GnuPG for Android progress: we have an command line app!

GnuPG for Android
This alpha release of our command-line developer tool brings GnuPG to Android for the first time!

GNU Privacy Guard Command-Line (gpgcli) gives you command line access to the entire GnuPG suite of encryption software. GPG is GNU’s tool for end-to-end secure communication and encrypted data storage. This trusted protocol is the free software alternative to PGP. GnuPG 2.1 is the new modularized version of GnuPG that now supports OpenPGP and S/MIME.

You can get it from the Play Store:
https://play.google.com/store/apps/details?id=info.guardianproject.gpg

Or download the .apk from our nightly builds:
https://guardianproject.info/builds/GnuPrivacyGuard/

Setup

Before using gpgcli, be sure to launch the app and let it finish its installation process. Once it has completed, then you’re ready to use it. The easiest way to get started with gpgcli is to install Android Terminal Emulator. gpgcli will automatically configure Android Terminal Emulator as long as you have the Allow PATH extensionsFeatures

  • TRUSTED SECURITY: This technology already seamlessly integrates into Linux on Debian, Ubuntu, Fedora, Mac OSX (GPGtools), Windows (gpg4win)
  • PUBLIC KEY ENCRYPTION: Full interoperable replacement of the proprietary Pretty Good Privacy (PGP) standard that uses a serial combination of hashing, data compression, symmetric-key cryptography and finally public-key cryptography; each step uses one of several supported algorithms.
  • BROAD ALGORITHM LANDSCAPE: Supports 3DES, AES, Blowfish, CAST5, DSA, ElGamal, MD5, RSA, RIPDE-MD-160, SHA-1, TIGER, and Twofish.
  • VERIFIABLE INTEGRITY AND AUTHENTICITY: Digital signatures create a trusted trail of ownership.
  • CONFIRMED SECURITY: Italian Police, the FBI, and British police have been unable to crack its security and have resorted to demanding private keys. It’s been likened as “the closest you’re likely to get to military-grade encryption” by cryptographer Bruce Schneier.
  • HELP SYSTEM: A quick help tool is built in.
  • KEYSERVER SUPPORT: Integrated support for HKP and LDAP keyservers (keys.gnupg.net).
  • OPEN STANDARD COMPLIANT: Full OpenPGP implementation. Learn more about standards RFC2440 & RFC4880

Please Report Bugs

This is an early release of a big project, so there will inevitable be bugs. Help us improve this software by filing bug reports about any problem that you encounter. Feature requests are also welcome!

https://dev.guardianproject.info/projects/gpgandroid/issues

Coming Soon

23 comments for “GnuPG for Android progress: we have an command line app!

  1. 2013/05/21 at 5:34 pm

    I hope that you are aware of the existence of APG app?

    • hans
      2013/05/24 at 12:14 pm

      We are most definitely aware of APG, we’ve recommended it for a while now. 🙂 We’re also following the new fork of APG, called OpenPGP Keychain. While these are both useful, the whole GnuPG offers a lot more functionality, plus we hope GnuPG will perform better since its all written in C rather than Java.

  2. Tom
    2013/06/06 at 11:51 pm

    I’d very much like to make a donation to your project, do you have a way to do this? If you do accept public donations, do you or will you consider accepting Bitcoin?

    • n8fr8
      2013/06/09 at 12:57 am

      Not at the moment. You can donate to the Tor Project (a registered non-profit) in our name!

      • hans
        2013/06/10 at 2:08 pm

        EFF is also a good candidate since if we ever got into legal trouble, they’d hopefully be providing us some legal services.

  3. Rodrigo
    2013/07/16 at 11:01 pm

    Hello, and thanks for your awesome work.
    With your awesome app and some script I can encrypt all JPG of some folder after I disconnect from my wifi at home. Unfortunately, I can’t reverse it with giving a passphrase to the gpg command, like I do with gpg package in debian.
    Do you have any plans to implement that? It would be useful.
    Thanks

    • hans
      2013/07/17 at 10:51 am

      Glad you find it useful!

      You always need to give your passphrase when decrypting files, unless your PGP key does not have a passphrase on it. Or am I misunderstanding? GPG will cache your passphrase for a set amount of time, usually something like 5 minutes. So if you decrypt a file, then a minute later decrypt another file, you will only need to enter your passphrase the first time you decrypt, and not the second time a minute later.

  4. Rodrigo
    2013/07/20 at 8:57 pm

    Hans,
    Thank you for your answer. I’ve found out the problem. Gpg of my smartphone is gpg2 and with debian gpg1. With gpg2 the –passphrase option isn’t available.
    I’ve instaled the new night build android app. And I need to say, thank you very much. I’ts working like a charm.
    When I left home, with tasker and gpg my personal files get encrypted. And when I shake the phone and answer the passphrase, its all decrypted. Awesome!!!
    Thanks.

    • hans
      2013/07/21 at 10:50 pm

      Your setup sounds interesting, have you documented it anywhere?

      • Rodrigo
        2013/07/25 at 1:57 am

        Not yet. But I’ll soon.

        • jb
          2013/08/28 at 3:07 pm

          a write up would be awesome.

  5. jb
    2013/08/28 at 3:03 pm

    yes, please document the tasker and gpg install or setups.

  6. 2013/11/20 at 6:12 am

    Looks like this made it into the F-Droid repos last week. Nice!

  7. 2014/10/15 at 1:48 pm

    Any update on K9-Mail integration?

    https://dev.guardianproject.info/issues/1680

    Thanks for providing GnuPrivacyGuard!!

    • Hans-Christoph Steiner
      2014/10/16 at 5:14 pm

      We have not had any funding or time to work on GnuPrivacyGuard recently. But the OpenKeychain project (http://www.openkeychain.org/) has made a lot of progress on that front. The OpenPGP API implemented in OpenKeychain is an API that we designed together, so ultimately that work will also feed into GnuPrivacyGuard as well. But for now, if you want PGP in K-9, use OpenKeychain.

  8. 2015/05/04 at 10:13 pm

    Hey guys! so… does this perform better than APG and OpenKeyChain? Does this app integrates with K-9? It’s hard to believe that we’re on 2015 and still crappy mobile encryption support…. Not blaming u of course!
    Cheers!

    • Hans-Christoph Steiner
      2015/05/05 at 10:22 am

      Right now, GPGA really mostly works with files, so encrypting, decrypting, signing, and verifying. The plan is to make it support the same API that OpenKeychain offers, but there isn’t any concrete timeline for that. Contributions are most welcome. The general plan is to make it an official GnuPG project.

      For PGP email on Android, we recommend K-9 and OpenKeychain.

  9. S. McCandlish
    2015/07/11 at 1:32 am

    Is there a reason this would choke on secret keys generated by GPG Keychain (Mac OS X)? I have a 4096 RSA key, dating to 2013 and set to expire in 2018, that GnuPG for Android will not import (through the GUI, anyway). It has 2 user IDs, only 1 subkey, no photo, no weird key management stuff. I copied it to the Android filesystem, and your app will import the public key from it, and has no trouble with my older 1024 DSA keys (generated with MacPGP back in Mac OS 9). When trying to import the 4096 RSA secret key, the app’s debug log has errors like “error sending to agent: Timeout”, and “error building skey array: Timeout”. At the end, it reports “Total number processed: 4”, “unchanged: 2”, “secret keys read: 3”, and some details like “poolsize=600”, etc.

  10. kazi
    2016/09/06 at 6:02 pm

    “error: only position independent executables (PIE) are supported.”

    • helpless
      2016/10/19 at 4:29 am

      I have the same problem with cm13. The terminal emulator always shows the message “Error: only position independent executables (PIE) are supported” and if ill set the extra authorization for the terminal Emulator in the gnupg app settings, it does not work.

      Tested with GnuPrivacyGuard-0.3.2-release.apk 2015-02-03 18:02 9.4M

  11. Thomas
    2016/10/28 at 2:00 pm

    How do I import a copy of my private key into the app?

Leave a Reply

Your email address will not be published. Required fields are marked *