PGP for iOS/OSX, using kbpgp.js. Requires >= iOS 8.0.
This library is mostly a proof of concept. I've stopped using it myself but am keeping it around in case others find it useful.
If you need to use PGP on iOS, I recommend trying to use the go pgp library, since go 1.5 fully supports iOS (arm64).
The was no usable native library for PGP for iOS or OSX. Keybase uses kbpgp and iOS 8 provides a JavaScript runtime with JavaScriptCore.
Some alternative methods I considered or am considering:
- ObjectivePGP
- A Java PGP library and use java2objc?
- GPG (will never work on iOS or OSX sandbox) and licensing
- OpenPGP.js with JavaScriptCore
- Using go pgp libraries (on iOS)
- unnetpgp
platform :ios, "8.0"
pod "KBPGP"
or
pod 'KBPGP', :git => 'https://github.com/gabriel/KBPGP.git', :branch => :master
KBPGP *pgp = [[KBPGP alloc] init];
[pgp encryptText:@"This is a secret message" keyBundles:@[@"-----BEGIN PGP PUBLIC KEY..."] success:^(NSString *messageArmored) {
NSLog(@"%@", messageArmored);
} failure:^(NSError *error) {
NSLog(@"Error: %@", [error localizedDescription]);
}];
KBPGP *pgp = [[KBPGP alloc] init];
[pgp encryptText:@"This is a secret signed message" keyBundles:@[@"-----BEGIN PGP PUBLIC KEY..."] keyBundleForSign:@"-----BEGIN PGP PRIVATE KEY..." passwordForSign:@"toomanysecrets" success:^(NSString *messageArmored) {
NSLog(@"%@", messageArmored);
} failure:^(NSError *error) {
NSLog(@"Error: %@", [error localizedDescription]);
}];
KBPGP *pgp = [[KBPGP alloc] init];
[pgp signText:@"This is a secret message" keyBundle:@"-----BEGIN PGP PRIVATE KEY..." password:@"toomanysecrets" success:^(NSString *clearTextArmored) {
NSLog(@"%@", clearTextArmored);
} failure:^(NSError *error) {
NSLog(@"Error: %@", [error localizedDescription]);
}];
KBPGP *pgp = [[KBPGP alloc] init];
[pgp setKeyRing:... passwordBlock:...];
[pgp unboxMessageArmored:messageArmored success:^(KBPGPMessage *message) {
NSLog(@"Decrypted: %@", [message text]);
} failure:^(NSError *error) {
NSLog(@"Error: %@", [error localizedDescription]);
}];
A key bundle is a string which can represent:
- An armored PGP public key
- An armored PGP private key
- P3SKB data (Base64 encoded)
NSString *armoredPublicKeyBundle = @"-----BEGIN PGP PUBLIC KEY...";
NSString *armoredPrivateKeyBundle = @"-----BEGIN PGP PRIVATE KEY...";
P3SKB *secretKey = ...;
NSString *secretKeyBundle = [[secretKey data] base64EncodedStringWithOptions:0];
A key is the simplest representation of a key:
- An armored public key bundle.
- A fingerprint (string), which is the unique identifier for the key.
- A P3SKB secret key (or nil if public only)
A PGP key is a more detailed version of a key, which stores extra info such as the algorithm, size, subkeys, user ids, etc.
You can get a PGP key from a bundle:
KBPGP *pgp = [[KBPGP alloc] init];
[pgp PGPKeyForPublicKeyBundle:@"-----BEGIN PGP PUBLIC KEY..." success:^(KBPGPKey *PGPKey) {
// PGP key
} failure:^(NSError *error) {
NSLog(@"Error: %@", [error localizedDescription]);
}
A key ring stores keys.
KBPGPKeyRing *keyRing = [[KBPGPKeyRing alloc] init];
KBPGPKey key = ...
[keyRing addPGPKey:key];
return keyRing;
Generates RSA key pair with appropriate defaults (4096 key with subkeys).
KBPGP *pgp = [[KBPGP alloc] init];
[pgp generateKeyWithUserIds:... keyAlgorithm:KBKeyAlgorithmRSA password:@"toomanysecrets" progress:^(KBKeyGenProgress *progress) {
NSLog(@"Progress: %@", [progress progressDescription]);
// Return NO to cancel, which will throw an "Aborted" error
return YES;
} success:^(P3SKB *privateKey, NSString *publicKeyArmored, NSString *keyFingerprint) {
// Generated private key (P3SKB format, encrypted using TripleSec)
} failure:^(NSError *error) {
NSLog(@"Error: %@", [error localizedDescription]);
}];
NSData *data = ...;
[pgp armoredKeyBundleFromPublicKey:data success:^(NSString *publicKeyArmored) {
} failure:^(NSError *error) {
NSLog(@"Error: %@", [error localizedDescription]);
}];
NSString *keyArmored = @"-----BEGIN PGP ...";
[pgp dearmor:keyArmored success:^(NSData *keyData) {
// Key as binary
} failure:^(NSError *error) {
NSLog(@"Error: %@", [error localizedDescription]);
}];