sopv-gpgpv: an implementation of the verification-only subset of the Stateless OpenPGP CLI using gpgv as a backend

Daniel Kahn Gillmor dkg at fifthhorseman.net
Sun Jul 21 18:51:12 CEST 2024


Hey GnuPG folks--

I've written `sopv-gpgv`, which implements the verification-only subset
of the Stateless OpenPGP CLI, using gpgv as a backend.

If you're an implementer who needs a minimalist, verification-only
OpenPGP command-line tool, and you'd prefer to use a stable, normalized
interface while using the well-known g10 codebase, I hope you'll
consider this tool.

Here's the reference to the Stateless OpenPGP CLI, which defines the
`sopv` subset:

   https://datatracker.ietf.org/doc/draft-dkg-openpgp-stateless-cli/

Here's `sopv-gpgv`:

   https://gitlab.com/dkg/sopv-gpgv

The implementation is in python and has no dependencies outside the
stdlib.

The most relevant/subtle parts of it are probably the certificate
parsing (`sopv` accepts both armored and unarmored certificates, while
`gpgv` only accepts unarmored keyrings) and the parsing of `gpgv`'s
status output (in the function `status_to_verifs`).

I welcome review and critiques!  Please don't hesitate to report bugs or
improvements.

All the best,

    --dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 324 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20240721/e5581207/attachment.sig>


More information about the Gnupg-users mailing list