https://netsuiteprofessionals.com logo
Join Slack
Powered by
<@U29KBCJDP> <@UP0GS40AF> Hi Jeff and Tomas, I am ...
# suitescript
t
@jeffmillies @Watz Hi Jeff and Tomas, I am tagging you because I found a PGP document in this channel that had your names through it. I have tried to implement PGP in the way described in the documents. I am having issues with the openpgp.encrypt() where it appears to just timeout and throws an empty error. I was wondering if you PGP implementations are both still working and if so you guys or anyone else can point me in the right direction. As far I can tell I have followed the steps documented exactly.
j
I can take a look in a few, but mine is still working. Which version of pgp are you using, I remember that being specific for it to work as well
t
I went and found the same version v4.10.8 I believe
j
Ok, I can look after an hour or so
t
thanks
hi jeff, just to make this easier when you have a couple of mins and so you can see what I have done I have zipped up the SDF and placed it here https://drive.google.com/file/d/1JyI71Z_f472uI5BcACh4vsah72iUFIOA/view?usp=sharing My guess is it might be something where word make have converted something import in one of the files to a different quote or something like that.
j
@Tim Pilgrim Everything looks pretty good from what I've seen so far. This is the version that I'm using. There might be something that NetSuite is picky about with yours being 4.10.8, not sure. However your error doesn't show much, I would suggest updating it to this, might show more info
function onRequest(scriptContext){
log.audit('start script');
mainAsyncExecution().then(function (result) {
log.audit(result);
let output = '';
result.forEach(function(logmsg){
output += (logmsg + '\n');
});
scriptContext.response.write(output);
})
.catch(function (e) {
log.error("e", e.message);
log.error("e.stack", JSON.stringify(e.stack));
}); }
return {onRequest: onRequest};
that way you can see the message and then the stringify should show you the stack
openpgp.4.10.9.js
but your shim looks good and the base64 and polyfill file matches mine. The way you have it included in the other script looks good too.
t
I have changed the library over to 4.10.9 I have change the onRequest and the error is still generating with e.stack returning blank
looks like a good little problem
there was a openphp.worker.js in the dist folder for openpgp are you using that? or does this implementation not need it?
j
it does need it, it's referenced in the openpgp. file
openpgp.worker.js
I was just looking at your log messages and seeing where it stopped before the error, its right before the encrypt part. Place the worker file in the same directory
t
I have put the worker file in and its made no difference
I have put wrap the encrypt with this
Copy code
log.debug({title: 'just before encrypt'});
          const { data: encrypted } = await openpgp.encrypt({
              message: openpgp.message.fromText(fileString),                         // input as Message object
              publicKeys: (await openpgp.key.readArmored(publicKeyArmored)).keys, // for encryption
              privateKeys: [privateKey]                                           // for signing (optional)
          });
          log.debug({title: 'just after encrypt'});
and it prints the just before encrypt debug message then takes about 45 seconds and then throws the error
so i guess I have broken something in the library itself
j
what version are the keys you're using?
t
thats a read good question I couldn't get openpgp to generate them.
I might try and do that again now
j
yeah, try to get that library to generate them for you now, instead of using the ones you have in the variables. I think its related to that. its stopping before it can encrypt, which means its having some trouble with the public and private that you have. I think anyway
t
Yeah something v odd is happening if I try and use
Copy code
const { privateKeyArmored, publicKeyArmored, revocationCertificate } = await openpgp.generateKey({ userIds: [{ name: 'Test', email: 'test@email' }] });
to generate the keys that fails with an empty e variable. So I generated up somekey using 4.10.9 using a codepen.io and cut and paste them in
ITS WORKING!!!!!!!!!
thanks so much Jeff!
j
aw hell yeah! Nice one!
g
Just want to say thank you for posting this. Really need OpenPGP.js and was not previously aware of it. So, thank you!
Just want to confirm though, that the library is trustable, and is production ready?
j
@Gareth which specific library? openpgp.4.10.9.js is downloaded from openpgp, the others you can download the files yourself and review the code. I use it in production
g
Hey @jeffmillies, yeah with the random number generator. Thinking if it's cryptographic random enough to use in the process of generating CSRF tokens? Guess third party tools are used to test the guess-ability and general security of those tokens though.
5 Views
Open in Slack
PreviousNext
Powered by