#openpgp #pgp #sequoia

openpgp-ca-lib

OpenPGP CA is a tool for managing and certifying OpenPGP keys

11 releases

0.14.0 Jul 10, 2024
0.13.1 Jan 27, 2024
0.13.0 Aug 18, 2023
0.13.0-alpha.1 Apr 23, 2023
0.10.1 May 7, 2021

#2406 in Cryptography


Used in 2 crates

GPL-3.0-or-later

220KB
4.5K SLoC

OpenPGP CA functionality as a library

Example usage:

// all state of an OpenPGP CA instance is persisted in one SQLite database
let db_filename = "/tmp/openpgp-ca.sqlite";

// Set up a new, uninitialized OpenPGP CA database
// (implicitly creates the database file).
let ca_uninit = Uninit::new(Some(db_filename)).expect("Failed to set up CA");

// Initialize the CA, create the CA key (with domain name and descriptive name)
let ca = ca_uninit
    .init_softkey("example.org", Some("Example Org OpenPGP CA Key"), None)
    .unwrap();

// Create a new user, certified by the CA, and a trust signature by the user
// key on the CA key.
//
// The new private key for the user is printed to stdout and needs to be manually
// processed from there.
ca.user_new(
    Some(&"Alice"),
    &["alice@example.org"],
    None,
    false,
    None,
    false,
    None,
    true,
    true,
    false,
)
.unwrap();

Dependencies

~66MB
~1M SLoC