A C++ Implementation of RFC 4880
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
Compress Activate -Wextra for library build Jun 15, 2018
Encryptions Activate -Wextra for library build Jun 15, 2018
Hashes Activate -Wextra for library build Jun 15, 2018
Misc Activate -Wextra for library build Jun 15, 2018
PKA Activate -Wextra for library build Jun 15, 2018
Packets Activate -Wextra for library build Jun 15, 2018
RNG Activate -Wextra for library build Jun 15, 2018
Subpackets Activate -Wextra for library build Jun 15, 2018
common Activate -Wextra for library build Jun 15, 2018
exec Activate -Wextra for library build Jun 15, 2018
qt Add pro/pri files for Qt environment. Jun 9, 2018
tests renamed generatekey to keygen Mar 25, 2018
.gitattributes Initial Commit Aug 28, 2013
.gitignore Quick doc changes Dec 13, 2014
.travis.yml tests/Makefile and .travis.yml update Sep 25, 2017
CleartextSignature.cpp Renamed Packet and Subpacket Base types Oct 1, 2017
CleartextSignature.h Updated copyright year Mar 25, 2018
DetachedSignature.cpp Namespaces Oct 1, 2017
DetachedSignature.h Updated copyright year Mar 25, 2018
Key.cpp Fixed bug found in #40 Jun 10, 2018
Key.h Updated copyright year Mar 25, 2018
LICENSE Updated copyright year Mar 25, 2018
Makefile Merge branch 'fix_warnings' of https://github.com/hertrste/OpenPGP in… Jun 16, 2018
Message.cpp Fix unused variables warning Jun 15, 2018
Message.h Updated copyright year Mar 25, 2018
OpenPGP.h renamed generatekey to keygen Mar 25, 2018
PGP.cpp Renamed Packet and Subpacket Base types Oct 1, 2017
PGP.h Fix non virtual destructor warning Jun 15, 2018
README.md renamed generatekey to keygen Mar 25, 2018
RevocationCertificate.cpp Namespaces Oct 1, 2017
RevocationCertificate.h Updated copyright year Mar 25, 2018
TODO Makefile updates Apr 2, 2017
decrypt.cpp Fix uninitialized variables warning Jun 15, 2018
decrypt.h Updated copyright year Mar 25, 2018
encrypt.cpp Renamed Packet and Subpacket Base types Oct 1, 2017
encrypt.h renamed generatekey to keygen Mar 25, 2018
keygen.cpp renamed generatekey to keygen Mar 25, 2018
keygen.h renamed generatekey to keygen Mar 25, 2018
objects.mk renamed generatekey to keygen Mar 25, 2018
revoke.cpp Renamed Packet and Subpacket Base types Oct 1, 2017
revoke.h renamed generatekey to keygen Mar 25, 2018
rfc4880.pdf Initial Commit Aug 28, 2013
rfc5581.pdf Add RFC5581; The Camellia Cipher in OpenPGP. Jun 19, 2014
sign.cpp Found bug in signing Primary Key Binding Signature thanks to #42 Jun 16, 2018
sign.h renamed generatekey to keygen Mar 25, 2018
verify.cpp Renamed Packet and Subpacket Base types Oct 1, 2017
verify.h Updated copyright year Mar 25, 2018

README.md

OpenPGP in C++

Copyright (c) 2013 - 2018 Jason Lee @ calccrypto at gmail.com

Please see LICENSE file for license.

Build Status

With much help from

  • Alex Stapleton (OpenPGP-SDK)
  • Auston Sterling - Massive amounts of debugging and programming help
  • D-o-c Key merging and elliptic curve parsing
  • Jon Callas (RFC 4880)
  • Herbert Hanewinkel (hanewin.net)
  • Many people on the StackExchange network
  • mugwort-rc - Tons of testing code, code style updates, and bugfixes
  • pgpdump.net
  • PortablePGP

IMPORTANT

This library was not written for actual use.

Rather, it was meant for learning about the internals of PGP can easily use/add a few std::couts to see the internal workings.

So if you choose to use it in a real setting where secrecy is required, do so at your own risk.


This is a C++ implementation of the majority of RFC 4880, the OpenPGP Message Format.

The following are the libraries necessary to build OpenPGP:

The purpose of this library is to help clear up the mess that is RFC 4880. It is extremely vague at best, and it took me a long time to figure out most of it. No one should have to go through that. However, knowing how PGP is structured is still good to know.

This library allows for the modification of PGP packets, such as providing incorrect checksums and public key values. That was done on purpose. I used it to test keys I created with known working values. What others do with this capability is none of my concern or responsibility.

This library should be relatively straightforward to use: Simply #include whatever functions needed:

Feature Header Namespace
key generation keygen.h OpenPGP::KeyGen
key revocation revoke.h OpenPGP::Revoke
encrypt encrypt.h OpenPGP::Encrypt
decrypt decrypt.h OpenPGP::Decrypt
sign sign.h OpenPGP::Sign
verify verify.h OpenPGP::Verify

Multiple classes inherit from the abstract base class PGP in order to make differentiating PGP block types better in code:

PGP block type Description
DetachedSignature detached signatures for files
Key base class for OpenPGP key types
PublicKey holds public keys; inherits Key
SecretKey holds private keys; inherits Key
Message holds OpenPGP Messages
RevocationCertificate holds revocation certificates

All these different types are able to read in any PGP data, but will cause problems when used. The meaningful function in these PGP objects is provided to make sure that the data contained is meaningful.

CleartextSignature does not inherit from PGP and cannot read non-Cleartext Signature data.

The exec/main.cpp file provides a simple command line tool that uses modules from the exec/modules directory to provide functionality. These can be used as examples on how to use the functions. A lot of the output was based on/inspired by pgpdump.net and GPG. The command line program can be built with make.

All data structures have some standard functions:

Function Description
read reads data without the header information
show displays the data in human readable form like the way pgpdump.net does it.
raw returns a string of packet data without the header information
write returns a string of the entire data, including the header.
clone returns a pointer to a deep copy of the object (mainly used for moving PGP data around).
Ptr a typedef for std::shared_ptr<T> for the class where the typedef is found.

operator= and the copy constructor have been overloaded for the data structures that need deep copy.

To build just the library, run make in OpenPGP/.

Notes:

Keyrings were not implemented. Rather, individual keys are read from the directory used as arguments to functions.

gpg sometimes does weird things, so if gpg compatibility is desired, define the macro GPG_COMPATIBLE when compiling.