gpgrv is a Rust library for verifying some types of GPG signatures.
If you want a fully featured, supported,
C-backed library you should probably
- Verifying signatures:
- Loading old-style keyrings (i.e. not keybox files)
- Entirely safe Rust, no native code. Easy to build and portable.
- MIT (or Apache2, or whatever!) licensed, not LGPL.
- Simple, Rust-style API on streams (
- A tiny amount of custom, low-risk crypto code. However, any crypto code can be wrong.
- Limited, but growing, support for key and data formats.
- (Intentionally) not constant time: Cannot be used for certain crypto applications. This is less important for signature verification with public keys.
Licensed under either of
- Apache License, Version 2.0
- MIT license
at your option.
Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.