#openpgp #pgp #command-line #command-line-interface #sop #stateless-openpgp

bin+lib sequoia-sop

An implementation of the Stateless OpenPGP Interface using Sequoia

26 releases (breaking)

0.36.0 Nov 4, 2024
0.35.0 Jul 11, 2024
0.34.0 Jun 3, 2024
0.32.0 Mar 20, 2024
0.18.0 Jul 31, 2020

#1561 in Cryptography

Download history 12/week @ 2024-09-10 10/week @ 2024-09-17 8/week @ 2024-09-24 23/week @ 2024-10-01 66/week @ 2024-10-29 81/week @ 2024-11-05 10/week @ 2024-11-12 6/week @ 2024-11-19

163 downloads per month

GPL-2.0-or-later

96KB
2.5K SLoC

An implementation of the Stateless OpenPGP Interface using Sequoia.

This implements the Stateless OpenPGP Command Line Interface (SOP) using the Sequoia OpenPGP implementation. This crate implements the Rust SOP interface, as well as providing a command line frontend.

SOP implementations enjoy broad compatibility, see the OpenPGP interoperability test suite.

SOP cli primer

To build the cli frontend, enable the "cli" feature, e.g. using cargo build --features=cli or cargo install sequoia-sop --features=cli.

To build the cli frontend restricted to the verification subset of SOP, enable the "cliv" feature, e.g. using cargo build --features=cliv or cargo install sequoia-sop --features=cliv.

To demonstrate SOP, let's generate a key, and encrypt and decrypt a message:

$ sqop generate-key julia@example.org > julia.secret.pgp
$ sqop extract-cert < julia.secret.pgp > julia.public.pgp

First, we generate a key for julia@example.org. Next, we extract the certificate, i.e. the key without the secret key material.

$ echo "a message" | sqop encrypt julia.public.pgp > message.pgp
$ sqop decrypt julia.secret.pgp < message.pgp
a message

Here, we encrypt a message with Julia's certificate, and decrypt it with her key.

Selecting different crypto backends

Sequoia PGP supports a number of different crypto libraries. In order to select one for use with this crate, disable the default features and explicitly select a backend.

To select an alternate crypto backend when building the cli frontend, for example the OpenSSL backend, do:

$ cargo build --no-default-features --features cli,sequoia-openpgp/compression,sequoia-openpgp/crypto-openssl

Or to install it from crates.io:

$ cargo install sequoia-sop --no-default-features --features cli,sequoia-openpgp/compression,sequoia-openpgp/crypto-openssl

In order to use it from Rust, depend sequoia-openpgp and select a backend, like so:

[dependencies]
sop = { version = "*", default-features = false }
sequoia-openpgp = { version = "*", default-features = false, features = ["compression", "crypto-openssl"] }

Shell completions

By default shell completions are put into the cargo target directory, but the exact location is unpredictable. To write the assets to a predictable location, set the environment variable ASSET_OUT_DIR to a suitable location.

Dependencies

~50MB
~830K SLoC