rpgpie

Crates.iorpgpie
lib.rsrpgpie
version
sourcesrc
created_at2024-02-26 13:04:29.923891
updated_at2024-11-29 19:17:09.124534
descriptionExperimental high level API for rPGP
homepage
repositoryhttps://codeberg.org/heiko/rpgpie
max_upload_size
id1153623
Cargo.toml error:TOML parse error at line 18, column 1 | 18 | autolib = false | ^^^^^^^ unknown field `autolib`, expected one of `name`, `version`, `edition`, `authors`, `description`, `readme`, `license`, `repository`, `homepage`, `documentation`, `build`, `resolver`, `links`, `default-run`, `default_dash_run`, `rust-version`, `rust_dash_version`, `rust_version`, `license-file`, `license_dash_file`, `license_file`, `licenseFile`, `license_capital_file`, `forced-target`, `forced_dash_target`, `autobins`, `autotests`, `autoexamples`, `autobenches`, `publish`, `metadata`, `keywords`, `categories`, `exclude`, `include`
size0
Heiko Schaefer (hko-s)

documentation

README

rpgpie 🦀️🔐🥧

A higher-level OpenPGP API based on rPGP.

rpgpie is an experimental wrapping API on top of the rPGP library.

Main goals of rpgpie include simplicity, collaboration and fun 🥳.

Objectives of rpgpie

More concretely, rpgpie currently has the following objectives:

  • Expose an API to implement stateless OpenPGP (SOP) functionality (see rsop).
  • Experiment with applying the terminology and conceptual framing of the "OpenPGP for application developers" documentation.
  • Experiment with high level API design for OpenPGP.
  • Add a basic policy to rPGP (e.g. to limit accepted algorithms).

Limitations and non-objectives

rpgpie does not currently process messages in an efficient, streaming manner. Messages that are too large to be conveniently processed in RAM can currently not be handled with rpgpie.

The rpgpie API currently limits itself to using certificates (also known as "OpenPGP public keys") and TSKs (also known as "OpenPGP secret/private keys") as they are. Updating or altering certificates or TSKs is currently out of scope.

For the current phase of exploration, proper error handling is not a goal of rpgpie. The code may panic in all kinds of circumstances.

API stability is not a goal in the current phase of development.

Technical Details

Rpgpie implements some higher-order OpenPGP facilities:

  • Certificate-level:

    • A policy on cryptographic primitives (to reject use of weak algorithms).
    • Asserting validity of individual OpenPGP signature packets.
    • Evaluating stacks of OpenPGP signatures (which make statements about the same component) over time.
    • OpenPGP semantics guarantees on the certificate level (evaluating self-signature graphs).
  • Message-level:

    • Generate/validate data signatures,
    • Encrypt/decrypt data.
    • Apply a policy for acceptable cryptographic mechanisms.

Warning, early-stage project!

The code in this project is NOT currently intended for production use.

Commit count: 0

cargo fmt