The project is UNMAINTAINED, we recommend OpenKeychain. The core porting work has all be included upstream in the official https://gnupg.org sources. The Android app needs a new maintainer. This could be you! Email us at support@guardianproject.info
Gnu Privacy Guard for Android!¶
This is part of the PSST Project
- How to Use GPG
- API Sketch
- UI and UX Sketches
- App Lingo
- Anonymous Web of Trust
- Survey of PGP implementations
- Debugging this Beast
Download¶
Relevant source code¶
- https://github.com/guardianproject/gnupg-for-android
- https://github.com/guardianproject/gnupg-for-java
- https://github.com/guardianproject/pinentry.git
- The GnuPG suite: http://git.gnupg.org/cgi-bin/gitweb.cgi
Features we plan to support¶
Overview of Needed Activities¶
- a collection of Activities for seamless integration with other apps
- act transparently via Intents and returned data
- only pop UI if user-action is needed (password, choose key, etc)
- sign/validate emails
- encrypt/decrypt emails
- sign/validate files
- encrypt/decrypt files
- show trust level
- generate private key first time
- sign OpenPGP keys to certify their validity
A list of gnupg features roughly grouped by potential Activity screen:¶
- private key view
- assume single private key
- should detailed info on scrollable page
- include QRCode of fingerprint?
- publish public key with sigs to keyserver
- key manager view
- list of public keys
- view sigs, trust level, etc.
- select key to sign, etc.
- sync local keyring with keyservers
- public key view
- view certification signatures for any key
- option to sign this key
- signing activity
- QR code display/scanning for keysigning exchanges
- display randomart image of fingerprint for keysigning exchanges
- allow easy QR scanning
- lsign (local-only unexportable) OpenPGP keys
- publish certification signatures to keyservers
- email certification signatures to key owner
- searching and downloading keys
- if no key in keyring, prompt to search for key
- preference to automatically search for less privacy concerned users
- search/download public keys from keyservers
- contacts integration
- what does Google sync from custom fields?
- show key verification status
- show trust level
- clickable link into GPG for signing, detail view
- handling revokation keys
- automatically generate when generating new private key
- offer options for remote storage of revokation certificate
- easy way to copy revoke key to offline storage
- importing keys
- import public keys from SD card
- DO NOT import secret keys from SD card, since its public (use our webdav secure store)
Optional Features¶
- display Photo ID images embedded in OpenPGP keys
- tor proxy support for non-root Tor
- trust path view
- generate trust path between private key and current user
- social graph view aka web of trust degrees
Third Party Code / Libs¶
- Java binding for GPGME: https://github.com/smartrevolution/gnupg-for-java
- GnuPG Wrapper for Java: http://www.macnews.co.il/mageworks/java/gnupg/sample-code.shtml