2
7
Fork
You've already forked rpgpie
5
rpgpie is a higher-level OpenPGP library based on rPGP https://crates.io/crates/rpgpie
  • Rust 100%
Heiko Schaefer f35e239881
Some checks failed
ci/woodpecker/push/tests Pipeline was successful
ci/woodpecker/push/checks Pipeline was canceled
chore: release 0.11.0
2026年07月07日 19:42:02 +02:00
.woodpecker ci: test with features "cli" enabled 2025年10月03日 15:51:24 +02:00
LICENSES add license files 2024年02月26日 13:27:52 +01:00
src feat: handle sets of multiple certs in the rpgp CLI tool 2026年07月07日 18:36:44 +02:00
tests chore: port to rPGP 0.20 2026年07月01日 02:55:13 +02:00
.gitignore fix: add Cargo.lock to git 2025年07月06日 10:40:11 +02:00
Cargo.lock chore: release 0.11.0 2026年07月07日 19:42:02 +02:00
Cargo.toml chore: release 0.11.0 2026年07月07日 19:42:02 +02:00
README.md doc: update readme 2025年11月14日 10:13:21 +01:00
REUSE.toml test(merge): merge test cases based on keyserver updates 2025年06月22日 22:35:37 +02:00
rustfmt.toml chore: update rustfmt config, reformat 2025年11月15日 02:59:03 +01:00

rpgpie 🦀🔐🥧

An OpenPGP library based on rPGP. rpgpie is an experimental wrapping API that adds OpenPGP semantics handling on top of the rPGP library.

Central goals of rpgpie include simplicity , collaboration 🤝 and fun 🥳.

Objectives of rpgpie

More concretely, rpgpie currently has the following objectives:

Limitations and non-objectives

rpgpie does not currently process messages in an efficient, streaming manner. Messages that are too large to be conveniently processed in RAM can currently not be handled with rpgpie.

The rpgpie API currently limits itself to using certificates (also known as "OpenPGP public keys") and TSKs (also known as "OpenPGP secret/private keys") as they are. Updating or altering certificates or TSKs is currently out of scope.

Error handling is not currently well-elaborated.

API stability is not a focus in the current phase of development.

Technical Details

rpgpie implements some higher-order OpenPGP facilities:

  • Certificate-level:

    • OpenPGP semantics on the certificate level, to check for expiration or revocation of certificates on their components.
    • Enumerating component keys that are appropriate for specific purposes (such as creating data signatures, or encrypting messages).
    • "Merging" of the information in variants of one certificate.
  • Message-level:

    • Generate/validate data signatures,
    • Encrypt/decrypt messages.
    • Apply a policy for acceptable cryptographic mechanisms.

Warning, early-stage project!

rpgpie is in a relatively early stage of development. Use with caution!

In particular:

  • Its interface will undergo regular changes, as development continues (the API is also still decidedly incomplete).
  • OpenPGP semantics are notoriously underspecified. It's not (yet) fully clear what exact semantics a library like this needs to implement to achieve the best user-facing outcomes.
  • Some of the implemented business logic is not currently optimized for efficiency, and may be noticeably slower than it should be.