voa-openpgp
| Crates.io | voa-openpgp |
| lib.rs | voa-openpgp |
| version | 0.1.1 |
| created_at | 2025-09-10 18:29:00.992361+00 |
| updated_at | 2025-09-24 16:17:51.54201+00 |
| description | A library for using OpenPGP verifiers in VOA |
| homepage | https://voa.archlinux.page |
| repository | https://gitlab.archlinux.org/archlinux/alpm/voa |
| max_upload_size | |
| id | 1832852 |
| size | 110,193 |
David Runge (dvzrv)
documentation
README
VOA-OpenPGP
A library for using OpenPGP verifiers in VOA.
Documentation
- https://voa.archlinux.page/rustdoc/voa_openpgp/ for development version of the crate
- https://docs.rs/voa-openpgp/latest/voa_openpgp/ for released versions of the crate
Examples
OpenPGP certificates can be written to their dedicated directory structures in a VOA hierarchy.
It is supported to import single binary or ASCII-armored files, as well as directory structures that contain a number of OpenPGP packet files which comprise an OpenPGP certificate when concatenated (this structured form is in use by the archlinux-keyring project).
use voa_core::VerifierWriter;
use voa_openpgp::OpenPgpImport;
# use pgp::{
# composed::{KeyType, SecretKeyParamsBuilder, SignedPublicKey, SubkeyParamsBuilder},
# ser::Serialize,
# types::Password,
# };
# use rand::thread_rng;
use tempfile::{NamedTempFile, tempdir};
#
# fn openpgp_cert() -> testresult::TestResult<SignedPublicKey> {
# let mut signkey = SubkeyParamsBuilder::default();
# signkey
# .key_type(KeyType::Ed25519Legacy)
# .can_sign(true)
# .can_encrypt(false)
# .can_authenticate(false);
# let mut key_params = SecretKeyParamsBuilder::default();
# key_params
# .key_type(KeyType::Ed25519Legacy)
# .can_certify(true)
# .can_sign(false)
# .can_encrypt(false)
# .primary_user_id("John Doe <jdoe@example.org>".to_string())
# .subkeys(vec![signkey.build()?]);
#
# let secret_key_params = key_params.build()?;
# let secret_key = secret_key_params.generate(thread_rng())?;
#
# // Produce binding self-signatures that link all the components together
# let signed = secret_key.sign(&mut thread_rng(), &Password::from(""))?;
#
# let pubkey = SignedPublicKey::from(signed);
# Ok(pubkey)
# }
# fn main() -> testresult::TestResult {
// Write a generic OpenPGP certificate to a temporary file.
let mut temp_file = NamedTempFile::new()?;
openpgp_cert()?.to_writer(&mut temp_file)?;
let input_path = temp_file.path();
// Import the OpenPGP certificate.
let import = OpenPgpImport::from_file(input_path)?;
// Prepare a temporary output directory.
let temp_dir = tempdir()?;
let output_dir = temp_dir.path();
// Write the OpenPGP verifier to a VOA hierarchy in the temporary output directory.
//
// There, the verifier is written to the configured directory, e.g.
// `os/purpose/context/openpgp/f1d2d2f924e986ac86fdf7b36c94bcdf32beec15.openpgp`
import.write_to_hierarchy(
output_dir,
"os".parse()?,
"purpose".parse()?,
Some("context".parse()?),
)?;
assert!(
output_dir
.join("os")
.join("purpose")
.join("context")
.join("openpgp")
.join(import.file_name())
.exists()
);
# Ok(())
# }
Contributing
Please refer to the contribution guidelines to learn how to contribute to this project.
License
This project can be used under the terms of the Apache-2.0 or MIT. Contributions to this project, unless noted otherwise, are automatically licensed under the terms of both of those licenses.