Stateless OpenPGP

From ArchWiki

Stateless OpenPGP (SOP) is a standard for commandline interface (CLI) tools to perform OpenPGP operations. It is defined in a dedicated IETF draft outlining its features and syntax.

SOP is a lean approach to signing/verification and encryption/decryption operations on messages. Certificates and/or keys for all operations must be explicitly specified.

Usually private key operations use software keys. However, private key material on hardware security devices can also be used with some SOP implementations.

Many SOP implementations exist and are cross-tested in an interoperability test suite.

Although implementations provide executables of differing names, they all have the same CLI and the core functionality can be used interchangeably.


Several implementations are available for installation:


While SOP offers a uniform interface, implementations are free to support different subsets of the cryptographic mechanisms that OpenPGP specifies. Different versions of the format as well as hardware backed keys may be supported.

Stateless OpenPGP implementations
Package RFC 4880 (+ RFC 6637) draft-koch-librepgp draft-ietf-openpgp-crypto-refresh Hardware backed keys
rsop Yes No No Yes
sequoia-sop Yes No No No

Hardware device support

When using hardware security devices, SOP parameters that usually specify private key material instead only specify public key material.

This public key material serves as an explicit reference to locate and use a hardware device that provides the corresponding private key material.

Tips and tricks

The below examples assume, that the name of the SOP executable (e.g. rsop or sqop) is stored in the environment variable $SOP.

Tip: When using rsop it is possible to use private key material that resides on an OpenPGP card. Relevant private signing or decryption keys are expected to have been added to an OpenPGP card device (e.g. using OpenPGP-card-tools) which is connected to the machine where rsop is used.

Create a private key

To create an OpenPGP transferable secret key (aka. private key) with the User ID <> use:

$ $SOP generate-key "<>" > archie.tsk

Extract certificate

To extract the certificate (aka. public key) from the created transferable secret key use:

$ $SOP extract-cert > archie.cert < archie.tsk

Create detached signature

To create a detached signature for a message use:

$ echo "Hello world" | $SOP sign archie.tsk > msg.sig
Tip: To create the same signature using an OpenPGP card, rsop needs to be provided with a certificate instead of a private key:
$ echo "Hello world" | rsop sign archie.cert > msg.sig

Verify detached signature

To verify the detached signature, provide the original message, the signature as well as the OpenPGP certificate:

$ echo "Hello world" | $SOP verify msg.sig archie.cert
2024-02-27T17:36:28Z 12b7169b5fc99d1a2d546b8755d1f4d8a355f3cb 12b7169b5fc99d1a2d546b8755d1f4d8a355f3cb mode:binary

Encrypt a message

Messages can be encrypted by providing the message and the OpenPGP certificate of the recipient:

$ echo "Hello world" | $SOP encrypt archie.cert > encrypted.msg

Decrypt a message

Recipients of encrypted messages can decrypt them by providing the encrypted message and their transferable secret key:

$ $SOP decrypt archie.tsk < encrypted.msg
Hello world
Tip: To decrypt this message using an OpenPGP card, rsop needs to be provided with a certificate instead of a private key:
$ rsop decrypt archie.cert < encrypted.msg
Hello world

Create cleartext signed message

Cleartext signed messages can be created by providing the message and the signer's transferable secret key:

$ echo "Hello world" | $SOP inline-sign --as clearsigned archie.tsk

Hello world


Tip: The OpenPGP card use with rsop works analogous to the example outlined in create detached signature.

See also