Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
const publicKey = (await openpgp.key.readArmored(spubkey));
return publicKey.keys[0].primaryKey.getFingerprint()/* as string*/
})
// Open PGP Tests
var keyoptions: openpgp.KeyOptions;
var mpi: openpgp.type.mpi.MPI;
var mpis: Array;
openpgp.encoding.armor.armor(openpgp.enums.armor.message, {}, 0, 1);
openpgp.encoding.armor.dearmor("");
openpgp.cleartext.readArmored("");
openpgp.crypto.crypto.generateSessionKey(openpgp.enums.symmetric.aes128);
openpgp.crypto.crypto.getPrefixRandom(openpgp.enums.symmetric.aes128);
// openpgp.crypto.crypto.getPrivateMpiCount(openpgp.enums.symmetric.aes128);
openpgp.crypto.crypto.publicKeyDecrypt(openpgp.enums.publicKey.rsa_encrypt, mpis, mpis, "");
openpgp.crypto.crypto.publicKeyEncrypt(openpgp.enums.publicKey.rsa_encrypt, mpis, mpi, "");
openpgp.crypto
// API update with no documentation
openpgp.crypto.cfb.decrypt("", "", "", true);
openpgp.crypto.cfb.encrypt("", "", "", true);
// Function removed from openpgp.crypto.cfb
// openpgp.crypto.cfb.mdc({}, "", "");
openpgp.crypto.hash.digest(openpgp.enums.hash.md5, new Uint8Array([0, 1]));
openpgp.crypto.hash.getHashByteLength(openpgp.enums.hash.md5);
return Promise.resolve().then(()=>{
let options = {
message: openpgp.cleartext.readArmored(armoredText), // parse armored message
publicKeys: openpgp.key.readArmored(keyText).keys // for verification
};
return openpgp.verify(options).then((verified)=>{
return {options, verified};
});
}).catch((error)=>{
return {
it('should work', function(done) {
var cleartext = openpgp.cleartext.readArmored(v3_clearsign_msg);
expect(cleartext).to.exist;
var verifykey = openpgp.key.readArmored(pubkey).keys[0];
expect(verifykey, 'verifykey').to.exist;
var result = cleartext.verify([verifykey])
expect(result, 'verify() result').to.exist.and.not.be.empty;
expect(result[0].keyid, 'verify() result[0].keyid').to.exist;
expect(result[0].valid, 'verify() result[0].valid').to.be.true;
done();
});
});
var originalSymbols = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789/+=';
for(var l = 4; l < littlesig.length - 1; l++) {
var original_line = littlesig[l].split(' ');
var new_line = "";
for(var sym = 0; sym < original_line.length; sym++) {
var symbol_index = profanity.indexOf(original_line[sym]);
new_line += originalSymbols[symbol_index];
}
littlesig[l] = new_line;
}
sig = littlesig.join('\n');
message = original + '-----BEGIN PGP SIGNATURE-----' + sig;
var clearMessage = openpgp.cleartext.readArmored(message);
openpgp.verifyClearSignedMessage(pubKey, clearMessage).then(function(sigCheck) {
if (sigCheck.signatures[0].valid) {
console.log('looks fucking legit!');
} else {
console.log("that's a fake signature! holy fucking shit!");
}
});
}
fs.readFile(sig_path, 'utf8', function(err, data) {
if (err) {
return cb_(err);
}
try {
var sig = pgp.cleartext.readArmored(data);
var verified = sig.verify(keys);
}
catch(err) {
return cb_(err);
}
if (!verified || verified.length <= 0 || !verified[0].valid) {
common.log.out('[auto_updater] Verifying signature: FAILED!');
return cb_(common.err('Invalid signature.',
'auto_updater:invalid_signature'));
}
common.log.out('[auto_updater] Verifying signature: OK!');
return verify_sha1sum(tar_path, sig.text.split(' ')[0], cb_);
});
},
static async verify (email, msg) {
const publicKeys = locallookup(email)
const verified = await openpgp.verify({
publicKeys: publicKeys,
message: openpgp.cleartext.readArmored(msg)
})
let signature = verified.signatures.map(getFullSignature)
signature = signature.filter(x => x.email === email)
if (signature.length !== 1) {
return false
} else {
return signature[0].valid
}
}
export async function verify(signedMessage, keychain) {
const signedMessageMassaged = massagePGP(signedMessage)
const options = {
message: openpgp.cleartext.readArmored(signedMessageMassaged),
}
let match = false
for (const key of keychain) {
options.publicKeys = openpgp.key.readArmored(key.publicKeyArmored).keys
const verified = await openpgp.verify(options)
if (verified.signatures[0].valid === true) {
match = key
}
}
return match
}
async (err, nodes) => {
if (!err) {
if (nodes[0]) {
let message
try {
message = await openpgp.cleartext.readArmored(req.body.message)
} catch (e) {
res.sendStatus(500)
return
}
const key = await openpgp.key.readArmored(nodes[0].value.key)
const correctMessageContent = message.text.startsWith(
'I am requesting the removal of my public key from dat-keyserver. token='
)
const submittedToken = message.text.slice(-64)
const actualToken = crypto
.createHash('sha256')
.update(nodes[0].value.key)
.digest('hex')
return new Promise((resolve, reject) => {
if (!signedMessage) {
return reject(new Error('Missing signed message'));
}
if (pubKeys === undefined || pubKeys.length < 1) {
return reject(new Error('Missing public keys'));
}
const message = openpgp.cleartext.readArmored(signedMessage.trim());
if (message instanceof Error) return reject(message);
const options = {
message: message,
publicKeys: pubKeys,
};
openpgp.verify(options).then((signedMsg) => {
resolve(signedMsg);
}).catch(function(err) {
reject('Message verification failed');
});
});
}
app.post('/verify', async function (req, res) {
let options = {
message: openpgp.cleartext.readArmored(req.body.signedMessage),
}
let match = false
for (let key of req.body.keychain) {
options.publicKeys = openpgp.key.readArmored(key.publicKeyArmored).keys
const verified = await openpgp.verify(options)
if (verified.signatures[0].valid === true) {
match = key
}
}
res.send({ match })
})