After three and a half years of development published package release Sequoia 1.0 , which develops a library of functions and command line toolkit with an implementation of the OpenPGP standard ( RFC-4880 ). The release summarized the work on a low-level API, which implements the coverage of the OpenPGP standard, sufficient for full use. The project code is written in Rust and is distributed under the GPLv2 + license. The implementation of cryptographic algorithms is based on the Nettle library. Supported platforms are Linux, FreeBSD, Windows, macOS, Android and iOS.
The project was founded by three GnuPG contributors from g10code a> specializing in auditing cryptosystems and developing add-ons to GnuPG. The Sequoia team is also known for creating the Hagrid key server, which is used by the keys.openpgp.org service. The goal of the new project was to redesign the architecture and apply new techniques to improve the security and reliability of the codebase.
To improve security, Sequoia uses not only secure programming tools using the Rust language, but also error protection at the API level. For example, the API does not allow you to accidentally export secret key material, since by default export operations require explicit selection. Likewise, the API insures against missing important steps when updating a digital signature – by default, the creation time, hashing algorithm and signature issuer are automatically updated.
Sequoia also has try to get rid of shortcomings GnuPG such as desync functionality command line tools with a library of functions (some actions can only be performed using a utility) and too tight coupling between components, which makes it difficult to make changes, obfuscates the code base and prevents the creation of a complete unit testing system.
Sequoia develops command line utility sq with Git style subcommand support, sqv program (replacement for gpgv) for verification of detached signatures, sqop utility (Stateless OpenPGP CLI) and sequoia-openpgp library. There are bindings for C and Python languages. most