Lib.rs

Cryptography | Authenticationsequoia
#openpgp #database-interface #store-key #key-store #keyring #access-key

sequoia-cert-store

A certificate database interface

by Justus Winter. Co-owned by Neal H. Walfield.

14 unstable releases (5 breaking)

0.6.1 Sep 10, 2024
0.6.0 Jun 14, 2024
0.5.3 Apr 15, 2024
0.5.0 Feb 23, 2024
0.2.0 Mar 7, 2023

#403 in Cryptography

Download history 186/week @ 2024-08-02 471/week @ 2024-08-09 354/week @ 2024-08-16 414/week @ 2024-08-23 315/week @ 2024-08-30 332/week @ 2024-09-06 428/week @ 2024-09-13 369/week @ 2024-09-20 357/week @ 2024-09-27 431/week @ 2024-10-04 484/week @ 2024-10-11 496/week @ 2024-10-18 452/week @ 2024-10-25 437/week @ 2024-11-01 444/week @ 2024-11-08 1020/week @ 2024-11-15

2,422 downloads per month
Used in 11 crates (8 directly)

LGPL-2.0-or-later

410KB
8K SLoC

An OpenPGP certificate store abstraction and implementation.

This crates provides a unified, high-level API for different certificate stores via the Store and StoreUpdate traits. It also provides a number of helper functions and data structures, like UserIDIndex to help implement this functionality. Finally, the CertStore data structure combines multiple certificate backends in a transparent way to users.

This crate supports multiple backends: CertD uses an OpenPGP Certificate Directory. Certs manages a bunch of certificates in-memory. It can be loaded with certificates from a keyring, a keybox, a database, etc. It can also be used as the basis for a new backend, which actually writes changes back to the underlying store. Pep provides access to a pEp certificate store. Finally, there is a key server backend, which can fetch certificates via HKPS and WKD.

Usage

To use sequoia-cert-store from your project, you should add the following to your crate's Cargo.toml:

[dependencies]
sequoia-cert-store = "0.3"
sequoia-openpgp = { version = "1.0.0", default-features = false }

To compile your crate you would then run:

$ cargo build --release --features sequoia-openpgp/crypto-default
$ cargo test --features sequoia-openpgp/crypto-default
$ cargo doc --no-deps --features sequoia-openpgp/crypto-default

If you do not disable the use of sequoia-openpgp's default features, then sequoia-openpgp will select the default cryptographic backend, and your users won't be able to easily compile your crate with a different cryptographic backend.

sequoia-openpgp currently uses Nettle as its default cryptographic backend. sequoia-openpgp also supports OpenSSL (sequoia-openpgp/crypto-openssl), Botan (sequoia-openpgp/crypto-botan), Windows CNG (sequoia-openpgp/crypto-cng), Rust Crypto (sequoia-openpgp/crypto-rust). For more information about building sequoia-openpgp, please refer to sequoia-openpgp's README. This also includes information about the different backends' build requirements.

License

sequoia-cert-store is distributed under the terms of LGPL 2.0 or later.

See LICENSE.txt and CONTRIBUTING.md for details.

Dependencies

~36–53MB
~895K SLoC