ProtonBlog(new window)

Introducing GopenPGP, an open source encryption library for native applications

Share this page

In 2016, Proton Mail became the maintainer(new window) of OpenPGP.js, the world’s most widely used Javascript email encryption library. Since then we have updated the library with new features(new window), such as streaming encryption; assisted developers(new window) to adopt the library in their own applications; and submitted the library to independent security audits(new window).

Today, we are happy to announce another open source project that will be maintained by Proton Mail: GopenPGP(new window). This project consists of a high-level OpenPGP library, as well as a fork of the golang crypto library. We started this project to make it easier for mobile and desktop developers to use OpenPGP encryption in their apps.

We’re excited about GopenPGP for two main reasons. First, we believe more people should have access to encrypted communications, and an easy-to-use encryption library for mobile developers is an important step forward in that mission. Second, the release of GopenPGP paves the way to open sourcing the Proton Mail mobile and desktop apps, which has been a high priority for our team and for our users (our web app has already been open sourced since 2015).

What is GopenPGP?

GopenPGP (a portmanteau of Go and OpenPGP) is a high-level OpenPGP library(new window) that we have developed for use in our own Android and iOS(new window), Bridge(new window), and Import-Export(new window) apps, as well as a fork of the golang crypto library(new window), which the high-level library is built on.

The GopenPGP library makes it easy to perform simple operations, such as encrypt, decrypt, sign and verify messages, manage keys, etc., without having to deal with complicated cryptographic concepts. This high-level interface is compatible with go-mobile, a popular tool for building mobile apps written in Go.

Meanwhile, our fork contains a number of new features, bug fixes, and security improvements. It supports elliptic curve cryptography, providing more efficient and secure encryption on mobile devices. We’re working with the maintainers of the golang OpenPGP library to contribute these changes back.

Both of these libraries have been audited by SEC Consult(new window) and will always be available from our new web portal at gopenpgp.org and on Github(new window). GopenPGP is a free and open source software released under the MIT license.

GopenPGP roadmap

Over the last few weeks, we have been in discussions with the maintainers of the golang OpenPGP library about including our improvements there. Either way, we will continue to maintain our fork and the GopenPGP wrapper library on gopenpgp.org.

We invite the developer community to join us and help us to make GopenPGP as successful as OpenPGP.js has been. Already, millions of end users rely on GopenPGP for secure mobile communications via the Proton Mail apps. Our mission is to help more developers start encrypting and spread access to online privacy.

We invite your feedback, contributions, and questions at https://github.com/ProtonMail/gopenpgp(new window) and https://github.com/ProtonMail/crypto(new window).

Best Regards,
The Proton Mail Team

You can get a free secure email account from Proton Mail here(new window).

We also provide a free VPN service(new window) to protect your privacy.

Proton Mail and Proton VPN are funded by community contributions. If you would like to support our development efforts, you can upgrade to a paid plan. Thank you for your support.

Protect your privacy with Proton
Create a free account

Share this page

Ben Wolford(new window)

Ben Wolford is a writer and editor whose work has appeared in major newspapers and magazines around the world. Ben joined Proton in 2018 to help to explain technical concepts in privacy and make Proton products easy to use.

Related articles

What was your first pet’s name? In what city were you born?  We’ve all had to answer these questions to reset a long-forgotten password, but consider how that works. Much of this information is easy to find for others (or easily forgotten by you), m
In the early days when Proton started, we often received a question along the lines of “I love the product and what Proton stands for, but how do I know you will still be around to protect my data 10 years from now?”  Ten years and 100 million accou
Credential stuffing is a popular type of cyberattack where attackers take login credentials and use them on thousands of websites, hoping to fraudulently gain access to people’s accounts. It’s an effective attack, but fortunately, one that’s easy to
With Skiff abruptly shutting down operations, many people are on the lookout for alternatives that don’t compromise on privacy — and won’t suddenly disappear. People were attracted to Skiff because it promised privacy, no ads, end-to-end encryption,
Skiff is dead. On Feb. 9, the email company Skiff announced it was being bought by Notion. Many Skiff customers have been shocked by this news, as their inboxes have been sold out from under them. Skiff gave people six months to export their data be
Looking into the Dropbox privacy policy
Dropbox was the first mainstream cloud storage provider, and still the biggest player on the market, with 700 million users in 2022. We took a dive into Dropbox’s privacy policy to see how well the company protects the personal data of those millions