PGP for iOS/OSX, using kbpgp.js. Requires >= iOS 8.0.
This library is mostly a proof of concept. I've stopped using it myself but am keeping it around in case others find it useful.
This library is deprecated. You can use gomobile to do PGP on iOS and Android. See https://github.com/EncryptedTimeline/EasyPGP
There was no usable native library for PGP for iOS or OSX. Keybase uses kbpgp and iOS 8 provides a JavaScript runtime with JavaScriptCore.
Some alternative methods I considered or am considering:
platform :ios, "8.0"
pod "KBPGP"
or
pod 'KBPGP', :git => 'https://github.com/gabriel/KBPGP.git', :branch => :master
KBPGP *pgp = [[KBPGP alloc] init];
[pgp encryptText:@"This is a secret message" keyBundles:@[@"-----BEGIN PGP PUBLIC KEY..."] success:^(NSString *messageArmored) {
NSLog(@"%@", messageArmored);
} failure:^(NSError *error) {
NSLog(@"Error: %@", [error localizedDescription]);
}];
KBPGP *pgp = [[KBPGP alloc] init];
[pgp encryptText:@"This is a secret signed message" keyBundles:@[@"-----BEGIN PGP PUBLIC KEY..."] keyBundleForSign:@"-----BEGIN PGP PRIVATE KEY..." passwordForSign:@"toomanysecrets" success:^(NSString *messageArmored) {
NSLog(@"%@", messageArmored);
} failure:^(NSError *error) {
NSLog(@"Error: %@", [error localizedDescription]);
}];
KBPGP *pgp = [[KBPGP alloc] init];
[pgp signText:@"This is a secret message" keyBundle:@"-----BEGIN PGP PRIVATE KEY..." password:@"toomanysecrets" success:^(NSString *clearTextArmored) {
NSLog(@"%@", clearTextArmored);
} failure:^(NSError *error) {
NSLog(@"Error: %@", [error localizedDescription]);
}];
KBPGP *pgp = [[KBPGP alloc] init];
[pgp setKeyRing:... passwordBlock:...];
[pgp unboxMessageArmored:messageArmored success:^(KBPGPMessage *message) {
NSLog(@"Decrypted: %@", [message text]);
} failure:^(NSError *error) {
NSLog(@"Error: %@", [error localizedDescription]);
}];
A key bundle is a string which can represent:
NSString *armoredPublicKeyBundle = @"-----BEGIN PGP PUBLIC KEY...";
NSString *armoredPrivateKeyBundle = @"-----BEGIN PGP PRIVATE KEY...";
P3SKB *secretKey = ...;
NSString *secretKeyBundle = [[secretKey data] base64EncodedStringWithOptions:0];
A key is the simplest representation of a key:
A PGP key is a more detailed version of a key, which stores extra info such as the algorithm, size, subkeys, user ids, etc.
You can get a PGP key from a bundle:
KBPGP *pgp = [[KBPGP alloc] init];
[pgp PGPKeyForPublicKeyBundle:@"-----BEGIN PGP PUBLIC KEY..." success:^(KBPGPKey *PGPKey) {
// PGP key
} failure:^(NSError *error) {
NSLog(@"Error: %@", [error localizedDescription]);
}
A key ring stores keys.
KBPGPKeyRing *keyRing = [[KBPGPKeyRing alloc] init];
KBPGPKey key = ...
[keyRing addPGPKey:key];
return keyRing;
Generates RSA key pair with appropriate defaults (4096 key with subkeys).
KBPGP *pgp = [[KBPGP alloc] init];
[pgp generateKeyWithUserIds:... keyAlgorithm:KBKeyAlgorithmRSA password:@"toomanysecrets" progress:^(KBKeyGenProgress *progress) {
NSLog(@"Progress: %@", [progress progressDescription]);
// Return NO to cancel, which will throw an "Aborted" error
return YES;
} success:^(P3SKB *privateKey, NSString *publicKeyArmored, NSString *keyFingerprint) {
// Generated private key (P3SKB format, encrypted using TripleSec)
} failure:^(NSError *error) {
NSLog(@"Error: %@", [error localizedDescription]);
}];
NSData *data = ...;
[pgp armoredKeyBundleFromPublicKey:data success:^(NSString *publicKeyArmored) {
} failure:^(NSError *error) {
NSLog(@"Error: %@", [error localizedDescription]);
}];
NSString *keyArmored = @"-----BEGIN PGP ...";
[pgp dearmor:keyArmored success:^(NSData *keyData) {
// Key as binary
} failure:^(NSError *error) {
NSLog(@"Error: %@", [error localizedDescription]);
}];