1An open source library and command-line tools, licensed under the BSD 2licence, written in C, using the OpenSSL library and providing 3approximately the functionality specified below. 4 5The libraries and tools will compile and run on the following 6operating systems: 7 8FreeBSD 9Linux (Debian and Red Hat) 10Solaris 11 12but will be written such that porting to other operating systems 13supported by OpenSSL will be possible. 14 15As is usual with software, there will be no guarantee of 100% correct 16functionality, but the software will be written to professional 17standards. This specification does not constitute a commitment to 18fixing bugs or adding enhancements once the initial version is 19complete. 20 21The library will comply with the IETF specification currently known as 22RFC2440bis. 23 24API 25--- 26 27* Load keyring 28 29* Save keyring 30 31* Generate key 32 33* Add key to keyring 34 35* Find key in loaded keyring (by key ID, by UID) 36 37* Generate subkey 38 39* Revoke subkey 40 41* Delete subkey 42 43* Update subkey 44 45* Delete key from keyring 46 47* Add/remove UID 48 49* Certify UID 50 51* Revoke certification 52 53* Sign message 54 55* Verify, using any key in the keyring 56 57* Verify, using specified key 58 59* Encrypt, using a key 60 61* Decrypt, using a key 62 63* Import any object to GPG/PGP (key, keyring) 64 65* Export any object 66 67* (?)Query keyservers for keys 68 69* (?)Export keys to keyservers 70 71Keyserver stuff will be done if time/budget permits, otherwise will be 72a to-do item, since we can always use GPG externally to do it. 73 74Also, "save/load/find/add/import/export keyring" will be pluggable, so 75we can use databases instead of flat files and in-memory keyrings. 76 77We will support verification of signatures using v3 keys, and 78decryption of messages encrypted to v3 keys, but not signing or 79encryption. 80 81Command-line 82------------ 83 84* List keys 85 86* Find key 87 88* Export key/keyring 89 90* Import key/keyring 91 92* Generate key 93 94* Delete key 95 96* Generate subkey 97 98* Revoke subkey 99 100* Delete subkey 101 102* Update subkey 103 104* Add UID 105 106* Remove UID 107 108* Certify UID 109 110* Revoke certification 111 112* Encrypt 113 114* Decrypt 115 116* Sign 117 118* Verify 119 120Note that at least the first phase is not aiming at super-smooth 121command-line utilities - these will be good enough for testing, rather 122than for general use. 123