threadpanic/rustpg
threadpanic/rustpg
1
0
Fork 0
Code Issues 23 Pull requests Releases 5 Wiki Activity
Rust PrivacyGuard
137 commits 1 branch 7 tags 1.6 MiB
  • Rust 93.5%
  • Python 2.7%
  • Makefile 2.2%
  • Shell 1.6%
Find a file
Image Bert van der Weerd 06b64dabd6
Image
fix: match green progress modal size to red dialogs 
inner_margin 20→16, progress bar desired_width 340→260 to align with
the 252px input + eye-toggle width used in all red passphrase dialogs.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-18 17:42:51 +02:00
.cargo build: add Windows cross-compilation support 2026-04-30 09:32:06 +02:00
assets feat: release pipeline + security/UX hardening 2026-05-13 06:46:47 +02:00
crates fix: match green progress modal size to red dialogs 2026-05-18 17:42:51 +02:00
.gitignore feat: release pipeline + security/UX hardening 2026-05-13 06:46:47 +02:00
Cargo.toml feat: CryptoStream trait + ChaChaStream (ChaCha20-Poly1305) in rpglib 2026-05-18 07:27:38 +02:00
LICENSE bugfixes 2026-04-30 07:20:36 +02:00
Makefile feat: BigFilePlainText/BigFileCipherText buffer kinds for files > 25 MiB 2026-05-18 11:42:56 +02:00
README.md Update README.md 2026-05-09 11:25:36 +02:00

README.md

RustPG — v0.4.0

[Download for Windows] [Issue tracker] [Releases] | [Rust Crypto]

Standalone encryption and signing tool. GUI and CLI share the same pure-Rust crypto backend. Not a GnuPG replacement — a focused, auditable tool built on RustCrypto crates with no OpenSSL dependency.

First time use

On first launch RustPG creates your keyring at ~/.config/rustpg/key_material.rpg — a single AES-256-GCM encrypted file that holds all your identities and keys. You will be prompted to:

  1. Set a master password (protects the keyring; stored in the OS keyring so you are not asked every time).
  2. Generate your own identity — give it a name, email, and a slug (short identifier used in CLI commands). This creates an Ed25519 signing key and an X25519 encryption keypair in one step.

After that the app is ready. To communicate with someone, export your public identity and import theirs (Keys menu in the GUI, --export / --import on the CLI).

Platform support

Platform CLI (rpg) GUI (rustpg)
Linux
Windows 10+ (64-bit)
macOS untested untested

GUI

Launch: rustpg (or double-click, or pass a file as the first argument).

Feature Detail
Encrypt Symmetric (passphrase + Argon2id) or asymmetric (pick recipient)
Encrypt + Sign Sign-then-encrypt: Ed25519 signature embedded before ECIES encryption
Decrypt Auto-detects symmetric vs asymmetric from the wire-format magic (RPGS/RPGA)
Sign Binary embedded, clearsign, or detached
Verify Auto-detects embedded vs detached; warns if signer key is revoked
Armor / Dearmor OpenPGP-style ASCII armor (RFC 4880 §6); header reflects cipher type
Key management Generate, import, export, backup, restore, remove, revoke identities
Revocation Revoke own key or import a contact's revocation certificate
Hex view Toggle between plain and hex dump of buffer contents
Themes Dark, Light, Htop, Green Terminal, Pink, Robust
Masked display Replaces plaintext with * when show_plaintext is off
Clipboard Ctrl+C / Ctrl+V; optional auto-clear timer; copy-plaintext warning
Recent files Last 10 opened files in File menu

Cryptography

Algorithms

Role Algorithm Notes
Symmetric encryption AES-256-GCM AEAD. Key derived via Argon2id from passphrase.
Asymmetric encryption X25519 ECIES + AES-256-GCM Ephemeral ECDH, HKDF-SHA256 key derivation.
Signing Ed25519 Binary, clearsign, and detached modes.
Sign-then-encrypt Ed25519 + X25519 ECIES Signs plaintext first, then ECIES-encrypts the signed blob. Recipient decrypts then verifies sender.
Armor RFC 4880 §6 (CRC24) Header identifies content type (see below).

Key management

Keys are stored in a single encrypted file: ~/.config/rustpg/key_material.rpg. This file is created automatically on first run.

The file is AES-256-GCM encrypted (same construction as symmetric encrypt). The plaintext inside is the keyring format v1 — a line-oriented text format that is documented in the project Wiki

Identity 'Roles': self — own identity with private keys. contact — public key only identity. self-archived / contact-archived — retired, available for decrypt and legacy-verify only.

Key Revocation: a revocation certificate is an Ed25519 signature over the literal bytes REVOKE. It is stored on the identity entry. Revoked keys show [REVOKED] in key lists; verify warns about revoked signers; encrypting to a revoked recipient shows a warning. Generate with --gen-revoke; import a contact's cert with --import-revoke.

The master password protecting key_material.rpg is stored in the OS keyring (GNOME Keyring on Linux, Credential Manager on Windows) and pre-filled at startup.