sop
| Crates.io | sop |
| lib.rs | sop |
| version | 0.8.0 |
| source | src |
| created_at | 2021-05-25 15:13:42.392443 |
| updated_at | 2024-11-04 16:20:54.882672 |
| description | Rust Interface for the Stateless OpenPGP Interface |
| homepage | https://sequoia-pgp.org/ |
| repository | https://gitlab.com/sequoia-pgp/sop-rs |
| max_upload_size | |
| id | 401885 |
| size | 120,017 |
Neal H. Walfield (nwalfield)
documentation
README
Rust Interface for the Stateless OpenPGP Interface
A set of types and traits formalizing the Stateless OpenPGP Protocol. Currently, SOP is only defined as a command line interface, but we are working on a C Interface. This interface is the Rust equivalent of the yet to be defined C API.
To use this as a consumer, you will need a concrete implementation of the interface, such as sequoia-sop.
Example use
Given a reference to a [SOP] implementation, which is the main
entry point for every SOP operation, generate keys, extract certs,
sign, verify, encrypt, and decrypt:
let alice_sec = sop.generate_key()?
.userid("Alice Lovelace <alice@openpgp.example>")
.generate()?;
let alice_pgp = sop.extract_cert()?
.keys(&alice_sec)?;
let bob_sec = sop.generate_key()?
.userid("Bob Babbage <bob@openpgp.example>")
.generate()?;
let bob_pgp = sop.extract_cert()?
.keys(&bob_sec)?;
let statement = b"Hello World :)";
let mut data = Cursor::new(&statement);
let (_micalg, signature) = sop.sign()?
.mode(ops::SignAs::Text)
.keys(&alice_sec)?
.data(&mut data)?;
let verifications = sop.verify()?
.certs(&alice_pgp)?
.signatures(&signature)?
.data(&mut Cursor::new(&statement))?;
assert_eq!(verifications.len(), 1);
let mut statement_cur = Cursor::new(&statement);
let (_session_key, ciphertext) = sop.encrypt()?
.sign_with_keys(&alice_sec)?
.with_certs(&bob_pgp)?
.plaintext(&mut statement_cur)?
.to_vec()?;
let mut ciphertext_cur = Cursor::new(&ciphertext);
let (_, plaintext) = sop.decrypt()?
.with_keys(&bob_sec)?
.ciphertext(&mut ciphertext_cur)?
.to_vec()?;
assert_eq!(&plaintext, statement);
The above snippet is the equivalent of the following SOP command line example from the SOP spec:
$ sop generate-key "Alice Lovelace <alice@openpgp.example>" > alice.sec
$ sop extract-cert < alice.sec > alice.pgp
$ sop sign --as=text alice.sec < statement.txt > statement.txt.asc
$ sop verify announcement.txt.asc alice.pgp < announcement.txt
$ sop encrypt --sign-with=alice.sec bob.pgp < msg.eml > encrypted.asc
$ sop decrypt alice.sec < ciphertext.asc > cleartext.out
Notes for SOP implementers
This section is for those who implement the interface using some OpenPGP implementation.
Command Line Interface
This crate contains an implementation of the Stateless OpenPGP Command
Line Interface in terms of the Rust types and traits. Once you
implemented the traits, you get the command line interface basically
for free by adding this snippet to your Cargo.toml:
[[bin]]
path = "src/main.rs"
required-features = ["cli"]
[[bin]]
path = "src/mainv.rs"
required-features = ["cliv"]
[features]
cli = ["sop/cli"]
cliv = ["sop/cliv"]
And creating src/main.rs and src/mainv.rs along the lines of:
fn main() {
sop::cli::main(&MySOPImplementation::default());
}
Note: If you don't need to tweak your implementation for the verification subset of SOP, you can also build both binaries from the same source.
Note for packagers: Since features in Rust are additive, building both
binaries in one cargo invocation (i.e. cargo build --features=cli,cliv) will enable the full SOP functionality in the
SOPV binary. To avoid that, build both targets individually.