sopv-gpgpv: an implementation of the verification-only subset of the Stateless OpenPGP CLI using gpgv as a backend
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Sun Jul 21 18:51:12 CEST 2024
Hey GnuPG folks--
I've written `sopv-gpgv`, which implements the verification-only subset
of the Stateless OpenPGP CLI, using gpgv as a backend.
If you're an implementer who needs a minimalist, verification-only
OpenPGP command-line tool, and you'd prefer to use a stable, normalized
interface while using the well-known g10 codebase, I hope you'll
consider this tool.
Here's the reference to the Stateless OpenPGP CLI, which defines the
`sopv` subset:
https://datatracker.ietf.org/doc/draft-dkg-openpgp-stateless-cli/
Here's `sopv-gpgv`:
https://gitlab.com/dkg/sopv-gpgv
The implementation is in python and has no dependencies outside the
stdlib.
The most relevant/subtle parts of it are probably the certificate
parsing (`sopv` accepts both armored and unarmored certificates, while
`gpgv` only accepts unarmored keyrings) and the parsing of `gpgv`'s
status output (in the function `status_to_verifs`).
I welcome review and critiques! Please don't hesitate to report bugs or
improvements.
All the best,
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 324 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20240721/e5581207/attachment.sig>
More information about the Gnupg-users
mailing list