#6049 Upgrade openpgp to v6.2 (#6050)

ioanatflowcrypt · web-flow · commit d0ee03fba4d9 · 2025-07-25T22:50:46.000+03:00
* feat: upgraded openpgp to v6.2

* fix: module resolution

* fix: module resolution

* fix: pr reviews
diff --git a/conf/tsconfig.content_scripts.json b/conf/tsconfig.content_scripts.json
@@ -13,6 +13,7 @@
     "strictFunctionTypes": false,
     "sourceMap": false,
     "checkJs": false,
+    "moduleResolution": "node",
     "outDir": "../build/_/content_scripts",
     "baseUrl": "../extension",
     "paths": {
diff --git a/extension/js/common/core/crypto/pgp/msg-util.ts b/extension/js/common/core/crypto/pgp/msg-util.ts
@@ -5,7 +5,7 @@ import { Key, KeyInfoWithIdentity, KeyInfoWithIdentityAndOptionalPp, KeyUtil } f
 import { ReplaceableMsgBlockType } from '../../msg-block.js';
 import { Buf } from '../../buf.js';
 import { PgpArmor, PreparedForDecrypt } from './pgp-armor.js';
-import { opgp } from './openpgpjs-custom.js';
+import { OpenPGPDataType, opgp } from './openpgpjs-custom.js';
 import type * as OpenPGP from 'openpgp';
 import { KeyCache } from '../../../platform/key-cache.js';
 import { SmimeKey, SmimeMsg } from '../smime/smime-key.js';
@@ -331,7 +331,7 @@ export class MsgUtil {
     return true;
   }
 
-  private static async getSortedKeys(kiWithPp: KeyInfoWithIdentityAndOptionalPp[], msg: OpenPGP.Message<OpenPGP.Data>): Promise<SortedKeysForDecrypt> {
+  private static async getSortedKeys(kiWithPp: KeyInfoWithIdentityAndOptionalPp[], msg: OpenPGP.Message<OpenPGPDataType>): Promise<SortedKeysForDecrypt> {
     const keys: SortedKeysForDecrypt = {
       encryptedFor: [],
       signedBy: [],
diff --git a/extension/js/common/core/crypto/pgp/openpgp-key.ts b/extension/js/common/core/crypto/pgp/openpgp-key.ts
@@ -1,14 +1,14 @@
 /* ©️ 2016 - present FlowCrypt a.s. Limitations apply. Contact human@flowcrypt.com */
 import { Key, PrvPacket, KeyAlgo, KeyUtil, UnexpectedKeyTypeError, PubkeyInfo } from '../key.js';
-import { opgp } from './openpgpjs-custom.js';
+import { OpenPGPDataType, opgp } from './openpgpjs-custom.js';
 import { Catch } from '../../../platform/catch.js';
 import { Str, Value } from '../../common.js';
 import { Buf } from '../../buf.js';
 import type * as OpenPGP from 'openpgp';
 import { PgpMsgMethod, VerifyRes } from './msg-util.js';
 import * as Stream from '@openpgp/web-stream-tools';
 
-type OpenpgpMsgOrCleartext = OpenPGP.Message<OpenPGP.Data> | OpenPGP.CleartextMessage;
+type OpenpgpMsgOrCleartext = OpenPGP.Message<OpenPGPDataType> | OpenPGP.CleartextMessage;
 export interface KeyWithPrivateFields extends Key {
   internal: OpenPGP.Key | string; // usable key without weak packets
   rawArmored: string;
@@ -117,7 +117,7 @@ export class OpenPGPKey {
     await OpenPGPKey.convertExternalLibraryObjToKey(encryptedPrv, key);
   }
 
-  public static async decryptMessage(message: OpenPGP.Message<OpenPGP.Data>, privateKeys: Key[], passwords?: string[]) {
+  public static async decryptMessage(message: OpenPGP.Message<OpenPGPDataType>, privateKeys: Key[], passwords?: string[]) {
     const opgpKeys = await Promise.all(privateKeys.map(key => OpenPGPKey.extractExternalLibraryObjFromKey(key)));
     return await message.decrypt(
       opgpKeys.filter(key => key.isPrivate()),
@@ -477,12 +477,6 @@ export class OpenPGPKey {
     return p instanceof opgp.SecretKeyPacket || p instanceof opgp.SecretSubkeyPacket;
   }
 
-  public static isBaseKeyPacket(p: OpenPGP.BasePacket): p is OpenPGP.BasePublicKeyPacket {
-    return (
-      p instanceof opgp.SecretKeyPacket || p instanceof opgp.SecretSubkeyPacket || p instanceof opgp.PublicKeyPacket || p instanceof opgp.PublicSubkeyPacket
-    );
-  }
-
   public static async isPacketDecrypted(pubkey: Key, keyid: OpenPGP.KeyID) {
     const [k] = (await OpenPGPKey.extractExternalLibraryObjFromKey(pubkey)).getKeys(keyid); // keyPacket.isDecrypted(keyID);
     if (!k) {
@@ -577,7 +571,7 @@ export class OpenPGPKey {
   // mimicks OpenPGP.helper.getLatestValidSignature
   private static async getLatestValidSignature(
     signatures: OpenPGP.SignaturePacket[],
-    primaryKey: OpenPGP.BasePublicKeyPacket,
+    primaryKey: OpenPGP.AnyKeyPacket,
     signatureType: OpenPGP.enums.signature,
     dataToVerify: object | Uint8Array
   ): Promise<OpenPGP.SignaturePacket | undefined> {
@@ -801,7 +795,7 @@ export class OpenPGPKey {
     }
     return undefined;
   }
-  private static arePrivateParamsMissing = (packet: OpenPGP.BasePublicKeyPacket): boolean => {
+  private static arePrivateParamsMissing = (packet: OpenPGP.AnyKeyPacket): boolean => {
     // detection of missing private params to solve #2887
     if (!OpenPGPKey.paramCountByAlgo) {
       OpenPGPKey.paramCountByAlgo = {
diff --git a/extension/js/common/core/crypto/pgp/openpgpjs-custom.ts b/extension/js/common/core/crypto/pgp/openpgpjs-custom.ts
@@ -7,6 +7,8 @@ import { requireOpenpgp } from '../../../platform/require.js';
 
 export const opgp = requireOpenpgp();
 
+export type OpenPGPDataType = string | Uint8Array;
+
 if (typeof opgp !== 'undefined') {
   // in certain environments, eg pgp_block.htm or web content script, openpgp is not included
   opgp.config.versionString = `FlowCrypt Email Encryption ${VERSION}`;
diff --git a/extension/js/common/core/crypto/pgp/pgp-armor.ts b/extension/js/common/core/crypto/pgp/pgp-armor.ts
@@ -8,7 +8,7 @@ import { Buf } from '../../buf.js';
 import { ReplaceableMsgBlockType } from '../../msg-block.js';
 import { Str } from '../../common.js';
 import type * as OpenPGP from 'openpgp';
-import { opgp } from './openpgpjs-custom.js';
+import { OpenPGPDataType, opgp } from './openpgpjs-custom.js';
 import * as Stream from '@openpgp/web-stream-tools';
 import { SmimeKey, ENVELOPED_DATA_OID } from '../smime/smime-key.js';
 
@@ -17,9 +17,9 @@ export type PreparedForDecrypt =
       isArmored: boolean;
       isCleartext: true;
       isPkcs7: false;
-      message: OpenPGP.CleartextMessage | OpenPGP.Message<OpenPGP.Data>;
+      message: OpenPGP.CleartextMessage | OpenPGP.Message<OpenPGPDataType>;
     }
-  | { isArmored: boolean; isCleartext: false; isPkcs7: false; message: OpenPGP.Message<OpenPGP.Data> }
+  | { isArmored: boolean; isCleartext: false; isPkcs7: false; message: OpenPGP.Message<OpenPGPDataType> }
   | { isArmored: boolean; isCleartext: false; isPkcs7: true; message: forge.pkcs7.PkcsEnvelopedData };
 
 type CryptoArmorHeaderDefinitions = {
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -30,7 +30,7 @@
     "lint-staged": "^16.1.2",
     "mailparser": "3.7.4",
     "mkdirp": "3.0.1",
-    "openpgp": "6.1.1",
+    "openpgp": "6.2.0",
     "pdfjs-dist": "5.3.93",
     "prettier": "^3.6.2",
     "puppeteer": "24.14.0",
diff --git a/tsconfig.json b/tsconfig.json
@@ -13,6 +13,7 @@
     "useUnknownInCatchVariables": false,
     "outDir": "build/generic-extension-wip",
     "baseUrl": "./extension",
+    "moduleResolution": "node",
     "paths": {
       "jquery": ["lib/jquery.min.js", "COMMENT"],
       "sweetalert2": ["lib/sweetalert2.js", "COMMENT"],
