid Object identifier for ECC keys * @returns The array of parameters */ function generateParams(algo: string, bits: Integer, oid: type.oid.OID): any[]; /** * Generates a random byte prefix for the specified algorithm * See {@link https://tools.ietf.org/html/rfc4880#section-9.2|RFC 4880 9.2} for algorithms. * @param algo Symmetric encryption algorithm * @returns Random bytes with length equal to the block size of the cipher, plus the last two bytes repeated. */ function getPrefixRandom(algo: enums.symmetric): Uint8Array; /** * Generating a session key for the specified symmetric algorithm * See {@link https://tools.ietf.org/html/rfc4880#section-9.2|RFC 4880 9.2} for algorithms. * @param algo Symmetric encryption algorithm * @returns Random bytes as a string to be used as a key */ function generateSessionKey(algo: enums.symmetric): Uint8Array; } namespace eax { /** * Class to en/decrypt using EAX mode. * @param cipher The symmetric cipher algorithm to use e.g. 'aes128' * @param key The encryption key */ function EAX(cipher: string, key: Uint8Array): void; /** * Encrypt plaintext input. * @param plaintext The cleartext input to be encrypted * @param nonce The nonce (16 bytes) * @param adata Associated data to sign * @returns The ciphertext output */ function encrypt(plaintext: Uint8Array, nonce: Uint8Array, adata: Uint8Array): Promise<Uint8Array>; /** * Decrypt ciphertext input. * @param ciphertext The ciphertext input to be decrypted * @param nonce The nonce (16 bytes) * @param adata Associated data to verify * @returns The plaintext output */ function decrypt(ciphertext: Uint8Array, nonce: Uint8Array, adata: Uint8Array): Promise<Uint8Array>; } namespace gcm { /** * Class to en/decrypt using GCM mode. * @param cipher The symmetric cipher algorithm to use e.g. 'aes128' * @param key The encryption key */ function GCM(cipher: string, key: Uint8Array): void; } /** * @see * @see */ namespace hash { /** * @see module:md5 */ var md5: any; /** * @see asmCrypto */ var sha1: any; /** * @see hash.js */ var sha224: any; /** * @see asmCrypto */ var sha256: any; /** * @see hash.js */ var sha384: any; /** * @see asmCrypto */ var sha512: any; /** * @see hash.js */ var ripemd: any; /** * Create a hash on the specified data using the specified algorithm * @param algo Hash algorithm type (see {@link https://tools.ietf.org/html/rfc4880#section-9.4|RFC 4880 9.4}) * @param data Data to be hashed * @returns hash value */ function digest(algo: enums.hash, data: Uint8Array): Promise<Uint8Array>; /** * Returns the hash size in bytes of the specified hash algorithm type * @param algo Hash algorithm type (See {@link https://tools.ietf.org/html/rfc4880#section-9.4|RFC 4880 9.4}) * @returns Size in bytes of the resulting hash */ function getHashByteLength(algo: enums.hash): Integer; } /** * @see module:packet.PublicKeyEncryptedSessionKey */ namespace pkcs5 { /** * Add pkcs5 padding to a text. * @param msg Text to add padding * @returns Text with padding added */ function encode(msg: string): string; /** * Remove pkcs5 padding from a string. * @param msg Text to remove padding from * @returns Text with padding removed */ function decode(msg: string): string; } namespace ocb { /** * Class to en/decrypt using OCB mode. * @param cipher The symmetric cipher algorithm to use e.g. 'aes128' * @param key The encryption key */ function OCB(cipher: string, key: Uint8Array): void; /** * Encrypt plaintext input. * @param plaintext The cleartext input to be encrypted * @param nonce The nonce (15 bytes) * @param adata Associated data to sign * @returns The ciphertext output */ function encrypt(plaintext: Uint8Array, nonce: Uint8Array, adata: Uint8Array): Promise<Uint8Array>; /** * Decrypt ciphertext input. * @param ciphertext The ciphertext input to be decrypted * @param nonce The nonce (15 bytes) * @param adata Associated data to sign * @returns The ciphertext output */ function decrypt(ciphertext: Uint8Array, nonce: Uint8Array, adata: Uint8Array): Promise<Uint8Array>; } /** * @see module:crypto/public_key/rsa * @see module:crypto/public_key/elliptic/ecdh * @see module:packet.PublicKeyEncryptedSessionKey */ namespace pkcs1 { namespace eme { /** * Create a EME-PKCS1-v1_5 padded message * @see * @param M message to be encoded * @param k the length in octets of the key modulus * @returns EME-PKCS1 padded message */ function encode(M: string, k: Integer): Promise<String>; /** * Decode a EME-PKCS1-v1_5 padded message * @see * @param EM encoded message, an octet string * @returns message, an octet string */ function decode(EM: string): string; } namespace emsa { /** * Create a EMSA-PKCS1-v1_5 padded message * @see * @param algo Hash algorithm type used * @param hashed message to be encoded * @param emLen intended length in octets of the encoded message * @returns encoded message */ function encode(algo: Integer, hashed: Uint8Array, emLen: Integer): string; } /** * ASN1 object identifiers for hashes * @see */ const hash_headers: any; } namespace public_key { namespace dsa { /** * DSA Sign function * @param hash_algo * @param hashed * @param g * @param p * @param q * @param x * @returns */ function sign(hash_algo: Integer, hashed: Uint8Array, g: BN, p: BN, q: BN, x: BN): object; /** * DSA Verify function * @param hash_algo * @param r * @param s * @param hashed * @param g * @param p * @param q * @param y * @returns BN */ function verify(hash_algo: Integer, r: BN, s: BN, hashed: Uint8Array, g: BN, p: BN, q: BN, y: BN): any; } namespace elgamal { /** * ElGamal Encryption function * @param m * @param p * @param g * @param y * @returns */ function encrypt(m: BN, p: BN, g: BN, y: BN): object; /** * ElGamal Encryption function * @param c1 * @param c2 * @param p * @param x * @returns BN */ function decrypt(c1: BN, c2: BN, p: BN, x: BN): any; } /** * @see module:crypto/public_key/elliptic/curve * @see module:crypto/public_key/elliptic/ecdh * @see module:crypto/public_key/elliptic/ecdsa * @see module:crypto/public_key/elliptic/eddsa */ namespace elliptic { namespace curve { class Curve {} } namespace ecdh { /** * Generate ECDHE ephemeral key and secret from public key * @param curve Elliptic curve object * @param Q Recipient public key * @returns Returns public part of ephemeral key and generated ephemeral secret */ function genPublicEphemeralKey(curve: curve.Curve, Q: Uint8Array): Promise<{ V: Uint8Array; S: BN }>; /** * Encrypt and wrap a session key * @param oid Elliptic curve object identifier * @param cipher_algo Symmetric cipher to use * @param hash_algo Hash algorithm to use * @param m Value derived from session key (RFC 6637) * @param Q Recipient public key * @param fingerprint Recipient fingerprint * @returns Returns public part of ephemeral key and encoded session key */ function encrypt( oid: type.oid.OID, cipher_algo: enums.symmetric, hash_algo: enums.hash, m: type.mpi.MPI, Q: Uint8Array, fingerprint: string, ): Promise<{ V: BN; C: BN }>; /** * Generate ECDHE secret from private key and public part of ephemeral key * @param curve Elliptic curve object * @param V Public part of ephemeral key * @param d Recipient private key * @returns Generated ephemeral secret */ function genPrivateEphemeralKey(curve: curve.Curve, V: Uint8Array, d: Uint8Array): Promise<BN>; /** * Decrypt and unwrap the value derived from session key * @param oid Elliptic curve object identifier * @param cipher_algo Symmetric cipher to use * @param hash_algo Hash algorithm to use * @param V Public part of ephemeral key * @param C Encrypted and wrapped value derived from session key * @param d Recipient private key * @param fingerprint Recipient fingerprint * @returns Value derived from session */ function decrypt( oid: type.oid.OID, cipher_algo: enums.symmetric, hash_algo: enums.hash, V: Uint8Array, C: Uint8Array, d: Uint8Array, fingerprint: string, ): Promise<BN>; } namespace ecdsa { /** * Sign a message using the provided key * @param oid Elliptic curve object identifier * @param hash_algo Hash algorithm used to sign * @param m Message to sign * @param d Private key used to sign the message * @param hashed The hashed message * @returns Signature of the message */ function sign( oid: type.oid.OID, hash_algo: enums.hash, m: Uint8Array, d: Uint8Array, hashed: Uint8Array, ): object; /** * Verifies if a signature is valid for a message * @param oid Elliptic curve object identifier * @param hash_algo Hash algorithm used in the signature * @param signature Signature to verify * @param m Message to verify * @param Q Public key used to verify the message * @param hashed The hashed message * @returns */ function verify( oid: type.oid.OID, hash_algo: enums.hash, signature: object, m: Uint8Array, Q: Uint8Array, hashed: Uint8Array, ): boolean; } namespace eddsa { /** * Sign a message using the provided keygit * @param oid Elliptic curve object identifier * @param hash_algo Hash algorithm used to sign * @param m Message to sign * @param d Private key used to sign * @param hashed The hashed message * @returns Signature of the message */ function sign( oid: type.oid.OID, hash_algo: enums.hash, m: Uint8Array, d: Uint8Array, hashed: Uint8Array, ): object; /** * Verifies if a signature is valid for a message * @param oid Elliptic curve object identifier * @param hash_algo Hash algorithm used in the signature * @param signature Signature to verify the message * @param m Message to verify * @param Q Public key used to verify the message * @param hashed The hashed message * @returns */ function verify( oid: type.oid.OID, hash_algo: enums.hash, signature: object, m: Uint8Array, Q: Uint8Array, hashed: Uint8Array, ): boolean; } namespace key { class KeyPair {} } } namespace prime { /** * Probabilistic random number generator * @param bits Bit length of the prime * @param e Optional RSA exponent to check against the prime * @param k Optional number of iterations of Miller-Rabin test * @returns BN */ function randomProbablePrime(bits: Integer, e: BN, k: Integer): any; /** * Probabilistic primality testing * @param n Number to test * @param e Optional RSA exponent to check against the prime * @param k Optional number of iterations of Miller-Rabin test * @returns */ function isProbablePrime(n: BN, e: BN, k: Integer): boolean; /** * Tests whether n is probably prime or not using Fermat's test with b = 2. * Fails if b^(n-1) mod n === 1. * @param n Number to test * @param b Optional Fermat test base * @returns */ function fermat(n: BN, b: Integer): boolean; /** * Tests whether n is probably prime or not using the Miller-Rabin test. * See HAC Remark 4.28. * @param n Number to test * @param k Optional number of iterations of Miller-Rabin test * @param rand Optional function to generate potential witnesses * @returns */ function millerRabin(n: BN, k: Integer, rand: Function): boolean; } namespace rsa { /** * Create signature * @param m message * @param n RSA public modulus * @param e RSA public exponent * @param d RSA private exponent * @returns RSA Signature */ function sign(m: BN, n: BN, e: BN, d: BN): BN; /** * Verify signature * @param s signature * @param n RSA public modulus * @param e RSA public exponent * @returns */ function verify(s: BN, n: BN, e: BN): BN; /** * Encrypt message * @param m message * @param n RSA public modulus * @param e RSA public exponent * @returns RSA Ciphertext */ function encrypt(m: BN, n: BN, e: BN): BN; /** * Decrypt RSA message * @param m message * @param n RSA public modulus * @param e RSA public exponent * @param d RSA private exponent * @param p RSA private prime p * @param q RSA private prime q * @param u RSA private inverse of prime q * @returns RSA Plaintext */ function decrypt(m: BN, n: BN, e: BN, d: BN, p: BN, q: BN, u: BN): BN; /** * Generate a new random private key B bits long with public exponent E. * When possible, webCrypto is used. Otherwise, primes are generated using * 40 rounds of the Miller-Rabin probabilistic random prime generation algorithm. * @see module:crypto/public_key/prime * @param B RSA bit length * @param E RSA public exponent in hex string * @returns RSA public modulus, RSA public exponent, RSA private exponent, * RSA private prime p, RSA private prime q, u = q ** -1 mod p */ function generate(B: Integer, E: string): object; } } namespace random { /** * Retrieve secure random byte array of the specified length * @param length Length in bytes to generate * @returns Random byte array */ function getRandomBytes(length: Integer): Uint8Array; /** * Create a secure random MPI that is greater than or equal to min and less than max. * @param min Lower bound, included * @param max Upper bound, excluded * @returns Random MPI */ function getRandomBN(min: type.mpi.MPI, max: type.mpi.MPI): BN; /** * Buffer for secure random numbers */ function RandomBuffer(): void; } namespace signature { /** * Verifies the signature provided for data using specified algorithms and public key parameters. * See {@link https://tools.ietf.org/html/rfc4880#section-9.1|RFC 4880 9.1} * and {@link https://tools.ietf.org/html/rfc4880#section-9.4|RFC 4880 9.4} * for public key and hash algorithms. * @param algo Public key algorithm * @param hash_algo Hash algorithm * @param msg_MPIs Algorithm-specific signature parameters * @param pub_MPIs Algorithm-specific public key parameters * @param data Data for which the signature was created * @param hashed The hashed data * @returns True if signature is valid */ function verify( algo: enums.publicKey, hash_algo: enums.hash, msg_MPIs: type.mpi.MPI[], pub_MPIs: type.mpi.MPI[], data: Uint8Array, hashed: Uint8Array, ): boolean; /** * Creates a signature on data using specified algorithms and private key parameters. * See {@link https://tools.ietf.org/html/rfc4880#section-9.1|RFC 4880 9.1} * and {@link https://tools.ietf.org/html/rfc4880#section-9.4|RFC 4880 9.4} * for public key and hash algorithms. * @param algo Public key algorithm * @param hash_algo Hash algorithm * @param key_params Algorithm-specific public and private key parameters * @param data Data to be signed * @param hashed The hashed data * @returns Signature */ function sign( algo: enums.publicKey, hash_algo: enums.hash, key_params: type.mpi.MPI[], data: Uint8Array, hashed: Uint8Array, ): Uint8Array; } } export namespace eme { /** * Create a EME-PKCS1-v1_5 padded message * @see * @param M message to be encoded * @param k the length in octets of the key modulus * @returns EME-PKCS1 padded message */ function encode(M: string, k: Integer): Promise<String>; /** * Decode a EME-PKCS1-v1_5 padded message * @see * @param EM encoded message, an octet string * @returns message, an octet string */ function decode(EM: string): string; } export namespace emsa { /** * Create a EMSA-PKCS1-v1_5 padded message * @see * @param algo Hash algorithm type used * @param hashed message to be encoded * @param emLen intended length in octets of the encoded message * @returns encoded message */ function encode(algo: Integer, hashed: Uint8Array, emLen: Integer): string; } export namespace encoding { namespace armor { /** * Add additional information to the armor version of an OpenPGP binary * packet block. * @version 2011-12-16 * @param customComment (optional) additional comment to add to the armored string * @returns The header information */ function addheader(customComment: string): string; /** * Calculates a checksum over the given data and returns it base64 encoded * @param data Data to create a CRC-24 checksum for * @returns Base64 encoded checksum */ function getCheckSum(data: string | ReadableStream<String>): string | ReadableStream<String>; /** * Internal function to calculate a CRC-24 checksum over a given string (data) * @param data Data to create a CRC-24 checksum for * @returns The CRC-24 checksum */ function createcrc24(data: string | ReadableStream<String>): Uint8Array | ReadableStream<Uint8Array>; /** * Splits a message into two parts, the body and the checksum. This is an internal function * @param text OpenPGP armored message part * @returns An object with attribute "body" containing the body * and an attribute "checksum" containing the checksum. */ function splitChecksum(text: string): object; /** * DeArmor an OpenPGP armored message; verify the checksum and return * the encoded bytes * @param text OpenPGP armored message * @returns An object with attribute "text" containing the message text, * an attribute "data" containing a stream of bytes and "type" for the ASCII armor type */ function dearmor(text: string): Promise<Object>; /** * Armor an OpenPGP binary packet block * @param messagetype type of the message * @param body * @param partindex * @param parttotal * @param customComment (optional) additional comment to add to the armored string * @returns Armored text */ function armor( messagetype: Integer, body: any, partindex: Integer, parttotal: Integer, customComment?: string, ): string | ReadableStream<String>; } namespace base64 { /** * Convert binary array to radix-64 * @param t Uint8Array to convert * @param u if true, output is URL-safe * @returns radix-64 version of input string */ function s2r(t: Uint8Array | ReadableStream<Uint8Array>, u?: boolean): string | ReadableStream<String>; /** * Convert radix-64 to binary array * @param t radix-64 string to convert * @param u if true, input is interpreted as URL-safe * @returns binary array version of input string */ function r2s(t: string | ReadableStream<String>, u: boolean): Uint8Array | ReadableStream<Uint8Array>; } } export namespace enums { /** * Maps curve names under various standards to one * @see */ enum curve { /** * NIST P-256 Curve */ p256 = "p256", "P-256" = "p256", secp256r1 = "p256", prime256v1 = "p256", "1.2.840.10045.3.1.7" = "p256", "2a8648ce3d030107" = "p256", "2A8648CE3D030107" = "p256", /** * NIST P-384 Curve */ p384 = "p384", "P-384" = "p384", secp384r1 = "p384", "1.3.132.0.34" = "p384", "2b81040022" = "p384", "2B81040022" = "p384", /** * NIST P-521 Curve */ p521 = "p521", "P-521" = "p521", secp521r1 = "p521", "1.3.132.0.35" = "p521", "2b81040023" = "p521", "2B81040023" = "p521", /** * SECG SECP256k1 Curve */ secp256k1 = "secp256k1", "1.3.132.0.10" = "secp256k1", "2b8104000a" = "secp256k1", "2B8104000A" = "secp256k1", /** * Ed25519 */ ED25519 = "ed25519", ed25519 = "ed25519", Ed25519 = "ed25519", "1.3.6.1.4.1.11591.15.1" = "ed25519", "2b06010401da470f01" = "ed25519", "2B06010401DA470F01" = "ed25519", /** * Curve25519 */ X25519 = "curve25519", cv25519 = "curve25519", curve25519 = "curve25519", Curve25519 = "curve25519", "1.3.6.1.4.1.3029.1.5.1" = "curve25519", "2b060104019755010501" = "curve25519", "2B060104019755010501" = "curve25519", /** * BrainpoolP256r1 Curve */ brainpoolP256r1 = "brainpoolP256r1", "1.3.36.3.3.2.8.1.1.7" = "brainpoolP256r1", "2b2403030208010107" = "brainpoolP256r1", "2B2403030208010107" = "brainpoolP256r1", /** * BrainpoolP384r1 Curve */ brainpoolP384r1 = "brainpoolP384r1", "1.3.36.3.3.2.8.1.1.11" = "brainpoolP384r1", "2b240303020801010b" = "brainpoolP384r1", "2B240303020801010B" = "brainpoolP384r1", /** * BrainpoolP512r1 Curve */ brainpoolP512r1 = "brainpoolP512r1", "1.3.36.3.3.2.8.1.1.13" = "brainpoolP512r1", "2b240303020801010d" = "brainpoolP512r1", "2B240303020801010D" = "brainpoolP512r1", } /** * A string to key specifier type */ enum s2k { simple = 0, salted = 1, iterated = 3, gnu = 101, } /** * {@link https://tools.ietf.org/html/draft-ietf-openpgp-rfc4880bis-04#section-9.1|RFC4880bis-04, section 9.1} */ enum publicKey { /** * RSA (Encrypt or Sign) [HAC] */ rsa_encrypt_sign = 1, /** * RSA (Encrypt only) [HAC] */ rsa_encrypt = 2, /** * RSA (Sign only) [HAC] */ rsa_sign = 3, /** * Elgamal (Encrypt only) [ELGAMAL] [HAC] */ elgamal = 16, /** * DSA (Sign only) [FIPS186] [HAC] */ dsa = 17, /** * ECDH (Encrypt only) [RFC6637] */ ecdh = 18, /** * ECDSA (Sign only) [RFC6637] */ ecdsa = 19, /** * EdDSA (Sign only) * [ {@link https://tools.ietf.org/html/draft-koch-eddsa-for-openpgp-04|Draft RFC}] */ eddsa = 22, /** * Reserved for AEDH */ aedh = 23, /** * Reserved for AEDSA */ aedsa = 24, } /** * {@link https://tools.ietf.org/html/rfc4880#section-9.2|RFC4880, section 9.2} */ enum symmetric { plaintext = 0, /** * Not implemented! */ idea = 1, "3des" = 2, tripledes = 2, cast5 = 3, blowfish = 4, aes128 = 7, aes192 = 8, aes256 = 9, twofish = 10, } /** * {@link https://tools.ietf.org/html/rfc4880#section-9.3|RFC4880, section 9.3} */ enum compression { uncompressed = 0, /** * RFC1951 */ zip = 1, /** * RFC1950 */ zlib = 2, bzip2 = 3, } /** * {@link https://tools.ietf.org/html/rfc4880#section-9.4|RFC4880, section 9.4} */ enum hash { md5 = 1, sha1 = 2, ripemd = 3, sha256 = 8, sha384 = 9, sha512 = 10, sha224 = 11, } /** * A list of hash names as accepted by webCrypto functions. * {@link https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/digest|Parameters, algo} */ enum webHash { "SHA-1" = 2, "SHA-256" = 8, "SHA-384" = 9, "SHA-512" = 10, } /** * {@link https://tools.ietf.org/html/draft-ietf-openpgp-rfc4880bis-04#section-9.6|RFC4880bis-04, section 9.6} */ enum aead { eax = 1, ocb = 2, experimental_gcm = 100, } /** * A list of packet types and numeric tags associated with them. */ enum packet { publicKeyEncryptedSessionKey = 1, signature = 2, symEncryptedSessionKey = 3, onePassSignature = 4, secretKey = 5, publicKey = 6, secretSubkey = 7, compressed = 8, symmetricallyEncrypted = 9, marker = 10, literal = 11, trust = 12, userid = 13, publicSubkey = 14, userAttribute = 17, symEncryptedIntegrityProtected = 18, modificationDetectionCode = 19, symEncryptedAEADProtected = 20, } /** * Data types in the literal packet */ enum literal { /** * Binary data 'b' */ binary = "", /** * Text data 't' */ text = "", /** * Utf8 data 'u' */ utf8 = "", /** * MIME message body part 'm' */ mime = "", } /** * One pass signature packet type */ enum signature { /** * 0x00: Signature of a binary document. */ binary = 0, /** * 0x01: Signature of a canonical text document. * Canonicalyzing the document by converting line endings. */ text = 1, /** * 0x02: Standalone signature. * This signature is a signature of only its own subpacket contents. * It is calculated identically to a signature over a zero-lengh * binary document. Note that it doesn't make sense to have a V3 * standalone signature. */ standalone = 2, /** * 0x10: Generic certification of a User ID and Public-Key packet. * The issuer of this certification does not make any particular * assertion as to how well the certifier has checked that the owner * of the key is in fact the person described by the User ID. */ cert_generic = 16, /** * 0x11: Persona certification of a User ID and Public-Key packet. * The issuer of this certification has not done any verification of * the claim that the owner of this key is the User ID specified. */ cert_persona = 17, /** * 0x12: Casual certification of a User ID and Public-Key packet. * The issuer of this certification has done some casual * verification of the claim of identity. */ cert_casual = 18, /** * 0x13: Positive certification of a User ID and Public-Key packet. * The issuer of this certification has done substantial * verification of the claim of identity. * Most OpenPGP implementations make their "key signatures" as 0x10 * certifications. Some implementations can issue 0x11-0x13 * certifications, but few differentiate between the types. */ cert_positive = 19, /** * 0x30: Certification revocation signature * This signature revokes an earlier User ID certification signature * (signature class 0x10 through 0x13) or direct-key signature * (0x1F). It should be issued by the same key that issued the * revoked signature or an authorized revocation key. The signature * is computed over the same data as the certificate that it * revokes, and should have a later creation date than that * certificate. */ cert_revocation = 48, /** * 0x18: Subkey Binding Signature * This signature is a statement by the top-level signing key that * indicates that it owns the subkey. This signature is calculated * directly on the primary key and subkey, and not on any User ID or * other packets. A signature that binds a signing subkey MUST have * an Embedded Signature subpacket in this binding signature that * contains a 0x19 signature made by the signing subkey on the * primary key and subkey. */ subkey_binding = 24, /** * 0x19: Primary Key Binding Signature * This signature is a statement by a signing subkey, indicating * that it is owned by the primary key and subkey. This signature * is calculated the same way as a 0x18 signature: directly on the * primary key and subkey, and not on any User ID or other packets. * When a signature is made over a key, the hash data starts with the * octet 0x99, followed by a two-octet length of the key, and then body * of the key packet. (Note that this is an old-style packet header for * a key packet with two-octet length.) A subkey binding signature * (type 0x18) or primary key binding signature (type 0x19) then hashes * the subkey using the same format as the main key (also using 0x99 as * the first octet). */ key_binding = 25, /** * 0x1F: Signature directly on a key * This signature is calculated directly on a key. It binds the * information in the Signature subpackets to the key, and is * appropriate to be used for subpackets that provide information * about the key, such as the Revocation Key subpacket. It is also * appropriate for statements that non-self certifiers want to make * about the key itself, rather than the binding between a key and a * name. */ key = 31, /** * 0x20: Key revocation signature * The signature is calculated directly on the key being revoked. A * revoked key is not to be used. Only revocation signatures by the * key being revoked, or by an authorized revocation key, should be * considered valid revocation signatures.a */ key_revocation = 32, /** * 0x28: Subkey revocation signature * The signature is calculated directly on the subkey being revoked. * A revoked subkey is not to be used. Only revocation signatures * by the top-level signature key that is bound to this subkey, or * by an authorized revocation key, should be considered valid * revocation signatures. * Key revocation signatures (types 0x20 and 0x28) * hash only the key being revoked. */ subkey_revocation = 40, /** * 0x40: Timestamp signature. * This signature is only meaningful for the timestamp contained in * it. */ timestamp = 64, /** * 0x50: Third-Party Confirmation signature. * This signature is a signature over some other OpenPGP Signature * packet(s). It is analogous to a notary seal on the signed data. * A third-party signature SHOULD include Signature Target * subpacket(s) to give easy identification. Note that we really do * mean SHOULD. There are plausible uses for this (such as a blind * party that only sees the signature, not the key or source * document) that cannot include a target subpacket. */ third_party = 80, } /** * Signature subpacket type */ enum signatureSubpacket { signature_creation_time = 2,