sequoia-keyring-linter-0.1.0 is not a library.
A simple certificate / keyring linter.
This program checks for issues with keys. The current focus is on finding reliances on SHA-1.
$ dpkg -l debian-keyring
...
ii debian-keyring 2020.09.24
$ cargo run -- /usr/share/keyrings/debian-keyring.gpg
...
885 certificates.
778 certificates valid under the standard policy.
884 certificates valid under the standard policy + sha1.
Of the 778 certificates valid under the standard policy:
778 have >0 user ids under the standard policy
778 have >0 user ids under the standard policy + sha1
63 have >0 user ids that are only protected by SHA1
0 have all user ids only protected by SHA1
Of the 778 certificates valid under the standard policy:
234 certificates have >0 non-revoked, live, signing-capable subkeys under the standard policy
Of these 234 certificates, 19 have >0 subkeys protected by SHA1
Of these 19, 10 use SHA1 for the binding signature
Of these 19, 9 use something strong for the binding signature, but SHA1 for the backsig