2024.2 > `N/pgp` reaches to heavens… YES!!
# suitescript
s
2024.2 >
N/pgp
reaches to heavens… YES!!
🙌 3
A new N/pgp module is now available. The N/pgp module loads generated PGP keys from a secret to securely send messages to one or multiple recipients. To send an encrypted message, you must first create the contents of the message with the
pgp.createMessageData(options)
method. Next, use the
MessageData.encrypt(options)
method to securely encrypt and optionally sign the message contents. Message recipients can optionally enable configuration preferences to customize how messages are decrypted. You can also use this module to create certificate.Signer objects to sign plain strings. For more information, see the help topic N/pgp Module. (not yet available)
Just got into a release preview account.. Docs are updated.. Long Live
N/pgp
!!
Copy code
/**
 * Use a Cryptographic Key for a Signature
 * @NApiVersion 2.1
 */

require(['N/pgp', 'N/crypto/certificate', 'N/encode'], (pgp, cryptoCertificate, encode) => {
  const keys = {
    ours: {
      pub: pgp.loadKeyFromSecret({
        secret: { scriptId: 'custsecret_pgp_key_ours_public' }
      }),
      pri: pgp.loadKeyFromSecret({
        secret: { scriptId: 'custsecret_pgp_key_ours_private' },
        password: { scriptId: 'custsecret_pgp_key_ours_private_password' }
      })
    }
  }
  const signer = pgp.createSigner({
    key: keys.ours.pri,
    algorithm: cryptoCertificate.HashAlg.SHA256
  })
  signer.update({
    input: 'Test'
  })
  const signature = signer.sign({
    outputEncoding: encode.Encoding.BASE_64_URL_SAFE
  })

  log.debug(signature)
})
e
I had some success encrypting a text file. After getting the file contents from the file cabinet, I pass the content to pgp.CreateMessageData() which can then be encrypted. To save the result back to the file cabinet, I only had success using .AsArmored() and plain text. My use case is for delivering an encrypted ABA file to a bank - not sure yet if this will work.
t
I'm also running into the issue that 1) there is no option for uncompressed (only supported compression algorithm is zlib 2) after the messageData.encrypt for the sign and encrypt, it outputs the pgp.message return type, which doesnt seem to have functionality for the pgp message to be saved as binary into the file cabinet.
239 Views