What is GopenPGP?
GopenPGP is a high-level OpenPGP wrapper library developed by ProtonMail, as well as a fork of the golang crypto library, which the wrapper library is built on. The goal of this project is to provide an easy-to-use, open source encryption wrapper library for the developer community that is well-maintained, up-to-date with the latest OpenPGP RFC changes, and periodically audited for security.
We are currently in discussions with the maintainers of the original golang crypto library to include our improvements there. In the meantime, we wanted to open source our modifications. Among our improvements, we have:
- Added support for elliptic curve cryptography
- Undergone an audit by SEC Consult
- Fixed a number of security issues, including:
- Rejecting packets that are not integrity-protected (those exploited by Efail)
- Preventing potential spoofing in cleartext message headers
- Increasing the default key-derivation (S2K) cost parameters
- Added a high-level wrapper library, which provides a simple API for common operations such as key generation, encryption, decryption, signing, and verification, and which is compatible with go-mobile
Contribute to GopenPGP
We welcome contributions and feedback from the community. We will continuously improve the libraries to better our documentation and API, while fixing bugs and building out new features. We invite feedback and contributions, as well as security issues, at https://github.com/ProtonMail/gopenpgp and https://github.com/ProtonMail/crypto.
ProtonMail Horizon 2020