Skip to content

eschulte/node-gpg

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

28 Commits
src
src
 
 
.gitignore
.gitignore
 
 
.npmignore
.npmignore
 
 
COPYING
COPYING
 
 
README.md
README.md
 
 
gpgme.js
gpgme.js
 
 
package.json
package.json
 
 
test.js
test.js
 
 
wscript
wscript
 
 

Repository files navigation

node-gpg

GNU Privacy Guard (GPG) bindings for node.js supporting public key cryptography, encryption, decryption, signing and verification. This is based off of the GnuPG Made Easy (GPGME) GPG C library, see its very good documentation for more information.

License

GNU GENERAL PUBLIC LICENSE v3, see the COPYING file in this directory.

Installation

npm install gpgme

Usage

  • Also see the test.js file in this directory for example usage.
  • Currently uses JavaScript strings for all data input and output.
  • Uses ASCII Armor for all encrypted output.

Require gpg and initialize a new context.

var gpg = require('gpgme');

Verify

To verify a message with a signature. First generate the signature which can be done with the following in the shell (the -a indicates ASCII armor output).

sig=$(echo foo|gpg --detach-sign -a|sed ':a;N;$!ba;s/\n/\\\\n/g')
echo "{\"content\":\"foo\\\\n\", \"signature\":\"$sig\"}" |tee msg.json

Then load your message and signature to a JavaScript Object, and run the following (or run node test.js).

var msg = JSON.parse(fs.readFileSync('./msg.json', 'utf8'));
if(gpg.verify(msg.signature,msg.content))
  console.log("verification success");
else
  console.log("verification failure");

Decrypt

To decrypt an encrypted message. First generated encrypted content by running the following in a shell.

echo "secret contents"|gpg -e -r "Your GPG Name" -a|tee cipher.txt

Then run the following (or run node test.js).

var cipher = fs.readFileSync('cipher.txt', 'utf8');
var decrypted = gpg.decrypt(cipher);
console.log('decrypted content is "'+decrypted+'"');

To decrypt and verify a message. First generated encrypted content by running the following in a shell.

echo "secret signed contents"|gpg -s -e -r "Your GPG Name" -a \
  |tee signed-cipher.txt

Then run the following (or run node test.js).

var signed_cipher = fs.readFileSync('signed-cipher.txt', 'utf8');
var decrypted_and_verified = gpg.decryptAndVerify(signed_cipher);
console.log('decrypted and verified content is "'+decrypted_and_verified+'"');

Sign

To sign a message. First write a JSON hash holding the data to encrypt and the name of the signatory (this name will be used by GPG to lookup the key).

echo '{"signatory":"Your Name", "content":"foo\n"}' > sign.json

Then run the following (or run node test.js).

var sign = JSON.parse(fs.readFileSync('./sign.json', 'utf8'));
var signature = gpg.sign(sign.signatory, sign.content);
console.log('content "'+sign.content+
            '" signed by "'+sign.signatory+
            '" yields signature "'+signature+'"');

Encrypt

To encrypt a message. First write a JSON hash holding a list of the recipients and the message to encrypt.

echo '{"recipients":["Your Name"], "content":"foo\n"}' > encrypt.json

Then run the following (or run node test.js).

var encrypt = JSON.parse(fs.readFileSync('encrypt.json', 'utf8'));
var cipher = gpg.encrypt(encrypt.recipients, encrypt.content);
console.log('cipher text is "'+cipher+'"');

TODO

  • add a context class to allow multiple simultaneous operations
  • add a key class to allow key management to take place on the JS side of things
  • add support for asynchronous operations w/callbacks (gpgme should make this straightforward)

About

Node.js bindings for Gnu Privacy Guard

Resources

Readme

License

GPL-3.0 license
Activity

Stars

23 stars

Watchers

5 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages