.eslintignore

@@ -1,4 +1,4 @@
 dist
 test/lib/
-test/typescript/
+test/typescript/definitions.js
 docs

.eslintrc.cjs

@@ -1,146 +0,0 @@
-module.exports = {
-  'extends': [
-    'airbnb-base',
-    'airbnb-typescript/base'
-  ],
-
-  'parser': '@typescript-eslint/parser',
-
-  'parserOptions': {
-    'ecmaVersion': 11,
-    'sourceType': 'module',
-    'project': 'tsconfig.json'
-  },
-
-  'env': {
-    'browser': true,
-    'es6': true,
-    'node': true
-  },
-
-  'plugins': [
-    '@typescript-eslint',
-    'chai-friendly',
-    'import',
-    'unicorn'
-  ],
-
-  'settings': {
-    'import/resolver': {
-      'typescript': {}
-    }
-  },
-
-  'globals': { // TODO are all these necessary?
-    'globalThis': true,
-    'console': true,
-    'Promise': true,
-    'importScripts': true,
-    'process': true,
-    'Event': true,
-    'describe': true,
-    'it': true,
-    'mocha': true,
-    'before': true,
-    'beforeEach': true,
-    'after': true,
-    'afterEach': true,
-    'escape': true,
-    'unescape': true,
-    'resolves': true,
-    'rejects': true,
-    'TransformStream': true,
-    'BigInt': true
-  },
-
-  'rules': {
-    'arrow-body-style': 'off',
-    'arrow-parens': ['error','as-needed'],
-    'class-methods-use-this': 'off',
-    '@typescript-eslint/comma-dangle': ['error', 'never'],
-    '@typescript-eslint/comma-spacing': 'off',
-    'consistent-return': 'off',
-    'default-case': 'off',
-    '@typescript-eslint/default-param-last': 'off',
-    'eol-last': ['error', 'always'],
-    'function-call-argument-newline': 'off',
-    'func-names': ['error', 'never'],
-    'function-paren-newline': 'off',
-    'global-require': 'off',
-    'key-spacing': 'off',
-    'keyword-spacing': 'error',
-    'max-classes-per-file': 'off',
-    'max-len': 'off',
-    'newline-per-chained-call': 'off',
-    'no-bitwise': 'off',
-    'no-continue': 'off',
-    'no-else-return': 'off',
-    'no-empty': ['error', { 'allowEmptyCatch': true }],
-    'no-multiple-empty-lines': ['error', { 'max': 2, 'maxEOF': 1, 'maxBOF':0 }],
-    'no-nested-ternary': 'off',
-    'no-param-reassign': 'off', // TODO get rid of this
-    'no-plusplus': 'off',
-    'no-restricted-syntax': ['error', 'ForInStatement', 'LabeledStatement', 'WithStatement'],
-    'object-curly-newline': 'off',
-    '@typescript-eslint/no-shadow': 'off', // TODO get rid of this
-    'object-property-newline': [
-      'error',
-      {
-        'allowMultiplePropertiesPerLine': true
-      }
-    ],
-    'object-shorthand': 'off',
-    'operator-assignment': 'off',
-    'operator-linebreak': [
-      'error',
-      'after'
-    ],
-    'padded-blocks': 'off',
-    'prefer-arrow-callback': 'off',
-    'prefer-destructuring': 'off',
-    'prefer-rest-params': 'off', // TODO get rid of this
-    'prefer-spread': 'off', // TODO get rid of this
-    'prefer-template': 'off',
-    'quote-props': 'off',
-    'quotes': ['error', 'single', { 'avoidEscape': true }],
-    '@typescript-eslint/space-before-function-paren': ['error', { 'anonymous': 'ignore', 'named': 'never', 'asyncArrow': 'always' }],
-    'spaced-comment': 'off',
-    'indent': 'off',
-    '@typescript-eslint/indent': ['error', 2, { 'SwitchCase': 1 }],
-    'no-unused-vars': 'off',
-    "@typescript-eslint/no-unused-vars": [
-      "error",
-      {
-        "argsIgnorePattern": "^_",
-      }
-    ],
-    // eslint-plugin-import rules:
-    'import/named': 'error',
-    'import/extensions': 'off', // temporary: we use them in tests (ESM compliant), but not in the lib (to limit diff)
-    'import/first': 'off',
-    'import/no-extraneous-dependencies': ['error', { 'devDependencies': true, 'optionalDependencies': false, 'peerDependencies': false }],
-    'import/no-unassigned-import': 'error',
-    'import/no-unresolved': 'error',
-    'import/prefer-default-export': 'off',
-
-    // Custom silencers:
-    'no-multi-assign': 'off',
-    'no-underscore-dangle': 'off',
-    'no-await-in-loop': 'off',
-    'camelcase': 'off', // snake_case used in tests, need to fix separately
-    '@typescript-eslint/naming-convention': 'off', // supersedes 'camelcase' rule
-    '@typescript-eslint/lines-between-class-members': 'off',
-
-    // Custom errors:
-    '@typescript-eslint/no-use-before-define': ['error', { 'functions': false, 'classes': true, 'variables': false, 'allowNamedExports': true }],
-    'no-constant-condition': [2, { 'checkLoops': false }],
-    'new-cap': [2, { 'properties': false, 'capIsNewExceptionPattern': 'EAX|OCB|GCM|CMAC|CBC|OMAC|CTR', 'newIsCapExceptionPattern': 'type|hash*' }],
-    'max-lines': [2, { 'max': 620, 'skipBlankLines': true, 'skipComments': true }],
-    '@typescript-eslint/no-unused-expressions': 0,
-    'chai-friendly/no-unused-expressions': [2, { 'allowShortCircuit': true }],
-    'unicorn/switch-case-braces': ['error', 'avoid'],
-
-    // Custom warnings:
-    'no-console': 1
-  }
-};

.eslintrc.js

@@ -0,0 +1,356 @@
+module.exports = {
+  "extends": "airbnb-base",
+  "parser": "babel-eslint",
+  "parserOptions": { "sourceType": "module" },
+
+  "env": {
+    "browser": true,
+    "es6": true,
+    "node": true
+  },
+
+  "plugins": [
+    "chai-friendly",
+    "import"
+  ],
+
+  "globals": { // TODO are all these necessary?
+    "globalThis": true,
+    "console": true,
+    "Promise": true,
+    "importScripts": true,
+    "process": true,
+    "Event": true,
+    "describe": true,
+    "it": true,
+    "sinon": true,
+    "mocha": true,
+    "before": true,
+    "beforeEach": true,
+    "after": true,
+    "afterEach": true,
+    "escape": true,
+    "unescape": true,
+    "postMessage": true,
+    "resolves": true,
+    "rejects": true,
+    "TransformStream": true,
+    "BigInt": true
+  },
+
+  "rules": {
+    // Auto generated rules:
+    "accessor-pairs": "error",
+    "array-bracket-newline": "error",
+    "array-bracket-spacing": [
+      "error",
+      "never"
+    ],
+    "array-callback-return": "error",
+    "array-element-newline": "off",
+    "arrow-body-style": "off",
+    "arrow-parens": [
+      "error",
+      "as-needed"
+    ],
+    "arrow-spacing": [
+      "error",
+      {
+        "after": true,
+        "before": true
+      }
+    ],
+    "block-spacing": [
+      "error",
+      "always"
+    ],
+    "brace-style": "off",
+    "callback-return": "error",
+    "camelcase": [
+      "error",
+      {
+        "properties": "never"
+      }
+    ],
+    "capitalized-comments": "off",
+    "class-methods-use-this": "off",
+    "comma-dangle": [ "error", "never" ],
+    "comma-spacing": "off",
+    "comma-style": [
+      "error",
+      "last"
+    ],
+    "complexity": "off",
+    "computed-property-spacing": [
+      "error",
+      "never"
+    ],
+    "consistent-return": "off",
+    "consistent-this": "error",
+    "curly": "error",
+    "default-case": "off",
+    "dot-location": "error",
+    "dot-notation": [
+      "error",
+      {
+        "allowKeywords": true
+      }
+    ],
+    "eol-last": ["error", "always"],
+    "eqeqeq": "error",
+    "for-direction": "error",
+    "func-call-spacing": "error",
+    "func-name-matching": "error",
+    "func-names": [
+      "error",
+      "never"
+    ],
+    "func-style": "off",
+    "function-paren-newline": "off",
+    "generator-star-spacing": "error",
+    "getter-return": "error",
+    "global-require": "off",
+    "guard-for-in": "off",
+    "handle-callback-err": "error",
+    "id-blacklist": "error",
+    "id-length": "off",
+    "id-match": "error",
+    "implicit-arrow-linebreak": [
+      "error",
+      "beside"
+    ],
+    "init-declarations": "off",
+    "jsx-quotes": "error",
+    "key-spacing": "off",
+    "keyword-spacing": "error",
+    "line-comment-position": "off",
+    "linebreak-style": [
+      "error",
+      "unix"
+    ],
+    "lines-around-comment": "off",
+    "lines-around-directive": "error",
+    "lines-between-class-members": "error",
+    "max-depth": "off",
+    "max-len": "off",
+    "max-lines": "off",
+    "max-nested-callbacks": "error",
+    "max-params": "off",
+    "max-statements": "off",
+    "max-statements-per-line": "off",
+    "multiline-comment-style": "off",
+    "multiline-ternary": "off",
+    "new-parens": "error",
+    "newline-after-var": "off",
+    "newline-before-return": "off",
+    "newline-per-chained-call": "off",
+    "no-alert": "error",
+    "no-array-constructor": "error",
+    "no-bitwise": "off",
+    "no-buffer-constructor": "error",
+    "no-caller": "error",
+    "no-catch-shadow": "error",
+    "no-confusing-arrow": "error",
+    "no-continue": "off",
+    "no-div-regex": "error",
+    "no-duplicate-imports": "error",
+    "no-else-return": "off",
+    "no-empty": [
+      "error",
+      {
+        "allowEmptyCatch": true
+      }
+    ],
+    "no-empty-function": "off",
+    "no-eq-null": "error",
+    "no-eval": "error",
+    "no-extend-native": "error",
+    "no-extra-bind": "error",
+    "no-extra-label": "error",
+    "no-extra-parens": "off",
+    "no-floating-decimal": "error",
+    "no-implicit-globals": "error",
+    "no-implied-eval": "error",
+    "no-inline-comments": "off",
+    "no-inner-declarations": [
+      "error",
+      "functions"
+    ],
+    "no-invalid-this": "error",
+    "no-iterator": "error",
+    "no-label-var": "error",
+    "no-labels": "error",
+    "no-lone-blocks": "error",
+    "no-lonely-if": "error",
+    "no-loop-func": "error",
+    "no-magic-numbers": "off",
+    "no-mixed-operators": "off",
+    "no-mixed-requires": "error",
+    "no-multi-assign": "error",
+    "no-multi-spaces": [
+      "error",
+      {
+        "ignoreEOLComments": true
+      }
+    ],
+    "no-multi-str": "error",
+    "no-multiple-empty-lines": ["error", { "max": 2, "maxEOF": 1, "maxBOF":0 }],
+    "no-native-reassign": "error",
+    "no-negated-condition": "off",
+    "no-negated-in-lhs": "error",
+    "no-nested-ternary": "off",
+    "no-new": "error",
+    "no-new-func": "error",
+    "no-new-object": "error",
+    "no-new-require": "error",
+    "no-new-wrappers": "error",
+    "no-octal-escape": "error",
+    "no-param-reassign": "off",
+    "no-path-concat": "error",
+    "no-plusplus": "off",
+    "no-process-env": "error",
+    "no-process-exit": "error",
+    "no-proto": "error",
+    "no-prototype-builtins": "off",
+    "no-restricted-globals": "error",
+    "no-restricted-imports": "error",
+    "no-restricted-modules": "error",
+    "no-restricted-properties": "error",
+    "no-restricted-syntax": ["error", "ForInStatement", "LabeledStatement", "WithStatement"],
+    "no-return-assign": "error",
+    "no-return-await": "error",
+    "no-script-url": "error",
+    "no-self-compare": "error",
+    "no-shadow": "off",
+    "no-shadow-restricted-names": "error",
+    "no-spaced-func": "error",
+    "no-sync": "error",
+    "no-tabs": "error",
+    "no-template-curly-in-string": "error",
+    "no-ternary": "off",
+    "no-throw-literal": "error",
+    "no-undef-init": "error",
+    "no-undefined": "off",
+    "no-unmodified-loop-condition": "error",
+    "no-unneeded-ternary": [
+      "error",
+      {
+        "defaultAssignment": true
+      }
+    ],
+    "no-use-before-define": "off",
+    "no-useless-call": "error",
+    "no-useless-computed-key": "error",
+    "no-useless-concat": "error",
+    "no-useless-constructor": "error",
+    "no-useless-rename": "error",
+    "no-useless-return": "error",
+    "no-void": "error",
+    "no-warning-comments": "off",
+    "no-whitespace-before-property": "error",
+    "no-with": "error",
+    "nonblock-statement-body-position": "error",
+    "object-curly-newline": "off",
+    "object-curly-spacing": "error",
+    "object-property-newline": [
+      "error",
+      {
+        "allowMultiplePropertiesPerLine": true
+      }
+    ],
+    "object-shorthand": "off",
+    "one-var-declaration-per-line": [
+      "error",
+      "initializations"
+    ],
+    "operator-assignment": "off",
+    "operator-linebreak": [
+      "error",
+      "after"
+    ],
+    "padded-blocks": "off",
+    "padding-line-between-statements": "error",
+    "prefer-arrow-callback": "off",
+    "prefer-destructuring": "off",
+    "prefer-numeric-literals": "error",
+    "prefer-promise-reject-errors": "error",
+    "prefer-reflect": "off",
+    "prefer-rest-params": "off",
+    "prefer-spread": "off",
+    "prefer-template": "off",
+    "quote-props": "off",
+    "quotes": ["error", "single", { "avoidEscape": true }],
+    "require-await": "error",
+    "require-jsdoc": "off",
+    "semi-spacing": [
+      "error",
+      {
+        "after": true,
+        "before": false
+      }
+    ],
+    "semi-style": [
+      "error",
+      "last"
+    ],
+    "sort-imports": "off",
+    "sort-keys": "off",
+    "sort-vars": "off",
+    "space-before-blocks": "off",
+    "space-before-function-paren": "off",
+    "space-in-parens": [
+      "error",
+      "never"
+    ],
+    "space-infix-ops": "error",
+    "space-unary-ops": "error",
+    "spaced-comment": "off",
+    "strict": "off",
+    "switch-colon-spacing": "error",
+    "symbol-description": "error",
+    "template-curly-spacing": "error",
+    "template-tag-spacing": "error",
+    "unicode-bom": [
+      "error",
+      "never"
+    ],
+    "wrap-iife": "error",
+    "wrap-regex": "off",
+    "yield-star-spacing": "error",
+    "yoda": [
+      "error",
+      "never"
+    ],
+    "indent": [ "error", 2, { "SwitchCase": 1 } ],
+    "no-buffer-constructor": "error",
+    "no-lonely-if": "error",
+    "no-unused-vars": "error",
+
+    // eslint-plugin-import rules:
+    "import/named": "error",
+    "import/extensions": "error",
+    "import/no-extraneous-dependencies": ["error", {"devDependencies": true, "optionalDependencies": false, "peerDependencies": false}],
+    "import/no-unassigned-import": "error",
+
+    // Custom silencers:
+    "camelcase": 0,
+    "require-await": 0,
+    "no-multi-assign": 0,
+    "no-underscore-dangle": 0,
+    "no-await-in-loop": 0,
+
+    // Custom errors:
+    "no-undef": 2,
+    "no-trailing-spaces": 2,
+    "no-mixed-operators": [ 2, {"groups": [["&", "|", "^", "~", "<<", ">>", ">>>"], ["&&", "||"]]}],
+    "no-use-before-define": [ 2, { "functions": false, "classes": true, "variables": false }],
+    "no-constant-condition": [ 2, { "checkLoops": false } ],
+    "new-cap": [ 2, { "properties": false, "capIsNewExceptionPattern": "EAX|OCB|GCM|CMAC|CBC|OMAC|CTR", "newIsCapExceptionPattern": "type|hash*"}],
+    "max-lines": [ 2, { "max": 620, "skipBlankLines": true, "skipComments": true } ],
+    "no-unused-expressions": 0,
+    "chai-friendly/no-unused-expressions": [ 2, { "allowShortCircuit": true } ],
+
+    // Custom warnings:
+    "no-console": 1,
+  }
+};

.github/dependabot.yml

@@ -1,33 +0,0 @@
-version: 2
-updates:
-  - package-ecosystem: "npm"
-    # The redundant target-branch directive is needed to set two different update schedules for npm,
-    # working around a dependabot limitation:
-    # see https://github.com/dependabot/dependabot-core/issues/1778#issuecomment-1988140219 .
-    target-branch: main
-    directory: "/"
-    schedule:
-      interval: "daily"
-    allow:
-      - dependency-name: "playwright"
-    versioning-strategy: increase
-
-  - package-ecosystem: "npm"
-    directory: "/"
-    schedule:
-      interval: "weekly"
-    allow:
-      - dependency-name: "@noble*"
-      - dependency-name: "fflate"
-    versioning-strategy: increase
-    groups:
-      # Any packages matching the pattern @noble* where the highest resolvable
-      # version is minor or patch will be grouped together.
-      # Grouping rules apply to version updates only.
-      noble:
-        applies-to: version-updates
-        patterns:
-        - "@noble*"
-        update-types:
-        - "minor"
-        - "patch"

.github/test-suite/config.json.template

@@ -1,39 +0,0 @@
-{
-    "drivers": [
-      {
-        "id": "sop-openpgpjs-branch",
-        "path": "__SOP_OPENPGPJS__",
-        "env": {
-          "OPENPGPJS_PATH": "__OPENPGPJS_BRANCH__"
-        }
-      },
-      {
-        "id": "sop-openpgpjs-main",
-        "path": "__SOP_OPENPGPJS__",
-        "env": {
-          "OPENPGPJS_PATH": "__OPENPGPJS_MAIN__",
-          "DISABLE_PROFILES": "true"
-        }
-      },
-      {
-        "path": "__SQOP__"
-      },
-      {
-        "path": "__GPGME_SOP__"
-      },
-      {
-        "id": "gosop-v2",
-        "path": "__GOSOP_V2__"
-      },
-      {
-        "path": "__RNP_SOP__"
-      },
-      {
-        "path": "__RSOP__"
-      }
-    ],
-    "rlimits": {
-      "DATA": 1073741824
-    }
-}
-  

.github/test-suite/prepare_config.sh

@@ -1,14 +0,0 @@
-CONFIG_TEMPLATE=$1
-CONFIG_OUTPUT=$2
-OPENPGPJS_BRANCH=$3
-OPENPGPJS_MAIN=$4
-cat $CONFIG_TEMPLATE \
-    | sed "s@__OPENPGPJS_BRANCH__@${OPENPGPJS_BRANCH}@g" \
-    | sed "s@__OPENPGPJS_MAIN__@${OPENPGPJS_MAIN}@g" \
-    | sed "s@__SQOP__@${SQOP}@g" \
-    | sed "s@__GPGME_SOP__@${GPGME_SOP}@g" \
-    | sed "s@__GOSOP_V2__@${GOSOP_V2}@g" \
-    | sed "s@__SOP_OPENPGPJS__@${SOP_OPENPGPJS_V2}@g" \
-    | sed "s@__RNP_SOP__@${RNP_SOP}@g" \
-    | sed "s@__RSOP__@${RSOP}@g" \
-    > $CONFIG_OUTPUT

.github/workflows/benchmark.yml

@@ -11,17 +11,17 @@ jobs:
 
     steps:
       # check out pull request branch
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v2
         with:
           path: pr
       # check out main branch (to compare performance)
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v2
         with:
           ref: main
           path: main
-      - uses: actions/setup-node@v4
+      - uses: actions/setup-node@v1
         with:
-          node-version: '>=20.6.0'
+          node-version: '15'
 
       - name: Run pull request time benchmark
         run: cd pr && npm install && npm run --silent benchmark-time > benchmarks.txt && cat benchmarks.txt

.github/workflows/browserstack.yml

@@ -0,0 +1,52 @@
+name: Test on Browserstack
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+
+jobs:
+  full:
+    name: Full Build
+
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v2
+    - uses: softprops/turnstyle@v1
+      with:
+        poll-interval-seconds: 30
+        abort-after-seconds: 900
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+    - uses: actions/setup-node@v1
+    - run: npm ci
+    - run: npm run build-test
+    - run: npm run browserstack
+
+  lightweight:
+    name: Lightweight Build
+
+    needs: full
+
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v2
+    - uses: softprops/turnstyle@v1
+      with:
+        poll-interval-seconds: 30
+        abort-after-seconds: 900
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+    - uses: actions/setup-node@v1
+    - run: npm ci
+    - run: npm run build-test --lightweight
+    - run: npm run browserstack
+      env:
+        LIGHTWEIGHT: true
+
+env:
+  BROWSERSTACK_USERNAME: danielhuigens2
+  BROWSERSTACK_KEY: aW2q1ms393QRorwBnfmW

.github/workflows/docs.yml

@@ -13,7 +13,7 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-    - uses: actions/checkout@v4
-    - uses: actions/setup-node@v4
-    - run: npm ci --ignore-scripts
+    - uses: actions/checkout@v2
+    - uses: actions/setup-node@v1
+    - run: npm ci
     - run: npm run docs

.github/workflows/lint.yml

@@ -0,0 +1,19 @@
+name: Lint
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+
+jobs:
+  lint:
+    name: ESLint
+
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v2
+    - uses: actions/setup-node@v1
+    - run: npm ci
+    - run: npm run lint

.github/workflows/node.js.yml

@@ -0,0 +1,29 @@
+# This workflow will do a clean install of node dependencies, build the source code and run tests across different versions of node
+# For more information see: https://help.github.com/actions/language-and-framework-guides/using-nodejs-with-github-actions
+
+name: Test on Node.js
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+
+jobs:
+  build:
+    name: ${{ matrix.node-version }}
+
+    runs-on: ubuntu-latest
+
+    strategy:
+      matrix:
+        node-version: [12.x, 14.x, 16.x, 18.x]
+        # See supported Node.js release schedule at https://nodejs.org/en/about/releases/
+
+    steps:
+    - uses: actions/checkout@v2
+    - uses: actions/setup-node@v1
+      with:
+        node-version: ${{ matrix.node-version }}
+    - run: npm ci
+    - run: npm test

.github/workflows/sop-test-suite.yml

@@ -1,87 +0,0 @@
-name: SOP interoperability test suite
-
-on:
-  pull_request:
-    branches: [ main ]
-
-jobs:
-
-  test-suite:
-    name: Run interoperability test suite
-    runs-on: ubuntu-latest
-    container: 
-      image: ghcr.io/protonmail/openpgp-interop-test-docker:v1.1.12
-      credentials:
-        username: ${{ github.actor }}
-        password: ${{ secrets.github_token }}
-    steps:
-      # check out repo for scripts
-      - uses: actions/checkout@v4
-      # check out pull request branch
-      - name: Checkout openpgpjs-branch
-        uses: actions/checkout@v4
-        with:
-          path: openpgpjs-branch
-      - name: Install openpgpjs-branch
-        run: cd openpgpjs-branch && npm install
-      - name: Print openpgpjs-branch version
-        run: $SOP_OPENPGPJS_V2 version --extended
-        env: 
-          OPENPGPJS_PATH: ${{ github.workspace }}/openpgpjs-branch
-      # check out main branch
-      - name: Checkout openpgpjs-main
-        uses: actions/checkout@v4
-        with:
-          ref: main
-          path: openpgpjs-main
-      - name: Install openpgpjs-main
-        run: cd openpgpjs-main && npm install
-      - name: Print openpgpjs-main version
-        run: $SOP_OPENPGPJS_V2 version --extended
-        env: 
-          OPENPGPJS_PATH: ${{ github.workspace }}/openpgpjs-main
-      # Run test suite
-      - name: Prepare test configuration
-        run: ./.github/test-suite/prepare_config.sh $CONFIG_TEMPLATE $CONFIG_OUTPUT $GITHUB_WORKSPACE/openpgpjs-branch $GITHUB_WORKSPACE/openpgpjs-main
-        env:
-         CONFIG_TEMPLATE: .github/test-suite/config.json.template
-         CONFIG_OUTPUT: .github/test-suite/config.json
-      - name: Display configuration
-        run: cat .github/test-suite/config.json
-      - name: Run interoperability test suite
-        run: cd $TEST_SUITE_DIR && $TEST_SUITE --config $GITHUB_WORKSPACE/$CONFIG --json-out $GITHUB_WORKSPACE/$RESULTS_JSON --html-out $GITHUB_WORKSPACE/$RESULTS_HTML
-        env:
-         CONFIG: .github/test-suite/config.json
-         RESULTS_JSON: .github/test-suite/test-suite-results.json
-         RESULTS_HTML: .github/test-suite/test-suite-results.html
-      # Upload results
-      - name: Upload test results json artifact
-        uses: actions/upload-artifact@v4
-        with:
-          name: test-suite-results.json
-          path: .github/test-suite/test-suite-results.json
-      - name: Upload test results html artifact
-        uses: actions/upload-artifact@v4
-        with:
-          name: test-suite-results.html
-          path: .github/test-suite/test-suite-results.html
-
-  compare-with-main:
-    name: Compare with main
-    runs-on: ubuntu-latest
-    needs: test-suite
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-      - name: Download test results json artifact
-        id: download-test-results
-        uses: actions/download-artifact@v4
-        with:
-          name: test-suite-results.json
-      - name: Compare with baseline
-        uses: ProtonMail/openpgp-interop-test-analyzer@v2
-        with: 
-          results: ${{ steps.download-test-results.outputs.download-path }}/test-suite-results.json
-          output: baseline-comparison.json
-          baseline: sop-openpgpjs-main
-          target: sop-openpgpjs-branch

.github/workflows/test-type-definitions.yml

@@ -0,0 +1,21 @@
+name: Types
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+
+jobs:
+  lint:
+    name: Test type definitions
+
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v2
+    - uses: actions/setup-node@v1
+      with:
+        node-version: '15'
+    - run: npm ci
+    - run: npm run test-type-definitions

.github/workflows/tests.yml

@@ -1,206 +0,0 @@
-name: Code Tests
-
-on:
-  push:
-    branches: [main]
-  pull_request:
-    branches: [main]
-
-jobs:
-  build: # cache both dist and tests (non-lightweight only), based on commit hash
-    name: Build
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-node@v4
-      - name: Check for cached folders
-        id: cache-full
-        uses: actions/cache@v4
-        with:
-          path: |
-            dist
-            test/lib
-          key: cache-${{ github.sha }}
-      - name: Build dist and tests
-        if: steps.cache-full.outputs.cache-hit != 'true'
-        run: |
-          npm ci
-          npm run build-test
-
-  node:
-    strategy:
-      fail-fast: false # if tests for one version fail, continue with the rest
-      matrix:
-        node-version: [18.x, 20.x, 22.x]
-        # See supported Node.js release schedule at https://nodejs.org/en/about/releases/
-
-    name: Node ${{ matrix.node-version }}
-    runs-on: ubuntu-latest
-    needs: build
-    steps:
-    - uses: actions/checkout@v4
-    - uses: actions/setup-node@v4
-      with:
-        node-version: ${{ matrix.node-version }}
-    - run: npm ci --ignore-scripts # for mocha
-    - name: Retrieve cached folders
-      uses: actions/cache/restore@v4
-      id: cache-full
-      with:
-        # test/lib is not needed, but the path must be specified fully for a cache-hit
-        path: |
-          dist
-          test/lib
-        key: cache-${{ github.sha }}
-        # ignore cache miss, since it was taken care of the `build` step and it should never occur here
-    - run: npm test
-
-  test-browsers-latest:
-    name: Browsers (latest)
-    needs: build
-    strategy:
-      fail-fast: false # if tests for one version fail, continue with the rest
-      matrix:
-        # run on all main platforms to test platform-specific code, if present
-        # (e.g. webkit's WebCrypto API implementation is different in macOS vs Linux)
-        # TODO: windows-latest fails to fetch resources from the wtr server; investigate if the problem is with path declaration or permissions
-        runner: ['ubuntu-latest', 'macos-latest']
-    runs-on: ${{ matrix.runner }}
-
-    steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-node@v4
-
-      - name: Retrieve cached built folders
-        uses: actions/cache/restore@v4
-        id: cache-full
-        with:
-          path: |
-            dist
-            test/lib
-          key: cache-${{ github.sha }}
-
-      - name: Install dependencies
-        # cannot use `--ignore-scripts` since playwright seems to use it to set ENV vars
-        run: |
-          npm pkg delete scripts.prepare
-          npm ci
-
-      - name: Get Playwright version and cache location
-        id: playwright-version
-        run: |
-          PLAYWRIGHT_VERSION=$(npm ls playwright --depth=0 | grep playwright | sed 's/.*@//')
-          echo "version=$PLAYWRIGHT_VERSION" >> $GITHUB_OUTPUT
-          PLAYWRIGHT_CACHE=${{ fromJSON('{"ubuntu-latest": "~/.cache/ms-playwright", "macos-latest": "~/Library/Caches/ms-playwright"}')[matrix.runner] }}
-          echo "playwright_cache=$PLAYWRIGHT_CACHE" >> $GITHUB_OUTPUT
-      - name: Check for cached browsers
-        id: cache-playwright-browsers
-        uses: actions/cache@v4
-        with:
-          path: ${{ steps.playwright-version.outputs.playwright_cache }}
-          key: playwright-browsers-${{ matrix.runner }}-${{ steps.playwright-version.outputs.version }}
-      - name: Install browsers
-        if: steps.cache-playwright-browsers.outputs.cache-hit != 'true'
-        run: |
-          npx playwright install --with-deps chromium
-          npx playwright install --with-deps firefox
-
-      - name: Install WebKit # caching not possible, external shared libraries required
-        if: ${{ matrix.runner == 'macos-latest' }} # do not install on ubuntu, since the X25519 WebCrypto implementation has issues
-        run: npx playwright install --with-deps webkit
-
-      - name: Run browser tests
-        run: npm run test-browser:ci -- --static-logging
-
-      - name: Run browser tests (lightweight) # overwrite test/lib
-        run: |
-          npm run build-test -- --config-test-lightweight-build
-          npm run test-browser:ci -- --static-logging
-
-  test-browsers-compatibility:
-    name: Browsers (older, on Browserstack)
-    runs-on: ubuntu-latest
-    needs: test-browsers-latest
-    env: # credentials need hardcoding for now since Github secrets aren't accessible on pull requests from forks
-      BROWSERSTACK_USERNAME: openpgpjs_PlY4Uq885CQ
-      BROWSERSTACK_ACCESS_KEY: VjgBVRMxNVBj7SjJFiau
-    
-    steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-node@v4
-
-      - name: Generate self-signed HTTPS certificates for web-test-runner server
-        uses: kofemann/action-create-certificate@v0.0.4
-        with:
-          hostcert: '127.0.0.1.pem'
-          hostkey:  '127.0.0.1-key.pem'
-          cachain:  'ca-chain.pem'
-      - name: Adjust HTTPS certificates permissions
-        run: sudo chown runner:docker *.pem
-
-      - name: Install dependencies
-        run: npm ci --ignore-scripts
-
-      - name: Retrieve cached dist folder
-        uses: actions/cache/restore@v4
-        id: cache-full
-        with:
-          path: |
-            dist
-            test/lib
-          key: cache-${{ github.sha }}
-
-      - name: Wait for other Browserstack tests to finish
-        uses: softprops/turnstyle@v1
-        with:
-          poll-interval-seconds: 30
-          abort-after-seconds: 900
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-      - name: Run browserstack tests
-        run: npm run test-browserstack -- --static-logging
-
-      - name: Run browserstack tests (lightweight) # overwrite test/lib
-        run: |
-          npm run build-test -- --config-test-lightweight-build
-          npm run test-browserstack -- --static-logging
-        env:
-          LIGHTWEIGHT: true
-
-  types:
-    name: Type definitions
-    runs-on: ubuntu-latest
-    needs: build
-
-    steps:
-    - uses: actions/checkout@v4
-    - uses: actions/setup-node@v4
-    - run: npm ci --ignore-scripts # TS
-    - name: Retrieve cached folders
-      uses: actions/cache/restore@v4
-      id: cache-full
-      with:
-        path: |
-          dist
-          test/lib
-        key: cache-${{ github.sha }}
-    - run: npm run test-type-definitions
-
-  lint:
-    name: ESLint
-    runs-on: ubuntu-latest
-    needs: build
-
-    steps:
-    - uses: actions/checkout@v4
-    - uses: actions/setup-node@v4
-    - run: npm ci --ignore-scripts # linter
-    - name: Retrieve cached folders
-      uses: actions/cache/restore@v4
-      id: cache-full
-      with:
-        path: |
-          dist
-          test/lib
-        key: cache-${{ github.sha }}
-    - run: npm run lint

.gitignore

@@ -5,4 +5,4 @@ test/lib/
 test/typescript/definitions.js
 dist/
 openpgp.store/
-coverage
+.nyc_output/

.mocharc.json

@@ -1,6 +0,0 @@
-{
-	"node-option": [
-		"experimental-specifier-resolution=node",
-		"loader=ts-node/esm"
-	]
-}

README.md

@@ -1,7 +1,7 @@
-OpenPGP.js [![Join the chat on Gitter](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/openpgpjs/openpgpjs?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
+OpenPGP.js [![BrowserStack Status](https://automate.browserstack.com/badge.svg?badge_key=N1l2eHFOanVBMU9wYWxJM3ZnWERnc1lidkt5UkRqa3BralV3SWVhOGpGTT0tLVljSjE4Z3dzVmdiQjl6RWgxb2c3T2c9PQ==--5864052cd523f751b6b907d547ac9c4c5f88c8a3)](https://automate.browserstack.com/public-build/N1l2eHFOanVBMU9wYWxJM3ZnWERnc1lidkt5UkRqa3BralV3SWVhOGpGTT0tLVljSjE4Z3dzVmdiQjl6RWgxb2c3T2c9PQ==--5864052cd523f751b6b907d547ac9c4c5f88c8a3) [![Join the chat on Gitter](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/openpgpjs/openpgpjs?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
 ==========
 
-[OpenPGP.js](https://openpgpjs.org/) is a JavaScript implementation of the OpenPGP protocol. It implements [RFC 9580](https://datatracker.ietf.org/doc/rfc9580/) (superseding [RFC 4880](https://tools.ietf.org/html/rfc4880) and [RFC 4880bis](https://tools.ietf.org/html/draft-ietf-openpgp-rfc4880bis-10)).
+[OpenPGP.js](https://openpgpjs.org/) is a JavaScript implementation of the OpenPGP protocol. It implements [RFC4880](https://tools.ietf.org/html/rfc4880) and parts of [RFC4880bis](https://tools.ietf.org/html/draft-ietf-openpgp-rfc4880bis-10).
 
 **Table of Contents**
 
@@ -33,62 +33,61 @@ OpenPGP.js [![Join the chat on Gitter](https://badges.gitter.im/Join%20Chat.svg)
 
 ### Platform Support
 
-* The `dist/openpgp.min.js` (or `.mjs`) bundle works with recent versions of Chrome, Firefox, Edge and Safari 14+.
+* The `dist/openpgp.min.js` bundle works well with recent versions of Chrome, Firefox, Safari and Edge.
 
-* The `dist/node/openpgp.min.mjs` (or `.cjs`) bundle works in Node.js v18+: it is used by default when you `import ... from 'openpgp'` (or `require('openpgp')`, respectively).
-
-* Support for the [Web Cryptography API](https://w3c.github.io/webcrypto/)'s `SubtleCrypto` is required.
-  * In browsers, `SubtleCrypto` is only available in [secure contexts](https://developer.mozilla.org/en-US/docs/Web/Security/Secure_Contexts).
-  * In supported versions of Node.js, `SubtleCrypto` is always available.
-
-* Support for the [Web Streams API](https://streams.spec.whatwg.org/) is required.
-  * In browsers: the latest versions of Chrome, Firefox, Edge and Safari support Streams, including `TransformStream`s.
-    These are needed if you use the library with stream inputs.
-    In previous versions of OpenPGP.js, Web Streams were automatically polyfilled by the library,
-    but from v6 this task is left up to the library user, due to the more extensive browser support, and the
-    polyfilling side-effects. If you're working with [older browsers versions which do not implement e.g. TransformStreams](https://developer.mozilla.org/en-US/docs/Web/API/TransformStream#browser_compatibility), you can manually
-    load the [Web Streams polyfill](https://github.com/MattiasBuelens/web-streams-polyfills).
-    Please note that when you load the polyfills, the global `ReadableStream` property (if it exists) gets overwritten with the polyfill version.
-    In some edge cases, you might need to use the native
-    `ReadableStream` (for example when using it to create a `Response`
-    object), in which case you should store a reference to it before loading
-    the polyfills. There is also the [web-streams-adapter](https://github.com/MattiasBuelens/web-streams-adapter)
-    library to convert back and forth between them.
-  * In Node.js: OpenPGP.js v6 no longer supports native Node `Readable` streams in inputs, and instead expects (and outputs) [Node's Web Streams](https://nodejs.org/api/webstreams.html#class-readablestream). [Node v17+ includes utilities to convert from and to Web Streams](https://nodejs.org/api/stream.html#streamreadabletowebstreamreadable-options).
+* The `dist/node/openpgp.min.js` bundle works well in Node.js. It is used by default when you `require('openpgp')` in Node.js.
 
+* Currently, Chrome, Safari and Edge have partial implementations of the
+[Streams specification](https://streams.spec.whatwg.org/), and Firefox
+has a partial implementation behind feature flags. Chrome is the only
+browser that implements `TransformStream`s, which we need, so we include
+a [polyfill](https://github.com/MattiasBuelens/web-streams-polyfill) for
+all other browsers. Please note that in those browsers, the global
+`ReadableStream` property gets overwritten with the polyfill version if
+it exists. In some edge cases, you might need to use the native
+`ReadableStream` (for example when using it to create a `Response`
+object), in which case you should store a reference to it before loading
+OpenPGP.js. There is also the
+[web-streams-adapter](https://github.com/MattiasBuelens/web-streams-adapter)
+library to convert back and forth between them.
 
 ### Performance
 
-* Version 3.0.0 of the library introduced support for public-key cryptography using [elliptic curves](https://wiki.gnupg.org/ECC). We use native implementations on browsers and Node.js when available. Compared to RSA, elliptic curve cryptography provides stronger security per bits of key, which allows for much faster operations. Currently the following curves are supported:
+* Version 3.0.0 of the library introduces support for public-key cryptography using [elliptic curves](https://wiki.gnupg.org/ECC). We use native implementations on browsers and Node.js when available. Elliptic curve cryptography provides stronger security per bits of key, which allows for much faster operations. Currently the following curves are supported:
 
     | Curve           | Encryption | Signature | NodeCrypto | WebCrypto | Constant-Time     |
     |:---------------:|:----------:|:---------:|:----------:|:---------:|:-----------------:|
-    | curve25519      | ECDH       | N/A       | No         | No        | Algorithmically  |
-    | ed25519         | N/A        | EdDSA     | No         | Yes*      | If native**      |
-    | nistP256        | ECDH       | ECDSA     | Yes*       | Yes*      | If native**      |
-    | nistP384        | ECDH       | ECDSA     | Yes*       | Yes*      | If native**      |
-    | nistP521        | ECDH       | ECDSA     | Yes*       | Yes*      | If native**      |
-    | brainpoolP256r1 | ECDH       | ECDSA     | Yes*       | No        | If native**      |
-    | brainpoolP384r1 | ECDH       | ECDSA     | Yes*       | No        | If native**      |
-    | brainpoolP512r1 | ECDH       | ECDSA     | Yes*       | No        | If native**      |
-    | secp256k1       | ECDH       | ECDSA     | Yes*       | No        | If native**      |
+    | curve25519      | ECDH       | N/A       | No         | No        | Algorithmically** |
+    | ed25519         | N/A        | EdDSA     | No         | No        | Algorithmically** |
+    | p256            | ECDH       | ECDSA     | Yes*       | Yes*      | If native***      |
+    | p384            | ECDH       | ECDSA     | Yes*       | Yes*      | If native***      |
+    | p521            | ECDH       | ECDSA     | Yes*       | Yes*      | If native***      |
+    | brainpoolP256r1 | ECDH       | ECDSA     | Yes*       | No        | If native***      |
+    | brainpoolP384r1 | ECDH       | ECDSA     | Yes*       | No        | If native***      |
+    | brainpoolP512r1 | ECDH       | ECDSA     | Yes*       | No        | If native***      |
+    | secp256k1       | ECDH       | ECDSA     | Yes*       | No        | If native***      |
 
    \* when available  
-   \** these curves are only constant-time if the underlying native implementation is available and constant-time
+   \** the curve25519 and ed25519 implementations are algorithmically constant-time, but may not be constant-time after optimizations of the JavaScript compiler  
+   \*** these curves are only constant-time if the underlying native implementation is available and constant-time
 
-* The platform's [native Web Crypto API](https://w3c.github.io/webcrypto/) is used for performance. On Node.js the native [crypto module](https://nodejs.org/api/crypto.html#crypto_crypto) is also used, in cases where it offers additional functionality.
+* Version 2.x of the library has been built from the ground up with Uint8Arrays. This allows for much better performance and memory usage than strings.
 
-* The library implements authenticated encryption (AEAD) as per [RFC 9580](https://datatracker.ietf.org/doc/rfc9580/) using AES-GCM, OCB, or EAX. This makes symmetric encryption faster on platforms with native implementations. However, since the specification is very recent and other OpenPGP implementations are in the process of adopting it, the feature is currently behind a flag. **Note: activating this setting can break compatibility with other OpenPGP implementations which have yet to implement the feature.** You can enable it by setting `openpgp.config.aeadProtect = true`.
-  Note that this setting has a different effect from the one in OpenPGP.js v5, which implemented support for a provisional version of AEAD from [RFC 4880bis](https://tools.ietf.org/html/draft-ietf-openpgp-rfc4880bis-10), which was modified in RFC 9580.
+* If the user's browser supports [native WebCrypto](https://caniuse.com/#feat=cryptography) via the `window.crypto.subtle` API, this will be used. Under Node.js the native [crypto module](https://nodejs.org/api/crypto.html#crypto_crypto) is used.
+
+* The library implements the [IETF proposal](https://tools.ietf.org/html/draft-ietf-openpgp-rfc4880bis-10) for authenticated encryption using native AES-EAX, OCB, or GCM. This makes symmetric encryption up to 30x faster on supported platforms. Since the specification has not been finalized and other OpenPGP implementations haven't adopted it yet, the feature is currently behind a flag. **Note: activating this setting can break compatibility with other OpenPGP implementations, and also with future versions of OpenPGP.js. Don't use it with messages you want to store on disk or in a database.** You can enable it by setting `openpgp.config.aeadProtect = true`.
 
   You can change the AEAD mode by setting one of the following options:
 
   ```
-  openpgp.config.preferredAEADAlgorithm = openpgp.enums.aead.gcm; // Default, native in WebCrypto and Node.js
-  openpgp.config.preferredAEADAlgorithm = openpgp.enums.aead.ocb; // Non-native, but supported across RFC 9580 implementations
-  openpgp.config.preferredAEADAlgorithm = openpgp.enums.aead.eax; // Native in Node.js
+  openpgp.config.preferredAEADAlgorithm = openpgp.enums.aead.eax // Default, native
+  openpgp.config.preferredAEADAlgorithm = openpgp.enums.aead.ocb // Non-native
+  openpgp.config.preferredAEADAlgorithm = openpgp.enums.aead.experimentalGCM // **Non-standard**, fastest
   ```
 
+* For environments that don't provide native crypto, the library falls back to [asm.js](https://caniuse.com/#feat=asmjs) implementations of AES, SHA-1, and SHA-256.
+
+
 ### Getting started
 
 #### Node.js
@@ -99,17 +98,18 @@ Install OpenPGP.js using npm and save it in your dependencies:
 npm install --save openpgp
 ```
 
-And import it as an ES module, from a .mjs file:
-```js
-import * as openpgp from 'openpgp';
-```
-
-Or as a CommonJS module:
+And import it as a CommonJS module:
 
 ```js
 const openpgp = require('openpgp');
 ```
 
+Or as an ES6 module, from an .mjs file:
+
+```js
+import * as openpgp from 'openpgp';
+```
+
 #### Deno (experimental)
 
 Import as an ES6 module, using /dist/openpgp.mjs.
@@ -172,19 +172,9 @@ import * as openpgp from './openpgp.min.mjs';
 
 To offload cryptographic operations off the main thread, you can implement a Web Worker in your application and load OpenPGP.js from there. For an example Worker implementation, see `test/worker/worker_example.js`.
 
-#### TypeScript
-
-Since TS is not fully integrated in the library, TS-only dependencies are currently listed as `devDependencies`, so to compile the project you’ll need to add `@openpgp/web-stream-tools` manually:
-
-```sh
-npm install --save-dev @openpgp/web-stream-tools
-```
-
-If you notice missing or incorrect type definitions, feel free to open a PR.
-
 ### Examples
 
-Here are some examples of how to use OpenPGP.js v6. For more elaborate examples and working code, please check out the [public API unit tests](https://github.com/openpgpjs/openpgpjs/blob/main/test/general/openpgp.js). If you're upgrading from v4 it might help to check out the [changelog](https://github.com/openpgpjs/openpgpjs/wiki/v6-Changelog) and [documentation](https://github.com/openpgpjs/openpgpjs#documentation).
+Here are some examples of how to use OpenPGP.js v5. For more elaborate examples and working code, please check out the [public API unit tests](https://github.com/openpgpjs/openpgpjs/blob/main/test/general/openpgp.js). If you're upgrading from v4 it might help to check out the [changelog](https://github.com/openpgpjs/openpgpjs/wiki/V5-Changelog) and [documentation](https://github.com/openpgpjs/openpgpjs#documentation).
 
 #### Encrypt and decrypt *Uint8Array* data with a password
 
@@ -389,8 +379,14 @@ Where the value can be any of:
 })();
 ```
 
-For more information on using ReadableStreams (both in browsers and Node.js), see [the MDN Documentation on the
-Streams API](https://developer.mozilla.org/en-US/docs/Web/API/Streams_API) .
+For more information on using ReadableStreams, see [the MDN Documentation on the
+Streams API](https://developer.mozilla.org/en-US/docs/Web/API/Streams_API).
+
+You can also pass a [Node.js `Readable`
+stream](https://nodejs.org/api/stream.html#stream_class_stream_readable), in
+which case OpenPGP.js will return a Node.js `Readable` stream as well, which you
+can `.pipe()` to a `Writable` stream, for example.
+
 
 #### Streaming encrypt and decrypt *String* data with PGP keys
 
@@ -447,7 +443,7 @@ Streams API](https://developer.mozilla.org/en-US/docs/Web/API/Streams_API) .
 
 ECC keys (smaller and faster to generate):
 
-Possible values for `curve` are: `curve25519`, `ed25519`, `nistP256`, `nistP384`, `nistP521`,
+Possible values for `curve` are: `curve25519`, `ed25519`, `p256`, `p384`, `p521`,
 `brainpoolP256r1`, `brainpoolP384r1`, `brainpoolP512r1`, and `secp256k1`.
 Note that both the `curve25519` and `ed25519` options generate a primary key for signing using Ed25519
 and a subkey for encryption using Curve25519.
@@ -664,7 +660,7 @@ To create your own build of the library, just run the following command after cl
 
     npm install && npm test
 
-For debugging browser errors, run the following command:
+For debugging browser errors, you can run `npm start` and open [`http://localhost:8080/test/unittests.html`](http://localhost:8080/test/unittests.html) in a browser, or run the following command:
 
     npm run browsertest
 

docs/module-crypto_random-RandomBuffer.html

@@ -0,0 +1,593 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="utf-8">
+    <title>JSDoc: Class: RandomBuffer</title>
+
+    <script src="scripts/prettify/prettify.js"> </script>
+    <script src="scripts/prettify/lang-css.js"> </script>
+    <!--[if lt IE 9]>
+      <script src="//html5shiv.googlecode.com/svn/trunk/html5.js"></script>
+    <![endif]-->
+    <link type="text/css" rel="stylesheet" href="styles/prettify-tomorrow.css">
+    <link type="text/css" rel="stylesheet" href="styles/jsdoc-default.css">
+</head>
+
+<body>
+
+<div id="main">
+
+    <h1 class="page-title">Class: RandomBuffer</h1>
+
+    
+
+
+
+
+<section>
+
+<header>
+    
+        <h2><span class="attribs"><span class="type-signature"></span></span>RandomBuffer<span class="signature">()</span><span class="type-signature"></span></h2>
+        
+            <div class="class-description"><p>Buffer for secure random numbers</p></div>
+        
+    
+</header>
+
+<article>
+    <div class="container-overview">
+    
+        
+
+    
+    <h2>Constructor</h2>
+    
+
+    
+    <h4 class="name" id="RandomBuffer"><span class="type-signature"></span>new RandomBuffer<span class="signature">()</span><span class="type-signature"></span></h4>
+    
+
+    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+<dl class="details">
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+    <dt class="tag-source">Source:</dt>
+    <dd class="tag-source"><ul class="dummy"><li>
+        <a href="https://github.com/openpgpjs/openpgpjs/blob/v5.5.0/src/crypto/random.js">crypto/random.js</a>, <a href="https://github.com/openpgpjs/openpgpjs/blob/v5.5.0/src/crypto/random.js#L33">line 33</a>
+    </li></ul></dd>
+    
+
+    
+
+    
+
+    
+</dl>
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+    
+    </div>
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+        <h3 class="subsection-title">Methods</h3>
+
+        
+            
+
+    
+
+    
+    <h4 class="name" id="get"><span class="type-signature">(async) </span>get<span class="signature">(buf)</span><span class="type-signature"></span></h4>
+    
+
+    
+
+
+
+<div class="description">
+    <p>Take numbers out of buffer and copy to array</p>
+</div>
+
+
+
+
+
+
+
+
+
+    <h5>Parameters:</h5>
+    
+
+<table class="params">
+    <thead>
+    <tr>
+        
+        <th>Name</th>
+        
+
+        <th>Type</th>
+
+        
+
+        
+
+        <th class="last">Description</th>
+    </tr>
+    </thead>
+
+    <tbody>
+    
+
+        <tr>
+            
+                <td class="name"><code>buf</code></td>
+            
+
+            <td class="type">
+            
+                
+<span class="param-type">Uint8Array</span>
+
+
+            
+            </td>
+
+            
+
+            
+
+            <td class="description last"><p>The destination array</p></td>
+        </tr>
+
+    
+    </tbody>
+</table>
+
+
+
+
+
+
+<dl class="details">
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+    <dt class="tag-source">Source:</dt>
+    <dd class="tag-source"><ul class="dummy"><li>
+        <a href="https://github.com/openpgpjs/openpgpjs/blob/v5.5.0/src/crypto/random.js">crypto/random.js</a>, <a href="https://github.com/openpgpjs/openpgpjs/blob/v5.5.0/src/crypto/random.js#L73">line 73</a>
+    </li></ul></dd>
+    
+
+    
+
+    
+
+    
+</dl>
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+        
+            
+
+    
+
+    
+    <h4 class="name" id="init"><span class="type-signature"></span>init<span class="signature">(size)</span><span class="type-signature"></span></h4>
+    
+
+    
+
+
+
+<div class="description">
+    <p>Initialize buffer</p>
+</div>
+
+
+
+
+
+
+
+
+
+    <h5>Parameters:</h5>
+    
+
+<table class="params">
+    <thead>
+    <tr>
+        
+        <th>Name</th>
+        
+
+        <th>Type</th>
+
+        
+
+        
+
+        <th class="last">Description</th>
+    </tr>
+    </thead>
+
+    <tbody>
+    
+
+        <tr>
+            
+                <td class="name"><code>size</code></td>
+            
+
+            <td class="type">
+            
+                
+<span class="param-type">Integer</span>
+
+
+            
+            </td>
+
+            
+
+            
+
+            <td class="description last"><p>size of buffer</p></td>
+        </tr>
+
+    
+    </tbody>
+</table>
+
+
+
+
+
+
+<dl class="details">
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+    <dt class="tag-source">Source:</dt>
+    <dd class="tag-source"><ul class="dummy"><li>
+        <a href="https://github.com/openpgpjs/openpgpjs/blob/v5.5.0/src/crypto/random.js">crypto/random.js</a>, <a href="https://github.com/openpgpjs/openpgpjs/blob/v5.5.0/src/crypto/random.js#L43">line 43</a>
+    </li></ul></dd>
+    
+
+    
+
+    
+
+    
+</dl>
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+        
+            
+
+    
+
+    
+    <h4 class="name" id="set"><span class="type-signature"></span>set<span class="signature">(buf)</span><span class="type-signature"></span></h4>
+    
+
+    
+
+
+
+<div class="description">
+    <p>Concat array of secure random numbers to buffer</p>
+</div>
+
+
+
+
+
+
+
+
+
+    <h5>Parameters:</h5>
+    
+
+<table class="params">
+    <thead>
+    <tr>
+        
+        <th>Name</th>
+        
+
+        <th>Type</th>
+
+        
+
+        
+
+        <th class="last">Description</th>
+    </tr>
+    </thead>
+
+    <tbody>
+    
+
+        <tr>
+            
+                <td class="name"><code>buf</code></td>
+            
+
+            <td class="type">
+            
+                
+<span class="param-type">Uint8Array</span>
+
+
+            
+            </td>
+
+            
+
+            
+
+            <td class="description last"></td>
+        </tr>
+
+    
+    </tbody>
+</table>
+
+
+
+
+
+
+<dl class="details">
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+    <dt class="tag-source">Source:</dt>
+    <dd class="tag-source"><ul class="dummy"><li>
+        <a href="https://github.com/openpgpjs/openpgpjs/blob/v5.5.0/src/crypto/random.js">crypto/random.js</a>, <a href="https://github.com/openpgpjs/openpgpjs/blob/v5.5.0/src/crypto/random.js#L53">line 53</a>
+    </li></ul></dd>
+    
+
+    
+
+    
+
+    
+</dl>
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+        
+    
+
+    
+
+    
+</article>
+
+</section>
+
+
+
+
+</div>
+
+<nav>
+    <h2><a href="index.html">Home</a></h2><h3>Functions</h3><ul><li><a href="global.html#aes">aes</a></li><li><a href="global.html#armor">armor</a></li><li><a href="global.html#createCleartextMessage">createCleartextMessage</a></li><li><a href="global.html#createKey">createKey</a></li><li><a href="global.html#createMessage">createMessage</a></li><li><a href="global.html#decrypt">decrypt</a></li><li><a href="global.html#decryptKey">decryptKey</a></li><li><a href="global.html#decryptSessionKeys">decryptSessionKeys</a></li><li><a href="global.html#encrypt">encrypt</a></li><li><a href="global.html#encryptKey">encryptKey</a></li><li><a href="global.html#encryptSessionKey">encryptSessionKey</a></li><li><a href="global.html#formatObject">formatObject</a></li><li><a href="global.html#generateKey">generateKey</a></li><li><a href="global.html#generateSessionKey">generateSessionKey</a></li><li><a href="global.html#newPacketFromTag">newPacketFromTag</a></li><li><a href="global.html#readCleartextMessage">readCleartextMessage</a></li><li><a href="global.html#readKey">readKey</a></li><li><a href="global.html#readKeys">readKeys</a></li><li><a href="global.html#readMessage">readMessage</a></li><li><a href="global.html#readPrivateKey">readPrivateKey</a></li><li><a href="global.html#readPrivateKeys">readPrivateKeys</a></li><li><a href="global.html#readSignature">readSignature</a></li><li><a href="global.html#reformatKey">reformatKey</a></li><li><a href="global.html#revokeKey">revokeKey</a></li><li><a href="global.html#sign">sign</a></li><li><a href="global.html#unarmor">unarmor</a></li><li><a href="global.html#verify">verify</a></li><li><a href="global.html#wrapKeyObject">wrapKeyObject</a></li></ul><h3>Modules</h3><ul><li><a href="module-config.html">config</a></li><li><a href="module-enums.html">enums</a></li></ul><h3>Classes</h3><ul><li><a href="AEADEncryptedDataPacket.html">AEADEncryptedDataPacket</a></li><li><a href="CleartextMessage.html">CleartextMessage</a></li><li><a href="CompressedDataPacket.html">CompressedDataPacket</a></li><li><a href="Key.html">Key</a></li><li><a href="LiteralDataPacket.html">LiteralDataPacket</a></li><li><a href="MarkerPacket.html">MarkerPacket</a></li><li><a href="Message.html">Message</a></li><li><a href="module-crypto_random-RandomBuffer.html">RandomBuffer</a></li><li><a href="module-key_Subkey-Subkey.html">Subkey</a></li><li><a href="module-key_User-User.html">User</a></li><li><a href="module-type_kdf_params-KDFParams.html">KDFParams</a></li><li><a href="module-type_keyid-KeyID.html">KeyID</a></li><li><a href="module-type_s2k-S2K.html">S2K</a></li><li><a href="OnePassSignaturePacket.html">OnePassSignaturePacket</a></li><li><a href="PacketList.html">PacketList</a></li><li><a href="PrivateKey.html">PrivateKey</a></li><li><a href="PublicKey.html">PublicKey</a></li><li><a href="PublicKeyEncryptedSessionKeyPacket.html">PublicKeyEncryptedSessionKeyPacket</a></li><li><a href="PublicKeyPacket.html">PublicKeyPacket</a></li><li><a href="PublicSubkeyPacket.html">PublicSubkeyPacket</a></li><li><a href="SecretKeyPacket.html">SecretKeyPacket</a></li><li><a href="SecretSubkeyPacket.html">SecretSubkeyPacket</a></li><li><a href="Signature.html">Signature</a></li><li><a href="SignaturePacket.html">SignaturePacket</a></li><li><a href="SymEncryptedIntegrityProtectedDataPacket.html">SymEncryptedIntegrityProtectedDataPacket</a></li><li><a href="SymEncryptedSessionKeyPacket.html">SymEncryptedSessionKeyPacket</a></li><li><a href="SymmetricallyEncryptedDataPacket.html">SymmetricallyEncryptedDataPacket</a></li><li><a href="TrustPacket.html">TrustPacket</a></li><li><a href="UserAttributePacket.html">UserAttributePacket</a></li><li><a href="UserIDPacket.html">UserIDPacket</a></li></ul>
+</nav>
+
+<br class="clear">
+
+<footer>
+    Documentation generated by <a href="https://github.com/jsdoc/jsdoc">JSDoc 3.6.4</a>
+</footer>
+
+<script> prettyPrint(); </script>
+<script src="scripts/linenumber.js"> </script>
+</body>
+</html>

docs/module-type_s2k-S2K.html

@@ -0,0 +1,968 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="utf-8">
+    <title>JSDoc: Class: S2K</title>
+
+    <script src="scripts/prettify/prettify.js"> </script>
+    <script src="scripts/prettify/lang-css.js"> </script>
+    <!--[if lt IE 9]>
+      <script src="//html5shiv.googlecode.com/svn/trunk/html5.js"></script>
+    <![endif]-->
+    <link type="text/css" rel="stylesheet" href="styles/prettify-tomorrow.css">
+    <link type="text/css" rel="stylesheet" href="styles/jsdoc-default.css">
+</head>
+
+<body>
+
+<div id="main">
+
+    <h1 class="page-title">Class: S2K</h1>
+
+    
+
+
+
+
+<section>
+
+<header>
+    
+        <h2><span class="attribs"><span class="type-signature"></span></span>S2K<span class="signature">(config<span class="signature-attributes">opt</span>)</span><span class="type-signature"></span></h2>
+        
+    
+</header>
+
+<article>
+    <div class="container-overview">
+    
+        
+
+    
+
+    
+    <h4 class="name" id="S2K"><span class="type-signature"></span>new S2K<span class="signature">(config<span class="signature-attributes">opt</span>)</span><span class="type-signature"></span></h4>
+    
+
+    
+
+
+
+
+
+
+
+
+
+
+
+    <h5>Parameters:</h5>
+    
+
+<table class="params">
+    <thead>
+    <tr>
+        
+        <th>Name</th>
+        
+
+        <th>Type</th>
+
+        
+        <th>Attributes</th>
+        
+
+        
+
+        <th class="last">Description</th>
+    </tr>
+    </thead>
+
+    <tbody>
+    
+
+        <tr>
+            
+                <td class="name"><code>config</code></td>
+            
+
+            <td class="type">
+            
+                
+<span class="param-type">Object</span>
+
+
+            
+            </td>
+
+            
+                <td class="attributes">
+                
+                    &lt;optional><br>
+                
+
+                
+
+                
+                </td>
+            
+
+            
+
+            <td class="description last"><p>Full configuration, defaults to openpgp.config</p></td>
+        </tr>
+
+    
+    </tbody>
+</table>
+
+
+
+
+
+
+<dl class="details">
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+    <dt class="tag-source">Source:</dt>
+    <dd class="tag-source"><ul class="dummy"><li>
+        <a href="https://github.com/openpgpjs/openpgpjs/blob/v5.5.0/src/type/s2k.js">type/s2k.js</a>, <a href="https://github.com/openpgpjs/openpgpjs/blob/v5.5.0/src/type/s2k.js#L40">line 40</a>
+    </li></ul></dd>
+    
+
+    
+
+    
+
+    
+</dl>
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+    
+    </div>
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+        <h3 class="subsection-title">Members</h3>
+
+        
+            
+<h4 class="name" id="algorithm"><span class="type-signature"></span>algorithm<span class="type-signature"> :<a href="module-enums.html#.hash">module:enums.hash</a>|0</span></h4>
+
+
+
+
+<div class="description">
+    <p>Hash function identifier, or 0 for gnu-dummy keys</p>
+</div>
+
+
+
+    <h5>Type:</h5>
+    <ul>
+        <li>
+            
+<span class="param-type"><a href="module-enums.html#.hash">module:enums.hash</a></span>
+|
+
+<span class="param-type">0</span>
+
+
+        </li>
+    </ul>
+
+
+
+
+
+<dl class="details">
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+    <dt class="tag-source">Source:</dt>
+    <dd class="tag-source"><ul class="dummy"><li>
+        <a href="https://github.com/openpgpjs/openpgpjs/blob/v5.5.0/src/type/s2k.js">type/s2k.js</a>, <a href="https://github.com/openpgpjs/openpgpjs/blob/v5.5.0/src/type/s2k.js#L45">line 45</a>
+    </li></ul></dd>
+    
+
+    
+
+    
+
+    
+</dl>
+
+
+
+
+
+
+        
+            
+<h4 class="name" id="c"><span class="type-signature"></span>c<span class="type-signature"> :Integer</span></h4>
+
+
+
+
+
+
+    <h5>Type:</h5>
+    <ul>
+        <li>
+            
+<span class="param-type">Integer</span>
+
+
+        </li>
+    </ul>
+
+
+
+
+
+<dl class="details">
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+    <dt class="tag-source">Source:</dt>
+    <dd class="tag-source"><ul class="dummy"><li>
+        <a href="https://github.com/openpgpjs/openpgpjs/blob/v5.5.0/src/type/s2k.js">type/s2k.js</a>, <a href="https://github.com/openpgpjs/openpgpjs/blob/v5.5.0/src/type/s2k.js#L52">line 52</a>
+    </li></ul></dd>
+    
+
+    
+
+    
+
+    
+</dl>
+
+
+
+
+
+
+        
+            
+<h4 class="name" id="salt"><span class="type-signature"></span>salt<span class="type-signature"> :Uint8Array</span></h4>
+
+
+
+
+<div class="description">
+    <p>Eight bytes of salt in a binary string.</p>
+</div>
+
+
+
+    <h5>Type:</h5>
+    <ul>
+        <li>
+            
+<span class="param-type">Uint8Array</span>
+
+
+        </li>
+    </ul>
+
+
+
+
+
+<dl class="details">
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+    <dt class="tag-source">Source:</dt>
+    <dd class="tag-source"><ul class="dummy"><li>
+        <a href="https://github.com/openpgpjs/openpgpjs/blob/v5.5.0/src/type/s2k.js">type/s2k.js</a>, <a href="https://github.com/openpgpjs/openpgpjs/blob/v5.5.0/src/type/s2k.js#L56">line 56</a>
+    </li></ul></dd>
+    
+
+    
+
+    
+
+    
+</dl>
+
+
+
+
+
+
+        
+            
+<h4 class="name" id="type"><span class="type-signature"></span>type<span class="type-signature"> :String</span></h4>
+
+
+
+
+<div class="description">
+    <p>enums.s2k identifier or 'gnu-dummy'</p>
+</div>
+
+
+
+    <h5>Type:</h5>
+    <ul>
+        <li>
+            
+<span class="param-type">String</span>
+
+
+        </li>
+    </ul>
+
+
+
+
+
+<dl class="details">
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+    <dt class="tag-source">Source:</dt>
+    <dd class="tag-source"><ul class="dummy"><li>
+        <a href="https://github.com/openpgpjs/openpgpjs/blob/v5.5.0/src/type/s2k.js">type/s2k.js</a>, <a href="https://github.com/openpgpjs/openpgpjs/blob/v5.5.0/src/type/s2k.js#L50">line 50</a>
+    </li></ul></dd>
+    
+
+    
+
+    
+
+    
+</dl>
+
+
+
+
+
+
+        
+    
+
+    
+        <h3 class="subsection-title">Methods</h3>
+
+        
+            
+
+    
+
+    
+    <h4 class="name" id="produceKey"><span class="type-signature">(async) </span>produceKey<span class="signature">(passphrase)</span><span class="type-signature"> &rarr; {Promise.&lt;Uint8Array>}</span></h4>
+    
+
+    
+
+
+
+<div class="description">
+    <p>Produces a key using the specified passphrase and the defined
+hashAlgorithm</p>
+</div>
+
+
+
+
+
+
+
+
+
+    <h5>Parameters:</h5>
+    
+
+<table class="params">
+    <thead>
+    <tr>
+        
+        <th>Name</th>
+        
+
+        <th>Type</th>
+
+        
+
+        
+
+        <th class="last">Description</th>
+    </tr>
+    </thead>
+
+    <tbody>
+    
+
+        <tr>
+            
+                <td class="name"><code>passphrase</code></td>
+            
+
+            <td class="type">
+            
+                
+<span class="param-type">String</span>
+
+
+            
+            </td>
+
+            
+
+            
+
+            <td class="description last"><p>Passphrase containing user input</p></td>
+        </tr>
+
+    
+    </tbody>
+</table>
+
+
+
+
+
+
+<dl class="details">
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+    <dt class="tag-source">Source:</dt>
+    <dd class="tag-source"><ul class="dummy"><li>
+        <a href="https://github.com/openpgpjs/openpgpjs/blob/v5.5.0/src/type/s2k.js">type/s2k.js</a>, <a href="https://github.com/openpgpjs/openpgpjs/blob/v5.5.0/src/type/s2k.js#L152">line 152</a>
+    </li></ul></dd>
+    
+
+    
+
+    
+
+    
+</dl>
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+<h5>Returns:</h5>
+
+        
+<div class="param-desc">
+    <p>Produced key with a length corresponding to.
+hashAlgorithm hash length</p>
+</div>
+
+
+
+<dl>
+    <dt>
+        Type
+    </dt>
+    <dd>
+        
+<span class="param-type">Promise.&lt;Uint8Array></span>
+
+
+    </dd>
+</dl>
+
+    
+
+
+
+
+
+        
+            
+
+    
+
+    
+    <h4 class="name" id="read"><span class="type-signature"></span>read<span class="signature">(bytes)</span><span class="type-signature"> &rarr; {Integer}</span></h4>
+    
+
+    
+
+
+
+<div class="description">
+    <p>Parsing function for a string-to-key specifier (<a href="https://tools.ietf.org/html/rfc4880#section-3.7">RFC 4880 3.7</a>).</p>
+</div>
+
+
+
+
+
+
+
+
+
+    <h5>Parameters:</h5>
+    
+
+<table class="params">
+    <thead>
+    <tr>
+        
+        <th>Name</th>
+        
+
+        <th>Type</th>
+
+        
+
+        
+
+        <th class="last">Description</th>
+    </tr>
+    </thead>
+
+    <tbody>
+    
+
+        <tr>
+            
+                <td class="name"><code>bytes</code></td>
+            
+
+            <td class="type">
+            
+                
+<span class="param-type">Uint8Array</span>
+
+
+            
+            </td>
+
+            
+
+            
+
+            <td class="description last"><p>Payload of string-to-key specifier</p></td>
+        </tr>
+
+    
+    </tbody>
+</table>
+
+
+
+
+
+
+<dl class="details">
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+    <dt class="tag-source">Source:</dt>
+    <dd class="tag-source"><ul class="dummy"><li>
+        <a href="https://github.com/openpgpjs/openpgpjs/blob/v5.5.0/src/type/s2k.js">type/s2k.js</a>, <a href="https://github.com/openpgpjs/openpgpjs/blob/v5.5.0/src/type/s2k.js#L71">line 71</a>
+    </li></ul></dd>
+    
+
+    
+
+    
+
+    
+</dl>
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+<h5>Returns:</h5>
+
+        
+<div class="param-desc">
+    <p>Actual length of the object.</p>
+</div>
+
+
+
+<dl>
+    <dt>
+        Type
+    </dt>
+    <dd>
+        
+<span class="param-type">Integer</span>
+
+
+    </dd>
+</dl>
+
+    
+
+
+
+
+
+        
+            
+
+    
+
+    
+    <h4 class="name" id="write"><span class="type-signature"></span>write<span class="signature">()</span><span class="type-signature"> &rarr; {Uint8Array}</span></h4>
+    
+
+    
+
+
+
+<div class="description">
+    <p>Serializes s2k information</p>
+</div>
+
+
+
+
+
+
+
+
+
+
+
+
+
+<dl class="details">
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+
+    
+    <dt class="tag-source">Source:</dt>
+    <dd class="tag-source"><ul class="dummy"><li>
+        <a href="https://github.com/openpgpjs/openpgpjs/blob/v5.5.0/src/type/s2k.js">type/s2k.js</a>, <a href="https://github.com/openpgpjs/openpgpjs/blob/v5.5.0/src/type/s2k.js#L119">line 119</a>
+    </li></ul></dd>
+    
+
+    
+
+    
+
+    
+</dl>
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+<h5>Returns:</h5>
+
+        
+<div class="param-desc">
+    <p>Binary representation of s2k.</p>
+</div>
+
+
+
+<dl>
+    <dt>
+        Type
+    </dt>
+    <dd>
+        
+<span class="param-type">Uint8Array</span>
+
+
+    </dd>
+</dl>
+
+    
+
+
+
+
+
+        
+    
+
+    
+
+    
+</article>
+
+</section>
+
+
+
+
+</div>
+
+<nav>
+    <h2><a href="index.html">Home</a></h2><h3>Functions</h3><ul><li><a href="global.html#aes">aes</a></li><li><a href="global.html#armor">armor</a></li><li><a href="global.html#createCleartextMessage">createCleartextMessage</a></li><li><a href="global.html#createKey">createKey</a></li><li><a href="global.html#createMessage">createMessage</a></li><li><a href="global.html#decrypt">decrypt</a></li><li><a href="global.html#decryptKey">decryptKey</a></li><li><a href="global.html#decryptSessionKeys">decryptSessionKeys</a></li><li><a href="global.html#encrypt">encrypt</a></li><li><a href="global.html#encryptKey">encryptKey</a></li><li><a href="global.html#encryptSessionKey">encryptSessionKey</a></li><li><a href="global.html#formatObject">formatObject</a></li><li><a href="global.html#generateKey">generateKey</a></li><li><a href="global.html#generateSessionKey">generateSessionKey</a></li><li><a href="global.html#newPacketFromTag">newPacketFromTag</a></li><li><a href="global.html#readCleartextMessage">readCleartextMessage</a></li><li><a href="global.html#readKey">readKey</a></li><li><a href="global.html#readKeys">readKeys</a></li><li><a href="global.html#readMessage">readMessage</a></li><li><a href="global.html#readPrivateKey">readPrivateKey</a></li><li><a href="global.html#readPrivateKeys">readPrivateKeys</a></li><li><a href="global.html#readSignature">readSignature</a></li><li><a href="global.html#reformatKey">reformatKey</a></li><li><a href="global.html#revokeKey">revokeKey</a></li><li><a href="global.html#sign">sign</a></li><li><a href="global.html#unarmor">unarmor</a></li><li><a href="global.html#verify">verify</a></li><li><a href="global.html#wrapKeyObject">wrapKeyObject</a></li></ul><h3>Modules</h3><ul><li><a href="module-config.html">config</a></li><li><a href="module-enums.html">enums</a></li></ul><h3>Classes</h3><ul><li><a href="AEADEncryptedDataPacket.html">AEADEncryptedDataPacket</a></li><li><a href="CleartextMessage.html">CleartextMessage</a></li><li><a href="CompressedDataPacket.html">CompressedDataPacket</a></li><li><a href="Key.html">Key</a></li><li><a href="LiteralDataPacket.html">LiteralDataPacket</a></li><li><a href="MarkerPacket.html">MarkerPacket</a></li><li><a href="Message.html">Message</a></li><li><a href="module-crypto_random-RandomBuffer.html">RandomBuffer</a></li><li><a href="module-key_Subkey-Subkey.html">Subkey</a></li><li><a href="module-key_User-User.html">User</a></li><li><a href="module-type_kdf_params-KDFParams.html">KDFParams</a></li><li><a href="module-type_keyid-KeyID.html">KeyID</a></li><li><a href="module-type_s2k-S2K.html">S2K</a></li><li><a href="OnePassSignaturePacket.html">OnePassSignaturePacket</a></li><li><a href="PacketList.html">PacketList</a></li><li><a href="PrivateKey.html">PrivateKey</a></li><li><a href="PublicKey.html">PublicKey</a></li><li><a href="PublicKeyEncryptedSessionKeyPacket.html">PublicKeyEncryptedSessionKeyPacket</a></li><li><a href="PublicKeyPacket.html">PublicKeyPacket</a></li><li><a href="PublicSubkeyPacket.html">PublicSubkeyPacket</a></li><li><a href="SecretKeyPacket.html">SecretKeyPacket</a></li><li><a href="SecretSubkeyPacket.html">SecretSubkeyPacket</a></li><li><a href="Signature.html">Signature</a></li><li><a href="SignaturePacket.html">SignaturePacket</a></li><li><a href="SymEncryptedIntegrityProtectedDataPacket.html">SymEncryptedIntegrityProtectedDataPacket</a></li><li><a href="SymEncryptedSessionKeyPacket.html">SymEncryptedSessionKeyPacket</a></li><li><a href="SymmetricallyEncryptedDataPacket.html">SymmetricallyEncryptedDataPacket</a></li><li><a href="TrustPacket.html">TrustPacket</a></li><li><a href="UserAttributePacket.html">UserAttributePacket</a></li><li><a href="UserIDPacket.html">UserIDPacket</a></li></ul>
+</nav>
+
+<br class="clear">
+
+<footer>
+    Documentation generated by <a href="https://github.com/jsdoc/jsdoc">JSDoc 3.6.4</a>
+</footer>
+
+<script> prettyPrint(); </script>
+<script src="scripts/linenumber.js"> </script>
+</body>
+</html>

lightweight/package.json

@@ -1,5 +1,5 @@
 {
   "name": "openpgp-lightweight",
-  "browser": "../dist/lightweight/openpgp.min.mjs",
+  "main": "../dist/lightweight/openpgp.min.mjs",
   "types": "../openpgp.d.ts"
 }

openpgp.d.ts

@@ -1,5 +1,3 @@
-/* eslint-disable max-lines, @typescript-eslint/indent */
-
 /**
  * Type definitions for OpenPGP.js http://openpgpjs.org/
  *
@@ -9,23 +7,9 @@
  *  - Errietta Kostala <https://github.com/errietta>
  */
 
-import type { WebStream as GenericWebStream, NodeWebStream as GenericNodeWebStream } from '@openpgp/web-stream-tools';
-import enums from './src/enums';
-import config, { type Config, type PartialConfig } from './src/config';
+import type { WebStream as GenericWebStream, NodeStream as GenericNodeStream } from '@openpgp/web-stream-tools';
 
-export { enums, config, Config, PartialConfig };
-
-/* ############## STREAM #################### */
-type Data = Uint8Array | string;
-// web-stream-tools might end up supporting additional data types, so we re-declare the types
-// to enforce the type contraint that we need.
-export type WebStream<T extends Data> = GenericWebStream<T>;
-export type NodeWebStream<T extends Data> = GenericNodeWebStream<T>;
-export type Stream<T extends Data> = WebStream<T> | NodeWebStream<T>;
-export type MaybeStream<T extends Data> = T | Stream<T>;
-type MaybeArray<T> = T | Array<T>;
-
-/* ############## KEY #################### */
+/* ############## v5 KEY #################### */
 // The Key and PublicKey types can be used interchangably since TS cannot detect the difference, as they have the same class properties.
 // The declared readKey(s) return type is Key instead of a PublicKey since it seems more obvious that a Key can be cast to a PrivateKey.
 export function readKey(options: { armoredKey: string, config?: PartialConfig }): Promise<Key>;
@@ -70,11 +54,11 @@ export abstract class Key {
   // NB: the order of the `update` declarations matters, since PublicKey includes PrivateKey
   public update(sourceKey: PrivateKey, date?: Date, config?: Config): Promise<PrivateKey>;
   public update(sourceKey: PublicKey, date?: Date, config?: Config): Promise<PublicKey>;
-  public signPrimaryUser(privateKeys: PrivateKey[], date?: Date, userID?: UserID, config?: Config): Promise<this>;
-  public signAllUsers(privateKeys: PrivateKey[], date?: Date, config?: Config): Promise<this>;
+  public signPrimaryUser(privateKeys: PrivateKey[], date?: Date, userID?: UserID, config?: Config): Promise<this>
+  public signAllUsers(privateKeys: PrivateKey[], date?: Date, config?: Config): Promise<this>
   public verifyPrimaryKey(date?: Date, userID?: UserID, config?: Config): Promise<void>; // throws on error
   public verifyPrimaryUser(publicKeys: PublicKey[], date?: Date, userIDs?: UserID, config?: Config): Promise<{ keyID: KeyID, valid: boolean | null }[]>;
-  public verifyAllUsers(publicKeys?: PublicKey[], date?: Date, config?: Config): Promise<{ userID: string, keyID: KeyID, valid: boolean | null }[]>;
+  public verifyAllUsers(publicKeys: PublicKey[], date?: Date, config?: Config): Promise<{ userID: string, keyID: KeyID, valid: boolean | null }[]>;
   public isRevoked(signature?: SignaturePacket, key?: AnyKeyPacket, date?: Date, config?: Config): Promise<boolean>;
   public getRevocationCertificate(date?: Date, config?: Config): Promise<MaybeStream<string> | undefined>;
   public getEncryptionKey(keyID?: KeyID, date?: Date | null, userID?: UserID, config?: Config): Promise<this | Subkey>;
@@ -98,7 +82,7 @@ export class PrivateKey extends PublicKey {
   public revoke(reason?: ReasonForRevocation, date?: Date, config?: Config): Promise<PrivateKey>;
   public isDecrypted(): boolean;
   public addSubkey(options: SubkeyOptions): Promise<PrivateKey>;
-  public getDecryptionKeys(keyID?: KeyID, date?: Date | null, userID?: UserID, config?: Config): Promise<(PrivateKey | Subkey)[]>;
+  public getDecryptionKeys(keyID?: KeyID, date?: Date | null, userID?: UserID, config?: Config): Promise<PrivateKey | Subkey>
   public update(sourceKey: PublicKey, date?: Date, config?: Config): Promise<PrivateKey>;
 }
 
@@ -114,49 +98,28 @@ export class Subkey {
   public getCreationTime(): Date;
   public getAlgorithmInfo(): AlgorithmInfo;
   public getKeyID(): KeyID;
-  public getExpirationTime(date?: Date, config?: Config): Promise<Date | typeof Infinity | null>;
-  public isRevoked(signature: SignaturePacket, key: AnyKeyPacket, date?: Date, config?: Config): Promise<boolean>;
-  public update(subKey: Subkey, date?: Date, config?: Config): Promise<void>;
-  public revoke(primaryKey: SecretKeyPacket, reasonForRevocation?: ReasonForRevocation, date?: Date, config?: Config): Promise<Subkey>;
 }
 
-export class User {
-  constructor(userPacket: UserIDPacket | UserAttributePacket, mainKey: Key);
-  public readonly userID: UserIDPacket | null;
-  public readonly userAttribute: UserAttributePacket | null;
-  public selfCertifications: SignaturePacket[];
-  public otherCertifications: SignaturePacket[];
-  public revocationSignatures: SignaturePacket[];
-  public readonly mainKey: Key;
-  public toPacketList(): PacketList<AnyPacket>;
-  public clone(): User;
-  public certify(signingKeys: PrivateKey[], date?: Date, config?: Config): Promise<User>;
-  public isRevoked(
-    certificate: SignaturePacket,
-    keyPacket?: PublicSubkeyPacket | SecretSubkeyPacket | PublicKeyPacket | SecretKeyPacket,
-    date?: Date,
-    config?: Config,
-  ): Promise<boolean>;
-  public verifyCertificate(certificate: SignaturePacket, verificationKeys: PublicKey[], date?: Date, config?: Config): Promise<true | null>;
-  public verifyAllCertifications(verificationKeys: PublicKey[], date?: Date, config?: Config): Promise<{ keyID: KeyID; valid: boolean | null }[]>;
-  public verify(date?: Date, config?: Config): Promise<true>;
-  public update(sourceUser: User, date?: Date, config?: Config): Promise<void>;
-  public revoke(primaryKey: SecretKeyPacket, reasonForRevocation?: ReasonForRevocation, date?: Date, config?: Config): Promise<User>;
+export interface User {
+  userID: UserIDPacket | null;
+  userAttribute: UserAttributePacket | null;
+  selfCertifications: SignaturePacket[];
+  otherCertifications: SignaturePacket[];
+  revocationSignatures: SignaturePacket[];
 }
 
 export interface PrimaryUser {
   index: number;
   user: User;
-  selfCertification: SignaturePacket;
 }
 
-export type AlgorithmInfo = {
+type AlgorithmInfo = {
   algorithm: enums.publicKeyNames;
   bits?: number;
   curve?: EllipticCurveName;
 };
 
-/* ############## SIG #################### */
+/* ############## v5 SIG #################### */
 
 export function readSignature(options: { armoredSignature: string, config?: PartialConfig }): Promise<Signature>;
 export function readSignature(options: { binarySignature: Uint8Array, config?: PartialConfig }): Promise<Signature>;
@@ -175,7 +138,7 @@ interface VerificationResult {
   signature: Promise<Signature>;
 }
 
-/* ############## CLEARTEXT #################### */
+/* ############## v5 CLEARTEXT #################### */
 
 export function readCleartextMessage(options: { cleartextMessage: string, config?: PartialConfig }): Promise<CleartextMessage>;
 
@@ -200,7 +163,7 @@ export class CleartextMessage {
    *
    *  @param privateKeys private keys with decrypted secret key data for signing
    */
-  sign(privateKeys: PrivateKey[], signature?: Signature, signingKeyIDs?: KeyID[], date?: Date, userIDs?: UserID[], notations?: RawNotation[], config?: Config): void;
+  sign(privateKeys: PrivateKey[], signature?: Signature, signingKeyIDs?: KeyID[], date?: Date, userIDs?: UserID[], config?: Config): void;
 
   /** Verify signatures of cleartext signed message
    *  @param keys array of keys to verify signatures
@@ -208,12 +171,12 @@ export class CleartextMessage {
   verify(keys: PublicKey[], date?: Date, config?: Config): Promise<VerificationResult[]>;
 }
 
-/* ############## MSG #################### */
+/* ############## v5 MSG #################### */
 export function generateSessionKey(options: { encryptionKeys: MaybeArray<PublicKey>, date?: Date, encryptionUserIDs?: MaybeArray<UserID>, config?: PartialConfig }): Promise<SessionKey>;
 export function encryptSessionKey(options: EncryptSessionKeyOptions & { format?: 'armored' }): Promise<string>;
 export function encryptSessionKey(options: EncryptSessionKeyOptions & { format: 'binary' }): Promise<Uint8Array>;
 export function encryptSessionKey(options: EncryptSessionKeyOptions & { format: 'object' }): Promise<Message<Data>>;
-export function decryptSessionKeys<T extends MaybeStream<Data>>(options: { message: Message<T>, decryptionKeys?: MaybeArray<PrivateKey>, passwords?: MaybeArray<string>, date?: Date, config?: PartialConfig }): Promise<DecryptedSessionKey[]>;
+export function decryptSessionKeys<T extends MaybeStream<Data>>(options: { message: Message<T>, decryptionKeys?: MaybeArray<PrivateKey>, passwords?: MaybeArray<string>, date?: Date, config?: PartialConfig }): Promise<SessionKey[]>;
 
 export function readMessage<T extends MaybeStream<string>>(options: { armoredMessage: T, config?: PartialConfig }): Promise<Message<T>>;
 export function readMessage<T extends MaybeStream<Uint8Array>>(options: { binaryMessage: T, config?: PartialConfig }): Promise<Message<T>>;
@@ -222,25 +185,25 @@ export function createMessage<T extends MaybeStream<string>>(options: { text: T,
 export function createMessage<T extends MaybeStream<Uint8Array>>(options: { binary: T, filename?: string, date?: Date, format?: enums.literalFormatNames }): Promise<Message<T>>;
 
 export function encrypt<T extends MaybeStream<Data>>(options: EncryptOptions & { message: Message<T>, format?: 'armored' }): Promise<
-  T extends WebStream<Data> ? WebStream<string> :
-  T extends NodeWebStream<Data> ? NodeWebStream<string> :
+  T extends WebStream<infer X> ? WebStream<string> :
+  T extends NodeStream<infer X> ? NodeStream<string> :
   string
 >;
 export function encrypt<T extends MaybeStream<Data>>(options: EncryptOptions & { message: Message<T>, format: 'binary' }): Promise<
-  T extends WebStream<Data> ? WebStream<Uint8Array> :
-  T extends NodeWebStream<Data> ? NodeWebStream<Uint8Array> :
+  T extends WebStream<infer X> ? WebStream<Uint8Array> :
+  T extends NodeStream<infer X> ? NodeStream<Uint8Array> :
   Uint8Array
 >;
 export function encrypt<T extends MaybeStream<Data>>(options: EncryptOptions & { message: Message<T>, format: 'object' }): Promise<Message<T>>;
 
 export function sign<T extends MaybeStream<Data>>(options: SignOptions & { message: Message<T>, format?: 'armored' }): Promise<
-  T extends WebStream<Data> ? WebStream<string> :
-  T extends NodeWebStream<Data> ? NodeWebStream<string> :
+  T extends WebStream<infer X> ? WebStream<string> :
+  T extends NodeStream<infer X> ? NodeStream<string> :
   string
 >;
 export function sign<T extends MaybeStream<Data>>(options: SignOptions & { message: Message<T>, format: 'binary' }): Promise<
-  T extends WebStream<Data> ? WebStream<Uint8Array> :
-  T extends NodeWebStream<Data> ? NodeWebStream<Uint8Array> :
+  T extends WebStream<infer X> ? WebStream<Uint8Array> :
+  T extends NodeStream<infer X> ? NodeStream<Uint8Array> :
   Uint8Array
 >;
 export function sign<T extends MaybeStream<Data>>(options: SignOptions & { message: Message<T>, format: 'object' }): Promise<Message<T>>;
@@ -249,28 +212,29 @@ export function sign(options: SignOptions & { message: CleartextMessage, format:
 
 export function decrypt<T extends MaybeStream<Data>>(options: DecryptOptions & { message: Message<T>, format: 'binary' }): Promise<DecryptMessageResult & {
   data:
-  T extends WebStream<Data> ? WebStream<Uint8Array> :
-  T extends NodeWebStream<Data> ? NodeWebStream<Uint8Array> :
+  T extends WebStream<infer X> ? WebStream<Uint8Array> :
+  T extends NodeStream<infer X> ? NodeStream<Uint8Array> :
   Uint8Array
 }>;
 export function decrypt<T extends MaybeStream<Data>>(options: DecryptOptions & { message: Message<T> }): Promise<DecryptMessageResult & {
   data:
-  T extends WebStream<Data> ? WebStream<string> :
-  T extends NodeWebStream<Data> ? NodeWebStream<string> :
+  T extends WebStream<infer X> ? WebStream<string> :
+  T extends NodeStream<infer X> ? NodeStream<string> :
   string
 }>;
 
-export function verify(options: VerifyOptions & { message: CleartextMessage, format?: 'utf8' }): Promise<VerifyMessageResult<string>>;
-export function verify<T extends MaybeStream<Data>>(options: VerifyOptions & { message: Message<T>, format: 'binary' }): Promise<VerifyMessageResult<
-  T extends WebStream<Data> ? WebStream<Uint8Array> :
-  T extends NodeWebStream<Data> ? NodeWebStream<Uint8Array> :
+export function verify<T extends MaybeStream<Data>>(options: VerifyOptions & { message: Message<T>, format: 'binary' }): Promise<VerifyMessageResult & {
+  data:
+  T extends WebStream<infer X> ? WebStream<Uint8Array> :
+  T extends NodeStream<infer X> ? NodeStream<Uint8Array> :
   Uint8Array
->>;
-export function verify<T extends MaybeStream<Data>>(options: VerifyOptions & { message: Message<T> }): Promise<VerifyMessageResult<
-  T extends WebStream<Data> ? WebStream<string> :
-  T extends NodeWebStream<Data> ? NodeWebStream<string> :
+}>;
+export function verify<T extends MaybeStream<Data>>(options: VerifyOptions & { message: Message<T> }): Promise<VerifyMessageResult & {
+  data:
+  T extends WebStream<infer X> ? WebStream<string> :
+  T extends NodeStream<infer X> ? NodeStream<string> :
   string
->>;
+}>;
 
 /** Class that represents an OpenPGP message.  Can be an encrypted message, signed message, compressed message or literal message
  */
@@ -295,7 +259,7 @@ export class Message<T extends MaybeStream<Data>> {
   /** Encrypt the message
       @param encryptionKeys array of public keys, used to encrypt the message
   */
-  public encrypt(encryptionKeys?: PublicKey[], passwords?: string[], sessionKeys?: SessionKey[], wildcard?: boolean, encryptionKeyIDs?: KeyID[], date?: Date, userIDs?: UserID[], config?: Config): Promise<Message<MaybeStream<Data>>>;
+  public encrypt(encryptionKeys?: PublicKey[],  passwords?: string[], sessionKeys?: SessionKey[], wildcard?: boolean, encryptionKeyIDs?: KeyID[], date?: Date, userIDs?: UserID[], config?: Config): Promise<Message<MaybeStream<Data>>>;
 
   /** Returns the key IDs of the keys to which the session key is encrypted
    */
@@ -318,7 +282,7 @@ export class Message<T extends MaybeStream<Data>> {
   /** Sign the message (the literal data packet of the message)
       @param signingKeys private keys with decrypted secret key data for signing
   */
-  public sign(signingKeys: PrivateKey[], signature?: Signature, signingKeyIDs?: KeyID[], date?: Date, userIDs?: UserID[], notations?: RawNotation[], config?: Config): Promise<Message<T>>;
+  public sign(signingKeys: PrivateKey[], signature?: Signature, signingKeyIDs?: KeyID[], date?: Date, userIDs?: UserID[], config?: Config): Promise<Message<T>>;
 
   /** Unwrap compressed message
    */
@@ -336,9 +300,53 @@ export class Message<T extends MaybeStream<Data>> {
   public appendSignature(detachedSignature: string | Uint8Array, config?: Config): Promise<void>;
 }
 
-/* ############## PACKET #################### */
 
-export declare abstract class BasePacket {
+/* ############## v5 CONFIG #################### */
+
+interface Config {
+  preferredHashAlgorithm: enums.hash;
+  preferredSymmetricAlgorithm: enums.symmetric;
+  preferredCompressionAlgorithm: enums.compression;
+  showVersion: boolean;
+  showComment: boolean;
+  deflateLevel: number;
+  aeadProtect: boolean;
+  allowUnauthenticatedMessages: boolean;
+  allowUnauthenticatedStream: boolean;
+  checksumRequired: boolean;
+  minRSABits: number;
+  passwordCollisionCheck: boolean;
+  revocationsExpire: boolean;
+  ignoreUnsupportedPackets: boolean;
+  ignoreMalformedPackets: boolean;
+  versionString: string;
+  commentString: string;
+  allowInsecureDecryptionWithSigningKeys: boolean;
+  allowInsecureVerificationWithReformattedKeys: boolean;
+  constantTimePKCS1Decryption: boolean;
+  constantTimePKCS1DecryptionSupportedSymmetricAlgorithms: Set<enums.symmetric>;
+  v5Keys: boolean;
+  preferredAEADAlgorithm: enums.aead;
+  aeadChunkSizeByte: number;
+  s2kIterationCountByte: number;
+  minBytesForWebCrypto: number;
+  maxUserIDLength: number;
+  knownNotations: string[];
+  useIndutnyElliptic: boolean;
+  rejectHashAlgorithms: Set<enums.hash>;
+  rejectMessageHashAlgorithms: Set<enums.hash>;
+  rejectPublicKeyAlgorithms: Set<enums.publicKey>;
+  rejectCurves: Set<enums.curve>;
+}
+export var config: Config;
+
+// PartialConfig has the same properties as Config, but declared as optional.
+// This interface is relevant for top-level functions, which accept a subset of configuration options
+interface PartialConfig extends Partial<Config> {}
+
+/* ############## v5 PACKET #################### */
+
+declare abstract class BasePacket {
   static readonly tag: enums.packet;
   public read(bytes: Uint8Array): void;
   public write(): Uint8Array;
@@ -383,7 +391,6 @@ declare abstract class BaseSecretKeyPacket extends BasePublicKeyPacket {
   public decrypt(passphrase: string): Promise<void>; // throws on error
   public validate(): Promise<void>; // throws on error
   public isDummy(): boolean;
-  public isMissingSecretKeyMaterial(): boolean;
   public makeDummy(config?: Config): void;
 }
 
@@ -411,7 +418,7 @@ export class AEADEncryptedDataPacket extends BasePacket {
   static readonly tag: enums.packet.aeadEncryptedData;
   private decrypt(sessionKeyAlgorithm: enums.symmetric, sessionKey: Uint8Array, config?: Config): void;
   private encrypt(sessionKeyAlgorithm: enums.symmetric, sessionKey: Uint8Array, config?: Config): void;
-  private crypt(fn: Function, sessionKey: Uint8Array, data: MaybeStream<Uint8Array>): MaybeStream<Uint8Array>;
+  private crypt(fn: Function, sessionKey: Uint8Array, data: MaybeStream<Uint8Array>): MaybeStream<Uint8Array>
 }
 
 export class PublicKeyEncryptedSessionKeyPacket extends BasePacket {
@@ -420,7 +427,7 @@ export class PublicKeyEncryptedSessionKeyPacket extends BasePacket {
   private encrypt(keyPacket: PublicKeyPacket): void; // throws on error
 }
 
-export class SymEncryptedSessionKeyPacket extends BasePacket {
+export class SymEncryptedSessionKey extends BasePacket {
   static readonly tag: enums.packet.symEncryptedSessionKey;
   private decrypt(passphrase: string): Promise<void>;
   private encrypt(passphrase: string, config?: Config): Promise<void>;
@@ -474,8 +481,7 @@ export class SignaturePacket extends BasePacket {
   public hashAlgorithm: enums.hash | null;
   public publicKeyAlgorithm: enums.publicKey | null;
   public signatureData: null | Uint8Array;
-  public unhashedSubpackets: RawSubpacket[];
-  public unknownSubpackets: RawSubpacket[];
+  public unhashedSubpackets: null | Uint8Array;
   public signedHashValue: null | Uint8Array;
   public created: Date | null;
   public signatureExpirationTime: null | number;
@@ -512,26 +518,12 @@ export class SignaturePacket extends BasePacket {
   public issuerFingerprint: null | Uint8Array;
   public preferredAEADAlgorithms: enums.aead[] | null;
   public revoked: null | boolean;
-  public rawNotations: RawNotation[];
   public sign(key: AnySecretKeyPacket, data: Uint8Array, date?: Date, detached?: boolean): Promise<void>;
   public verify(key: AnyKeyPacket, signatureType: enums.signature, data: Uint8Array | object, date?: Date, detached?: boolean, config?: Config): Promise<void>; // throws on error
   public isExpired(date?: Date): boolean;
   public getExpirationTime(): Date | typeof Infinity;
 }
 
-export interface RawSubpacket {
-  type: number;
-  critical: boolean;
-  body: Uint8Array;
-}
-
-export interface RawNotation {
-  name: string;
-  value: Uint8Array;
-  humanReadable: boolean;
-  critical: boolean;
-}
-
 export class TrustPacket extends BasePacket {
   static readonly tag: enums.packet.trust;
 }
@@ -555,7 +547,16 @@ export class PacketList<T extends AnyPacket> extends Array<T> {
   public findPacket(tag: enums.packet): T | undefined;
 }
 
-/* ############## GENERAL #################### */
+/* ############## v5 STREAM #################### */
+
+type Data = Uint8Array | string;
+export interface WebStream<T extends Data> extends GenericWebStream<T> {}
+export interface NodeStream<T extends Data> extends GenericNodeStream<T> {}
+export type Stream<T extends Data> = WebStream<T> | NodeStream<T>;
+export type MaybeStream<T extends Data> = T | Stream<T>;
+
+/* ############## v5 GENERAL #################### */
+type MaybeArray<T> = T | Array<T>;
 
 export interface UserID { name?: string; email?: string; comment?: string; }
 export interface SessionKey {
@@ -564,14 +565,9 @@ export interface SessionKey {
   aeadAlgorithm?: enums.aeadNames;
 }
 
-export interface DecryptedSessionKey {
-  data: Uint8Array;
-  algorithm: enums.symmetricNames | null; // `null` if the session key is associated with a SEIPDv2 packet
-}
-
 export interface ReasonForRevocation { flag?: enums.reasonForRevocation, string?: string }
 
-export interface EncryptOptions {
+interface EncryptOptions {
   /** message to be encrypted as created by createMessage */
   message: Message<MaybeStream<Data>>;
   /** (optional) array of keys or single key, used to encrypt the message */
@@ -598,12 +594,10 @@ export interface EncryptOptions {
   signingUserIDs?: MaybeArray<UserID>;
   /** (optional) array of user IDs to encrypt for, e.g. { name:'Robert Receiver', email:'robert@openpgp.org' } */
   encryptionUserIDs?: MaybeArray<UserID>;
-  /** (optional) array of notations to add to the signatures, e.g. { name: 'test@example.org', value: new TextEncoder().encode('test'), humanReadable: true, critical: false } */
-  signatureNotations?: MaybeArray<RawNotation>;
   config?: PartialConfig;
 }
 
-export interface DecryptOptions {
+interface DecryptOptions {
   /** the message object with the encrypted data */
   message: Message<MaybeStream<Data>>;
   /** (optional) private keys with decrypted secret key data or session key */
@@ -625,7 +619,7 @@ export interface DecryptOptions {
   config?: PartialConfig;
 }
 
-export interface SignOptions {
+interface SignOptions {
   message: CleartextMessage | Message<MaybeStream<Data>>;
   signingKeys: MaybeArray<PrivateKey>;
   format?: 'armored' | 'binary' | 'object';
@@ -633,11 +627,10 @@ export interface SignOptions {
   signingKeyIDs?: MaybeArray<KeyID>;
   date?: Date;
   signingUserIDs?: MaybeArray<UserID>;
-  signatureNotations?: MaybeArray<RawNotation>;
   config?: PartialConfig;
 }
 
-export interface VerifyOptions {
+interface VerifyOptions {
   /** (cleartext) message object with signatures */
   message: CleartextMessage | Message<MaybeStream<Data>>;
   /** array of publicKeys or single key, to verify signatures */
@@ -649,11 +642,11 @@ export interface VerifyOptions {
   /** (optional) detached signature for verification */
   signature?: Signature;
   /** (optional) use the given date for verification instead of the current time */
-  date?: Date | null;
+  date?: Date;
   config?: PartialConfig;
 }
 
-export interface EncryptSessionKeyOptions extends SessionKey {
+interface EncryptSessionKeyOptions extends SessionKey {
   encryptionKeys?: MaybeArray<PublicKey>,
   passwords?: MaybeArray<string>,
   format?: 'armored' | 'binary' | 'object',
@@ -664,7 +657,7 @@ export interface EncryptSessionKeyOptions extends SessionKey {
   config?: PartialConfig
 }
 
-interface SerializedKeyPair<T extends string | Uint8Array> {
+interface SerializedKeyPair<T extends string|Uint8Array> {
   privateKey: T;
   publicKey: T;
 }
@@ -673,12 +666,12 @@ interface KeyPair {
   publicKey: PublicKey;
 }
 
-export type EllipticCurveName = 'ed25519Legacy' | 'curve25519Legacy' | 'nistP256' | 'nistP384' | 'nistP521' | 'secp256k1' | 'brainpoolP256r1' | 'brainpoolP384r1' | 'brainpoolP512r1';
+export type EllipticCurveName = 'ed25519' | 'curve25519' | 'p256' | 'p384' | 'p521' | 'secp256k1' | 'brainpoolP256r1' | 'brainpoolP384r1' | 'brainpoolP512r1';
 
 interface GenerateKeyOptions {
   userIDs: MaybeArray<UserID>;
   passphrase?: string;
-  type?: 'ecc' | 'rsa' | 'curve25519' | 'curve448';
+  type?: 'ecc' | 'rsa';
   curve?: EllipticCurveName;
   rsaBits?: number;
   keyExpirationTime?: number;
@@ -689,25 +682,31 @@ interface GenerateKeyOptions {
 }
 export type KeyOptions = GenerateKeyOptions;
 
-export interface SubkeyOptions extends Pick<GenerateKeyOptions, 'type' | 'curve' | 'rsaBits' | 'keyExpirationTime' | 'date' | 'config'> {
+interface SubkeyOptions {
+  type?: 'ecc' | 'rsa';
+  curve?: EllipticCurveName;
+  rsaBits?: number;
+  keyExpirationTime?: number;
+  date?: Date;
   sign?: boolean;
+  config?: PartialConfig;
 }
 
-export declare class KeyID {
+declare class KeyID {
   bytes: string;
   equals(keyID: KeyID, matchWildcard?: boolean): boolean;
   toHex(): string;
   static fromID(hex: string): KeyID;
 }
 
-export interface DecryptMessageResult {
+interface DecryptMessageResult {
   data: MaybeStream<Data>;
   signatures: VerificationResult[];
   filename: string;
 }
 
-export interface VerifyMessageResult<T extends MaybeStream<Data> = MaybeStream<Data>> {
-  data: T;
+interface VerifyMessageResult {
+  data: MaybeStream<Data>;
   signatures: VerificationResult[];
 }
 
@@ -715,10 +714,177 @@ export interface VerifyMessageResult<T extends MaybeStream<Data> = MaybeStream<D
 /**
  * Armor an OpenPGP binary packet block
  */
-export function armor(messagetype: enums.armor, body: object, partindex?: number, parttotal?: number, customComment?: string, emitChecksum?: boolean, config?: Config): string;
+export function armor(messagetype: enums.armor, body: object, partindex: number, parttotal: number, config?: Config): string;
 
 /**
  * DeArmor an OpenPGP armored message; verify the checksum and return the encoded bytes
  */
 export function unarmor(input: string, config?: Config): Promise<{ text: string, data: Stream<Uint8Array>, type: enums.armor }>;
 
+/* ############## v5 ENUMS #################### */
+
+export namespace enums {
+  function read(type: typeof armor, e: armor): armorNames;
+  function read(type: typeof compression, e: compression): compressionNames;
+  function read(type: typeof hash, e: hash): hashNames;
+  function read(type: typeof packet, e: packet): packetNames;
+  function read(type: typeof publicKey, e: publicKey): publicKeyNames;
+  function read(type: typeof symmetric, e: symmetric): symmetricNames;
+  function read(type: typeof keyStatus, e: keyStatus): keyStatusNames;
+  function read(type: typeof keyFlags, e: keyFlags): keyFlagsNames;
+
+  export type armorNames = 'multipartSection' | 'multipartLast' | 'signed' | 'message' | 'publicKey' | 'privateKey';
+  enum armor {
+    multipartSection = 0,
+    multipartLast = 1,
+    signed = 2,
+    message = 3,
+    publicKey = 4,
+    privateKey = 5,
+    signature = 6,
+  }
+
+  enum reasonForRevocation {
+    noReason = 0, // No reason specified (key revocations or cert revocations)
+    keySuperseded = 1, // Key is superseded (key revocations)
+    keyCompromised = 2, // Key material has been compromised (key revocations)
+    keyRetired = 3, // Key is retired and no longer used (key revocations)
+    userIDInvalid = 32, // User ID information is no longer valid (cert revocations)
+  }
+
+  export type compressionNames = 'uncompressed' | 'zip' | 'zlib' | 'bzip2';
+  enum compression {
+    uncompressed = 0,
+    zip = 1,
+    zlib = 2,
+    bzip2 = 3,
+  }
+
+  export type hashNames = 'md5' | 'sha1' | 'ripemd' | 'sha256' | 'sha384' | 'sha512' | 'sha224';
+  enum hash {
+    md5 = 1,
+    sha1 = 2,
+    ripemd = 3,
+    sha256 = 8,
+    sha384 = 9,
+    sha512 = 10,
+    sha224 = 11,
+  }
+
+  export type packetNames = 'publicKeyEncryptedSessionKey' | 'signature' | 'symEncryptedSessionKey' | 'onePassSignature' | 'secretKey' | 'publicKey'
+    | 'secretSubkey' | 'compressed' | 'symmetricallyEncrypted' | 'marker' | 'literal' | 'trust' | 'userID' | 'publicSubkey' | 'userAttribute'
+    | 'symEncryptedIntegrityProtected' | 'modificationDetectionCode' | 'AEADEncryptedDataPacket';
+  enum packet {
+    publicKeyEncryptedSessionKey = 1,
+    signature = 2,
+    symEncryptedSessionKey = 3,
+    onePassSignature = 4,
+    secretKey = 5,
+    publicKey = 6,
+    secretSubkey = 7,
+    compressedData = 8,
+    symmetricallyEncryptedData = 9,
+    marker = 10,
+    literalData = 11,
+    trust = 12,
+    userID = 13,
+    publicSubkey = 14,
+    userAttribute = 17,
+    symEncryptedIntegrityProtectedData = 18,
+    modificationDetectionCode = 19,
+    aeadEncryptedData = 20,
+  }
+
+  export type publicKeyNames = 'rsaEncryptSign' | 'rsaEncrypt' | 'rsaSign' | 'elgamal' | 'dsa' | 'ecdh' | 'ecdsa' | 'eddsa' | 'aedh' | 'aedsa';
+  enum publicKey {
+    rsaEncryptSign = 1,
+    rsaEncrypt = 2,
+    rsaSign = 3,
+    elgamal = 16,
+    dsa = 17,
+    ecdh = 18,
+    ecdsa = 19,
+    eddsa = 22,
+    aedh = 23,
+    aedsa = 24,
+  }
+
+  enum curve {
+    p256 = 'p256',
+    p384 = 'p384',
+    p521 = 'p521',
+    ed25519 = 'ed25519',
+    curve25519 = 'curve25519',
+    secp256k1 = 'secp256k1',
+    brainpoolP256r1 = 'brainpoolP256r1',
+    brainpoolP384r1 = 'brainpoolP384r1',
+    brainpoolP512r1 = 'brainpoolP512r1'
+  }
+
+  export type symmetricNames = 'plaintext' | 'idea' | 'tripledes' | 'cast5' | 'blowfish' | 'aes128' | 'aes192' | 'aes256' | 'twofish';
+  enum symmetric {
+    plaintext = 0,
+    idea = 1,
+    tripledes = 2,
+    cast5 = 3,
+    blowfish = 4,
+    aes128 = 7,
+    aes192 = 8,
+    aes256 = 9,
+    twofish = 10,
+  }
+
+  export type keyStatusNames = 'invalid' | 'expired' | 'revoked' | 'valid' | 'noSelfCert';
+  enum keyStatus {
+    invalid = 0,
+    expired = 1,
+    revoked = 2,
+    valid = 3,
+    noSelfCert = 4,
+  }
+
+  export type keyFlagsNames = 'certifyKeys' | 'signData' | 'encryptCommunication' | 'encryptStorage' | 'splitPrivateKey' | 'authentication'
+    | 'sharedPrivateKey';
+  enum keyFlags {
+    certifyKeys = 1,
+    signData = 2,
+    encryptCommunication = 4,
+    encryptStorage = 8,
+    splitPrivateKey = 16,
+    authentication = 32,
+    sharedPrivateKey = 128,
+  }
+
+  enum signature {
+    binary = 0,
+    text = 1,
+    standalone = 2,
+    certGeneric = 16,
+    certPersona = 17,
+    certCasual = 18,
+    certPositive = 19,
+    certRevocation = 48,
+    subkeyBinding = 24,
+    keyBinding = 25,
+    key = 31,
+    keyRevocation = 32,
+    subkeyRevocation = 40,
+    timestamp = 64,
+    thirdParty = 80
+  }
+
+  export type aeadNames = 'eax' | 'ocb' | 'gcm';
+  enum aead {
+    eax = 1,
+    ocb = 2,
+    experimentalGCM = 100 // Private algorithm
+  }
+
+  export type literalFormatNames = 'utf8' | 'binary' | 'text' | 'mime'
+  enum literal {
+    binary = 98,
+    text = 116,
+    utf8 = 117,
+    mime = 109
+  }
+}

package.json

@@ -1,11 +1,11 @@
 {
   "name": "openpgp",
   "description": "OpenPGP.js is a Javascript implementation of the OpenPGP protocol. This is defined in RFC 4880.",
-  "version": "6.1.0",
+  "version": "5.5.0",
   "license": "LGPL-3.0+",
   "homepage": "https://openpgpjs.org/",
   "engines": {
-    "node": ">= 18.0.0"
+    "node": ">= 8.0.0"
   },
   "keywords": [
     "crypto",
@@ -13,106 +13,85 @@
     "gpg",
     "openpgp"
   ],
-  "main": "dist/node/openpgp.min.cjs",
+  "main": "dist/node/openpgp.min.js",
   "module": "dist/node/openpgp.min.mjs",
   "browser": {
-    "./dist/node/openpgp.min.cjs": "./dist/openpgp.min.js",
+    "./dist/node/openpgp.min.js": "./dist/openpgp.min.js",
     "./dist/node/openpgp.min.mjs": "./dist/openpgp.min.mjs"
   },
-  "exports": {
-    ".": {
-      "types": "./openpgp.d.ts",
-      "browser": "./dist/openpgp.min.mjs",
-      "import": "./dist/node/openpgp.mjs",
-      "require": "./dist/node/openpgp.min.cjs"
-    },
-    "./lightweight": {
-      "types": "./openpgp.d.ts",
-      "browser": "./dist/lightweight/openpgp.min.mjs"
-    }
-  },
   "types": "openpgp.d.ts",
-  "type": "module",
   "directories": {
     "lib": "src"
   },
   "files": [
     "dist/",
     "lightweight/",
-    "openpgp.d.ts",
-    "**/*.d.ts"
+    "openpgp.d.ts"
   ],
+  "esm": {
+    "cjs": {
+      "dedefault": true
+    }
+  },
   "scripts": {
     "build": "rollup --config",
-    "build-test": "npm run build -- --config-build-only=test",
+    "build-test": "npm run build --build-only=test",
     "prepare": "npm run build",
-    "test": "mocha --timeout 120000 test/unittests.js",
-    "test-type-definitions": "tsx test/typescript/definitions.ts",
+    "test": "mocha --require esm --timeout 120000 test/unittests.js",
+    "test-type-definitions": "tsc test/typescript/definitions.ts && node test/typescript/definitions.js",
     "benchmark-time": "node test/benchmarks/time.js",
-    "benchmark-memory-usage": "node test/benchmarks/memory_usage.js",
+    "benchmark-memory-usage": "node --require esm test/benchmarks/memory_usage.js",
+    "start": "http-server",
     "prebrowsertest": "npm run build-test",
-    "browsertest": "web-test-runner --config test/web-test-runner.config.js --group local --manual --open",
-    "test-browser": "web-test-runner --config test/web-test-runner.config.js --group local --playwright --browsers chromium firefox webkit",
-    "test-browser:ci": "web-test-runner --config test/web-test-runner.config.js --group headless:ci",
-    "test-browserstack": "web-test-runner --config test/web-test-runner.browserstack.config.js",
-    "coverage": "c8 npm test",
+    "browsertest": "npm start -- -o test/unittests.html",
+    "browserstack": "karma start test/karma.conf.js",
+    "coverage": "nyc npm test",
     "lint": "eslint .",
-    "docs": "jsdoc --configure .jsdocrc.cjs --destination docs --recurse README.md src && printf '%s' 'docs.openpgpjs.org' > docs/CNAME",
+    "docs": "jsdoc --configure .jsdocrc.js --destination docs --recurse README.md src && printf '%s' 'docs.openpgpjs.org' > docs/CNAME",
     "preversion": "rm -rf dist docs node_modules && npm ci && npm test",
     "version": "npm run docs && git add -A docs",
-    "postversion": "git push --follow-tags && npm publish"
+    "postversion": "git push && git push --tags && npm publish"
   },
   "devDependencies": {
-    "@noble/ciphers": "^1.3.0",
-    "@noble/curves": "^1.9.2",
-    "@noble/hashes": "^1.8.0",
-    "@openpgp/jsdoc": "^3.6.11",
+    "@openpgp/asmcrypto.js": "^2.3.2",
+    "@openpgp/elliptic": "^6.5.1",
+    "@openpgp/jsdoc": "^3.6.4",
+    "@openpgp/pako": "^1.0.12",
     "@openpgp/seek-bzip": "^1.0.5-git",
-    "@openpgp/tweetnacl": "^1.0.4-2",
-    "@openpgp/web-stream-tools": "~0.1.3",
-    "@rollup/plugin-alias": "^5.1.1",
-    "@rollup/plugin-commonjs": "^28.0.3",
-    "@rollup/plugin-node-resolve": "^16.0.1",
-    "@rollup/plugin-replace": "^6.0.2",
-    "@rollup/plugin-terser": "^0.4.4",
-    "@rollup/plugin-typescript": "^12.1.2",
-    "@rollup/plugin-wasm": "^6.2.2",
-    "@types/chai": "^4.3.20",
-    "@types/sinon": "^17.0.4",
-    "@typescript-eslint/parser": "^7.18.0",
-    "@web/test-runner": "^0.19.0",
-    "@web/test-runner-browserstack": "^0.8.0",
-    "@web/test-runner-mocha": "^0.9.0",
-    "@web/test-runner-playwright": "^0.11.0",
-    "argon2id": "^1.0.1",
+    "@openpgp/tweetnacl": "^1.0.3",
+    "@openpgp/web-stream-tools": "^0.0.11",
+    "@rollup/plugin-commonjs": "^11.1.0",
+    "@rollup/plugin-node-resolve": "^7.1.3",
+    "@rollup/plugin-replace": "^2.3.2",
+    "@types/chai": "^4.2.14",
+    "babel-eslint": "^10.1.0",
     "benchmark": "^2.1.4",
-    "bn.js": "^5.2.2",
-    "c8": "^10.1.3",
-    "chai": "^4.5.0",
-    "chai-as-promised": "^7.1.2",
-    "eckey-utils": "^0.7.14",
-    "eslint": "^8.57.1",
-    "eslint-config-airbnb": "^19.0.4",
-    "eslint-config-airbnb-base": "^15.0.0",
-    "eslint-config-airbnb-typescript": "^18.0.0",
-    "eslint-import-resolver-typescript": "^3.10.1",
-    "eslint-plugin-chai-friendly": "^0.7.4",
-    "eslint-plugin-import": "^2.31.0",
-    "eslint-plugin-unicorn": "^48.0.1",
-    "fflate": "^0.8.2",
-    "mocha": "^11.2.2",
-    "playwright": "^1.53.0",
-    "rollup": "^4.40.2",
-    "sinon": "^20.0.0",
-    "ts-node": "^10.9.2",
-    "tslib": "^2.8.1",
-    "tsx": "^4.19.4",
-    "typescript": "^5.8.3",
-    "web-streams-polyfill": "^4.1.0"
+    "bn.js": "^4.11.8",
+    "chai": "^4.3.6",
+    "chai-as-promised": "^7.1.1",
+    "email-addresses": "3.1.0",
+    "eslint": "^4.17.0",
+    "eslint-config-airbnb": "^16.1.0",
+    "eslint-config-airbnb-base": "^12.1.0",
+    "eslint-plugin-chai-friendly": "^0.5.0",
+    "eslint-plugin-import": "^2.8.0",
+    "esm": "^3.2.25",
+    "hash.js": "^1.1.3",
+    "http-server": "^0.12.3",
+    "karma": "^6.3.17",
+    "karma-browserstack-launcher": "^1.6.0",
+    "karma-mocha": "^2.0.1",
+    "karma-mocha-reporter": "^2.2.5",
+    "mocha": "^8.4.0",
+    "nyc": "^14.1.1",
+    "rollup": "^2.38.5",
+    "rollup-plugin-terser": "^7.0.2",
+    "sinon": "^4.3.0",
+    "typescript": "^4.1.2",
+    "web-streams-polyfill": "^3.2.0"
   },
-  "overrides": {
-    "@web/dev-server-core": "npm:@openpgp/wtr-dev-server-core@0.7.3-patch.1",
-    "@web/test-runner-core": "npm:@openpgp/wtr-test-runner-core@0.13.4-patch.2"
+  "dependencies": {
+    "asn1.js": "^5.0.0"
   },
   "repository": {
     "type": "git",

rollup.config.js

@@ -1,43 +1,15 @@
 /* eslint-disable no-process-env */
 
 import { builtinModules } from 'module';
-import { readFileSync } from 'fs';
 
-import alias from '@rollup/plugin-alias';
 import resolve from '@rollup/plugin-node-resolve';
 import commonjs from '@rollup/plugin-commonjs';
 import replace from '@rollup/plugin-replace';
-import terser from '@rollup/plugin-terser';
-import { wasm } from '@rollup/plugin-wasm';
-import typescript from '@rollup/plugin-typescript';
+import { terser } from 'rollup-plugin-terser';
 
-// ESlint does not support JSON module imports yet, see https://github.com/eslint/eslint/discussions/15305
-// import pkg from './package.json' assert { type: 'json' };
-const pkg = JSON.parse(readFileSync('./package.json'));
+import pkg from './package.json';
 
-const nodeDependencies = Object.keys(pkg.dependencies || {});
-const nodeBuiltinModules = builtinModules.concat(['module']);
-
-const wasmOptions = {
-  node: { targetEnv: 'node' },
-  browser: { targetEnv: 'browser', maxFileSize: undefined } // always inlline (our wasm files are small)
-};
-
-const getChunkFileName = (chunkInfo, extension) => `[name].${extension}`;
-
-/**
- * Dynamically imported modules which expose an index file as entrypoint end up with a chunk named `index`
- * by default. We want to preserve the module name instead.
- */
-const setManualChunkName = chunkId => {
-  if (chunkId.includes('seek-bzip')) {
-    return 'seek-bzip';
-  } else if (chunkId.includes('argon2id')) {
-    return 'argon2id';
-  } else {
-    return undefined;
-  }
-};
+const nodeDependencies = Object.keys(pkg.dependencies);
 
 const banner =
   `/*! OpenPGP.js v${pkg.version} - ` +
@@ -57,142 +29,98 @@ const terserOptions = {
   }
 };
 
-const nodeBuild = {
-  input: 'src/index.js',
-  external: nodeBuiltinModules.concat(nodeDependencies),
-  output: [
-    { file: 'dist/node/openpgp.cjs', format: 'cjs', name: pkg.name, banner, intro },
-    { file: 'dist/node/openpgp.min.cjs', format: 'cjs', name: pkg.name, banner, intro, plugins: [terser(terserOptions)], sourcemap: true },
-    { file: 'dist/node/openpgp.mjs', format: 'es', banner, intro },
-    { file: 'dist/node/openpgp.min.mjs', format: 'es', banner, intro, plugins: [terser(terserOptions)], sourcemap: true }
-  ].map(options => ({ ...options, inlineDynamicImports: true })),
-  plugins: [
-    resolve({
-      exportConditions: ['node'] // needed for resolution of noble-curves import of '@noble/crypto' in Node 18
-    }),
-    typescript({
-      compilerOptions: { outDir: './dist/node' } // temporary output location, needed to avoid js files being overwritten under `src`
-    }),
-    commonjs(),
-    replace({
-      'OpenPGP.js VERSION': `OpenPGP.js ${pkg.version}`
-    }),
-    wasm(wasmOptions.node)
-  ]
-};
-
-const fullBrowserBuild = {
-  input: 'src/index.js',
-  external: nodeBuiltinModules.concat(nodeDependencies),
-  output: [
-    { file: 'dist/openpgp.js', format: 'iife', name: pkg.name, banner, intro },
-    { file: 'dist/openpgp.min.js', format: 'iife', name: pkg.name, banner, intro, plugins: [terser(terserOptions)], sourcemap: true },
-    { file: 'dist/openpgp.mjs', format: 'es', banner, intro },
-    { file: 'dist/openpgp.min.mjs', format: 'es', banner, intro, plugins: [terser(terserOptions)], sourcemap: true }
-  ].map(options => ({ ...options, inlineDynamicImports: true })),
-  plugins: [
-    resolve({
-      browser: true
-    }),
-    typescript({
-      compilerOptions: { outDir: './dist' } // temporary output location, needed to avoid js files being overwritten under `src`
-    }),
-    commonjs({
-      ignore: nodeBuiltinModules.concat(nodeDependencies)
-    }),
-    replace({
-      'OpenPGP.js VERSION': `OpenPGP.js ${pkg.version}`,
-      "import { createRequire } from 'module';": 'const createRequire = () => () => {}',
-      delimiters: ['', '']
-    }),
-    wasm(wasmOptions.browser)
-  ]
-};
-
-const lightweightBrowserBuild = {
-  input: 'src/index.js',
-  external: nodeBuiltinModules.concat(nodeDependencies),
-  output: [
-    { entryFileNames: 'openpgp.mjs', chunkFileNames: chunkInfo => getChunkFileName(chunkInfo, 'mjs') },
-    { entryFileNames: 'openpgp.min.mjs', chunkFileNames: chunkInfo => getChunkFileName(chunkInfo, 'min.mjs'), plugins: [terser(terserOptions)], sourcemap: true }
-  ].map(options => ({ ...options, dir: 'dist/lightweight', manualChunks: setManualChunkName, format: 'es', banner, intro })),
-  preserveEntrySignatures: 'exports-only',
-  plugins: [
-    resolve({
-      browser: true
-    }),
-    typescript({
-      compilerOptions: { outDir: './dist/lightweight' }
-    }),
-    commonjs({
-      ignore: nodeBuiltinModules.concat(nodeDependencies)
-    }),
-    replace({
-      'OpenPGP.js VERSION': `OpenPGP.js ${pkg.version}`,
-      "import { createRequire } from 'module';": 'const createRequire = () => () => {}',
-      delimiters: ['', '']
-    }),
-    wasm(wasmOptions.browser)
-  ]
-};
-
-const getBrowserTestBuild = useLightweightBuild => ({
-  input: 'test/unittests.js',
-  output: [
-    { file: 'test/lib/unittests-bundle.js', format: 'es', intro, sourcemap: true, inlineDynamicImports: true }
-  ],
-  external: nodeBuiltinModules.concat(nodeDependencies),
-  plugins: [
-    alias({
-      entries: {
-        openpgp: `./dist/${useLightweightBuild ? 'lightweight/' : ''}openpgp.mjs`
-      }
-    }),
-    resolve({
-      browser: true
-    }),
-    typescript({
-      compilerOptions: { outDir: './test/lib' },
-      // this exclusion is to address an issue with type-detect v4.1.0 that's imported by chai using `require()`;
-      // the TS plugin influences the resolution and causes the index.ts file to be imported
-      // (which the commonjs plugin cannot process) instead of the .js entrypoints.
-      exclude: ['node_modules/type-detect/*']
-    }),
-    commonjs({
-      ignore: nodeBuiltinModules.concat(nodeDependencies),
-      requireReturnsDefault: 'preferred'
-    }),
-    replace({
-      "import { createRequire } from 'module';": 'const createRequire = () => () => {}',
-      delimiters: ['', '']
-    }),
-    wasm(wasmOptions.browser)
-  ]
-});
-
-/**
- * Rollup CLI supports custom options; their name must start with `config`,
- * e.g. see `--configDebug` example at
- * https://rollupjs.org/command-line-interface/#configuration-files
- *
- * The custom options we support are:
- * - "config-build-only": 'dist'|'node'|'lightweight'|'test'|string - to specify a build target;
- *               defaults to 'dist', which does not build tests;
- * - "config-test-lightweight-build": Boolean - in the context of building browser tests,
- *               whether the lightweight build should be included instead of the standard one
- */
-export default commandLineArgs => Object.assign([
-  nodeBuild,
-  fullBrowserBuild,
-  lightweightBrowserBuild,
-  getBrowserTestBuild(commandLineArgs['config-test-lightweight-build'])
-].filter(rollupConfig => {
-  rollupConfig.output = rollupConfig.output.filter(output => {
+export default Object.assign([
+  {
+    input: 'src/index.js',
+    output: [
+      { file: 'dist/openpgp.js', format: 'iife', name: pkg.name, banner, intro },
+      { file: 'dist/openpgp.min.js', format: 'iife', name: pkg.name, banner, intro, plugins: [terser(terserOptions)], sourcemap: true },
+      { file: 'dist/openpgp.mjs', format: 'es', banner, intro },
+      { file: 'dist/openpgp.min.mjs', format: 'es', banner, intro, plugins: [terser(terserOptions)], sourcemap: true }
+    ],
+    inlineDynamicImports: true,
+    plugins: [
+      resolve({
+        browser: true
+      }),
+      commonjs({
+        ignore: builtinModules.concat(nodeDependencies)
+      }),
+      replace({
+        'OpenPGP.js VERSION': `OpenPGP.js ${pkg.version}`,
+        'require(': 'void(',
+        delimiters: ['', '']
+      })
+    ]
+  },
+  {
+    input: 'src/index.js',
+    inlineDynamicImports: true,
+    external: builtinModules.concat(nodeDependencies),
+    output: [
+      { file: 'dist/node/openpgp.js', format: 'cjs', name: pkg.name, banner, intro },
+      { file: 'dist/node/openpgp.min.js', format: 'cjs', name: pkg.name, banner, intro, plugins: [terser(terserOptions)], sourcemap: true },
+      { file: 'dist/node/openpgp.mjs', format: 'es', banner, intro },
+      { file: 'dist/node/openpgp.min.mjs', format: 'es', banner, intro, plugins: [terser(terserOptions)], sourcemap: true }
+    ],
+    plugins: [
+      resolve(),
+      commonjs(),
+      replace({
+        'OpenPGP.js VERSION': `OpenPGP.js ${pkg.version}`
+      })
+    ]
+  },
+  {
+    input: 'src/index.js',
+    output: [
+      { dir: 'dist/lightweight', entryFileNames: 'openpgp.mjs', chunkFileNames: '[name].mjs', format: 'es', banner, intro },
+      { dir: 'dist/lightweight', entryFileNames: 'openpgp.min.mjs', chunkFileNames: '[name].min.mjs', format: 'es', banner, intro, plugins: [terser(terserOptions)], sourcemap: true }
+    ],
+    preserveEntrySignatures: 'allow-extension',
+    plugins: [
+      resolve({
+        browser: true
+      }),
+      commonjs({
+        ignore: builtinModules.concat(nodeDependencies)
+      }),
+      replace({
+        'OpenPGP.js VERSION': `OpenPGP.js ${pkg.version}`,
+        'require(': 'void(',
+        delimiters: ['', '']
+      })
+    ]
+  },
+  {
+    input: 'test/unittests.js',
+    output: [
+      { file: 'test/lib/unittests-bundle.js', format: 'es', intro, sourcemap: true }
+    ],
+    inlineDynamicImports: true,
+    external: ['../..', '../../..'],
+    plugins: [
+      resolve({
+        browser: true
+      }),
+      commonjs({
+        ignore: builtinModules.concat(nodeDependencies)
+      }),
+      replace({
+        "import openpgpjs from '../../..';": `import * as openpgpjs from '/dist/${process.env.npm_config_lightweight ? 'lightweight/' : ''}openpgp.mjs'; window.openpgp = openpgpjs;`,
+        'require(': 'void(',
+        delimiters: ['', '']
+      })
+    ]
+  }
+].filter(config => {
+  config.output = config.output.filter(output => {
     return (output.file || output.dir + '/' + output.entryFileNames).includes(
-      commandLineArgs['config-build-only'] || 'dist' // Don't build test bundle by default.
+      process.env.npm_config_build_only || // E.g. `npm install --build-only=lightweight`.
+      'dist' // Don't build test bundle by default.
     );
   });
-  return rollupConfig.output.length;
+  return config.output.length;
 }), {
   allow_empty: true // Fake option to trick rollup into accepting empty config array when filtered above.
 });

src/biginteger/bn.interface.js

@@ -0,0 +1,334 @@
+import BN from 'bn.js';
+
+/**
+ * @fileoverview
+ * BigInteger implementation of basic operations
+ * Wrapper of bn.js library (wwww.github.com/indutny/bn.js)
+ * @module biginteger/bn
+ * @private
+ */
+
+/**
+ * @private
+ */
+export default class BigInteger {
+  /**
+   * Get a BigInteger (input must be big endian for strings and arrays)
+   * @param {Number|String|Uint8Array} n - Value to convert
+   * @throws {Error} on undefined input
+   */
+  constructor(n) {
+    if (n === undefined) {
+      throw new Error('Invalid BigInteger input');
+    }
+
+    this.value = new BN(n);
+  }
+
+  clone() {
+    const clone = new BigInteger(null);
+    this.value.copy(clone.value);
+    return clone;
+  }
+
+  /**
+   * BigInteger increment in place
+   */
+  iinc() {
+    this.value.iadd(new BN(1));
+    return this;
+  }
+
+  /**
+   * BigInteger increment
+   * @returns {BigInteger} this + 1.
+   */
+  inc() {
+    return this.clone().iinc();
+  }
+
+  /**
+   * BigInteger decrement in place
+   */
+  idec() {
+    this.value.isub(new BN(1));
+    return this;
+  }
+
+  /**
+   * BigInteger decrement
+   * @returns {BigInteger} this - 1.
+   */
+  dec() {
+    return this.clone().idec();
+  }
+
+
+  /**
+   * BigInteger addition in place
+   * @param {BigInteger} x - Value to add
+   */
+  iadd(x) {
+    this.value.iadd(x.value);
+    return this;
+  }
+
+  /**
+   * BigInteger addition
+   * @param {BigInteger} x - Value to add
+   * @returns {BigInteger} this + x.
+   */
+  add(x) {
+    return this.clone().iadd(x);
+  }
+
+  /**
+   * BigInteger subtraction in place
+   * @param {BigInteger} x - Value to subtract
+   */
+  isub(x) {
+    this.value.isub(x.value);
+    return this;
+  }
+
+  /**
+   * BigInteger subtraction
+   * @param {BigInteger} x - Value to subtract
+   * @returns {BigInteger} this - x.
+   */
+  sub(x) {
+    return this.clone().isub(x);
+  }
+
+  /**
+   * BigInteger multiplication in place
+   * @param {BigInteger} x - Value to multiply
+   */
+  imul(x) {
+    this.value.imul(x.value);
+    return this;
+  }
+
+  /**
+   * BigInteger multiplication
+   * @param {BigInteger} x - Value to multiply
+   * @returns {BigInteger} this * x.
+   */
+  mul(x) {
+    return this.clone().imul(x);
+  }
+
+  /**
+   * Compute value modulo m, in place
+   * @param {BigInteger} m - Modulo
+   */
+  imod(m) {
+    this.value = this.value.umod(m.value);
+    return this;
+  }
+
+  /**
+   * Compute value modulo m
+   * @param {BigInteger} m - Modulo
+   * @returns {BigInteger} this mod m.
+   */
+  mod(m) {
+    return this.clone().imod(m);
+  }
+
+  /**
+   * Compute modular exponentiation
+   * Much faster than this.exp(e).mod(n)
+   * @param {BigInteger} e - Exponent
+   * @param {BigInteger} n - Modulo
+   * @returns {BigInteger} this ** e mod n.
+   */
+  modExp(e, n) {
+    // We use either Montgomery or normal reduction context
+    // Montgomery requires coprime n and R (montogmery multiplier)
+    //  bn.js picks R as power of 2, so n must be odd
+    const nred = n.isEven() ? BN.red(n.value) : BN.mont(n.value);
+    const x = this.clone();
+    x.value = x.value.toRed(nred).redPow(e.value).fromRed();
+    return x;
+  }
+
+  /**
+   * Compute the inverse of this value modulo n
+   * Note: this and and n must be relatively prime
+   * @param {BigInteger} n - Modulo
+   * @returns {BigInteger} x such that this*x = 1 mod n
+   * @throws {Error} if the inverse does not exist
+   */
+  modInv(n) {
+    // invm returns a wrong result if the inverse does not exist
+    if (!this.gcd(n).isOne()) {
+      throw new Error('Inverse does not exist');
+    }
+    return new BigInteger(this.value.invm(n.value));
+  }
+
+  /**
+   * Compute greatest common divisor between this and n
+   * @param {BigInteger} n - Operand
+   * @returns {BigInteger} gcd
+   */
+  gcd(n) {
+    return new BigInteger(this.value.gcd(n.value));
+  }
+
+  /**
+   * Shift this to the left by x, in place
+   * @param {BigInteger} x - Shift value
+   */
+  ileftShift(x) {
+    this.value.ishln(x.value.toNumber());
+    return this;
+  }
+
+  /**
+   * Shift this to the left by x
+   * @param {BigInteger} x - Shift value
+   * @returns {BigInteger} this << x.
+   */
+  leftShift(x) {
+    return this.clone().ileftShift(x);
+  }
+
+  /**
+   * Shift this to the right by x, in place
+   * @param {BigInteger} x - Shift value
+   */
+  irightShift(x) {
+    this.value.ishrn(x.value.toNumber());
+    return this;
+  }
+
+  /**
+   * Shift this to the right by x
+   * @param {BigInteger} x - Shift value
+   * @returns {BigInteger} this >> x.
+   */
+  rightShift(x) {
+    return this.clone().irightShift(x);
+  }
+
+  /**
+   * Whether this value is equal to x
+   * @param {BigInteger} x
+   * @returns {Boolean}
+   */
+  equal(x) {
+    return this.value.eq(x.value);
+  }
+
+  /**
+   * Whether this value is less than x
+   * @param {BigInteger} x
+   * @returns {Boolean}
+   */
+  lt(x) {
+    return this.value.lt(x.value);
+  }
+
+  /**
+   * Whether this value is less than or equal to x
+   * @param {BigInteger} x
+   * @returns {Boolean}
+   */
+  lte(x) {
+    return this.value.lte(x.value);
+  }
+
+  /**
+   * Whether this value is greater than x
+   * @param {BigInteger} x
+   * @returns {Boolean}
+   */
+  gt(x) {
+    return this.value.gt(x.value);
+  }
+
+  /**
+   * Whether this value is greater than or equal to x
+   * @param {BigInteger} x
+   * @returns {Boolean}
+   */
+  gte(x) {
+    return this.value.gte(x.value);
+  }
+
+  isZero() {
+    return this.value.isZero();
+  }
+
+  isOne() {
+    return this.value.eq(new BN(1));
+  }
+
+  isNegative() {
+    return this.value.isNeg();
+  }
+
+  isEven() {
+    return this.value.isEven();
+  }
+
+  abs() {
+    const res = this.clone();
+    res.value = res.value.abs();
+    return res;
+  }
+
+  /**
+   * Get this value as a string
+   * @returns {String} this value.
+   */
+  toString() {
+    return this.value.toString();
+  }
+
+  /**
+   * Get this value as an exact Number (max 53 bits)
+   * Fails if this value is too large
+   * @returns {Number}
+   */
+  toNumber() {
+    return this.value.toNumber();
+  }
+
+  /**
+   * Get value of i-th bit
+   * @param {Number} i - Bit index
+   * @returns {Number} Bit value.
+   */
+  getBit(i) {
+    return this.value.testn(i) ? 1 : 0;
+  }
+
+  /**
+   * Compute bit length
+   * @returns {Number} Bit length.
+   */
+  bitLength() {
+    return this.value.bitLength();
+  }
+
+  /**
+   * Compute byte length
+   * @returns {Number} Byte length.
+   */
+  byteLength() {
+    return this.value.byteLength();
+  }
+
+  /**
+   * Get Uint8Array representation of this number
+   * @param {String} endian - Endianess of output array (defaults to 'be')
+   * @param {Number} length - Of output array
+   * @returns {Uint8Array}
+   */
+  toUint8Array(endian = 'be', length) {
+    return this.value.toArrayLike(Uint8Array, endian, length);
+  }
+}

src/biginteger/index.js

@@ -0,0 +1,14 @@
+import util from '../util';
+import BigInteger from './native.interface';
+
+async function getBigInteger() {
+  if (util.detectBigInt()) {
+    return BigInteger;
+  } else {
+    const { default: BigInteger } = await import('./bn.interface');
+    return BigInteger;
+  }
+}
+
+// eslint-disable-next-line import/prefer-default-export
+export { getBigInteger };

src/biginteger/native.interface.js

@@ -0,0 +1,453 @@
+/* eslint-disable new-cap */
+
+/**
+ * @fileoverview
+ * BigInteger implementation of basic operations
+ * that wraps the native BigInt library.
+ * Operations are not constant time,
+ * but we try and limit timing leakage where we can
+ * @module biginteger/native
+ * @private
+ */
+
+/**
+ * @private
+ */
+export default class BigInteger {
+  /**
+   * Get a BigInteger (input must be big endian for strings and arrays)
+   * @param {Number|String|Uint8Array} n - Value to convert
+   * @throws {Error} on null or undefined input
+   */
+  constructor(n) {
+    if (n === undefined) {
+      throw new Error('Invalid BigInteger input');
+    }
+
+    if (n instanceof Uint8Array) {
+      const bytes = n;
+      const hex = new Array(bytes.length);
+      for (let i = 0; i < bytes.length; i++) {
+        const hexByte = bytes[i].toString(16);
+        hex[i] = (bytes[i] <= 0xF) ? ('0' + hexByte) : hexByte;
+      }
+      this.value = BigInt('0x0' + hex.join(''));
+    } else {
+      this.value = BigInt(n);
+    }
+  }
+
+  clone() {
+    return new BigInteger(this.value);
+  }
+
+  /**
+   * BigInteger increment in place
+   */
+  iinc() {
+    this.value++;
+    return this;
+  }
+
+  /**
+   * BigInteger increment
+   * @returns {BigInteger} this + 1.
+   */
+  inc() {
+    return this.clone().iinc();
+  }
+
+  /**
+   * BigInteger decrement in place
+   */
+  idec() {
+    this.value--;
+    return this;
+  }
+
+  /**
+   * BigInteger decrement
+   * @returns {BigInteger} this - 1.
+   */
+  dec() {
+    return this.clone().idec();
+  }
+
+  /**
+   * BigInteger addition in place
+   * @param {BigInteger} x - Value to add
+   */
+  iadd(x) {
+    this.value += x.value;
+    return this;
+  }
+
+  /**
+   * BigInteger addition
+   * @param {BigInteger} x - Value to add
+   * @returns {BigInteger} this + x.
+   */
+  add(x) {
+    return this.clone().iadd(x);
+  }
+
+  /**
+   * BigInteger subtraction in place
+   * @param {BigInteger} x - Value to subtract
+   */
+  isub(x) {
+    this.value -= x.value;
+    return this;
+  }
+
+  /**
+   * BigInteger subtraction
+   * @param {BigInteger} x - Value to subtract
+   * @returns {BigInteger} this - x.
+   */
+  sub(x) {
+    return this.clone().isub(x);
+  }
+
+  /**
+   * BigInteger multiplication in place
+   * @param {BigInteger} x - Value to multiply
+   */
+  imul(x) {
+    this.value *= x.value;
+    return this;
+  }
+
+  /**
+   * BigInteger multiplication
+   * @param {BigInteger} x - Value to multiply
+   * @returns {BigInteger} this * x.
+   */
+  mul(x) {
+    return this.clone().imul(x);
+  }
+
+  /**
+   * Compute value modulo m, in place
+   * @param {BigInteger} m - Modulo
+   */
+  imod(m) {
+    this.value %= m.value;
+    if (this.isNegative()) {
+      this.iadd(m);
+    }
+    return this;
+  }
+
+  /**
+   * Compute value modulo m
+   * @param {BigInteger} m - Modulo
+   * @returns {BigInteger} this mod m.
+   */
+  mod(m) {
+    return this.clone().imod(m);
+  }
+
+  /**
+   * Compute modular exponentiation using square and multiply
+   * @param {BigInteger} e - Exponent
+   * @param {BigInteger} n - Modulo
+   * @returns {BigInteger} this ** e mod n.
+   */
+  modExp(e, n) {
+    if (n.isZero()) throw Error('Modulo cannot be zero');
+    if (n.isOne()) return new BigInteger(0);
+    if (e.isNegative()) throw Error('Unsopported negative exponent');
+
+    let exp = e.value;
+    let x = this.value;
+
+    x %= n.value;
+    let r = BigInt(1);
+    while (exp > BigInt(0)) {
+      const lsb = exp & BigInt(1);
+      exp >>= BigInt(1); // e / 2
+      // Always compute multiplication step, to reduce timing leakage
+      const rx = (r * x) % n.value;
+      // Update r only if lsb is 1 (odd exponent)
+      r = lsb ? rx : r;
+      x = (x * x) % n.value; // Square
+    }
+    return new BigInteger(r);
+  }
+
+
+  /**
+   * Compute the inverse of this value modulo n
+   * Note: this and and n must be relatively prime
+   * @param {BigInteger} n - Modulo
+   * @returns {BigInteger} x such that this*x = 1 mod n
+   * @throws {Error} if the inverse does not exist
+   */
+  modInv(n) {
+    const { gcd, x } = this._egcd(n);
+    if (!gcd.isOne()) {
+      throw new Error('Inverse does not exist');
+    }
+    return x.add(n).mod(n);
+  }
+
+  /**
+   * Extended Eucleadian algorithm (http://anh.cs.luc.edu/331/notes/xgcd.pdf)
+   * Given a = this and b, compute (x, y) such that ax + by = gdc(a, b)
+   * @param {BigInteger} b - Second operand
+   * @returns {{ gcd, x, y: BigInteger }}
+   */
+  _egcd(b) {
+    let x = BigInt(0);
+    let y = BigInt(1);
+    let xPrev = BigInt(1);
+    let yPrev = BigInt(0);
+
+    let a = this.value;
+    b = b.value;
+
+    while (b !== BigInt(0)) {
+      const q = a / b;
+      let tmp = x;
+      x = xPrev - q * x;
+      xPrev = tmp;
+
+      tmp = y;
+      y = yPrev - q * y;
+      yPrev = tmp;
+
+      tmp = b;
+      b = a % b;
+      a = tmp;
+    }
+
+    return {
+      x: new BigInteger(xPrev),
+      y: new BigInteger(yPrev),
+      gcd: new BigInteger(a)
+    };
+  }
+
+  /**
+   * Compute greatest common divisor between this and n
+   * @param {BigInteger} b - Operand
+   * @returns {BigInteger} gcd
+   */
+  gcd(b) {
+    let a = this.value;
+    b = b.value;
+    while (b !== BigInt(0)) {
+      const tmp = b;
+      b = a % b;
+      a = tmp;
+    }
+    return new BigInteger(a);
+  }
+
+  /**
+   * Shift this to the left by x, in place
+   * @param {BigInteger} x - Shift value
+   */
+  ileftShift(x) {
+    this.value <<= x.value;
+    return this;
+  }
+
+  /**
+   * Shift this to the left by x
+   * @param {BigInteger} x - Shift value
+   * @returns {BigInteger} this << x.
+   */
+  leftShift(x) {
+    return this.clone().ileftShift(x);
+  }
+
+  /**
+   * Shift this to the right by x, in place
+   * @param {BigInteger} x - Shift value
+   */
+  irightShift(x) {
+    this.value >>= x.value;
+    return this;
+  }
+
+  /**
+   * Shift this to the right by x
+   * @param {BigInteger} x - Shift value
+   * @returns {BigInteger} this >> x.
+   */
+  rightShift(x) {
+    return this.clone().irightShift(x);
+  }
+
+  /**
+   * Whether this value is equal to x
+   * @param {BigInteger} x
+   * @returns {Boolean}
+   */
+  equal(x) {
+    return this.value === x.value;
+  }
+
+  /**
+   * Whether this value is less than x
+   * @param {BigInteger} x
+   * @returns {Boolean}
+   */
+  lt(x) {
+    return this.value < x.value;
+  }
+
+  /**
+   * Whether this value is less than or equal to x
+   * @param {BigInteger} x
+   * @returns {Boolean}
+   */
+  lte(x) {
+    return this.value <= x.value;
+  }
+
+  /**
+   * Whether this value is greater than x
+   * @param {BigInteger} x
+   * @returns {Boolean}
+   */
+  gt(x) {
+    return this.value > x.value;
+  }
+
+  /**
+   * Whether this value is greater than or equal to x
+   * @param {BigInteger} x
+   * @returns {Boolean}
+   */
+  gte(x) {
+    return this.value >= x.value;
+  }
+
+  isZero() {
+    return this.value === BigInt(0);
+  }
+
+  isOne() {
+    return this.value === BigInt(1);
+  }
+
+  isNegative() {
+    return this.value < BigInt(0);
+  }
+
+  isEven() {
+    return !(this.value & BigInt(1));
+  }
+
+  abs() {
+    const res = this.clone();
+    if (this.isNegative()) {
+      res.value = -res.value;
+    }
+    return res;
+  }
+
+  /**
+   * Get this value as a string
+   * @returns {String} this value.
+   */
+  toString() {
+    return this.value.toString();
+  }
+
+  /**
+   * Get this value as an exact Number (max 53 bits)
+   * Fails if this value is too large
+   * @returns {Number}
+   */
+  toNumber() {
+    const number = Number(this.value);
+    if (number > Number.MAX_SAFE_INTEGER) {
+      // We throw and error to conform with the bn.js implementation
+      throw new Error('Number can only safely store up to 53 bits');
+    }
+    return number;
+  }
+
+  /**
+   * Get value of i-th bit
+   * @param {Number} i - Bit index
+   * @returns {Number} Bit value.
+   */
+  getBit(i) {
+    const bit = (this.value >> BigInt(i)) & BigInt(1);
+    return (bit === BigInt(0)) ? 0 : 1;
+  }
+
+  /**
+   * Compute bit length
+   * @returns {Number} Bit length.
+   */
+  bitLength() {
+    const zero = new BigInteger(0);
+    const one = new BigInteger(1);
+    const negOne = new BigInteger(-1);
+
+    // -1n >> -1n is -1n
+    // 1n >> 1n is 0n
+    const target = this.isNegative() ? negOne : zero;
+    let bitlen = 1;
+    const tmp = this.clone();
+    while (!tmp.irightShift(one).equal(target)) {
+      bitlen++;
+    }
+    return bitlen;
+  }
+
+  /**
+   * Compute byte length
+   * @returns {Number} Byte length.
+   */
+  byteLength() {
+    const zero = new BigInteger(0);
+    const negOne = new BigInteger(-1);
+
+    const target = this.isNegative() ? negOne : zero;
+    const eight = new BigInteger(8);
+    let len = 1;
+    const tmp = this.clone();
+    while (!tmp.irightShift(eight).equal(target)) {
+      len++;
+    }
+    return len;
+  }
+
+  /**
+   * Get Uint8Array representation of this number
+   * @param {String} endian - Endianess of output array (defaults to 'be')
+   * @param {Number} length - Of output array
+   * @returns {Uint8Array}
+   */
+  toUint8Array(endian = 'be', length) {
+    // we get and parse the hex string (https://coolaj86.com/articles/convert-js-bigints-to-typedarrays/)
+    // this is faster than shift+mod iterations
+    let hex = this.value.toString(16);
+    if (hex.length % 2 === 1) {
+      hex = '0' + hex;
+    }
+
+    const rawLength = hex.length / 2;
+    const bytes = new Uint8Array(length || rawLength);
+    // parse hex
+    const offset = length ? (length - rawLength) : 0;
+    let i = 0;
+    while (i < rawLength) {
+      bytes[i + offset] = parseInt(hex.slice(2 * i, 2 * i + 2), 16);
+      i++;
+    }
+
+    if (endian !== 'be') {
+      bytes.reverse();
+    }
+
+    return bytes;
+  }
+}

src/cleartext.js

@@ -59,22 +59,19 @@ export class CleartextMessage {
 
   /**
    * Sign the cleartext message
-   * @param {Array<Key>} signingKeys - private keys with decrypted secret key data for signing
-   * @param {Array<Key>} recipientKeys - recipient keys to get the signing preferences from
+   * @param {Array<Key>} privateKeys - private keys with decrypted secret key data for signing
    * @param {Signature} [signature] - Any existing detached signature
    * @param {Array<module:type/keyid~KeyID>} [signingKeyIDs] - Array of key IDs to use for signing. Each signingKeyIDs[i] corresponds to privateKeys[i]
    * @param {Date} [date] - The creation time of the signature that should be created
-   * @param {Array} [signingKeyIDs] - User IDs to sign with, e.g. [{ name:'Steve Sender', email:'steve@openpgp.org' }]
-   * @param {Array} [recipientUserIDs] - User IDs associated with `recipientKeys` to get the signing preferences from
-   * @param {Array} [notations] - Notation Data to add to the signatures, e.g. [{ name: 'test@example.org', value: new TextEncoder().encode('test'), humanReadable: true, critical: false }]
+   * @param {Array} [userIDs] - User IDs to sign with, e.g. [{ name:'Steve Sender', email:'steve@openpgp.org' }]
    * @param {Object} [config] - Full configuration, defaults to openpgp.config
    * @returns {Promise<CleartextMessage>} New cleartext message with signed content.
    * @async
    */
-  async sign(signingKeys, recipientKeys = [], signature = null, signingKeyIDs = [], date = new Date(), signingUserIDs = [], recipientUserIDs = [], notations = [], config = defaultConfig) {
+  async sign(privateKeys, signature = null, signingKeyIDs = [], date = new Date(), userIDs = [], config = defaultConfig) {
     const literalDataPacket = new LiteralDataPacket();
     literalDataPacket.setText(this.text);
-    const newSignature = new Signature(await createSignaturePackets(literalDataPacket, signingKeys, recipientKeys, signature, signingKeyIDs, date, signingUserIDs, recipientUserIDs, notations, true, config));
+    const newSignature = new Signature(await createSignaturePackets(literalDataPacket, privateKeys, signature, signingKeyIDs, date, userIDs, true, config));
     return new CleartextMessage(this.text, newSignature);
   }
 
@@ -91,7 +88,7 @@ export class CleartextMessage {
    * @async
    */
   verify(keys, date = new Date(), config = defaultConfig) {
-    const signatureList = this.signature.packets.filterByTag(enums.packet.signature); // drop UnparsablePackets
+    const signatureList = this.signature.packets;
     const literalDataPacket = new LiteralDataPacket();
     // we assume that cleartext signature is generated based on UTF8 cleartext
     literalDataPacket.setText(this.text);
@@ -113,22 +110,16 @@ export class CleartextMessage {
    * @returns {String | ReadableStream<String>} ASCII armor.
    */
   armor(config = defaultConfig) {
-    // emit header and checksum if one of the signatures has a version not 6
-    const emitHeaderAndChecksum = this.signature.packets.some(packet => packet.version !== 6);
-    const hash = emitHeaderAndChecksum ?
-      Array.from(new Set(this.signature.packets.map(
-        packet => enums.read(enums.hash, packet.hashAlgorithm).toUpperCase()
-      ))).join() :
-      null;
-
+    let hashes = this.signature.packets.map(function(packet) {
+      return enums.read(enums.hash, packet.hashAlgorithm).toUpperCase();
+    });
+    hashes = hashes.filter(function(item, i, ar) { return ar.indexOf(item) === i; });
     const body = {
-      hash,
+      hash: hashes.join(),
       text: this.text,
       data: this.signature.packets.write()
     };
-
-    // An ASCII-armored sequence of Signature packets that only includes v6 Signature packets MUST NOT contain a CRC24 footer.
-    return armor(enums.armor.signed, body, undefined, undefined, undefined, emitHeaderAndChecksum, config);
+    return armor(enums.armor.signed, body, undefined, undefined, undefined, config);
   }
 }
 
@@ -179,27 +170,30 @@ function verifyHeaders(headers, packetlist) {
     return true;
   };
 
-  const hashAlgos = [];
-  headers.forEach(header => {
-    const hashHeader = header.match(/^Hash: (.+)$/); // get header value
-    if (hashHeader) {
-      const parsedHashIDs = hashHeader[1]
-        .replace(/\s/g, '') // remove whitespace
-        .split(',')
-        .map(hashName => {
-          try {
-            return enums.write(enums.hash, hashName.toLowerCase());
-          } catch (e) {
-            throw new Error('Unknown hash algorithm in armor header: ' + hashName.toLowerCase());
-          }
-        });
-      hashAlgos.push(...parsedHashIDs);
+  let oneHeader = null;
+  let hashAlgos = [];
+  headers.forEach(function(header) {
+    oneHeader = header.match(/Hash: (.+)/); // get header value
+    if (oneHeader) {
+      oneHeader = oneHeader[1].replace(/\s/g, ''); // remove whitespace
+      oneHeader = oneHeader.split(',');
+      oneHeader = oneHeader.map(function(hash) {
+        hash = hash.toLowerCase();
+        try {
+          return enums.write(enums.hash, hash);
+        } catch (e) {
+          throw new Error('Unknown hash algorithm in armor header: ' + hash);
+        }
+      });
+      hashAlgos = hashAlgos.concat(oneHeader);
     } else {
       throw new Error('Only "Hash" header allowed in cleartext signed message');
     }
   });
 
-  if (hashAlgos.length && !checkHashAlgos(hashAlgos)) {
+  if (!hashAlgos.length && !checkHashAlgos([enums.hash.md5])) {
+    throw new Error('If no "Hash" header in cleartext signed message, then only MD5 signatures allowed');
+  } else if (hashAlgos.length && !checkHashAlgos(hashAlgos)) {
     throw new Error('Hash algorithm mismatch in armor header and signature');
   }
 }

src/config/config.d.ts

@@ -1,46 +0,0 @@
-/**
- * Global configuration values.
- */
-
-import enums from '../enums';
-
-export interface Config {
-  preferredHashAlgorithm: enums.hash;
-  preferredSymmetricAlgorithm: enums.symmetric;
-  preferredCompressionAlgorithm: enums.compression;
-  showVersion: boolean;
-  showComment: boolean;
-  aeadProtect: boolean;
-  allowUnauthenticatedMessages: boolean;
-  allowUnauthenticatedStream: boolean;
-  minRSABits: number;
-  passwordCollisionCheck: boolean;
-  ignoreUnsupportedPackets: boolean;
-  ignoreMalformedPackets: boolean;
-  enforceGrammar: boolean;
-  additionalAllowedPackets: Array<{ new(): any, tag: enums.packet }>;
-  versionString: string;
-  commentString: string;
-  allowInsecureDecryptionWithSigningKeys: boolean;
-  allowInsecureVerificationWithReformattedKeys: boolean;
-  allowMissingKeyFlags: boolean;
-  constantTimePKCS1Decryption: boolean;
-  constantTimePKCS1DecryptionSupportedSymmetricAlgorithms: Set<enums.symmetric>;
-  v6Keys: boolean;
-  enableParsingV5Entities: boolean;
-  preferredAEADAlgorithm: enums.aead;
-  aeadChunkSizeByte: number;
-  s2kType: enums.s2k.iterated | enums.s2k.argon2;
-  s2kIterationCountByte: number;
-  s2kArgon2Params: { passes: number, parallelism: number; memoryExponent: number; };
-  maxUserIDLength: number;
-  knownNotations: string[];
-  useEllipticFallback: boolean;
-  rejectHashAlgorithms: Set<enums.hash>;
-  rejectMessageHashAlgorithms: Set<enums.hash>;
-  rejectPublicKeyAlgorithms: Set<enums.publicKey>;
-  rejectCurves: Set<enums.curve>;
-}
-
-declare const config: Config;
-export default config;