rsop #

rsop is a Stateless OpenPGP (SOP) CLI tool: https://crates.io/crates/rsop/

Like all SOP tools, rsop enables users to perform common OpenPGP operations with a common simple CLI interface.

For an introduction to SOP, see the “Learn” section of this site, which walks through a range of operations and how they can be performed with SOP tools.

Architectural layering of rsop #

rsop is a modular project. Its two main components are rPGP and rpgpie.

rPGP #

At the lowest level, rsop is based on the pure Rust rPGP library, which handles the OpenPGP format and cryptographic operations.

rPGP implements the current OpenPGP RFC 9580, which includes support for v6 OpenPGP keys and modern mechanisms such as AEAD-based encryption.

rPGP also offers very complete support for the currently still widespread “v4” generation of OpenPGP keys and the associated signature and message formats.

rpgpie #

While the OpenPGP RFC specifies formats and cryptographic mechanisms, it doesn’t specify the higher level semantics of OpenPGP (such as validity of certificates) in detail.

These “high level semantics” are a central part of a SOP tool, but they are not handled in rPGP.

Such concerns, as well as policy decisions about which cryptographic algorithms are acceptable for production and consumption, are handled in the separate https://codeberg.org/heiko/rpgpie layer.

Interoperability of SOP tools (and OpenPGP libraries) #

The OpenPGP space encompasses a wide range of implementations. Of these, most are tested for interoperability in a shared test suite:

OpenPGP interoperability test suite

The common denominator that allows this test suite to run a wide range of OpenPGP implementations and compare their behavior is the SOP standard. All entries in the test suite are exercised using the uniform SOP CLI interface.

rsop can be seen performing in that test suite, it is listed under “rpgpie” (the high-level semantics library that rsop is based on).