Skip to content

Fork from rpgp/rpgp for PQ integration

License

Unknown and 2 other licenses found

Licenses found

Unknown
LICENSE.md
Apache-2.0
LICENSE-APACHE
MIT
LICENSE-MIT
Notifications You must be signed in to change notification settings

ait-crypto/qkd4gov-rpgp

rPGP with post-quantum secure schemes

This repository provides rPGP integrated with some post-quantum schemes from the NIST PQC competition. The implementations of post-quantum signature and public-key encryption schemes are provided by various crates.

The modification were authored by Sebastian Ramacher from AIT Austrian Institute of Technology and are licensed under the same license as rPGP.

This work was funded by the Austrian security research programme of the Federal Ministry of Finance (BMF) as part of the project QKD4Gov.

The original README follows.

rPGP

crates.io Documentation Build Status minimum rustc 1.57 dependency status License

OpenPGP implemented in pure Rust, permissively licensed

rPGP is the only full Rust implementation of OpenPGP, following RFC4880 and RFC2440. It offers a minimal low-level API and does not prescribe trust schemes or key management policies. It fully supports all functionality required by the Autocrypt 1.1 e-mail encryption specification.

rPGP is regularly published as the pgp Crate and its RSA implementation lives under the collective RustCrypto umbrella. For ECC crypto support we are using Curve25519-dalek.

Please note that the API is not well documented yet. You may check out the tests which exercise the API. Please open issues here if if you are attempting to use rPGP and need help.

Status (Last updated: October 2019)

rPGP and its RSA dependency got a first independent security review mid 2019. No critical flaws were found. We have fixed and are fixing some high, medium and low risk ones. We will soon publish the full review report. Further independent security reviews are upcoming.

rPGP is used in production by Delta Chat, the e-mail based messenger app suite, successfully running on Windows, Linux, macOS, Android and iOS in 32bit (only Windows and Android) and 64 bit builds (for the other platforms).

More details on platform and OpenPGP implementation status:

Experimental WASM Support

When enabeling the wasm feature, rpgp can be compiled to run using WASM in Node.js and the supported Browsers. Experimental bindings for this can be found in rpgp/rpgp-js.

Developement

To run the stress tests,

> git submodule update --init --recursive
> cargo test --release -- --ignored

To enable debugging, add

use pretty_env_logger;
let _ = pretty_env_logger::try_init();

And then run tests with RUST_LOG=pgp=info.

How is rPGP different from Sequoia?

Some key differences:

  • rPGP has a more libre license than Sequoia, which allows a broader usage

  • rPGP is a library with a well-defined, relatively small feature-set where Sequoia also tries to be a replacement for the GPG command line tool

  • All crypto used in rPGP is implemented in pure Rust, whereas sequoia uses Nettle, which is implemented in C.

Minimum Supported Rust Version (MSRV)

All crates in this repository support Rust 1.57 or higher. In future minimally supported version of Rust can be changed, but it will be done with a minor version bump.

LICENSE

MIT or Apache 2.0

Contribution

Unless you explicitly state otherwise, any contribution submitted for inclusion in rPGP by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.

About

Fork from rpgp/rpgp for PQ integration

Resources

License

Unknown and 2 other licenses found

Licenses found

Unknown
LICENSE.md
Apache-2.0
LICENSE-APACHE
MIT
LICENSE-MIT

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages