MIT gpg(v) library for Rust
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
examples
src
tests
.gitignore
.travis.yml
Cargo.toml
LICENSE.MIT
README.md
gpgrv.jpg

README.md

gpgrv

An RV.

gpgrv is a Rust library for verifying some types of GPG signatures.

If you want a fully featured, supported, C-backed library you should probably be using gpgme.

Supports

  • Verifying signatures:
    • RSA
    • SHA1 and SHA2 (SHA-256, SHA-512).
  • Loading old-style keyrings (i.e. not keybox files)

Advantages

  • Entirely safe Rust, no native code. Easy to build and portable.
  • MIT (or Apache2, or whatever!) licensed, not LGPL.
  • Simple, Rust-style API on streams (Read/Write).

Disadvantages

  • A tiny amount of custom, low-risk crypto code. However, any crypto code can be wrong.
  • Limited, but growing, support for key and data formats.
  • (Intentionally) not constant time: Cannot be used for certain crypto applications. This is less important for signature verification with public keys.

License

Licensed under either of

  • Apache License, Version 2.0
  • MIT license

at your option.

Contribution

Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.