Lib.rs

Cryptographysequoia-keystore
#encryption-key #pgp

sequoia-keystore-softkeys

A soft key (in-memory key) backend for Sequoia's private key store

by Neal H. Walfield. Co-owned by Justus Winter.

10 releases (breaking)

0.8.0-pqc.1 Nov 13, 2025
0.7.0 Mar 7, 2025
0.6.0 Aug 27, 2024
0.5.0 Jun 4, 2024
0.3.0 Mar 24, 2024

#2731 in Cryptography

Download history 177/week @ 2025-10-12 203/week @ 2025-10-19 282/week @ 2025-10-26 207/week @ 2025-11-02 261/week @ 2025-11-09 118/week @ 2025-11-16 194/week @ 2025-11-23 213/week @ 2025-11-30 108/week @ 2025-12-07 153/week @ 2025-12-14 62/week @ 2025-12-21 43/week @ 2025-12-28 133/week @ 2026-01-04 266/week @ 2026-01-11 362/week @ 2026-01-18 186/week @ 2026-01-25

953 downloads per month
Used in 3 crates (via sequoia-keystore)

LGPL-2.0-or-later

55KB
1K SLoC

A soft key (in-memory key) backend for Sequoia's private key store.

The sequoia-keystore crate implements a server that manages secret key material. Secret key material can be stored in files, on hardware devices like smartcards, or accessed via the network. sequoia-keystore doesn't implement these access methods. This is taken care of by various backends.

This crate includes a backend that provides access to secret key material stored in files. These are called soft keys in contrast to keys managed by a separate piece of hardware.

If the keystore is configured to use ~/.local/share/sequoia as its data directory, then the soft key backend uses ~/.local/share/sequoia/keystore/softkeys. Specifically, it iterates over the files in that directory, and looks for binary encoded or ASCII-armor encoded OpenPGP Transferable Secret Keys in files ending with .pgp or .asc; other files are silently ignored.

$ ls .local/share/sequoia/keystore/softkeys/
1234.pgp  1234.pgp.rev  alice.pgp  alice.pgp.rev  F44B66C85C9B7B02AF2D52FDEFF613897AD9CE21.pgp

Dependencies

~16–34MB
~461K SLoC