It would be nice to be able to generate PGP keys and store them. Just a suggestion.

Hey. Super cool app. Just thought I would suggest to add file encryption option as well. Might be very useful for some people on the go.

Justas

Signing/encrypting/decrypting using private keys stored on Yubikey 5 NFC would make this app perfect for me.

Since files app on iOS is not able to open files with extension .asc as a regular text file nor it allows to rename the extension to .txt, I think it would be great if PGPro was able to import .asc files from iOS's share menu.

As the title says, I cannot import asc files into the application from Files or in the application itself; the "No new keys imported" dialog box appears when trying to do so.

I created a new key accordung to this guide: https://gist.github.com/ageis/14adc308087859e199912b4c79c4aaa4

So I have a 4096 bit RSA key with support Sign & Certify with two subkeys for Encrypt and Authenticate.

Then I tried to import the backup of the secret key and the backup of the secret subkeys in the PGPro Keychain, however both times a message popped up, telling me the key was unsupported.

It would be nice to have a toggle where users could send PGP encrypted messages in an asc file.

Adding symmetric cryptography.

I really like the new signing feature, but it requires you to also encrypt the message to someone. Since most of the messages I send aren't to people with GPG encrypted email, but I still like to sign them, this would be great.

Could there be an option for auto-entering your private key passphrase with FaceID or TouchID? Because if you got long and secure passwords, it's often very unhandy to entering your password every time.
I know that you could store your password in the Apple keychain or a third party password mangager, but I don't like giving my passphrase into the hands of companies.

Hi,
could you include in the description/documentation where the private keys are stored and how access to them is secured ? It's quite sensitive to upload a private key, without knowing where it is going ...

Great job anyway ! Thanks !

Hi,
I wrote you an email today where I thanked you for all the support you did for the amazing application we have.

Can you add sign & verify options like I did in Photoshop ? I always sign messages to my customers and they can’t trust it’s me because it is not signed.

With regards.
P.S. : I will donate for the application because all of my customers don’t know shit about PGP and thanks to you, they understood very cleverly.

Hi
When I started using the app it was fine but there was a glitch with the app and I couldn’t even open the app so I deleted it after I saved my finger I’d on another software. Can I get back my pgp some how I really need it I had some stuff connected to that pgp.
The finger id is
C3F9 5590 221A 3F84 CC0A 0E74 7CF5 4394 03A2 24A3 With the name Ghost on it.

Hey Luca,

thank you for your work. Great app so long, but I had several issues today with adding some public keys. I figured out, that all keys, which were "not supported" by PGPro, didn't combine with an e-mail address. Is it a bug or feature? ;-) Anyway, it would be great to add those keys, wouldn't it?

Thank you!

First of, thanks for this great app! Nice to see that PGP finally arrives on iOS. 😄

Yubico released an iOS SDK, which offers the possibility to interact with Yubikeys (NFC/Lightning) via a RAW API. This API would offer the ability to use Yubikeys to decrypt and/or sign messages (see https://developers.yubico.com/Mobile/iOS/).
This would be a great alternative for users which already use Yubikey's for handling decryption/enrcyption/signing.

Do you have any plans to integrate this in (near) future?

Hi,
could not run the app in iOS v12.4.x iPhone-6.

this app or AppStore shows message (after or during install), that,
iOS v13 or above is needed.
:(

Please enable support for iOS v12.4.x / v12 (when time-permits to do so).
i'm sure, lots of users still using iPhone-6.

There should be an option to generate a pair of key with a set expiration, instead of making them always never expire.

Hello lucanaef,

i want to try your PGPro app to use GPG encryption on my iOS 14.1 device.
Unfortunatly i failed to import my GPG private and public key.
Reason was "Unsupported Key".

I have generated my keys using the following command on a debian buster system:

gpg --quick-gen-key "Name <email>" ed25519 cert 2y
gpg --quick-add-key [keyid] cv25519 encr 1y
gpg --quick-add-key [keyid] ed25519 auth 1y
gpg --quick-add-key [keyid] ed25519 sign 1y

I use the following version of GnuPG

gpg (GnuPG) 2.2.12
libgcrypt 1.8.4

Do you have an idea if i make anything wrong, or is this "state of the art" key really not supportes? If second, will/can support for this kind of key be available in the near future?

Kind regards
Oliver Koch

It seems that 80% of the use of this app is in decrypting. Therefore the user interface ought have the “Decrypt” screen first, rather than requiring a tap—every… single… time…

The time savings from implementing this (a second multiplied by 80% of the use) is, potentially, large.

Thank you for all you do,

~Topher😁

Just a thought. Can we add in the ability to sign messages with our keys in the app. I've looked everywhere for a signing feature but it seems to be missing. Would it be possible to add it in?

Hello,

I come across this project and would like to get started with it, but unfortunately all the Xcode project files is gitignored. Can you please share why? At the moment I wasn't able to find any reasoning neither in git history, nor on the website. It seems to be added just the second commit to the repo.

Gitignore file seems to be autogenerated and it is too broad – repo obviously does not contain swift package library, but it has spm artifacts gitignored as well. Xcode gitignore section contains both reasonable lines (like xcuserdata) and also lines I find unreasonable to gitignore (like xcodeproj).

In my opinion, whole Xcode section should be discarded and SwiftPM section too, but Swift section kept. In my projects, I usually only have this much:

# Mac OS X
.DS_Store

# Backup files
*~.nib

# Xcode
build/*
*.pbxuser
!default.pbxuser
*.mode1v3
!default.mode1v3
*.mode2v3
!default.mode2v3
*.perspectivev3
!default.perspectivev3
*.xccheckout
xcuserdata
profile
*.moved-aside
DerivedData
*.xcscmblueprint

# AppCode
.idea

Would you mind sharing xcodeproj (and xcworkspace if any) with the rest of the world please?

It would be nice if there is a iPad Version for this, because I'm often writing mail on my iPad. You can use it on the iPad, but actually you get the iPhone version of the app.

Signature is expired

Hi there

I've followed the Debian's guide on generating a keypair using subkeys for decrypt, authenticate and sign. When I try to import this key to the App, it crashes.

Here are 3 files, like I use them:
private.gpg-key.txt
private.master.gpg-key.txt
public.gpg-key.txt

• private.master.gpg-key.txt: this is the master secret key. Only this key has the capability to certify. This one I have on an encrypted usb drive and not on my laptop.
• private.gpg-key.txt: this is the secret key (only subkeys) I store on the laptop and use all the time to decrypt, authenticate and sign. But it has no capabilities to certify. Therefore the damage is limited, if it gets compromised.
• public.gpg-key.txt: the corresponding public key to encrypt and verify.

Steps to reproduce:
Click the "+" Symbol in the app to import a key. Select private.gpg-key.txt from a USB drive or iPhone Documents. App crashes.

I'd be happy if you could take a look. Thanks

First of all,

thank you so much for building this app 4 IOS. This is what i'm looking for.
I wonder if it would be possible to display the key type at "Keychain"? (RSA, ECC)

On settings page, once you swipe down, you cannot swipe up.

Mail integration on ios 14 iPhone 8 isn’t working. It doesn’t automatically decrypt any messages and shows the message pgp in encrypted format.

In a key with more than one email or keys:

• not all of the emails are shown; and:
• not all of the sub-keys are shown.

In Roundcube and Kleopatra, this information is seen (screenshot below). In PGPro, this information isn’t seen (screenshot below).

I really like the idea of Your app and would like to help support you, because PGP is all about real encryption and I believe your project can help change the world by providing a self sustaining system on secure communication. There's really no limit on what PGP is capable of in encryption.

It would be nice, if PGPro could support encrypting files with pgp, from images to pdfs.
Maybe an share option like Encrypt with PGPro could make this even better.

I don't know if this is doable, so feel free to give me feedback to this idea.

When I try to decrypt a message that was sent to me by sending the msg.asc file to PGPro on my iPhone, I can not decrypt it because of the "Message is invalid!" error. I have my private key imported. It seems to make no difference whether or not I specify my password. I am not sure what goes wrong here. Apart from the msg.asc, the messae also shows a Part.000 file attached. Not sure if that somehow causes the issue here.

Thanks for creating such a useful app!
I know how to encrypt and decrypt on a phone as well as how to export the public and private keys. Now I want to encrypt or decrypt on a PC with PGPro generated public & private keys. How can I do that?

Thanks for making PGPro, I think it is a long missing addition to the iOS ecosystem.
However I got one problem: when I receive an encrypted mail sent from Thunderbird 78.3.2 and forward it to PGPro from the built-in iOS Email app, PGPro fails to decrypt it. The error msg is simply "Decryption failed!". I can decrypt other PGP blocks and tracked down the error to the fact, that PGP blocks generated as above are missing an empty line after the line "-----BEGIN PGP MESSAGE-----". This only seems to be the case when I directly forward the "encrypted.asc" MIME attachment from the iOS EMail app to PGPro. When I somehow get the attachment into a text editor and from there copy&paste it to PGPRo, decryption works. Needless to say, the latter is extremely inconvenient on an iOS device ... :-)

I got the issue that I can’t import a key pair one after another. First the pub key and then the priv key e.g.
just one of them. Preproduction with any key pair.
iPhone 8
13.4.1
App Version. 2020.02

We extended the functionality of the SearchKeyserverViewController to automatically detect whether the user is searching via key id, fingerprint, or email. We do this by simple length checks and email validation.

The code can be found here for the next month:
https://pastebin.com/1V0FCqWm

A time- and gesturing-saving feature would be automatically attempting to decrypt the pasted content immediately, rather than requiring the tapping of the icon all the way up in the upper-right corner. What else can one do with the pasted content? Seems like an interstitial for no good reason.

Thank you (again) for all you do,

~Topher😀

Hi @lucanaef,

I've come across what seems to be, in my estimation, a low-severity security issue.

Can you provide me with your pubkey and email for further dialog on this topic?

Thanks,
Jonathan

Edit: Alternatively, you can reach out to me directly via the contact info on my profile.

Hi,

When I send a large (5.1MB) message with an attachment from Thunderbird and try to decrypt it, I get the error "Message invalid". This does not happen with smaller messages even when they have an attachment. Both Thunderbird and PGPro are latest version as of today.

Suggestion: make version number visible in PGPro.

Thanks

Thank you for the app for encrypt/decrypt mail.

Any thoughts on allowing encryption/decryption of files?

Thanks

When emailing people that use ProtonMail, public keys that you don't already have aren't in the WKD, but rather at hkps://api.protonmail.ch (HTTP requests at https://api.protonmail.ch/pks/lookup?op=get&[email protected], replacing [email protected] with whatever email is being queried).

It would be helpful to be able to have this key server alongside the WKD and/or allow custom key servers to be added (say MIT's PGP key server)

I would like to know how to do this. If this feature doesn't exist, could you please add it?

Signature is bug

Might just be a user error as this seems to be too a basic functionality to not be working, but still. Here's my error and how to reproduce:

1. I have an encrypted e-mail in the Apple Mail app. I have clicked on the encrypted message attachment (encrypted.asc) and click on PGPro in the share screen.
2. So far so good. The encrypted content is displayed in the Decryption window, I can select my key and enter my passphrase. I click on the open envelope on the top right and:
3. The app just shuts down and when I restart all the details are gone.

Am I doing something wrong? Is there something wrong with my key? The same key works on macOS Mail using GPGTools.

Some things I've tried:

• Manually pasting encrypted contents
• Entering a wrong password (get an error message, so I'm using the right one)

Using an iPhone 12, iOS 15.0.1

Let me know if I can provide you with anything or try anything. Thank you for this!

Hi,
first: great move to create an open source app for iOS for PGP encrypten/decryption ! That was needed !

When editing a message for encryption, it is not easily possible to hide the keypad again to access the bottom controls bar. Any simple common way to hide the keypad (selecting a public key does it ... but it's not so intuitive.

The OpenKeychain QR code simply contains a plaintext string with the format OPENPGP4FPR:<Fingerprint>.

Here's an example of the generated QR code for Edward, an email bot from the FSF to test email encryption (as in emailselfdefense.fsf.org).

OPENPGP4FPR:F357AA1A5B1FA42CFD9FE52A9FF2194CC09A61E8.

Adding the ability to scan the QR code would be a great way to instantly add another public key without the need of manually enter an email or the fingerprint into the app. This can be done by:

1. Scanning the QR code
2. Check whether the payload is valid
3. Search signature on keyservers

The OpenKeychain app also uses this functionality to verify confirm other public keys, if the current private key is capable of confirming other keys (aka. unstripped).

I’ve copied and pasted numerous times and still isn’t decrypting messages? I’m not sure what the issue is, can you help?

After encrypting or decrypting a message, it would be helpful having a simple button to clear the editor (select all and delete is sometimes a bit tricky to do).

The 4096 size does not work to decrypt messages.
Is this fixable?