Issue with error concatUint8Array: Data must be in the form of a Uint8Array using OpenPGP

[CyberClarence]

Hello,

First of all, thank you for your amazing work on OpenPGP! I'm currently developing an app that integrates OpenPGP, but I encountered an issue that I haven't been able to resolve.

Issue

I'm getting the following error when trying to parse an armored public key string:

concatUint8Array: Data must be in the form of a Uint8Array

Context

In a Next.js server action, I attempt to read a public key like this:

"use server";

import * as openpgp from "openpgp";
// and i also tried with
import * as openpgp from "openpgp/lightweight";

// ... some code
const userPublicKey = await openpgp.readKey({
  armoredKey: publicKeyString, // Confirmed to be a valid string
});
// ... some code

Despite ensuring that publicKeyString is a valid armored key string, the error persists.

What I've Tried

I have tested this across multiple configurations, including:

• Next.js versions: 14 and 15 (with TypeScript)
• Runtimes: Bun (1.1.26), Node.js (v22.12.0)
• OpenPGP versions: 5 and 6
• Bundlers: Webpack and Turbopack
• Runtimes: Edge and the vanilla Next.js runtime
  None of these changes resolved the issue.

Investigation

From stack tracing, the error originates from:

node_modules/@openpgp/web-stream-tools/lib/util.js line 50

function isUint8Array(input) {
  return Uint8Array.prototype.isPrototypeOf(input);
}

It seems that something in my environment is affecting this function’s behavior, but I’m unsure what could be causing it.

Request

Could you provide any insights into what might be causing this issue? Is there a potential workaround or fix?

Any help would be greatly appreciated !

Best regards
Clarence

[twiss]

This sounds a bit similar to #23; you could try whether one of the solutions listed there fixes the issue?
If there are multiple environments with an issue like that, we might also want to consider merging that PR or something like it, after all..

[CyberClarence]

Hello,

I finally managed to resolved this issue yesterday
To deploy a quick fix for my project I forked this repo and republished my diff under @cyberclarence/web-stream-tools
and published @cyberclarence/openpgp to use it as a depency

isUint8Array code is incorrect and trigger a false negative depending on the environment

I will do a pull request when i have time next week

Thank you for your time
Clarence

[larabr]

I have bumped into the same error when testing with Jest & JSDom, and the solution there was to overwrite the globals in the JSDOM environment. I assume Next.js could be affected in a similar way.

I think there could be a risk in accepting/mixing different TypedArray implementations; use-cases seem quite varied, looking at the Firefox case in the issue Daniel linked, versus the case for JSDom, Next.js & co. that try and simulate a different env.
And I am not sure about accommodating for the latter case tbh. The reason is that I'd expect the problem to be addressable in their configs, and I am worried that changing the Uint8Array check could cause side-effects, and our CI testing won't really help assess the consequences in the different contexts, since we only target browsers and vanilla Node.js .