rPGP

OpenPGP implemented in pure Rust, permissively licensed

rPGP boosted:
2025-05-29

our friends over at @rpgp just published a monster milestone, humbly tagged 0.16 😍 with

- streaming decryption and encryption

- post-quantum-cryptography

- API streamlining.

#rPGP is a full Rust implementation of #openpgp which counts among the fastest and most compliant implementations today, and includes security audits. Note: #deltachat uses a restricted subset of OpenPGP, and follows best practices (eg using the same ed25519 keys implementation as #signal) github.com/rpgp/rpgp/

rPGPrpgp
2025-05-29

New release: version 0.16.0 🧰🔐✨

github.com/rpgp/rpgp/releases/

implemented in pure , permissively licensed

This release features streaming message support: Now rPGP can process arbitrarily large messages, with modest memory requirements.

It adds experimental support for the upcoming OpenPGP IETF standard datatracker.ietf.org/doc/html/

This release also brings various improvements for key generation, support for X448/Ed448, and many minor fixes.

rPGP boosted:
2025-02-07

Six times so far ... is how often important parts of #deltachat were independently #security audited and analyzed. Thanks to IncludeSecurity, Cure53, Applied Crypto Team at ETH Zuerich and Radical Open Security.

Last audit is from December 2024 covering @rpgp , the minimal #OpenPGP Rust library that is gaining traction with others projects as well.
Shout-out to dignifiedquire and @hko for their excellent maintenance! For more info on Delta Chat related security audits: delta.chat/en/help#security-au

rPGPrpgp
2025-02-07

See github.com/rpgp/rpgp/security/ and github.com/rpgp/rpgp/security/ for more details.

And see chaos.social/@delta/1139637079 for a broader context about audits in Delta Chat.

Thanks to @nlnet for funding the audit, and @ros for the excellent audit work!

rPGPrpgp
2025-02-07

rPGP has recently received an audit by @ros

The audit uncovered a number of issues, in particular: Multiple cases in which malformed input data can lead to Rust "panic"s. Triggering these typically leads to termination of applications that use . This can act as a vector for denial of service attacks, but does not impact confidentiality or integrity security properties.

These issues were resolved in release 0.14.2. Updating is recommended for all users.

rPGP boosted:
2024-10-07

New release today: #rPGP version 0.14.0 ✨

(#OpenPGP implemented in pure #Rust, permissively licensed)

github.com/rpgp/rpgp/releases/

This release brings rather complete support for the excellent new OpenPGP RFC 9580 (also known as "crypto refresh", or "v6")

RFC 9580 standardizes modern cryptographic mechanisms for OpenPGP: AEAD-based encryption, Argon2, and SHA2 fingerprints for the new OpenPGP v6 key format (v4 keys use SHA1).

Thanks @NGIZero for supporting this work!

#RustLang #PGP #GnuPG

rPGPrpgp
2024-09-26

rPGP is an implementation in pure (crates.io/crates/pgp).

It serves as the end-to-end encryption engine for Delta Chat:
@delta, a secure decentralized messager for all major platforms (and then some).

rPGP implements all generations of the OpenPGP standard, up to and including the new RFC 9580.

Client Info

Server: https://mastodon.social
Version: 2025.04
Repository: https://github.com/cyevgeniy/lmst