APG

I highly appreciate your efforts for bringing OpenPGP to android! I would also be glad to donate some money for your work!

One question though - will you be making the code open source so that one can verify what happens in the background of the programm? ( so I would rather not use it as a paid application - but put a paypal donate button or similar on your page) Or even help you with developing the application?

I'm currently preparing to make it open source. Just have to tidy up some things. Help would then be appreciated, tho I have to figure out some organizational details first.

Also cheers for the donation thought, I might add a button here sometime, but I'll have to figure out how that works and there are more pressing things to do still. :)

Awesome idea, I search the marketplace regularly for good encryption. Have to second the call for open source. Need to know you're not stealing my keys. :)

The app doesn't have any permissions to go online or anything, tho. So you can feel pretty safe, I think. Android takes care of the permissions between apps, too.

Tho I agree it'll be best to open source it. And the moment it happens I'll make an announcement in the app description in one of the coming updates.

Really cool app! I understand it's under development, but I just imported my PGP keys and sent a test message. I'm really looking forward to the enhancements. This is really needed in the Android system.

Watching your app with interest. Well done for addressing this gap. Idea: I want to maintain my bank numbers in a crypted file both on my linux desktop, and phone. I've found no free/open apps in the market that will let me do this. Maybe you could add support for opening files on the sdcard too, rather than just concentrating on emails? Seems like a simple/powerful addition.

File encryption is planned, but that's a job for symmetric encryption, and there are other apps out there for that already. However, I'd suggest KeePass for that sort of thing: http://keepass.info/

There's an app for Android that works very well, but only for KeePass databases v1.x, so just get that version for your desktop OS. :)

Yep, I use keepass, and it's good if you have needs that match its schema. However I'd just like the ability to edit cyphered text files that can be transferred to/fro linux for similar editing. The "other apps out there already" that I've seen so far don't integrate very well - for example, they use their own databases for content, keys, etc.

Hmm, I see. File encryption is definitely going to be included, and it'll support various symmetric and asymmetric algorithms, so hopefully it'll be useful to you. If you want you can head over to the Google Code project and star the issue to help prioritizing which features will be added next.

By chance, do you have an alternate means of downloading this app? It doesn't show up on the US app store, nor is there a place to download it on SF.

Thanks very much for your time.

I just rebuilt 0.8.0 and 0.8.1 and put them on the Google Code page. Hope that helps.

However: maybe it doesn't show up because it requires 1.6+, then the app downloads wouldn't help? Do you have some details (phone, carrier)? I'd like to find out why it doesn't show up, of course. :)

Thank you for the great work so far, encrypted e-mail is a very important feature for me.

I used hushmail for 1 of my accounts and they appear to use 1024/2048 bit RSA keys. APG doesn't report these as being able to be used for signing/encryption. Is this a bug or just something not yet supported?

Thank you!

I have no experience with hushmail. Could you send such an encrypted message to me? If necessary with a dummy key or just my key. I suspect it's just a different format.

However, if hushmail uses its own format rather than OpenPGP stuff, then I doubt this'll be supported.

The Key's do import correctly, both my private and several public keys have imported without problem. However in the key management screen they appear as RSA 1024bit and RSA 2048bit and none have the "lock" or "pencil" icon next to them. It also doesn't allow me to send out encrypted e-mail using the public RSA keys to encrypt, the options for those keys are greyed out. I sent you a test mail encrypted with openPGP through enigmail and attached my public hushmail key. Thanks!

Sorry, I misread. Thought the encrypted emails didn't show in the list. I'll have a look at the keys. Which key can be used for encrypting and signing is determined in various ways, and maybe I missed some flag or signature that hushmail uses. I got the email, thanks, I'll tell you more via email when I have news.

Thanks for this great application. I think secure emailing is very important. If i may suggest a feature: What about PGP/MIME-support additionally to PGP/INLINE?

Thanks for the feedback. I'm assuming you mean support for attachments, and in theory that'd already work, if integration with the email client were tighter. Unfortunately that's not the case yet. Encrypted attachments can be opened out of the email client, however, it should suggest APG as an app to handle them.

I'll start defining open intents soon, and am HOPING that they'll be useful for integration in k9mail, to allow encryption and decryption right in the email client (using APG's functionality).

Hi, do you know when fetching keys from server will be available? That would be great!

That's still a bit unclear. I haven't decided whether APG itself should get permission to access the Internet, but I guess it'd be the most convenient solution.

Keyserver and trust model features are already on the list, but I'm not sure how to best do that yet, so I can't make any promises.

However, if at all possible: please visit the APG Google Code site (link on top of the article) and comment on or star the issues most important to you. It helps a lot to see what most of the users actually want. :)

I don't know if its just me but the gmail account then thing doesn't work and when I use kpgp from Linux to send my Droid anything it will not UN encrypt it or check the sign

Which part exactly doesn't work and are there any error messages?

Can you encrypt and send an email to your GMail account and read that inside APG after it arrived?

great app! i'm missing copy encrypted message to clipboard feature.

is it possible also to integrate APG withe sms/mms?

SMS are too short, OpenPGP messages are pretty long and would cost a lot of money. I don't know about MMS. In theory you could just copy the text and then use it for other apps.

I'm not so sure direct APG support of SMS/MMS would be overly useful, tho.

0.9.4 works fine on htc hero with android 1.5. great job, thanks!

Awesome. Thanks. :)

I have a Motorola Droid. I am trying to coordinate exported key file, from Thunderbird, which only has Armored ASCII export file choice. Cannot get the APG app to import.

Better yet -- what is your procedure flow; client app on desktop, etc. ?

I am curious, what defaults in Europe, that so many people have success.

Ah, right. On the Google Code site for APG there's an issue about that. The ASCII armour is no problem, but it seems Enigmail somehow exports in an odd way, which APG only reads as public keys. I'm working on it, but still don't know why that is. :/

I use gpg to export keys. If you're on *nix, then just "gpg" with appropriate parameters, in Windows there must be something equivalent.

But it's good to learn that the process isn't as straight-forward as I'd have hoped, I'll try to put a "how to" Wiki article up on the Google Code site sometime, maybe we can collect frequent problems there and hopefully some solutions.

Great work! Thanks!

But seems I've problem with association PGP files with APG

When I'm clicking on PGP file in eg Astro file manager it says 'File type PGP not found".

Inside APG, when browising my gmail inbox I cannot open PGP msg APG says: "unknown object in stream: 21"

Any idea how to fix that?!

The file association isn't very good yet, I'll make that a critical issue now and hopefully it'll be supported in 0.9.5.

Does the error message come before you are asked for a password? Does it happen for ALL encrypted files you should be able to open? Maybe email me the details (see About section), perhaps we can track the problem down. :)

I wasn't asked about pass at all (so yes, we can assume msg was displayed before).

It happens for ALL enc. messages / files.

What I can do is select 'decrypt' button in APG then select file and this works well (output file saved to \SD\APG folder)

(What can be improved here is output file name guessing - if I have input file name.html.pgp APG suggest name.html.pgp as output - it should be name.html)

Let me know if this explains everything or need me to send sample message to you ?

I added the .pgp removal. It did that for .asc and .gpg already, but .pgp is a good addition.

I'm a little confused, tho. You say it happens for ALL messages and files but then say decrypting of files works well.

I got your test email, tho, and will respond to that one, thanks. :)

I'm on a HTC Incredible. If I encrypt with APG and email to myself to test-- I get the encrypted text mail back. But Android (in general?) doesn't let me cut and paste anything from a received email. How do I get the encrypted text back into APG to test decoding?

That remains a big problem, unfortunately. But at least for GMail there's a hackish workaround for now, as you can add a GMail account in the main activity (menu button) and then list emails there and open encrypted ones.

For other accounts the integration in that direction still needs a lot of work. Hopefully some direct integration into k9mail or so.

For decryption of Messages out of K9mail I am currently using market://search?q=pname:se.johanhil.clipboard which integrates into the share menu - Forward (alternate) in K9mail and then open APG with the cryptotext in the clipboard. I was thinking that it might be a fast and flexible solution to integrate APG into the share menu, thereby cutting out the app-in-the-middle.

That sounds like a cool idea. I'll have a look at that app tomorrow, as I'm not familiar with it. And if K9 somehow has a way to forward email content already, then that definitely might be a good way for now.

has anyone been able to use with http://fincryp.no-ip.info/

Thialfihar, you've really done a nice job on this. Thanks!

An easier solution than full keyserver-lookup may be to implement importing keys from the clipboard. enigmail for instance allows for this. That way one can copy a key from the browser or email client to import it.

murxl: I added the Intent filter for that sharing business, that was a great idea and is now the first straight-forward way to decrypt out of k9mail. Awesome suggestion. :) The clipboard idea is also great and has been planned for a while. I also want more general import options via intents and file managers.

andrewmuck: what exactly is http://fincryp.no-ip.info/? I looked over it briefly but didn't understand it. :)

fincrypt seems to me to be an early-alpha openpgp-based financial transaction system and, while I see no reason why APG shouldn't work with it, it doesn't further the APG development.

On the latter: When replying to email, APG has knowledge of the original encryption key and possibly of the orginal From: and Reply-To: addresses. Could you please add the email addresses found in the key and the From: address to a selection for the new To: field of the reply, perhaps pre-selecting the original Reply-To: or From: ?

It already does this when using the GMail "integration". So far I don't use the key email addresses yet, but I want some sort of integration with Contacts.

I won't have the data of From or Reply-To when using the "Forward (alternate)" way in k9mail, unfortunately.

first off great app, i love it.

there is a bug, if you receive mail sent from Thunderbird with Enigmail plugin you get a stream or header error. The solution for the user is to uncheck "Add Enigmail comment in OpenPGP Signature" in the advanced settings box for OpenPGP in Thunderbird, but there should also hopefully be a way to develop a solution, if you want to collaborate (i can help to test but not develop) let me know here and i'll email you.

thanks for the great plugin, hope we can fix this problem, i am having to tell everyone to uncheck that so i can decrypt their emails.

Hmm, I just tried it with two test emails and it works fine for me. Can you give me more info how to reproduce it? Or just send an encrypted email with my key to my email address. (see About)

I regularly use Thunderbird, with enigmail plug-in, under Windows.

All current versions. I export my public keys, then a file with secret keys to files, directly to mounted Droid. Repeated attempts to import these ASC key files results in 'no keys added/updated'.

I see that other people seem to have used TB/enigmail with success; I am at a loss. Could there be a CR/LF problem from Windoes ASC files? Seems most of you are European, and might be blessed with non-Windows as a norm.

Any ideas? I tried generating a key under AGP first, also, thinking that something must first exist -- no fix.

i'd like to translate APG to slovenian language. how to begin?

Martyf: yeah, that bug is known, and it's not the newlines, it also happens with exports without ASCII armour. I'm still at a loss as well. There's an issue filed on the Google Code project site. It appears that Enigmail uses some weird format that, when read by Bouncy Castle classes, for some reason only gives me the public keys. I'll make it a priority again, as I'd expect others to have the same problem (on Linux as well).

tpd: awesome! Please send me an email. I'd add you as committer to the Google Code project and you could just maintain the Slovenian strings.xml file. All you need for that is a Google account.

Martyf: fixed that import bug now, 0.9.6 should be able to import those keys

@Thialfihar: Thanks for the mention with the update. :-)

Currently the import seems to ignore all but the first key found. This has two effects:

1) Files with multiple pubkeys have to be split up to import all keys, which can be a pain - and is not obvious to the average user due to a lack of detailed progress feedback (such as: "found pubkey 0x123456..."

2) When importing a seckey which is preceeded in the file by a pubkey (standard export format for enigmail afaik) the seckey is ignored and therefore not imported despite it being the first seckey in the file.

Is this perhaps a Bouncy Castle (lib or usage) problem?

Here's how I currently import keys from emails: K-9-Mail: Forward (alternate) to Clipper, then export to csv file, edit this file to make sure the begin and end key markers stand solitary on their respective lines and not too much other junk preceeds the key. Then import this file.

I yet to find a way to import keys from keyservers such as pgp.mit.edu as I don't know how to copy text from a webpage. Suggestions anyone?

Wow!! close, but cigar yet.

APG 0.9.7, Enigmail 1.0.1;

Importing secure key file works.

Importing public keys aborts with a java EOF exception.

Oddly, repeated attempts seem to pull some of the keys.

More oddly, it skips some in sequence.

Would it help your debugging if I mailed you a copy of my public key file? (Yes, but I don't want to throw things at you) ;)

murxl: 2. sounds like the behaviour prior to 0.9.6, are you sure that happens in 0.9.6+?

I never observed the single key import problem. Could you generate a secret key and make an export that reproduces the problem?

You can copy in Browser apps by starting a "Select text" mode via the menu. Stock Browser and dolphin Definitely have that, tho it might not be very comfortable to select a big key.

Martyf: I can't reproduce that either. Very odd. I'd take the public key file, yeah, if you don't mind. I'd only use it for testing, of course.

Martyf: I now believe the import itself worked fine, but the EOF exception wasn't caught and therefore the keys weren't reloaded properly. That way you might see the keys on a successful import later on or if APG gets restarted. Is that a possible explanation?

I changed the code to deal with EOF, tho I also wonder why it would be thrown... perhaps the file wasn't copied entirely?

When opening my GMail account I get an almost empty black screen with the words "Mail Inbox" on the top. Is it possible that this is a problem with my german GMail account? In german, "Mail Inbox" is called "Posteingang".

No, just that there are no emails in the Inbox cache. It's really mostly a hack and shouldn't be relied upon. I have no control over which messages will show up, I can only read out the cached Inbox mails from GMail, not fetch them.

That being said, the most recent few emails from Inbox should show up. Try sending one and check after receiving. (Don't archive it.)

Not clear if you received my data. Although it sounds ridiculous, please e-mail or post an acknowledgment. Point being, I think I had isolated the key that is a problem in my exported ASC file.

Nice App. I can send and receive a message using a pass-phrase, but how do I import a public key and use it to encrypt? How do I import my own PGP key pair (public & secret keys)?

In the main activity you have menu options "Manage Public Keys" and "Manage Secret Keys", in which you have "Import Keys" menu options respectively.

@bornheim, I noticed the add gmail account is case sensitive. At least it was in my case.

It would be really nice to be able to filter/search public keys (both in key management, and key selection when signing/encrypting). I have 100+ of them, and it's a little difficult to scroll down the whole list to find someone.

Another alternative is to initially filter (and maybe auto-check) based on e-mail address, and have a 'show all' button that lets you search and find other keys to sign/encrypt with.

Absolutely love the k-9 mail integration, by the way. :) It's nice to have something that is approaching Enigmail in terms of usefulness.

I'm glad it's working well. Auto-selection of signature keys and encryption keys is definitely planned, really just wanted to get a first version out to see whether the GUI and process work. :)

A filter is a good idea, I'll try to add that soon, as Android has some mechanisms for that, I think, and the new database should make it relatively easy.

With so many keys... did you notice a speed and memory-usage improvement in the last release? Since prior to that all keys were loaded at first.

"If you go to Decrypt by touching an encrypted email,..."

I do not see how touching an encrypted email gives access to the decryption function. I encrypt and send to gmail, there is no access to getting it decrypted.

APG 1.0.0 had a bug that prevented the inbox listing. 1.0.1 fixes that.

To clarify: you must add your GMail account in APG and look at the listing there. If it still fails to recognize encrypted emails, then that might be due to PGP/MIME. Please send me an example email if it still doesn't work.

Wow!I love K9 integration! Many thanks - great job!!!

What is missing to me is is possibility opening/decrypt PGP attachments from K9 by one click.

I'm receiving lot of encrypted msgs sent as PGP attachment, and I need save it form K9, than go to APG & decrypt, after go to file manager and open it... Quite time consuming. Would be great if you can simplify this process! :beer:

I'm working on such integrations. It'll require encryption/decryption of streams, and it's still unclear where to encrypt/decrypt them to. But the basics for this sort of thing have been added now.

And if you mean PGP/MIME attachments (basically looks like a PGP-encrypted attachment but contains the whole email and possible attachments), then that'll hopefully be supported via K9 "soon". :)

@sykopomp: 1.0.2 allows searching, either by directly starting to type in a key list or hitting the Android "search" button. Please let me know how that feels or if you have enhancement suggestions.

Great app, I'd gladly pay for a more fleshed-out version - this was the biggest downside to using my phone, since I couldn't read half the mail I got until I got home anyway.

By all means, the donation button is up there. :) And fleshing out is done every day.

amazing app, great work! You should add a "share this app on Facebook/Twitter/..." button to your webpage because that is what i am going to do right now! ;)

Keep up the good work and thanks a lot for this building this app!

do you know when APG will be available in the non beta version of k9? it seems from the changelog it's not incorporated to the newest version.

There are no official plans yet, but the K9 project owner suggested a merge into the trunk soon after the 2.8 release of K9, which took place three hours ago. From then on it'd be in the frequent K9 builds on the Google Code site and ultimately in the next market release. So I hope it'll happen. :)

Hey, I would like to contribute to this project, but currently I am unable to even view the source code, even though this is an open source project.

please help, and I will see how I can help back :)

Sorry, let me elaborate on why I can't view the source.

I am using Eclipse 3.5.2 with subclipse 1.4.

When I try to checkout your source with the link you provided, I get the error: "Error: Unable to load default SVN client."

Hope to hear from anyone who can help soon, thanks :)

Hey. That sounds like an Eclipse/Subclipse issue. I can't really give any help there, but I just googled "Error: Unable to load default SVN client." and there were loads of sites discussing (and solving) that issue. Hope that helps.

How to add a google mailaccount? including @url or without?

No way to delete an added mail account

@Robert: account@gmail.com or googlemail.com, might be case-sensitive...

And long-click on an added account allowed deleting it.

As a developer of another application, can I use some of your activities in my application? For example, I'd like to launch the the key management activity from my app and use those keys to encrypt/decrypt data.

Thanks

Yup. Not all Intents are defined yet, but email me and let me know what you need. The basic ones (select secret key, select public keys, encrypt, decrypt) already exist for K9 integration and could be used by any app. I'll try to docu them soon, but they might be subject to change still.

I'm sure this is a newb question, but how is the private key stored on the phone? It'd suck if I lost my phone and whomever found it could view my private key. I'm assuming it is encrypted? Hmm Thanks!

Since upgrading to froyo apg freezes once email address is selected and has to be forced to close. Nexus

Yeah, there's an issue for that on the Google Code project site. It's possible that that "hack" doesn't work on Froyo anymore. I currently have no way to test that, but I'll try to reproduce it in the emulator.

But if you haven't already, then give the K9 integration a try. I think that'll be much better than the GMail hack anyway. :)

I have an Xperia X10 and i can not encrypt files as i only get references and not the actual path to the file. Would like the option to have an actual file explorer built in. Otherwise a nice app!

Oh, and also the ability to encrypt folders would be nice.

gorber: download "OI File Manager" or "ASTRO", they'll show up as browsers when you hit the browse button. Then you can select files directly.

The other streams you mean (content://...) will be supported in 1.0.6... I kinda forgot about them in 1.0.5.

Folder encryption exists as ticket on the Google Code site... feel free to star it. I don't see it happening these days, but if it is a feature the majority needs... :)

Just wanted to thank you for taking the time to code this fantastic application.

I have the same lock up issue on 2.2 with the Nexus but it is fairly easy to export the message otherwise. Great app. Thanks.

A couple things:

1) Based on the fact that I can export my private key without entering my decryption pass phrase I assume my private key is stored in plain text and thus vulnerable if my device is lost or otherwise compromised. I'd be more comfortable if my private key was encrypted for storage and only decrypted upon entry of my pass phrase.

2) Those of you interested in encrypted SMS and MMS might consider a look at TextSecure and RedPhone (www.whispersys.com) though the source isn't yet available so use at your own risk.

Robert: I'll try to at least catch the Froyo issues, and maybe they can also be fixed.

As for the export: the reason you are not asked for a password implies exactly the opposite. :) OpenPGP secret keys are encrypted and stored like that, that's why you need the password to use them, but you don't need it to export them.

Ah, I see...I was wondering this :P Like I said above, I'm a total newb. Thanks again for the great/useful program, and open sourcing it!

It's a good idea to not keep your secret keys in files on the device anyway, you are quite right in that. One of the next versions will feature secure deletion of key files after import, so that isn't forgotten and is easier.

Love the integration with K9. However I have a problem with sending signed emails to Nominet (the UK domain registry) in K9.

Sending a test email to Nominet results in error code V048 'Signature did not match the text' which you can see here:

http://www.nic.uk/registrars/systems/auto/error/

I have checked that the text I am sending to Nominet is correct (ie no spaces where there aren't supposed to be any). Any clues as to what the problem might be here?

If I could get it working so that the Nominet automaton would accept signed mail in K9 that would be fantastic!

First off , great app! Thanks alot for developing this. My question relates to the Add Gmail Account option. Not sure if its a bug or something but in Froyo it keeps force closing the app.

Aye, it's a known issue in Froyo. 1.0.6 will catch it, and *maybe* even fix it, but it might mean that Froyo won't allow that hack into the GMail account.

The best strategy will be K9 once the next market release of K9 is out (next week or two). APG 1.0.6 is planned for roughly the same time.

Hi,

warum werden nur googlemail-Konten unterstützt?

Ich benutzte openPGP hauptsächlich mit anderen.

1. Great job on this app. I would not use android without it.

2. Is there a way to mail your public key after generating one on your device? I can only see to export and that has your private key as well.

The best app for android so far. easy to use, compatible with the existing sec and pub keys. Great job.

Hopefully there will come the S/MIME support in the future.

drkmatt3r: key sharing is definitely something that still needs some work. But you can export the public key on its own in the Manage Public Key activity.

Uwe: cheers!

any chance of giving more options for selecting files locally as it defaults to media selwction only

The choices given there depend on what apps are installed to handle the Intent. If you install OI File Manager or ASTRO, then they will show up and you can select files.

I've added a bit more info for that in 1.0.6, hopefully explaining it a bit. I also agree that it isn't the best way yet, and maybe we'll find a better way to do this. For instance, a setting to explicitly use OI File Manager or ASTRO or so.

big thank you!

*and thumbs up for S/MIME*

I'm looking for bug repport, but I don't find it anywhere so I post it here (please move it to the right place if possible):

When I try to sign a message with my key a toast message apears with an exception :

java.security.NoSuchAlgorithmException: Signature SHA256withElGamal implementation not found

My key comes from GnuPG on Ubuntu and I'm using FroydVillain 1.5 ROM (the issue is present since 2.1 on lots of ROMs)

Thanks for your attention and the work you are doing here.

The Google Code project site is the best place for such reports. I added the issue, you can star and track it here:

http://code.google.com/p/android-privacy-guard/issues/detail?id=70

Thanks for the report, I'll see what's up and what can be done to support that algorithm. :)

Unfortunately I'm a bit swamped with work, so it likely won't get fixed immediately. :/

Please help -- getting an error message anytime I try to import my public or private keys, saying, "no crc found in armored message". Any help/solutions would be immensely appreciated.

I used my private key to encrypt photos and then delete. The first one went fine and was placed in the APG folder. The four after that, the program said they were encrypted and the photo was deleted but nothing is showing up in the APG folder. But the photo is deleted. DROID 1

Hmm. You selected the photos in the filesystem somewhere? One by one? And did you choose a different output file each time? Otherwise you may have overwritten the file each time. Please email me some details if you can reproduce the behaviour.

@MJ: please post an issue on the Google Code project site, and if you don't mind send me your public key by email so I can reproduce it. Or a dummy keypair if you can generate one that produces the same error.

Encrypting file with a passphrase reports success but does not appear to actually create a file v1.07

MF: hmm, hard to diagnose that. Got any more data? Perhaps post a step-by-step reproduction of the problem as an issue on the Google Code site. It might be a dodgy file name? What is the source file/stream you are encrypting? How large is the file? Are you sure you are looking in the right place for the file? (default directory is APG on the SD card)

Any plan to support PGP/MIME (vs inline) so emails don't get polluted by ----- Begin PGP Message ---- ?

Dear Thialfihar,

First many thanks for APG. It would have stopped me from buying into Android. Now that APG us there (and K9mail) I have bought a 'phone. I have a feature request:

Problem: Current passphase is remembered for a maximum time of 60 mins. I use the 'phone and email a lot. My passphase is rather long containing many unusual characters and is difficult for me to enter on the virtual keyboard.

Solution: Increase permitted passphase catching period. For me this would be 480 minutes, allowing me to get through the working day.

Regards, S.

Hmm. That's pretty long. I guess I could add a few more options that just grow exponentially. Or maybe a way to add one's own idea of a good timespan.

PGP/MIME is really a must.. can't read half my emails lol

Do you want a donation for the feature?

Wey, I'd not say no to any donations. :) PGP/MIME is in the works, but it'll take a while, as I've been very, very busy with work lately.

Hi -

I have tried to use APG on HTC Desire w/ android 2.2. Installs fine, but I cannot import my keys. Gives a short blink saying "No keys added or updated" and that is all.

What is the problem?

Sorry - my bad <blush> - only exported pub key...

Now evething OK.

Any thought on encrypting an entire folder?

Hi,

Is there a way to generate a revocation certificate (key) when creating a key pair using APG?

Cheers.

Hi Thi,

Is there a way to increase the passphase caching from 60 mins to something nicer like 480 mins (8 hours).

I exported the private key and used gpg to try and generate a revocation cert from it, but failed. This was done on a Linux box, not on the Android.

# gpg --output revoke.asc --gen-revoke ./mykey.8192.asc

gpg: secret key "./mykey.8192.asc" not found: eof

O/P of gpg --version is:

Home: ~/.gnupg

Supported algorithms:

Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA

Cipher: 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH, CAMELLIA128,

CAMELLIA192, CAMELLIA256

Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224

Compression: Uncompressed, ZIP, ZLIB, BZIP2

Probably a user error... ;)

My sincere apologies.

This is a user error: User used incorrect syntax, thinking he could use the key file as input, when in fact the key has to be in user's keyring:

Correct syntax is to enter the key ID:

# gpg --output revoke.asc --gen-revoke AB123456

I'm not really what you would call a sophisticated gpg user. But the issues I'm encountering appear quite basic. 1) Each time I attempt an import of my ascii secretkey I get a java io error. 2) When I try setting up my Gmail account it is unclear whether to use USER or USER@GMAIL.COM. In rather case I get only a blank screen with neither confirmation nor error after doing so.

Droid X, Froyo.

I am a real beginner at this so excuse my basic questions! My work have allowed employees with iphones access to their work email on their phones as they have inbuilt email encryption. I have an htc wildfire and they has asked me to install an app that will give me suitable encryption before they let me access work email on it. It is AES encryption that I need - does this APG give me this? Or what do I need - I am really confused - I have installed several password safe apps but I dont think this is what they are after - Help???

thanks!

I really appreciate the work you've done on this app. It works really well with K-9. I have a couple of feature requests though.

1.) When you implement keyserver support, could you also please implement support for people who have implemented one of the DNS setups as described here: http://www.gushi.org/make-dns-cert/HOWTO.html

2.) This one would probably be low down on your list of things to do, but it would be neat if APG supported the functionality of attaching photos to keys. It could both display them, and it could use the devices built-in camera to take them and attach them to your key...

Hi,

Since the UI only allows a max passphase of 60 mins, I have edited the file /data/data/org.thialfihar.android.apg/shared_prefs/APG.main.xml and changed the entry

from:

<int name="passPhraseCacheTtl" value="3600" />

to:

<int name="passPhraseCacheTtl" value="28800" />

This should mean the passphase is remember for 8 hours. Now am waiting a few hours afore I send an email to see if the value is accepted.

Remembering for this amount of time is really useful for me.

Hey, Simon.

I've just added 1, 2, 4, 8 hours options for the pass phrase cache time to live. I'm planning to push the release today.

Sarah: not sure APG can provide what you need, but feel free to email me with details.

Mike: 1) The DNS stuff looks interesting, but I'll have to read into that first.

2) Photos are an excellent idea and I'd like that very much. What I'd really like is to link keys to phone contacts, then the photo would come automatically. But having a way to set them manually also would be lovely.

Those two feature requests would feel more comfortable on the Google Code site, tho, if you could file them as issues there. :)

Congratulation for your work up to now.

One wish:

to provide an option to propose the source directory by default for the target file

(encrypt and decrypt).

Best regards,

Francis

How does one transfer existing secret keys from a desktop or notebook to my android phone where I downloaded this app? I have the GPA 0.9.0 key manager (or gpg privacy assistant) installed on my desktop.

Excellent! Love to start using this.

A feature request: when an arriving mail contains the public key key, is ascii form included in the mail as a block of key, it would be very nice if K9/APG recognize that as a public key from the originating email address, and after confirmation, allows the key to be added to the keyrings on the phone. I have this implemented in PmMail, one of the most popular os2 mail programs, and perhaps the first one to have seamless pgp integration.

The key could come in as an attachment to the mail, in any of th standard formats, and the user could manually request the key addition. Again, the ui provided could simplyfy the process a lot.

Chacko: it sounds like you already solved it, but in case the question still stands: just export the key ring(s), copy to SD card, go to Manage Public/Secret Keys and Import the files via the menu.

Importing public keys attached or included in an email definitely would be a lovely feature, but I fear it'll be a while before we can do this nicely in K9/APG.

Yes, I brought over my whole keyrings from another pc, both the pub ring and the sec ring, and then was able to import both key sets from the above using the above steps.

Two problems:

1. If I happen to do this twice, I get two sets of keys. Would be nice to check for identical existing and replace or give option to replace, or eliminate multiples. This one is not critical.

2. This affects function: It appears (by inspection of the key ring listing at the source computer) that I have one key listed under one email id, but is a combined key for a number of other email ids. This might be related to the variety of key formats, and this might have come from one of my earlier key managers. My keys dates back to many years ago, but have been woring in all systems. After importing, AGP only sees the single key under which it is listed.

Even if I put a filter of email id of the missing (the one I want) and reimport with this filter from the keyring it does not see that id.

So the net result is, I cannot encript to that missing id in AGP, but using the sane key rings can encrypt from my other mailers.

Regarding the features I requested earlier, I am avalable to provide some help with development of those or other features of your choice, please email me how to get going as part of the team. Looking forward to working with all of you.

Additional info about the above. In Manage Public Keys, I do see all the subkeys, but I have no way of encrypting to a sub key id to send encrypted mail to it. The problem appears to be: when I send mail the id of a subkey, AGP searches and finds the key, but ends up sending to the id of the main key (I have not been able to verify if the above is indeed the case), but the mail does not go to the selected subkey id.

FANTASTIC... yaay

droidX 2.2.1

Is there a clean-portable for XP to generate keys? I have been disappointed in past with thunderbird kludgery

Can keys be imported other than removing the sd? I have the OttoBox supperwhammy ["ruggedized" case] and it is such a delight to remove. BlueTooth? USB? ancrypted archive web download?

Your keygen is very beta. I elected to create an 8192 RSA key while charging the battery. I pulled down notices to configure K9 -- I could hardly believe K9 was still being maintained -- after pasting in the email and clicking on password field droix very frozen. Sure I'll spend some time after some sleep learning how to recover from such freezing -- and I fear it will involve the batter which involves the enjoyable to remove case :sigh: Once I sort that I hope to provide the detailed feedback that'll be beneficial to the project :)

Best of success to you on some kind of PGP/GPG PK that's a bit friendlier than some thunderbird attempts or fox extension wishes.

cheers

DEA overlay expires 24 hours from now

y9tgUSknyS7Mrmec@spork.spambox.us

nuke the spork domain

I would like to amend / correct some of my observations/feedback in my last 2 posts above. Trying to give feedback within the first day of use, I think I have been making simple pilot errors :)

The subkeys I brought over does work, even though there is encrypt icon by each subkey. If I start a k9 mail to one of the subkey ids, yes, I can enrypt it correctly, and recived correctly at the other end.

I am not sure anymore if a reimport of the same keyring file will duplicate keys, I thought I had seen this. I cleaned out all my pub keys and started over, so cannot confirm the duplication.

Seth, Yes, files (hence keyrings) can be inported into the sdcard of the android by connecting a usb cable between the phone and the source pc. At least it works fine on my Motorola MB200. In fact with this, the sdcard shows up just like a plugged external usb stick at the pc end with xp, and can do file browsing too.

Seth: cheers!

Yes, there's GnuPG for Windows (gpg4win).

Key sharing currently only works via files or streams from SD card or somewhere or from the clipboard. Hopefully some of the things you mentioned will be supported before too long as well.

As Chacko mentioned you can mount the SD card directly via USB, but then keep in mind to turn that off again after copying the files, otherwise APG won't have access to the SD card.

Keygen is very beta indeed. :)

Chacko: aye, reimporting keys is safe, they overwrite/update the keys already in the database.

My major, almost deal breaking, disadvantage to the current version -- this of K9, not specific to APG -- is that I cannot keep he mail on the server after download. So if k9 is running, almost always it will get the mail first, and I lose the mail from usual important clients.

Just like it is almost impractical to check ones mail at multiple email ids, it is so to check all your clients to see if some mail arrived :) With this, I will have to kill K9 in between quick experiments :) :)

I'm fairly sure K9 leaves a copy on the server, if you ask it to. A POP3 account, I'm guessing? I'm not 100% sure right now, but I'd be VERY surprised if there weren't a setting for it in "Incoming server" or so. Tho the K9 mailing list might be a better place to find out details.

Ok I found out K9 does not delete mail. There has been a recent change in setting needed for gmail pop retrieval from multiple clients. See the post below:

http://mail.google.com/support/bin/answer.py?hl=en&answer=47948

I can't seem to decrypt my messages, it never asks for my pass phrase to decrypt the emails.

Thanks for your work on this. Its great to have any kind of PGP/GPG tool on my phone. Big help.

Chacko: Are you using Google Apps or just regular Gmail? If it's just Gmail, then K9 should handle that automagically. If you are using Google Apps, you may want to use IMAP instead of POP3.

On topic, this is a great app. Aside from signing keys, this does pretty much everything I need, and it's pretty seamless with K9. Thanks!

Can you encrypt a whole folder? Like hightlight folder in file manager does not work only individual files. If not working now will it be added in future?

There's an issue for that on the Google Code site, but it's not top priority right now.

If anyone can't encrypt or decrypt mail in k9, try this setting steps:

Go to "account settings"-"sending mail"-"message format"-"Plain text" (not the default HTML)

Is that somehow compatible with thunderbird Gnupgp/Enigmail ?

I imported my keys correctly (asc) but I only managed to decrypt one mail (?!?!) for all the others, that doesn't work

I like the integration with K9. So far I can only encrypted read messages sent from k9. I get an error with messages sent from Thunderbird using Enigmail and OpenGPG as the user above does. Examination of the messages passed to APG show <br> being appended to the end of each line which is incorrect. This doesn't seem to be a problem for other clients. Maybe you could detect line breaks and strip them from the encrypted messages?

Try the K9 setting to send the email as plain text rather than HTML. It's a tracked issue already and upon fixing K9 will automatically do this for encrypted/signed mails.

Sapaka: only PGP/INLINE is supported currently. PGP/MIME is a big todo, that's likely why those messages don't work.

Is it possible to get decryption into the Google Mail app?

Cowboy: if you add the GMail account in APG, then you can decrypt emails there, but an integration directly into the GMail app is tricky because it doesn't support any plugins or anything. :/

Thanks for the info about changing k-9 to send as plain text! All is good now.

Brilliant work guys - especially the integration with K9.

I'd love to flattr this - but you would need to install a flattr button.

Good idea, sumpfdodo. Added a flattr button, so if anyone wants to support this... cheers. :)

Thank you!!!

Thanks for this nice application.

I am using htc desire hd, and have succesfully imported my private and public key and public key of the person that is supposed to receive email from me. I successfully sent encrypted message and the other party read it without problems.

However, I can not decrypt received message from this person?

If I paste whole block into "Decrypt message" field, certain error shows up for few seconds and disappears. I added my gmail account to APG and used it to send the message, as stated above.

How can I decrypt this received message? It does not appear under my gmail account that i added to AGP? None of the messages appears there.

great job, love to send encrypted eMail via android

where you can download the source? :-)

Thanks for the great job!

A key I've imported (and which I use in gpg 1.4.10) that has an expiration date in the future (2013/06/20), is grayed out when I want to select public keys with which to encrypt for emailing.

it is marked as "expired" - but it's got > 1 year of life left.

I also get an error when decrypting K9 received encrypted messages. It says no valid encryption data.

Pitty cause would really like to use it.

Ron

When checking for correctness of a signed message I get Corrupt Data. btw using K9 for email.

Ron

Nice app. It doesn't seem to be usable to verify package signatures though, is that true? I'd like to use it to verify Tor Browser Bundle on my SD card:

https://www.torproject.org/docs/verifying-signatures.html.en

Seems like it would be a great app... If I could get it fully working.

On my linux machine I use gpg, thunderbird, and enigmail. I exported the keys from my linux machine and imported them to AGP. I can send encrypted messages to myself but I can't sign.

When I try to select a key for signing, the key is greyed-out.

hey... for those that have a problem with k9 email when trying to decrypt the problem is that it can not have the the following text to be able to be decrypted

"-----BEGIN PGP MESSAGE----- Version: APG v1.0.8 " at the beginning of the message or

" -----END PGP MESSAGE----- "

at the end of the message this throws off the decrypting.

i hope they will fix this in future releases.

Please, can you fix this?

Example:

@@that it can not have the the following text to be able to be decrypted

"-----BEGIN PGP MESSAGE----- Version: APG v1.0.8 " at the beginning of the message or

" -----END PGP MESSAGE----- "@@

I would be glad to support this project the way I can...

I wish you great progress!!!

If you need any help with translating this programm into Russian, please just infrom me by email, how I can do so)

My attachments don't get encrypted. How do I activate that feature?

I am playing with and enjoying the chance to use APG. The above comment was most helpful regarding using K9 Mail and the PGP Message--- line break issue.

I discovered that by using the APG application to write the message versus doing it in K9 seemed to be the trick.

Write your outbound message in APG, send it using K9, but don't type anything in other than the subject line in K9, and it seemed to work. I hope that helps others.

Please keep up the great work.

I'm encrypting e-mail messages using APG instead of k9mail (to get around the line break issue)... which is an effective work-around.

I send the message to my Linux machine (I use Evolution as my mail program), and I also send it to my Mac (using the standard mail program). Neither recognize the message automatically as an encrypted message... I just see the encrypted ascii text.

I can always cut and paste this ascii text and decrypt it outside of my mail program, but that is very annoying. Has anyone run across this? Any advice?

By the way, sending encrypted message between the Mac and the Linux machine works perfectly, both mail programs recognize the message as encrypted and automatically asks for the password.

Not sure if you're aware, but MotoDev has annouced that the AuthenTec SDK is now available to create or add to programs the ability to utilize the biometric fingerprint scanner on the Motorola ATRIX 4G (currently running Froyo).

Please consider adding this to your code for easily performing signing,encrypt and decrypt operations by substituting a fingerprint swipe for the current passphrase.

Thanks for creating such a great application.

Forgot the URL with the annoucement for the AuthenTec's SDK and an overview for use:

http://developer.motorola.com/docstools/library/writing-fingerprint-enabled-apps/

Thanks, I was able to import my private key (exported from GnuPG with the hidden --export-private-key option) and decrypt a text file containing my passwords.

Nice app. Just a small feature request: when exporting or importing public keys, could it be arranged for this to happen by bluetooth instead of via file? That would be awesome for when you meet someone in person and want to swap keys with them.

This app is exactly what I was looking for. Unfortunately I can't use it. Seems impossible to import the keys (private and public). And I obviously don't want to create new keys just for my smartphone. Do you have any idea how to solve this problem? I'm on Android 2.3.3.

@Liane: It is not sufficient to nominate a directory where all the key files are stored and have all the keys imported from that directory. You need to specify the full path of each file, separately.

Thanks for answering so fast! I did install OI File Manager to be able to choose each file. Did you mean that? I also tried *.pgp and *.asc filetypes and tried storing the files in the phone or on sdcard.

could it be issues with access rights? But I've been copying from a windows-pc and also tried sending the files (public only for obvious reasons) as e-mail. no difference. what else could I try?

APG works great for me on my phone together with k9! I just got a Galaxy Tab 10.1 and installed APG. I get an error when I try to add my gmail account, though. No error number. There's a message that the account wasn't found. I've tried several times with two accountsknown to be good. Has anyone else with wifi only tab had this issue?

Thanks very much for this app. I use it all the time and really rely on it. I have been getting a corrupt data error when I try to verify the signature in k-9 mail. This occurs on my g-tablet a d my Eris, so I may be doing something wrong. Any suggestions?

Thanks for all your work.

I can't get APG to import my PGP secret keys. I've tried everything--exporting to ASC files as a group, individually--nothing. Copy the ASC files to the APG dir of the phone, get the blue progress bar, then: "No keys added." Bug?

When I try to import a private key, I do get an "IO Exception" because of an "unknown object in stream". What can this be and how can I solve this?

Hey Mate, I would like to know if in the future this application is going to be able to generate a keypair...

Hmm, I have installed the most recent version, and I was able to import a public key, but for the life of me cannot import the private key from GPG. I have tried OI Explorer, and it just says "Done" and "No keys added or upgraded".

What am I missing? Thanks

Yes, Jeff, exactly the same with me for standard PGP Desktop 10.0.3. Public keys import fine; secret keys not, and I get the same error message you do.

thx for your work!

When i send an encrypted+signed message from thunderbird then i can't open it in K9. I only get "No text" and 2 attachements (Null and encrypted.asc).

If i only encrypt the message without signing it then i can open the message in K9.

Note: i don't have PGP/MIME activated in thunderbird!

encryption / decryption works great when sending a message from K9 to K9.

Why does this happen? Anybody else having the same problems with Thunderbird - K9?

.. this are standart settings (sign & encrypt) in Thunderbird, so i can't open any mails received from people using thunderbird :(

Ok, I got it on my third attempt today. It was just user error :)

I keep attempting to add my gmail account. Each time I try account, I get a message that says "Error: No permission to read the account". I have removed and re-installed K-9, and have made sure that Gmail app was completely synced. Still no success in adding the Gmail account.

Hey guys, really stupid question, but I figured I had to ask someone. I would liek to know how to do this Public Key, Private Key, Sign and Encrypt, etc. I have a hard time learning without being shown. IF one of you has time, would you mind emailing me and helping me? im sorry to be a bother, but you guys seem like you know what you are doing. Thanks in advance.

You can go here to learn how to encrypt your email using APG & K9. They link here also.

http://www.encrypt-the-planet.com/androidemailencryption.htm

I cannot get it to add my Gmail. Whenever I try, it says "Account Not Found". Its really frustrating. I dont want to have to uninstall and pay for a different one, which looks like garbage. But I HAVE to have PGP enabled on my cell. Someone please help me add my gmail. :(

This has worked great since I installed it over a year ago. However, after my Nexus One upgraded to Android 2.3.6 a few days ago, APG (1.0.8) crashes whenever I try to access my gmail account:

Sorry! The application APG (process org.thialfihar.android.apg) has stopped unexpectedly. Please try again.

Hi to all, I've created a key on GPA4WIN, put the backup file on my phone (sgs running DarkyRom 10.2), and when running AGP and attempting to import keys, I get : "java.io.ioexception: unknown object in stream : 21". Guidance would be appreciated :)

Hello,

After encryption or decription a file, it cannot automaticaly delete a source file (i mark needed field) a message appears "file not found"

Die APG Version 1.0.8 doesn't work with the new GMail App. You allways get "no permission to access the account".

I hope you can fix this soon

This app is dead. Do not install it. There is no support, and very little compatibility with the updates of day to day life. This used to be good when the Dev cared about the app. He does't anymore. You will find no help here. There are other apps that have real support on the market, go for those instead and uninstall this one.

First, I just want to clarify that I have no idea what app you guys are talking about, and will not be able to help with any other problems, except Paul's. But I am a programmer that was writting an encryption engine using the Bouncy Castle Library (for C#). While working on it I hit the same error that Paul is getting "unknown object in stream 21".

I google the crap out of it and couldn't find any help, but did find a few pages like this where other hit the error. So I am posting this here for Paul's sake AND anyone that runs into the problem again.

The problem is either with the key or with the code trying to read the key I am not sure which. But after 18 hrs straight of debugging the stupid thing, the bottom line is the code is expect the headers in the key to be format like so:

-----BEGIN PGP PUBLIC KEY BLOCK-----\r\n

Version: FileCrypt eBusiness 3.7.2\r\n

Comment: www.veridis.com\r\n

\r\r\n

key......

-----END PGP PUBLIC KEY BLOCK-----

(with \r = carriagr return and \n = line feed)

The key I was given (which threw the error) Was formatted like this:

-----BEGIN PGP PUBLIC KEY BLOCK-----\r\r\n

Version: FileCrypt eBusiness 3.7.2\r\r\n

Comment: www.veridis.com\r\r\n

\r\r\n

key......

-----END PGP PUBLIC KEY BLOCK-----

Note the extra \r (carriage return) on the 1st 3 lines of the header. So either a key is supposed to be formatted with only \r\n for the end of a header line and \r\r\n for the end of the header section or the code does not read all key correctly (if it see \r\r\n it assumes the headers are done)

@Paul -

Either way the solution for you Paul should be simple. Open your key in a text editor like note pad and recreate the line breaks for the headers. (in case you don't know what I mean do this...) Say your key looks like this:

-----BEGIN PGP PUBLIC KEY BLOCK-----

Version: GnuPG v2.0.17 (MingW32)

Comment: www.veridis.com

mQMuBE6e2WU....

-----END PGP PUBLIC KEY BLOCK-----

Go to the end on the first line and hit delete to combine the 1st and 2nd line:

-----BEGIN PGP PUBLIC KEY BLOCK-----Version: GnuPG v2.0.17 (MingW32)

Then hit enterto make it 2 lines again:

-----BEGIN PGP PUBLIC KEY BLOCK-----

Version: GnuPG v2.0.17 (MingW32)

Do that for each of the header lines, save it and try using it again. It should work.

My issue is slightly different from Paul's: I can't import a private key with the same kind of Exception.

by clicking the decrypt-button there is a error-message: "Fehler: org.thialfihar.android.apg.Apg$GeneralException: Keine gültigen Verschlüsselungsdaten" ('Fehler' = 'error', 'keine gültigen Verschlüsselungsdaten' = 'no valid encryption datas').

But I had encrypted the E-Mail with newest k9 mail client from market from my android 2.3.7 phone and also i have received it with the same phone, just wondering - how it could happened.

Hallo Danny, it goes when you switch to text mode by k9

or decrypt before, in the pgp message insert line feeds

I'd ignore Dissapointed if I were you. This app works fine.

I have the same problem as Danny. Sending encrypted email does work well. The reception does not work.

I get the same problem: Sending encrypted email to Thunderbird works ok, but sending to/from a Android device with K9/AGP fails. The same email is decrypted ok in Thunderbird but fails in the Android device. I have tried Samsung Nexus S (v2.3.6) and Sony Ericsson X10 (v2.3.3). AGP v1.0.8 K9 v3.802

I've used apg together with K9 until last week without any problems. Now I've changed my mobile und build up a new system. APG now ignored any key-files in the /sdcard/apg/folder with the message "folder is empty", but i can see all asc there with "oi dateimanager"??APG 1.0.8, samsung galaxy s2, Android 2.3.4, K9 newest version

Any workaround thus far on how to add the Gmail account? I know this app doesn't get much support anymore, however trying to use it on ICS -- just cant get the addition of the Gmail account to work.

Thank you for your program. I want to report some problems of integration with K9 Mail (I think this problems more related to K9, but anyway).

1. Sending message with K9: with both options (sign & encrypt) in K9 checked the message will be only encrypted. It also says that K9 hasn't access to APG (don't know, separately works fine). Most likely K9 problem.

2. Sending message with K9: with a standard signature

(text:

"-- -

some signature")

APG encrypts message into 1 line (without "\n"s), which causes problem with decryption (coruppted). Adding "\n" manually helps, I mean the ciphertext is OK. I think APG problem.

3. Receiving signed (outside) & encrypted message with K9: message can be only decrypted (check of signature is impossible (no button)). I think it's K9 problem - signature ignored.

4. Receiving signed (inside) & encrypted message with K9: again, message can be only decrypted (check of signature is impossible (no button)).I think it's K9 problem - there're no check for PGP after one processing in APG.

Separately APG works fine. For example, checking of signature of encrypted & signed message or making encrypted & signed message for sending is possible by steps through clipboard.

Hi, I am new to Android. I am using Thunderbird, enigmail and GPG4win in the latest version. I installed K9 and AGP. K9 ignores the encrypted message. The decrypt button is not showing up. Is there any solution? I was very happy to see that AGP exists :-) Thas was the KEY factor for choosing android :-)

In K9 in menu exists option which allows you to send whole message to other program, APG as well: "More->Resend (alternate)->APG". Also you can select and copy it, but it's too inconvenient, I think.

Tried this also, does not work. The encrypted mails are coming in as attachment. I sent an encrypted mail from the phone which worked, just some html code visible in the mail but it worked. Receiving is not working since I cannot decrypt the message.

2 Henning:

If they coming in as attachments, maybe you should try "decrypt file". Also it may be mail provider property, for example GMail doesn't work at all.

I remember one case when messages came in as attachments: mail.ru and a very very big message (huge goods import log from one site). Thank you for the info, cause I should check what will happen with big messages too. It could be true problem for me.

I think it might be the GPG/mime. Decoding the attachment worked but of course the whole format of the text was broken. We are usually using Thunderbird with enigmail and gpg4win.org in the latest version, so the 2.1.0.

Maybe. I'm using last GPG also but with gedit and messages are plain text sent through browser. By one of found by me topics when I tried to make APG work with GMail it do not support S/MIME.

There is a attachment problem - http://en.wikipedia.org/wiki/S/MIME (smime.p7s).

Ok thx. I will do some tests and let you know. Currently there is always no message text but an attachment "encrypted.asc"

Oo, I'm not developer. I'm just recently started using APG and K9 Mail, and run into some problems. Another name of file - I think another problem. I wish you luck.

If you'll repeat somehow this http://thialfihar.org/attachments/apg/k9_decrypted.png (succesfull signature check), please tell me how :) It would be nice to check signature without copy-paste.

Ok, thx to freeman I now checked out what needs to be done for that APG works:

1. Coding of the e-mail must be "text" not "hmtl"

2. Do NOT use PGP/MIME

These are the configurations for SENDING and e-mail to your phone for APG to decode it. Then it works.

Is there any hope that pgp/mime will be supported in the future? Following the posts I could see that it was planned in the past, but nothing happened. Is APG at all still in active development or is it dead? I just ask because the last releases are that old. What can we do to trigger the project again?

When APG is installed, the system always wants to use it to open certain video files, especially in ES File Explorer and in particular with .flv files I don't even get offered a choice. Is there anything I can do to remove APG from the list of programs for video files? I am rooted.

Hi,

I'm running both the most current k9mail and apg, and both from the Market, however I can't find the option to enable cryptography in k9. Is there something I need to do, like reinstall k9 or perhaps use a non market version or am I just blind?

Hi,

I'm running both the most current k9mail and apg, and both from the Market, however I can't find the option to enable cryptography in k9. Is there something I need to do, like reinstall k9 or perhaps use a non market version or am I just blind?

ChrisD, somewhere like that (translating from russian and without a phone to check): "Settings->Applications->Applications Management->Reset default actions".

Matt, no. It enables automatically. There're 3 kinds of settings in k9 (folder, mail, general). Options from screenshot are in general or mail. Have you tried to send an encrypted email to k9? (Shoukd be decrypt). I'm using Market version.

Hi there!

first of all my compliments for the great app you've realized!

Just one question, when I sign a mail it will appear like: "-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256" and the text start right away in the same line.

Is there any way to set the email text as default a line below the pgp's header as i.e OpenPGP extension does in Thunderbird?

Thanks!

0.

Having issues importing a secret key to APG. I more the PRIVATEKEY.asc to the sdcard, import private key, use file explorer, get correct path, then APG keeps saying "no keys added or updated". Every time!

Uninstalled K9, reinstalled K9. Same with APG. No luck. Anyone know what the issue is? I recently changed to the Android Cyanogen Mod, but this should not effect it.

What about importing secret keys from Symantec's PGP Desktop aplication... I import sekret key succesfuly but i cant sign messages .. no subkey for signing is marked in imported key.. editing key breaks key

"Having issues importing a secret key to APG." - SOLVED

Installed Thunderbird & Enigmail

Installed GPG4win

Imported Private Key to GPG4Win

Pointed Enigmail to GPG4Win file GPG2.exe

Imported Private Key to Enigmail

Exported Private key from Enigmail to desktop

Dropped exported private key on phone SD Card

Imported Private key to APG

SUCCESS!

Hi, first of all you did a great job.

Anyhow, there is a problem I don't know how to fix with the settings. Probably there is a bug?

When I send out encrypted e-mails they are rejected due to the fact that the encryted part has no limited line length as PGP. The encrypted part ends up in a single line.

Therefore I am not able to send encrypted mails.

Is there possibly a way to fix this?

Thanks!

Tom

hi, is it possible to have access to the source code of this project?

@elica: the source code is probably there: http://code.google.com/p/android-privacy-guard/source/checkout

Woww...thanks for your quick answer. actually I want to develop an android application which encrypts sms by ECC mechanism.do you have any suggestion?

>"Having issues importing a secret key to APG." - SOLVED

>

>Installed Thunderbird & Enigmail

>

>Installed GPG4win

>

>Imported Private Key to GPG4Win

>

>Pointed Enigmail to GPG4Win file GPG2.exe

>

>Imported Private Key to Enigmail

>

>Exported Private key from Enigmail to desktop

>

>Dropped exported private key on phone SD Card

>

>Imported Private key to APG

>

>SUCCESS!

Not work for Symantec PGP Desktop exported secret key !!!

Sorry about my absence and the lack of responses/updates. I won't be able to respond to all posts. But thanks for the feedback and thanks for using APG... I'll try to tackle the newline issue now.

PGP/MIME support still is a goal, I just have to get back on track with the project. :)

@elica there already exists such an app, and its recently open-sourced. Its called TextSecure:

https://github.com/WhisperSystems/TextSecure

If you are still interested in working on this, it would be great to have your improvements contributed to TextSecure.

Hi,

APG worked very well, since I changed my google account password. APG says now "no permission ...". Where can I change my password in APG. There is no password prompt. :-(

PLEASE remove internet access permission!!!

Hi, Martin. This is a known issue. Please see: http://code.google.com/p/android-privacy-guard/issues/detail?id=115 Apparently no solution for it yet. Cheers and greetings from Rio.

I noticed that there have been no updates in over a year, the advertised IRC channel doesn't exist and there are lots of issues on code.google.com. Is this a dead project?

It's in the process of being woken up again. The channel exists, just often is empty. :)

That's brilliant to hear. I've got a lot of use out of APG over the past year (with k-9). Thanks for writing it.

Very soon this web site will be famous among all blogging visitors, due to it's nice content

I'm keen on the view!

Magnificent goods from you, man. I've understand your stuff previous to and you're just too magnificent. I actually like what you have acquired here, certainly like what you are saying and the way in which you say it. You make it enjoyable and you still care for to keep it smart. I can't wait to read much more from you. This is really a tremendous site.

this image could be the captivating.

Articles such as this are highly beneficial to me. I will post a link to this page in my Post site. I know my website visitors will definitely find this very useful. Thanks a bunch!

Articles such as this are highly beneficial to me. I will post a link to this page in my Post site. I know my website visitors will definitely find this very useful. Thanks a bunch!

I favor the perception.

I know this web site gives quality dependent posts and extra material, is there any other web page which provides such things in quality?

I know this web site gives quality dependent posts and extra material, is there any other web page which provides such things in quality?

I really like the shades!

Link exchange is nothing else but it is simply placing the other person's webpage link on your page at suitable place and other person will also do same in support of you.

I enjoy the colorings.

Hi, just wanted to tell you, I liked this blog post. It was inspiring. Keep on posting!

I like the perspective.

greek dishes

Howdy I am so grateful I found your blog, I really found you by error, while I was browsing on Bing for something else, Anyways I am here now and would just like to say many thanks for a marvelous post and a all round thrilling blog (I also love the theme/design), I don't have time to read it all at the minute but I have book-marked it and also included your RSS feeds, so when I have time I will be back to read a great deal more, Please do keep up the awesome work.

Howdy I am so grateful I found your blog, I really found you by error, while I was browsing on Bing for something else, Anyways I am here now and would just like to say many thanks for a marvelous post and a all round thrilling blog (I also love the theme/design), I don't have time to read it all at the minute but I have book-marked it and also included your RSS feeds, so when I have time I will be back to read a great deal more, Please do keep up the awesome work.

A much needed application. The interface with K9mail is not as smooth as it could be. Set K9mail to text not html or format of coded message is incorrect.

Decoding email from k9 works if you share message with APG. If you simply press decode it seems that the message is put on the clipboard and you need to go to APG to decode.

Otherwise works under ICS.

Thanks for this very desired and useful application.

Just could not figure out how to add gmail accounts for encyption. Tried to add, but no permission error to access the account. And how does it integrates with k9 mail with encryption?

Does APG uses Android Backup Service? If I put my private key on the phone does it stay on the phone or is there a chance that it will be backed up to Google servers? Thanks

BUG? When I launch Astro, tap a file, select AGP, then encrypt...the file is *not* saved. However, when I launch AGP, use Astro to select a file, then encrypt...the file *is* saved. Do you know if this is a bug with AGP or ASTRO???

Thanks!

It does not seem to be able to handle umlauts åäöÅÄÖ. Do you think you chould fix this? Thank you for a great app.

Hi, I can't add gmail account on Samsung Galaxy S2: no permission to read the account. Any hint?

Thanks

You can disregard from my problem with ÅÄÖ. Fixed it. Unsure if it´s because I now allow html, or if it is because I set ASCII Armour.

mole: I use gmail also and it works for me. I did not set the gmail account up in AGP though, just in K9 email client, which then uses AGP only for the encryption. Works for me

gravatar: I wouldn't like to setup K9 for my Gmail. I can send encripted mails via gmail app, but I would like to avoid to copy the text of the crypted mails I recive on the APG editor to decrypt.I think it's just a stupid permission problem,

thank you

Hmm... I managed to register a default file browser with APG which doesn't display gpg files. How do I de-register the default file browser, can't find any obvious setting...?

I cannot SIGN anything with APG. I can encrypt and decrypt fine. But when I go to Sign it shows my key but it is grayed out and I cannot select it. Probably something stupid on my part but I can't figure it out. Help?

sfb - If I understand your problem, go into Android Settings/Apps Look at the browser or APG (can't remember exactly) and one of them has set "LAUNCH BY DEFAULT". Clear that.

Yep. User error. After fighting with it several times over several days and then giving up and posting here -- I didn't set the key to allow signing. That's what I get for generating a new key pair just for my phone.

Hi,

I have tied importing my keys into your app but it comes up with a n error "error : java io .ioexception: unknown object in stream :21".

Can you help?

I found the answer was posted previously, and after editing the header on the keys, was able to import them successfully. now works like a charm :) Thanks for creating such a great program :)

I am having a decrypt problem when I received an email (HTML), the error "error:org.thialfihar.android.apg.Agp$GeneralException: not valid encryption data" always appear. On my specific case all lines are with a <div> html tag, and I think that is the reason why APG can not decrypt the email. Any solution for the problem...

I also got "error:org.thialfihar.android.apg.Agp$GeneralException: not valid encryption data" error when trying to decrypt mails which using K9 (signed, or signed and encypted, or encrypted). De- and reinstallation of APG with Titanium Backup did not solve this problem.

with signed ebcrypted mails I receive "error:org.thialfihar.android.apg.Agp$GeneralException Daten nicht lesbar" (data unreadable)

[SOLVED]: set K9 Mail program to sent mails as plain text (NOT as HTML).

Tom, what you tell could be the solution, but the question is that I can not tell to the sender that I can only received plain text emails. Too many sender, most of then using MS outlook, use HTML instead of plain text.

Paulo, you are correct. I just received an HTML message from someone which I could not decrypt on my smartphone, not even when saving into a file.

Thumbs up!

Encryption of attachments from within K-9 mail would be nice ;)

I just installed apg and k9. When I send my phone an encrypted message from my computer (using gpg4win and Outlook 2007) k9 does not display a "decrypt" button and claims the message has no text. Any ideas?

@ Zibbity : try to deselect HTML mails.

As far as I can tell, Outlook 2007 is configured to compose emails in plain text, not HTML. I even tried disabling my "signature," which I was concerned might be in rich text or HTML. Same result, in k9 the email says "no text" and there is no "decrypt" button.

Whats up? Do you plan to release some New Version with New features?

I found that the message head and endding "-----BEGIN PGP MESSAGE----- Version:AGP v1.0.8 -----END PGP MESSAGE-----" is not necessary. After I delete them the software still decrypt the message as usual, the benefit is SMS becomes shorter. So I wish there's an option in the future to choose whether or not adding the redundancy head and endding. Another problem is AGP 1.0.8 works well in Android 4.0.4 from CyanogenMod, but fails in Android 4.1.1.

I recently exported my secret key from my old phone to my new phone. Now on my new phone when I decrypt a message I receive the error "Unkown signature, touch to lookup key". I'm not sure what this message mean or what I should be doing with it. Can anyone help?

I'm using a Galaxy Nexus with Angroid 4.1.1 and the secret key was exported from a Nexus One that was running Cyanogenmod 7.

Thanks for any help provided.

When encrypt/decrypt files with a passphrase, is there an option to keep the file extension? At present it strips it so if you can't remember what kind of file it was you can't remane it manually.

Any help appreciated.

... Other than manually including the file extension eg "3240.docx.gpg" (".docx" added mannually) when naming the encrypted file?

Also, any way to navigate to files other than those in Gallery or Dropbox, etc, without manually having to type in the path and filename?

I think the SEO business is getting a bad reputation from the amount of cowboys and overseas companies around

Hi :) Just to leave one fine line: Be a person everybody

wanna be & everybody jealous of. Renta De Autos

Vom Müritz im Mecklenburger Boden

Welcher Müritzhof liegt in dem Herzen der Mecklenburger Land.

Uff circa unbelastetem Öko-Viehweide abgrasen um 1000 Muttertiere mithilfe

ihren Lämmern. Die Lämmer entwickeln hip freier

mehr noch unbelasteter Wesen uff mehr noch udine frisches noch

dazu würziges Bruch-Grünes.mueritz lamm bestellen

Denn wird das juvenile Viech eines Schafes bezeichnet.

Lebensmittelrechtlich die erlaubnis haben Tiere erst wenn zum Alter von einem

Im Jahre Lamm bezeichnet herkunft. Lämmer, die bisher Muttermilch aufnehmen, zustandekommen

als #links#des weiteren Ostmark: Milchlamm). Lämmer anfang

angesichts ihres elegant Fleisch geschlachtet, dasjenige milder

ist denn welcher erwachsenen Getier.

Err.. is it possible to sign (and maybe to clearsign) the file (or the message) w/APG v.108 ? Android 404 is used.

There is no "Sign" button at all at the bottom line, only the "Encrypt" one is present.

On both screens (mind File/Message ones) the controls "Sign" and "Public Key(s)" work exactly like a mutual exclusive options: I never can set both, if I set one, the other automatically gets cleared, in contrast to the pictures shown above (apg_encrypt_message_pass_phrase.png and apg_encrypt_message_progress.png)

IOW: since there is no way to proceed until some pub. key is selected, the "Sign" option is always off before APG can proceed operation.

This looks a bit.. unexpected.

Just to say Whats up and leave one excellent line: ? Single ?

Taken ? I'm still a teenager either way. Bernardo

Just to say Hi and leave one smart thought: “Dance

every performance as if it were your last.” Franklyn

Bist Du trächtig? schwangerschaftsanzeichenSolche sein Eigen nennen

keine Lösung aufwärts Ihre Frage späterhin beaugapfeln Sie sogar,

auf dieser Seite würdigen Welche interessante Datensammlung zu

Schwangerschaftsanzeichen zusätzlich die ersten Beleg einer Schwangerschaft.

Doch im Vorhinein die Menses ausbleibt, einprägen diverse Frauen

in Betrieb Schwangerschaftsanzeichen, dass sie ein Kind erwartend sind.

Nur begutachten Diese am besten selber ansonsten finden Welche her raus, ob Selbige Im [1.-9.] Monat

sind bisherig bevor die Menses ausfällt.

... in der Inderin drin.

Lass einen Inder eine App entwickeln und sie zu wie sie liegen bleibt. Arbeitsmoral gleich Null. Übrigends danke vielmal das die App nichts kostet und nur halb fertig ist. Ich bedanke mich selbstverständlich auch beim Arzt für eine halbe Blinddarmoperation, denn mit offenem Bauch ist der Organismus besser belüftet :D