A port of gnupg to Android (UNMAINTAINED!)

Overview

Gnu Privacy Guard for Android

A port of the whole GnuPG 2.1 suite to Android.

If you are using these tools in your own apps, we'd love to hear about it. Email us at [email protected].

Gnu Privacy Guard (GPG) gives you access to the entire GnuPG suite of encryption software. GnuPG is GNU’s tool for end-to-end secure communication and encrypted data storage. This trusted protocol is the free software alternative to PGP. GnuPG 2.1 is the new modularized version of GnuPG that now supports OpenPGP and S/MIME.

Using Gnu Privacy Guard's Android Integration

One of the core goals of Gnu Privacy Guard is to provide integrated encryption support in a way that feels natural on Android. That means it tries to be as transparent as possible, and only pop up with there is no other way:

  • if you want to send someone an encrypted file, find them in your Contacts/People app, and click on "Encrypt File To"
  • if you want encrypt something, then share it to Gnu Privacy Guard
  • if you want to view an encrypted file, share it with Gnu Privacy Guard and it'll prompt you for your password and the app to view it with
  • if you want to import keys into your keyring, there are a few ways to do it:
    • click on a .pkr, .skr, .key, or pubring.gpg file in your email, dropbox, SD card, etc.
    • click on a fingerprint URL, for example: openpgp4fpr:9F0FE587374BBE81
    • scan a fingerprint QRCode

Look for more features in the Android integration, and please post your ideas in our issues tracker: https://dev.guardianproject.info/projects/gpgandroid/issues

Using Gnu Privacy Guard from the Terminal

Before using Gnu Privacy Guard, be sure to launch the app and let it finish its installation process. Once it has completed, then you're ready to use it. The easiest way to get started with Gnu Privacy Guard is to install Android Terminal Emulator. gpgcli will automatically configure Android Terminal Emulator as long as you have the "Allow PATH extensions" settings enabled. Get the Android Terminal Emulator at https://play.google.com/store/apps/details?id=jackpal.androidterm

Currently, this app offers the full gnupg suite of commands in the terminal. When you run the GnuPG tools in an app, a GNUPGHOME folder will be created for that specific app. Because of the Android permissions model, its not possible to create a shared GNUPGHOME without having it world-writable.

Use in Android Terminal Emulator

The app automatically configures Android Terminal Emulator to use the GnuPG tools, as long as you have the Allow PATH extensions preference set.

Manual configuration and using it with other apps

In order to use the GnuPG tools in your app, preferred terminal emulator, or adb shell, you need to set the PATH to include the full path to the GnuPG aliases, for example:

export PATH=$PATH:/data/data/info.guardianproject.gpg/app_opt/aliases

Or you can call the aliases using the full path:

/data/data/info.guardianproject.gpg/app_opt/aliases/gpg --encrypt secretfile.txt

WARNING: The above method stores key material inside the data dir of Gnu Privacy Guard

Gnu Privacy Guard is not able to read your key material, only root or your app can, but the material will remain after the app is uninstalled. If this is not desirable for you then you should set the environment variables managed in

/data/data/info.guardianproject.gpg/app_opt/aliases/common

and set the PATH to /data/data/info.guardianproject.gpg/app_opt/bin:$PATH instead of using the aliases method described above.

At a minimum you should set the environment variables LD_LIBRARY_PATH, HOME, GNUPGHOME, and PATH.

GNUPGHOME should be set to a secure path inside your app's data directory, for example you could call getDir("gnupghome") from your Activity.

Setting up all of the tools

To enable the whole suite of tools, including dirmngr to work with keyservers, you need to set another environment variable:

export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/data/data/info.guardianproject.gpg/app_opt/lib:/data/data/info.guardianproject.gpg/lib

The technical reason why is that GnuPG uses a lot of shared libraries, and the only way Android has for finding shared libraries is the LD_LIBRARY_PATH environment variable. GNU/Linux has rpath, Mac OS X has install names, but Android has none of this stuff.

Please Report Bugs

This is an early release of a big project, so there will inevitable be bugs. Help us improve this software by filing bug reports about any problem that you encounter. Feature requests are also welcome! https://dev.guardianproject.info/projects/gpgandroid/issues

Target Platform

We would like to target as many Android platforms as possible. Currently there are three limiting APIs:

  • regex - provided in Android 2.2, SDK android-8 and above
  • pthread_rwlock* - provided in Android 2.3, SDK android-9 and above
  • pthread_atfork - provided in Android 4.0, SDK android-14 and above

regex could easily be included in the build, pthread_rwlock\* would be more difficult. pthread_atfork is not really fully required, but might be in the future.

Build Setup

Debian/wheezy (try others at your own peril)

sudo apt-get install build-essential autoconf automake1.11 libtool \
    transfig wget patch texinfo ant gettext bison

Fedora 17 x64

sudo yum install autoconf automake libtool transfig wget patch texinfo \
    ant gettext bison \
    ncurses-libs.i686 libstdc++.i686 libgcc.i686 zlib.i686 gcc.i686

You might need to apply some patches to get GnuPG subprojects building with newer versions of automake:

Android SDK, NDK, appcompat

Install the Android NDK v9b or newer for the command line version, and the Android SDK for the Android app version:

If you are building in Eclipse or IntelliJ, you need to also set up the android-support-v7-appcompat library project:

Building

First the get all of the source code from git:

git clone https://github.com/guardianproject/gnupg-for-android
git submodule update --init --recursive

How to build the whole app

The easiest way to get started is to use the script we made to make our release builds. It deletes all changes from this project, then runs all the steps needed to build the APK:

./make-release-build

Otherwise, you can break out the steps and run them individually while you are working on the code:

make -C external/ distclean clean-assets
make -C external/
ndk-build clean
ndk-build
./setup-ant.sh
ant clean debug

Running the GnuPG tests

The GnuPG subprojects all include their own test suites. They end up being quite large, so they are not included in the APK by default. If you want to include all of the tests, then run make -C external/ assets-tests before ndk-build. That gives you the same sequence as used in jenkins-build.sh, which is how we run our tests:

make -C external/ distclean clean-assets
make -C external/
make -C external/ assets-tests
ndk-build clean
ndk-build
./setup-ant.sh
ant clean debug

Then to run the tests, first install the APK and run it so that it sets up all of its included assets. Once the Android app has completed its initial setup, run:

./assets/tests/launch_run-tests_on-android.sh

How to Build Individual Components

To compile the components individually you can use commands like (the order that you run them is important):

make -C external/ gnupg-install
make -C external/ gnupg-static
make -C external/ gpgme-install

The results will be in external/data/data/info.guardianproject.gpg

Hacking Notes

Please conform to our code format standard.

For C files use format-code.sh.

For Java, please apply the official Android formatter profile

You might also like...
Android virtual machine and deobfuscator
Android virtual machine and deobfuscator

Simplify Generic Android Deobfuscator Simplify virtually executes an app to understand its behavior and then tries to optimize the code so that it beh

enjarify 8.6 0.0 L5 Python Enjarify is a tool for translating Dalvik bytecode to equivalent Java bytecode. This allows Java analysis tools to analyze Android applications.

Note: This repository may be out of date. Future development will occur at https://github.com/Storyyeller/enjarify. Introduction Enjarify is a tool fo

CLI tool for decompiling Android apps to Java. It does resources! It does Java! Its real easy!

Easy-as-pie Android Decompiler Why One stop shop I got pretty tired of decompiling Android apps with a bunch of steps that I had to remember all the t

A android app for encrypting apk
A android app for encrypting apk

A android app for encrypting apk

Unlock an Android phone (or device) by bruteforcing the lockscreen PIN.
Unlock an Android phone (or device) by bruteforcing the lockscreen PIN.

Unlock an Android phone (or device) by bruteforcing the lockscreen PIN. Turn your Kali Nethunter phone into a bruteforce PIN cracker for Android devices! (no root, no adb)

A Java ePub reader and parser framework for Android.
A Java ePub reader and parser framework for Android.

FolioReader-Android is an EPUB reader written in Java and Kotlin. Features Custom Fonts Custom Text Size Themes / Day mode / Night mode Text Highlight

A program to flip every private, protected and package-private access flag to public in an Android dex file!

DexExposed A program to flip every private, protected and package-private access flag to public in an Android dex file! Building Simply run gradle mak

A simple android app that parses its own signature and displays it

SigDisplayer Usage Download the release APK or clone the repository and compile yourself. Sign the APK with your preferred keystore. Install and open

🔓 Kotlin version of the popular google/easypermissions wrapper library to simplify basic system permissions logic on Android M or higher.
🔓 Kotlin version of the popular google/easypermissions wrapper library to simplify basic system permissions logic on Android M or higher.

🔓 Kotlin version of the popular google/easypermissions wrapper library to simplify basic system permissions logic on Android M or higher.

Owner
Guardian Project
Guardian Project
BlackDex is an Android unpack tool, it supports Android 5.0~12 and need not rely to any environment. BlackDex can run on any Android mobile phones or emulators, you can unpack APK File in several seconds.

BlackDex is an Android unpack tool, it supports Android 5.0~12 and need not rely to any environment. BlackDex can run on any Android mobile phones or emulators, you can unpack APK File in several seconds.

null 4.3k Jan 2, 2023
Simple API to perform AES encryption on Android. This is the Android counterpart to the AESCrypt library Ruby and Obj-C (with the same weak security defaults :( ) created by Gurpartap Singh. https://github.com/Gurpartap/aescrypt

AESCrypt-Android Simple API to perform AES encryption on Android with no dependancies. This is the Android counterpart to the AESCrypt library Ruby an

Scott Alexander-Bown 636 Dec 18, 2022
PermissionX is an extension Android library that makes Android runtime permission request extremely easy

PermissionX is an extension Android library that makes Android runtime permission request extremely easy. You can use it for basic pe

Lin Guo 2.9k Dec 28, 2022
Signal Protocol library for Java/Android

Overview A ratcheting forward secrecy protocol that works in synchronous and asynchronous messaging environments. PreKeys This protocol uses a concept

Signal 1.8k Dec 24, 2022
Grab’n Run, a simple and effective Java Library for Android projects to secure dynamic code loading.

Grab’n Run, a simple and effective Java Library for Android projects to secure dynamic code loading.

Luca Falsina 418 Dec 29, 2022
A collection of android security related resources

android-security-awesome A collection of android security related resources. Tools Academic/Research/Publications/Books Exploits/Vulnerabilities/Bugs

Ashish Bhatia 6.6k Jan 5, 2023
a version of the official Android openssl setup to build standalone for use in app

OpenSSL on the Android platform. --- The code in this directory is based on $OPENSSL_VERSION in the file openssl.version. See patches/README for more

Guardian Project 371 Dec 8, 2022
OpenPGP for Android

APG (Android Privacy Guard) APG originally brought email encryption to the Android platform. In recent years the project has fallen asleep, but a lot

Thialfihar 234 Dec 30, 2022
Analyze any Android/Java based app or game

ClassyShark Introduction ClassyShark is a standalone binary inspection tool for Android developers. It can reliably browse any Android executable and

Google 7.2k Jan 3, 2023