N/pgp Module
The content in this help topic pertains to SuiteScript 2.1.
Use the N/pgp module to enable secure messaging, file encryption, and document signing. Based on OpenPGP encryption standards.
To use the N/pgp Module, you must first generate PGP keys from GnuPG, OpenPGP, or a third party source that supports pgp key generation. The generated keys must be stored in Secrets Management to securely manage and reference the keys. To store your generated keys, go to Setup > Company > API Secrets to create a new secret key.
For more information about API Secrets in NetSuite, see Secrets Management.
If you are new to PGP, use the following resources to learn more:
-
RFC 4880 OpenPGP Message Format – Provides background information about the PGP standard.
-
GnuPG Manual – A reliable resource for practical information.
-
OpenPGP – Learn more about the pgp standards with documentation resources for developers.
Limitations of N/pgp
As you are working with the N/pgp module, consider the following limitations:
-
You cannot generate, modify, or inspect PGP keys using the N/pgp module. You must generate keys from a third party source that supports PGP key generation.
-
You cannot create a message without readable PGP software.
-
You are limited to strings.
-
You are limited to data that fits into memory.
In This Help Topic
N/pgp Module Members
Member Type |
Name |
Return Type / Value Type |
Supported Script Types |
Description |
---|---|---|---|---|
Object |
Object |
Server scripts |
General configuration options that can be used for message decryption. |
|
Object |
Server scripts |
Cryptographic keys and its metadata. |
||
Object |
Server scripts |
An octet scalar that identifies a subkey. |
||
Object |
Server scripts |
Processed PGP data. |
||
Object |
Server scripts |
Message data. |
||
Object |
Server scripts |
Verification results. |
||
Object |
Server scripts |
A verification result for a single signature. |
||
Method |
Server scripts |
Creates a new configuration object. |
||
Server scripts |
Creates new message data. |
|||
Server scripts |
Creates a certificate.Signer object for signing plain strings. |
|||
Server scripts |
Creates an empty verification object. |
|||
Server scripts |
Loads a key whose contents are stored securely in secret. |
|||
Server scripts |
Parses a PGP message. |
|||
Server scripts |
Parses an existing PGP key. |
|||
Enum |
Enum |
Server scripts |
Available compression algorithms. |
|
Enum |
Server scripts |
Literal data packet type. |
Config Object Members
Member Type |
Name |
Return Type / Value Type |
Supported Script Types |
Description |
---|---|---|---|---|
Property |
boolean |
Server scripts |
Enables decryption that is not secured with signing keys. |
|
boolean |
Server scripts |
Allows messages without integrity protection. |
||
boolean |
Server scripts |
Relaxed signature parsing for configuration objects. |
KeyId Object Members
Member Type |
Name |
Return Type / Value Type |
Supported Script Types |
Description |
---|---|---|---|---|
Method |
string |
Server scripts |
Returns a key ID as a hexadecimal string. |
Message Object Members
Member Type |
Name |
Return Type / Value Type |
Supported Script Types |
Description |
---|---|---|---|---|
Property |
boolean |
Server Scripts |
Message type that specifies how a message is processed. |
|
Method |
string |
Server scripts |
Converts a message to ASCII armored format. |
|
Server scripts |
Converts a message to message data without processing. Works only if the message is not encrypted. |
|||
Server scripts |
Decrypts a message and optionally verifies the signatures. |
MessageData Object Members
Member Type |
Name |
Return Type / Value Type |
Supported Script Types |
Description |
---|---|---|---|---|
Property |
string |
Server scripts |
The name of a file. |
|
Date |
Server scripts |
The date of a message or modification date of the file. |
||
Server scripts |
Literal data packet type. |
|||
Method |
string |
Server scripts |
Extracts the contents of a message as text. |
|
Server scripts |
Creates a message with no signature, compression, or encryption. |
|||
Server scripts |
Creates a message that is encrypted and optionally signed. |
Verification Object Members
Member Type |
Name |
Return Type / Value Type |
Supported Script Types |
Description |
---|---|---|---|---|
Property |
null | boolean |
Server scripts |
Indicates whether verification was successful. |
|
null | Array< |
Server scripts |
A list of individual verifications, one per signature. |
VerificationSignature Object Members
Member Type |
Name |
Return Type / Value Type |
Supported Script Types |
Description |
---|---|---|---|---|
Property |
Server Scripts |
ID of the (sub)key that was used for signing. |
||
Date |
Server Scripts |
Date when the message was signed. |
||
boolean |
Server scripts |
Indicates whether verification was successful for a signature. |
||
string[] |
Server scripts |
A list of problems for verification signatures. |