Lib.rs

Cryptographysequoia
#config-file #openpgp #sequoia #policy #reading #standard-policy

bin+lib sequoia-policy-config

Configure Sequoia using a configuration file

by Neal H. Walfield. Co-owned by Justus Winter.

6 releases (breaking)

0.6.0 Mar 6, 2023
0.5.0 Nov 23, 2022
0.4.0 Nov 8, 2022
0.3.0 Oct 28, 2022
0.1.0 Oct 24, 2022

#2137 in Cryptography

Download history 54/week @ 2023-12-21 66/week @ 2023-12-28 277/week @ 2024-01-04 207/week @ 2024-01-11 252/week @ 2024-01-18 97/week @ 2024-01-25 94/week @ 2024-02-01 435/week @ 2024-02-08 628/week @ 2024-02-15 405/week @ 2024-02-22 500/week @ 2024-02-29 203/week @ 2024-03-07 236/week @ 2024-03-14 188/week @ 2024-03-21 166/week @ 2024-03-28 206/week @ 2024-04-04

838 downloads per month
Used in 6 crates (5 directly)

LGPL-2.0-or-later

76KB
1.5K SLoC

A library for reading the configuration of Sequoia's StandardPolicy from a configuration file.

Sequoia's StandardPolicy can be configured using Rust. As with most things, Sequoia's low-level library avoids imposing a policy on users of the library, like where a configuration file should be or even what format it should have. When necessary, it is up to the application to provide an interface, and to configure the policy appropriately.

This library provides a high-level interface that parses a configuration file, and returns a configured StandardPolicy.

See the crate's documentation for a description of the file format.

Quick Start

To add sequoia-policy-config to your crate add the following your crate:

[dependencies]
sequoia-openpgp = { version = "1" }
sequoia-policy-config = { version = "0.6" }

This will use sequoia-openpgp's default cryptographic backend, which is currently Nettle.

To select a different cryptographic backend, such as OpenSSL, you can then do:

cargo build --release --no-default-features --features sequoia-openpgp/crypto-openssl

To use sequoia-policy-config in your crate, it is usually enough to replace the use of StandardPolicy::new with the following::

use sequoia_policy_config::ConfiguredStandardPolicy;

fn main() -> openpgp::Result<()> {
    let mut p = ConfiguredStandardPolicy::new();
    p.from_bytes(b"[hash_algorithms]
        sha1.collision_resistance = \"never\"")?;
    let p = &p.build();

    // ...
    Ok(())
}

Building

This crate is purely a library, so it is not usually built directly. If you do build it (e.g., because you are modifying it), you'll need to select a cryptographic backend. See sequoia-openpgp's README for details.

The short version is:

# Use the Nettle backend:
$ cargo build --release --features sequoia-openpgp/crypto-nettle
$ cargo test --release --features sequoia-openpgp/crypto-nettle

# Use the OpenSSL backend:
$ cargo build --release --features sequoia-openpgp/crypto-openssl
$ cargo test --release --features sequoia-openpgp/crypto-openssl

Dependencies

~11–21MB
~266K SLoC