The project is UNMAINTAINED, we recommend OpenKeychain. The core porting work has all be included upstream in the official https://gnupg.org sources. The Android app needs a new maintainer. This could be you! Email us at support@guardianproject.info

Gnu Privacy Guard for Android!¶

• Gnu Privacy Guard for Android!
  • Download
  • Relevant source code
  • Features we plan to support
    • Overview of Needed Activities
    • A list of gnupg features roughly grouped by potential Activity screen:
  • Optional Features
  • Third Party Code / Libs

This is part of the PSST Project

• How to Use GPG
• API Sketch
• UI and UX Sketches
• App Lingo
• Anonymous Web of Trust
• Survey of PGP implementations
• Debugging this Beast

Download¶

• Gnu Privacy Guard nightly builds
• Gnu Privacy Guard from the Google Play Store

Relevant source code¶

• https://github.com/guardianproject/gnupg-for-android
• https://github.com/guardianproject/gnupg-for-java
• https://github.com/guardianproject/pinentry.git
• The GnuPG suite: http://git.gnupg.org/cgi-bin/gitweb.cgi

Features we plan to support¶

Overview of Needed Activities¶

• a collection of Activities for seamless integration with other apps
  • act transparently via Intents and returned data
  • only pop UI if user-action is needed (password, choose key, etc)
  • sign/validate emails
  • encrypt/decrypt emails
  • sign/validate files
  • encrypt/decrypt files
  • show trust level
  • generate private key first time
  • sign OpenPGP keys to certify their validity

A list of gnupg features roughly grouped by potential Activity screen:¶

• private key view
  • assume single private key
  • should detailed info on scrollable page
  • include QRCode of fingerprint?
  • publish public key with sigs to keyserver

• key manager view
  • list of public keys
  • view sigs, trust level, etc.
  • select key to sign, etc.
  • sync local keyring with keyservers

• public key view
  • view certification signatures for any key
  • option to sign this key

• signing activity
  • QR code display/scanning for keysigning exchanges
  • display randomart image of fingerprint for keysigning exchanges
  • allow easy QR scanning
  • lsign (local-only unexportable) OpenPGP keys
  • publish certification signatures to keyservers
  • email certification signatures to key owner

• searching and downloading keys
  • if no key in keyring, prompt to search for key
  • preference to automatically search for less privacy concerned users
  • search/download public keys from keyservers

• contacts integration
  • what does Google sync from custom fields?
  • show key verification status
  • show trust level
  • clickable link into GPG for signing, detail view

• handling revokation keys
  • automatically generate when generating new private key
  • offer options for remote storage of revokation certificate
  • easy way to copy revoke key to offline storage

• importing keys
  • import public keys from SD card
  • DO NOT import secret keys from SD card, since its public (use our webdav secure store)

Optional Features¶

• display Photo ID images embedded in OpenPGP keys
• tor proxy support for non-root Tor

• trust path view
  • generate trust path between private key and current user
• social graph view aka web of trust degrees

Third Party Code / Libs¶

• Java binding for GPGME: https://github.com/smartrevolution/gnupg-for-java
• GnuPG Wrapper for Java: http://www.macnews.co.il/mageworks/java/gnupg/sample-code.shtml