GopenPGP, an open source encryption library for native applications

throwawaymath|6 years ago

I’m not sure I understand why Protonmail forked the Go crypto library here. Did they fork the entire thing and make substantial changes/updates throughout, or did they just make changes to the PGP implementation available in Go/crypto?

Go/crypto already implements elliptic curve cryptography[1], so I’m curious which specific elliptic curve primitives (or algorithms) they added to their fork.

________

1. https://golang.org/pkg/crypto/

w8rbt|6 years ago

Go wanted to deprecate OpenPGP support. But, it looks as if they have walked that back a lot:

https://github.com/golang/go/issues/30141

"We will be deprecating the packages listed above, except openpgp/, otr/ and xts/.

I'll update the proposal and send a CL shortly."

tgragnato|6 years ago

https://github.com/ProtonMail/crypto/issues/21

https://github.com/golang/crypto/compare/master...ProtonMail...

They changed defaults. 570d0c5fa7ef500786f15958b39af43af3359719 is interesting: "Add secp256k1 / x25519 / brainpool curves to openpgp".

pferde|6 years ago

I wonder if/when a C or C++ bindings to this library will be made. It would be nice to have some alternative to GpgME.

Boulth|6 years ago

There is also sequoia, with an explicit goal of being easy to link to C. If you can bear the license.

Source: https://sequoia-pgp.org/

tblyler|6 years ago

The instructions aren't very straightforward, but you can compile Go code (which GopenPGP is) into a C archive https://golang.org/cmd/go/#hdr-Build_modes

bch|6 years ago

This[0] (from Alistair Crooks (NetBSD), who constantly amazes me) might fit the bill?

[0] http://netpgp.com/

krzyzanowskim|6 years ago

iOS/macOS developers have an alternative with https://github.com/krzyzanowskim/ObjectivePGP that is tailored to the Apple platforms.

18 comments