1. SuiteCloud Platform
  2. SuiteScript
  3. SuiteScript 2.x API Reference
  4. SuiteScript 2.x Modules
  5. N/pgp Module

N/pgp Module

Note:

The content in this help topic pertains to SuiteScript 2.1.

Use the N/pgp module to enable secure messaging, file encryption, and document signing. Based on OpenPGP encryption standards.

Important:

To use the N/pgp Module, you must first generate PGP keys from GnuPG, OpenPGP, or a third party source that supports pgp key generation. The generated keys must be stored in Secrets Management to securely manage and reference the keys. To store your generated keys, go to Setup > Company > API Secrets to create a new secret key.

For more information about API Secrets in NetSuite, see Secrets Management.

If you are new to PGP, use the following resources to learn more:

Limitations of N/pgp

As you are working with the N/pgp module, consider the following limitations:

  • You cannot generate, modify, or inspect PGP keys using the N/pgp module. You must generate keys from a third party source that supports PGP key generation.

  • You cannot create a message without readable PGP software.

  • You are limited to strings.

  • You are limited to data that fits into memory.

                                   

In This Help Topic

N/pgp Module Members

Member Type

Name

Return Type / Value Type

Supported Script Types

Description

Object

pgp.Config

Object

Server scripts

General configuration options that can be used for message decryption.

pgp.Key

Object

Server scripts

Cryptographic keys and its metadata.

pgp.KeyId

Object

Server scripts

An octet scalar that identifies a subkey.

pgp.Message

Object

Server scripts

Processed PGP data.

pgp.MessageData

Object

Server scripts

Message data.

pgp.Verification

Object

Server scripts

Verification results.

pgp.VerificationSignature

Object

Server scripts

A verification result for a single signature.

Method

pgp.createConfig(options)

pgp.Config

Server scripts

Creates a new configuration object.

pgp.createMessageData(options)

pgp.MessageData

Server scripts

Creates new message data.

pgp.createSigner(options)

certificate.Signer

Server scripts

Creates a certificate.Signer object for signing plain strings.

pgp.createVerification()

pgp.Verification

Server scripts

Creates an empty verification object.

pgp.loadKeyFromSecret(options)

pgp.Key

Server scripts

Loads a key whose contents are stored securely in secret.

pgp.parseMessage(options)

pgp.Message

Server scripts

Parses a PGP message.

pgp.parseKey(options)

pgp.Key

Server scripts

Parses an existing PGP key.

Enum

pgp.CompressionAlgorithm

Enum

Server scripts

Available compression algorithms.

pgp.Format

Enum

Server scripts

Literal data packet type.

Config Object Members

Member Type

Name

Return Type / Value Type

Supported Script Types

Description

Property

Config.allowInsecureDecryptionWithSigningKeys

boolean

Server scripts

Enables decryption that is not secured with signing keys.

Config.allowMessagesWithoutIntegrityProtection

boolean

Server scripts

Allows messages without integrity protection.

Config.useRelaxedSignatureParsing

boolean

Server scripts

Relaxed signature parsing for configuration objects.

KeyId Object Members

Member Type

Name

Return Type / Value Type

Supported Script Types

Description

Method

KeyId.asHex()

string

Server scripts

Returns a key ID as a hexadecimal string.

Message Object Members

Member Type

Name

Return Type / Value Type

Supported Script Types

Description

Property

Message.type

boolean

Server Scripts

Message type that specifies how a message is processed.

Method

Message.asArmored()

string

Server scripts

Converts a message to ASCII armored format.

Message.toMessageData()

pgp.MessageData

Server scripts

Converts a message to message data without processing. Works only if the message is not encrypted.

Message.decrypt(options)

pgp.MessageData

Server scripts

Decrypts a message and optionally verifies the signatures.

MessageData Object Members

Member Type

Name

Return Type / Value Type

Supported Script Types

Description

Property

MessageData.filename

string

Server scripts

The name of a file.

MessageData.date

Date

Server scripts

The date of a message or modification date of the file.

MessageData.format

pgp.Format

Server scripts

Literal data packet type.

Method

MessageData.getText()

string

Server scripts

Extracts the contents of a message as text.

MessageData.toMessage()

pgp.Message

Server scripts

Creates a message with no signature, compression, or encryption.

MessageData.encrypt(options)

pgp.Message

Server scripts

Creates a message that is encrypted and optionally signed.

Verification Object Members

Member Type

Name

Return Type / Value Type

Supported Script Types

Description

Property

VerificationSignature.verified

null | boolean

Server scripts

Indicates whether verification was successful.

Verification.signatures

null | Array<VerificationSignature>

Server scripts

A list of individual verifications, one per signature.

VerificationSignature Object Members

Member Type

Name

Return Type / Value Type

Supported Script Types

Description

Property

VerificationSignature.keyId

pgp.KeyId

Server Scripts

ID of the (sub)key that was used for signing.

VerificationSignature.dateSigned

Date

Server Scripts

Date when the message was signed.

VerificationSignature.verified

boolean

Server scripts

Indicates whether verification was successful for a signature.

VerificationSignature.problems

string[]

Server scripts

A list of problems for verification signatures.

Related Topics

General Notices