$Id: architecture.txt,v 1.11 2005/12/09 22:41:24 droggo Exp $ Architecture document - BSD Privacy Guard ========================================= This document contains information about BPG internal architecture. Section 1 covers the system general design, which modules conform BPG and how they interact. Section 2 explains the internals of each module. 1. System design ---------------- The main goal of BPG is to provide applications with a toolkit for using OpenPGP facilities. For that, we packed that functionality in libraries. The BPG project includes three libraries: an OpenPGP implementation (bpg), a key manager (bpgkey) and a trust manager (bpgtrust). Also, BPG relies on the OpenSSL Cryptographic Library for ciphers and hashing algorithms. The project also includes programs and scripting wrappers for this libraries. 2. Modules internals -------------------- 2.1. bpg -------- This library manages the processing of OpenPGP data, including OpenPGP general functions (section 2, RFC 2440), which are signing, encryption, compression and radix-64 conversion. It also defines all the other data types and formats in OpenPGP. DEPENDECIES * bpgkey: PKI keys are especified in the API with user-IDs and obtained from the BPG key management library. * OpenSSL Cryptographic Library (libcrypto): for performing low-level encryption, hashing and compression, it uses the BPG algorithms library. * libzip: BPG uses libzip for compression (http://www.nih.at/libzip/). API Read bpg(3) for a detailed explanation of the API. 2.2. bpgkey ----------- This library manages the creation, storage and use of asymmetric keys like those used in OpenPGP. The "BPG Key Management" document defines all key-related operations in BPG in detail. API Read bpgkey(3) for a detailed explanation of the API. 2.3. bpgtrust ------------- This library handles the trust level of asymmetric keys like those involved in OpenPGP. In BPG, the trust level of a key depends on how much we trust the signer of that key. The trust library handles the trust database and the trust policy. The trust database contains a list of [UserID, trust level] pairs. The policy defines the rules for deriving trust level of a given key from the trust database (i.e. OpenPGP web of trust, X.509 hierarchical trust model, ...). Read more on this in the "BPG Key Management" document. API Read bpgtrust(3) for a detailed explantation of the API.