rPGP is a Rust library that lets you handle OpenPGP like a pro! No more trudging through miles of C code just to get a piece of software that encrypts three typo-filled emails. Now, we have a 100% Rust implementation, with a minimalist API that gets the job done. And the best part? It’s open-source, so you can do whatever you want with it!
The cherry on top is that rPGP fully supports Autocrypt 1.1. In case you’re unfamiliar, Autocrypt is a specification designed to make email encryption easy to use for everyone, including the average person.
On the technical side, rPGP is regularly updated and is available as the crate “pgp” (yes, they thought of us lazy folks who don’t want to type more than three letters). For the RSA part, it’s handled under the RustCrypto umbrella. And for those of you looking to dabble with elliptic curve cryptography, don’t worry: ECC support is provided through the Curve25519-dalek crate. I love the name! 🙂
Now, I must admit, the API documentation is still a bit sparse, but if you’re really stuck, you can always open an issue on GitHub. The developers are nice and do respond (sometimes).
In fact, rPGP underwent an independent security audit in 2019, carried out by the folks at IncludeSecurity, and no critical vulnerabilities were found! Sure, there were a few things to tweak here and there, but overall, it’s solid. If you’re interested in taking a look at the report, you can find it here.
It’s also worth noting that rPGP is used in production by Delta Chat, a messaging app based on emails, and it runs smoothly on Windows, Linux, macOS, Android, and iOS, in both 32 and 64-bit versions. What more could you ask for?
And if you’re the type who wants everything to run in your browser (or in Node.js, no judgment), rPGP even has a WebAssembly (wasm) feature! However, the bindings are still experimental, but everything you need is in the rpgp/rpgp-js repo.