Lib.rs

Cryptographysequoia
#openpgp #pgp #command-line #command-line-interface #sop #stateless-openpgp

bin+lib sequoia-sop

An implementation of the Stateless OpenPGP Interface using Sequoia

by Justus Winter. Co-owned by Neal H. Walfield.

25 releases (breaking)

0.35.0 Jul 11, 2024
0.33.0 May 17, 2024
0.32.0 Mar 20, 2024
0.31.0 Oct 27, 2023
0.18.0 Jul 31, 2020

#1485 in Cryptography

Download history 32/week @ 2024-03-31 10/week @ 2024-04-07 116/week @ 2024-05-12 38/week @ 2024-05-19 8/week @ 2024-05-26 147/week @ 2024-06-02 17/week @ 2024-06-09 2/week @ 2024-06-16 17/week @ 2024-06-30 99/week @ 2024-07-07 12/week @ 2024-07-14

128 downloads per month

GPL-2.0-or-later

79KB
2K SLoC

An implementation of the Stateless OpenPGP Interface using Sequoia.

This implements the Stateless OpenPGP Command Line Interface (SOP) using the Sequoia OpenPGP implementation. This crate implements the Rust SOP interface, as well as providing a command line frontend.

SOP implementations enjoy broad compatibility, see the OpenPGP interoperability test suite.

SOP cli primer

To build the cli frontend, enable the "cli" feature, e.g. using cargo build --features=cli or cargo install sequoia-sop --features=cli.

To build the cli frontend restricted to the verification subset of SOP, enable the "cliv" feature, e.g. using cargo build --features=cliv or cargo install sequoia-sop --features=cliv.

To demonstrate SOP, let's generate a key, and encrypt and decrypt a message:

$ sqop generate-key julia@example.org > julia.secret.pgp
$ sqop extract-cert < julia.secret.pgp > julia.public.pgp

First, we generate a key for julia@example.org. Next, we extract the certificate, i.e. the key without the secret key material.

$ echo "a message" | sqop encrypt julia.public.pgp > message.pgp
$ sqop decrypt julia.secret.pgp < message.pgp
a message

Here, we encrypt a message with Julia's certificate, and decrypt it with her key.

Selecting different crypto backends

Sequoia PGP supports a number of different crypto libraries. In order to select one for use with this crate, disable the default features and explicitly select a backend.

To select an alternate crypto backend when building the cli frontend, for example the OpenSSL backend, do:

$ cargo build --no-default-features --features cli,sequoia-openpgp/compression,sequoia-openpgp/crypto-openssl

Or to install it from crates.io:

$ cargo install sequoia-sop --no-default-features --features cli,sequoia-openpgp/compression,sequoia-openpgp/crypto-openssl

In order to use it from Rust, depend sequoia-openpgp and select a backend, like so:

[dependencies]
sop = { version = "*", default-features = false }
sequoia-openpgp = { version = "*", default-features = false, features = ["compression", "crypto-openssl"] }

Shell completions

By default shell completions are put into the cargo target directory, but the exact location is unpredictable. To write the assets to a predictable location, set the environment variable ASSET_OUT_DIR to a suitable location.

Dependencies

~12–23MB
~305K SLoC