Lib.rs

Cryptography
#encryption #openpgp #gpg #email

pgp

OpenPGP implementation in Rust

by Friedel Ziegelmayer and 30 contributors

27 releases

0.12.0-alpha.2 Apr 7, 2024
0.12.0-alpha.1 Mar 17, 2024
0.11.0 Feb 21, 2024
0.10.2 Jul 24, 2023
0.1.0 Sep 16, 2017

#61 in Cryptography

Download history 3872/week @ 2024-01-05 4455/week @ 2024-01-12 4687/week @ 2024-01-19 4748/week @ 2024-01-26 5415/week @ 2024-02-02 5799/week @ 2024-02-09 5029/week @ 2024-02-16 5059/week @ 2024-02-23 8604/week @ 2024-03-01 7758/week @ 2024-03-08 6552/week @ 2024-03-15 5216/week @ 2024-03-22 6165/week @ 2024-03-29 5579/week @ 2024-04-05 5697/week @ 2024-04-12 4679/week @ 2024-04-19

22,844 downloads per month
Used in 46 crates (25 directly)

MIT/Apache

1.5MB
15K SLoC

rPGP

crates.io Documentation Build Status minimum rustc 1.70 dependency status License

OpenPGP implemented in pure Rust, permissively licensed

rPGP is the only pure Rust implementation of OpenPGP, following RFC4880 and RFC2440. It offers a minimal low-level API and does not prescribe trust schemes or key management policies. It fully supports all functionality required by the Autocrypt 1.1 e-mail encryption specification.

rPGP is regularly published as the pgp Crate and its RSA implementation lives under the collective RustCrypto umbrella. For ECC crypto support we are using Curve25519-dalek.

Please note that the API is not well documented yet. You may check out the tests which exercise the API. Please open issues here if if you are attempting to use rPGP and need help.

Status (Last updated: October 2019)

rPGP and its RSA dependency got an independent security audit mid 2019, see here for the full report from IncludeSecurity. No critical flaws were found and we have fixed most high, medium and low risk ones.

rPGP is used in production by Delta Chat, the e-mail based messenger app suite, successfully running on Windows, Linux, macOS, Android and iOS in 32bit (only Windows and Android) and 64 bit builds (for the other platforms).

More details on platform and OpenPGP implementation status:

Experimental WASM Support

When enabeling the wasm feature, rpgp can be compiled to run using WASM in Node.js and the supported Browsers. Experimental bindings for this can be found in rpgp/rpgp-js.

Developement

To run the stress tests,

> git submodule update --init --recursive
> cargo test --release -- --ignored

To enable debugging, add

use pretty_env_logger;
let _ = pretty_env_logger::try_init();

And then run tests with RUST_LOG=pgp=info.

How is rPGP different from Sequoia?

Some key differences:

  • rPGP has a more permissive license than Sequoia, which allows a broader usage

  • rPGP is a library with a well-defined, relatively small feature-set where Sequoia also tries to be a replacement for the GPG command line tool

  • All crypto used in rPGP is implemented in pure Rust, whereas Sequoia by default uses Nettle, which is implemented in C.

Minimum Supported Rust Version (MSRV)

All crates in this repository support Rust 1.70 or higher. In future minimally supported version of Rust can be changed, but it will be done with a minor version bump.

LICENSE

MIT or Apache 2.0

Contribution

Unless you explicitly state otherwise, any contribution submitted for inclusion in rPGP by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.

Dependencies

~14–22MB
~315K SLoC