{"id":50834057,"url":"https://github.com/kyleplo/openpgp-mime","last_synced_at":"2026-06-14T02:08:45.493Z","repository":{"id":362178892,"uuid":"1256274936","full_name":"kyleplo/openpgp-mime","owner":"kyleplo","description":"Email parsing library based upon postal-mime but with added support for PGP encrypted and signed emails as specified in RFC 3156","archived":false,"fork":false,"pushed_at":"2026-06-03T01:45:11.000Z","size":45,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-06-03T03:21:58.323Z","etag":null,"topics":["email","mime","openpgp","openpgpjs","postal-mime"],"latest_commit_sha":null,"homepage":"https://www.npmjs.com/package/openpgp-mime","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/kyleplo.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-06-01T16:13:03.000Z","updated_at":"2026-06-03T01:45:15.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/kyleplo/openpgp-mime","commit_stats":null,"previous_names":["kyleplo/openpgp-mime"],"tags_count":null,"template":false,"template_full_name":null,"purl":"pkg:github/kyleplo/openpgp-mime","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kyleplo%2Fopenpgp-mime","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kyleplo%2Fopenpgp-mime/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kyleplo%2Fopenpgp-mime/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kyleplo%2Fopenpgp-mime/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/kyleplo","download_url":"https://codeload.github.com/kyleplo/openpgp-mime/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kyleplo%2Fopenpgp-mime/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34306781,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-14T02:00:07.365Z","response_time":62,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["email","mime","openpgp","openpgpjs","postal-mime"],"created_at":"2026-06-14T02:08:45.089Z","updated_at":"2026-06-14T02:08:45.480Z","avatar_url":"https://github.com/kyleplo.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# openpgp-mime\n\n**openpgp-mime** is an email parsing library based upon [postal-mime](https://www.npmjs.com/package/postal-mime) but with added support for PGP encrypted and signed emails as specified in [RFC 3156](https://www.rfc-editor.org/info/rfc3156/) using [OpenPGP.js](https://www.npmjs.com/package/openpgp). The library's semantics are very similar to those of postal-mime with a few additions for PGP functionality.\n\n## Features\n\n- Environment independent - works in Node.js, browser, web workers, serverless environments, etc.\n- TypeScript support\n- Comprehensive dependencies - only postal-mime and OpenPGP.js\n- Handles complex MIME structures combined with encryption and signing, including nested encryption/signatures and partially encrypted/signed messages\n- Can be used to sign/apply encryption to unsigned/unencrypted MIME messages\n\n## Installation\nAvailable on NPM as `openpgp-mime`\n\n```bash\nnpm install openpgp-mime\n```\n\n## Usage\n\nYou should be familiar with the basics of OpenPGP.js so that you can import the appropriate keys\n\nParse a PGP encrypted email\n```js\nimport OpenPGPMime from \"openpgp-mime\"; // may vary depending on environment\n\nconst eml = `Mime-Version: 1.0\nContent-Type: text/plain\n\n-----BEGIN PGP MESSAGE-----\n...\n-----END PGP MESSAGE-----`;\nconst email = await OpenPGPMime.parse(eml, {\n    decryptOptions: {\n        decryptionKeys: ...,\n        verificationKeys: ...\n    }\n});\n```\n\nAccess content of encrypted email (see [postal-mime documentation](https://www.npmjs.com/package/postal-mime#api) for full email structure)\n```js\nconsole.log(email.text) // decrypted text content\nconsole.log(email.html) // decrypted HTML content\n\nemail.attachments.forEach(attachment =\u003e {\n    console.log(attachment.content) // decrypted attachment content\n})\n```\n\nParse a PGP signed email\n```js\nimport OpenPGPMime from \"openpgp-mime\"; // may vary depending on environment\n\nconst eml = `Mime-Version: 1.0\nContent-Type: multipart/signed; boundary=foo; micalg=pgp-sha512;\n  protocol=\"application/pgp-signature\"\n\n--foo\nContent-Type: text/plain\n\nhello world\n--foo\nContent-Type: application/pgp-signature\n\n-----BEGIN PGP SIGNATURE-----\n...\n-----END PGP SIGNATURE-----`;\nconst email = await OpenPGPMime.parse(eml, {\n    verifyOptions: {\n        verificationKeys: ...\n    }\n});\n```\n\nCheck signatures for entire email\n```js\nemail.signatures.forEach(signature =\u003e {\n    console.log(await signature.verified) // whether signature verification succeeded\n})\n```\n\nCheck signatures for individual attachments\n```js\nemail.attachments.forEach(attachment =\u003e {\n    attachment.signatures.forEach(signature =\u003e {\n        console.log(await signature.verified) // whether signature verification succeeded\n    })\n})\n```\nIf you need to check the signature for an individual inline text node, use the `inlineTextAsAttachments` option.\n\nParse email containing shared public key\n```js\nimport OpenPGPMime from \"openpgp-mime\"; // may vary depending on environment\n\nconst eml = `Mime-Version: 1.0\nContent-Type: application/pgp-keys\n\n-----BEGIN PGP PUBLIC KEY BLOCK-----\n...\n-----END PGP PUBLIC KEY BLOCK-----`;\nconst email = await OpenPGPMime.parse(eml);\n\nconsole.log(email.attachment[0].key) // PublicKey object\n```\n\nDynamically select matching key by ID\n```js\nconst email = await OpenPGPMime.parse(eml, {\n    // getVerificationKey works the same but for verification keys\n    async getDecryptionKey (keyIds) {\n        for (const keyId of keyIds) {\n            const key = await searchForKey(keyId.toHex()) // case-specific function for accessing keystore\n            if (key) {\n                return key;\n            }\n        }\n    }\n});\n```\n\nWhen parsing arbitrary emails, wrap processing in a `try ... catch` block to catch parsing errors caused by incorrectly formatted emails\n\nSign and encrypt an email\n```js\nimport OpenPGPMime from \"openpgp-mime\";\n\nconst eml = `Mime-Version: 1.0\nContent-Type: text/plain\n\nhello world`;\nconst encryptedEml = await OpenPGPMime.apply(eml, {\n    encryptOptions: {\n        encryptionKeys: ...,\n        signingKeys: ...\n    }\n});\n```\n\nThis assumes that the inputted email is valid. When processing arbitrary emails, validate the email first. This will also invalidate any ARC signatures on the message, they should be applied after signing/encrypting.\n\n## Options\nThese are in addition to the [postal-mime options](https://www.npmjs.com/package/postal-mime#api). All options default to undefined/false.\n\n- `decryptOptions` - decryption options object to be passed to the call to `decrypt` in OpenPGP.js, mainly useful for setting `decryptionKeys` and `verificationKeys`\n- `verifyOptions` - verification options object to be passed to the call to `verify` in OpenPGP.js, mainly useful for setting `verificationKeys`\n- `encryptOptions` - encryption options to be passed to the call to `encrypt` in OpenPGP.js, mainly useful for setting `encryptionKeys` and `signingKeys`\n- `signOptions` - encryption options to be passed to the call to `sign` in OpenPGP.js, mainly useful for setting `signingKeys`\n- `keepPgpAttachments` - whether to preserve attachments containing PGP metadata (`application/pgp-encrypted` and `application/pgp-signature`)\n- `preventUnencapsulatedMessages` - whether to disallow PGP encrypted messages that are not wrapped in a `multipart/encrypted` MIME node\n- `inlineTextAsAttachments` - whether to return inline text nodes (`text/plain` or `text/html`) as attachments, allowing their individual signatures to be enumerated\n- `getDecryptionKey` - function for dynamically selecting a verification key from a given key ID\n    - Takes one argument, an array of `KeyID` objects\n    - Must return a `PrivateKey` object or `undefined` if no matching key could be found\n    - Can be an asynchronous function and return a `Promise` for one of those\n- `getVerificationKey` - function for dynamically selecting a decryption key from a given key ID \n    - Works the same as `getDecryptionKey` except that the function should return a `PublicKey` object","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkyleplo%2Fopenpgp-mime","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fkyleplo%2Fopenpgp-mime","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkyleplo%2Fopenpgp-mime/lists"}