npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

pgpmailer

v0.9.1

Published

**mailbuilder** is high-level module to send pgp-encrypted messages in node and certain browser runtimes.

Downloads

33

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

felixhammerlfelixhammerltanxtanxandrisandris

Keywords

e-mailpgp

Readme

pgpmailer

mailbuilder is high-level module to send pgp-encrypted messages in node and certain browser runtimes.

Build Status

PGP/MIME in the browser?! Yes.

This module orchestrates the following libraries to send PGP-encrypted messages:

TCPSocket API

There is a shim that brings Mozilla-flavored version of the Raw Socket API to other platforms.

If you are on a platform that uses forge instead of a native TLS implementation (e.g. chrome.socket), you have to set the .oncert(pemEncodedCertificate) handler that passes the TLS certificate that the server presents. It can be used on a trust-on-first-use basis for subsequent connection.

If forge is used to handle TLS traffic, you may choose to handle the TLS-related load in a Web Worker. Please use tlsWorkerPath to point to tcp-socket-tls-worker.js!

Please take a look at the tcp-socket documentation for more information!

What can this library do?

This library takes a plain-text message including attachments and transforms it into an RFC 3156 format. Here's a little primer about RFC 3156.

An eMail consist from MIME-nodes. A MIME-node has information about what it contains, may this be other MIME-nodes, text, attachments, blabla. What goes over the wire when you send an email is mainly some SMTP stuff and the flattened MIME-Tree transformed to plain 7-bit ASCII. Here are some examples of how a MIME-Tree could look like. Plain-text mail

envelope stuff ... yaddayadda ...
text/plain

A text/plain mail with attachments is a bit more interesting, it should like this

envelope stuff ...
multipart/mixed
|___text/plain
|___application/octet/stream
|___application/octet/stream
|___application/octet/stream

An html-mail is nested even further

envelope stuff ...
multipart/mixed
|___multipart/alternative
|   |___text/plain
|   |___text/html
|___application/octet/stream
|___application/octet/stream
|___application/octet/stream

NB! text/html is not yet supported, but we're working hard to make it happen. Also, PRs are welcome :)

This lib takes your mail object, creates the MIME-tree, signs and encrypts it, and build a PGP/MIME message that looks like this:

multipart/encrypted
|___application/pgp-encrypted
|___inline attachment (pgp block)

How do I use this?

Here's what you do in you own app (and/or have a look at the test/integration.js test)

var PgpMailer = require('pgpmailer');
var pgpmailer = new PgpMailer({
    host: 'HOST',
    port: 465, // or whatever port you want to use
    auth: {
        user: 'YOUR USERNAME',
        pass: 'YOUR PASSWORD',
        xoauth2: 'YOUR XOAUTH2 TOKEN' // (optional) If both password and xoauth2 token are set, the token is preferred.
    },
    ignoreTLS: false, // if set to true, do not issue STARTTLS even if the server supports it
    requireTLS: true // if set to true, always use STARTTLS before authentication even if the host does not advertise it. If STARTTLS fails, do not try to authenticate the user
    secureConnection: true, // because why wouldn't you?
    ca: 'PIN THE CERTIFICATE OF YOUR PROVIDER OF CHOICE', // (optional) Only in conjunction with tcp-socket if you use TLS with forge. Pins a PEM-encoded certificate as a string. Please refer to the tcp-socket documentation for more information!
    tlsWorkerPath: 'path/to/' // (optional) Only in conjunction with tcp-socket if you use TLS with forge. . Indicates where the file for the TLS Web Worker is located. Please refer to the tcp-socket documentation for more information!
});

// set your private key to sign your message
pgpmailer.setPrivateKey({
    privateKeyArmored: 'ASCII ARMORED PRIVATE KEY',
    passphrase: 'PASSPHRASE'
}, function(error) {
    // do something useful with the error
});

// execute this after pgpmailer.setPrivateKey invoked its callback and the private key is set
var publicKeysArmored = ['ASCII ARMORED PUBLIC KEY OF THE SENDER', 'RECEIVER KEY', 'COPY RECEIVER KEY', 'BLINDCOPY RECEIVER KEY'];
var mail = {
    from: [{
        name: 'Foo Bar',
        address: '[email protected]'
    }],
    to: [{
        name: 'Foo Bar',
        address: '[email protected]'
    }],
    cc: [{
        name: 'Foo Bar',
        address: '[email protected]'
    }],
    subject: 'hello, pgp',
    body: 'hello, world!',
    attachments: [{
        mimeType: 'text/plain',
        filename: 'a.txt',
        content: // a UInt8Array that contains your attachment
    }]
};
var cleartextMessage = 'This message is prepended to your encrypted message and displayed in the clear even if your recipient does not speak PGP!';

mailer.send({
    mail: mail,
    encrypt: true,
    publicKeysArmored: publicKeysArmored,
    cleartextMessage: cleartextMessage
}, function(error) {
    // do something useful with the error
});

If you do not want to encrypt your message, but instead just want to sign it, just do the following

// instantiate the pgpmailer and set your public key, then
mailer.send({
    mail: mail,
    encrypt: false
}, function(error) {
    // do something useful with the error
});

Get your hands dirty

npm install && grunt