Android library with support for OpenPGP, Autocrypt, WKD, and NFC/USB security keys.
Cotech OpenPGP Library is a cryptographic library for Android that allows you to integrate end-to-end encryption capabilities into your app based on the OpenPGP standard. Its code is shared with OpenKeychain, the most widely used and trusted OpenPGP implementation for Android.
It differentiates from existing libraries by including a ready to be used key database that is automatically filled from various sources, such as Autocrypt, WKD, or HKP keyservers. It supports modern cryptographic primitives based on Curve25519 and comes with an opinionated security configuration that rejects insecure keys. Furthermore, it supports security keys over NFC and USB.
Soon, we will publish a developer documentation including the library’s API and detailed examples.
|Key Management||Uses its own SQLite database, i.e., no hassle of setting up your own database scheme.|
|Asymmetric Primitives||EdDSA (Sign), Curve25519 (Encrypt), NIST curves (P-256, P-384, P-521), secp256k1 (‘The Bitcoin curve’), Brainpool curves (brainpoolP256r1, brainpoolP384r1, brainpoolP512r1; recommended by BSI), RSA|
|Key Discovery||Imports keys from Autocrypt emails, domains supporting WKD, HKP keyservers. Secure retrieval using pinned TLS certificates is possible.|
|Implementation Security||The implementation has been audited in OpenKeychain and undergoes constant public scrutiny due to its publication as open source.|
|NFC/USB Security Keys||Supports YubiKey NEO over NFC, the YubiKey 4 series over USB, and all OpenPGP-compatible Nitrokeys over USB.|
|Email Encryption||Autocrypt Specification Level 1
RFC 3156: MIME Security with OpenPGP
|OpenPGP Standards||RFC 4880: OpenPGP Message Format
RFC 6637: Elliptic Curve Cryptography (ECC) in OpenPGP
EdDSA for OpenPGP
|Key Discovery||OpenPGP Web Key Directory
The OpenPGP HTTP Keyserver Protocol (HKP)
Linked Identites for OpenPGP
URI Attributes for OpenPGP
|NFC and USB Security Keys||OpenPGP Card version 3.3
USB CCID with TPDU T0 and T1
If your distribution terms conform to our open source license, download here.
If you would like to secure a commercial license for distribution, contact us for an inquiry.