This is a small library that can be used to verify pgp signatures. It is based on the former internal RPM OpenPGP parser, split out of the rpm tree after twenty years of service.
This software can also be built as part of RPM (in-tree build).
For this to work it needs to be unpacked into the rpmio/ directory
of rpm's sources and rpm's cmake needs to be run with
-DWITH_SEQUOIA=OFF -DWITH_LEGACY_OPENPGP=ON
Use entirely at your own risk, the RPM project does not provide support for this parser.
Supported crypto backends:
- libgcrypt
- openssl
Supported public key algorithms:
- RSA
- DSA
- ECDSA (NIST P-256, NIST P-384, NIST P-521)
- EdDSA (Ed25519, Ed448)
- ML-DSA (ML-DSA65+Ed25519, ML-DSA87+Ed448)
Supported public key/signature versions:
- v3 (signatures only)
- v4 (RFC 4880)
- v5 (LibrePGP)
- v6 (RFC 9580)
Supported PGP features:
- subkeys
- key expiry
- key revokation
- signature expiry
// vim: syntax=markdown