2

This is probably time-sensitive, unless there's a project currently providing a standard.

Is there a tested library for android and iOS that provides a PGP/GPG implementation for decrypting data received over a web-request?

I am looking to secure data transferred over SSL such that it's written to the disk in an encrypted form in the specific event of device theft or jailbreaking.

Thank you

MyStream
  • 2,533
  • 1
  • 16
  • 33

3 Answers3

1

I had the same problem in one of my projects and i did solve it with openssl and with a own encryption.

Mainly because...

  1. there is no Android/iOS (c or c++) capable PGP/GPG framework.
  2. the only one reasonable framework i found is GPGME which is under GNU license (not okay for iOS!)
  3. with openssl it's not that difficult as i was thinking it is. :)

You need to take a closer look at the EVP openssl crypto function, ... especially EVP_SealInit() / EVP_SealUpdate() / EVP_SealFinal()

You then can also look at one of my stackoverflow question regarding the encryption.

Goog luck!

Community
  • 1
  • 1
Jonas Schnelli
  • 9,965
  • 3
  • 48
  • 60
  • My first thought was - well what if I opened a github project on it? But, I doubt I'd have the time. If someone wants some light funding on making an appropriate framework, I'd consider that. I think your post is a little over my experience level, so I'm going to hunt for a dev unless you're hirable :) ? – MyStream Apr 16 '12 at 16:23
1

For iOS you can easily now use UNNetPGP. It's based on NetBSD library netpgp, and very easy to deploy with Cocoapods.

Marcin
  • 3,694
  • 5
  • 32
  • 52
0

For Android you can use a repackaged version of bouncycastle. You need a repackaged version because there is an incomplete version already in Android.

Dirk Jäckel
  • 2,979
  • 3
  • 29
  • 47