
GopenPGP, an open source encryption library for native applications - gallypette
https://protonmail.com/blog/openpgp-golang/
======
throwawaymath
I’m not sure I understand why Protonmail forked the Go crypto library here.
Did they fork the entire thing and make substantial changes/updates
throughout, or did they just make changes to the PGP implementation available
in Go/crypto?

Go/crypto already implements elliptic curve cryptography[1], so I’m curious
which specific elliptic curve primitives (or algorithms) they added to their
fork.

________

1\. [https://golang.org/pkg/crypto/](https://golang.org/pkg/crypto/)

~~~
w8rbt
Go wanted to deprecate OpenPGP support. But, it looks as if they have walked
that back a lot:

[https://github.com/golang/go/issues/30141](https://github.com/golang/go/issues/30141)

"We will be deprecating the packages listed above, except openpgp/, otr/ and
xts/.

I'll update the proposal and send a CL shortly."

------
pferde
I wonder if/when a C or C++ bindings to this library will be made. It would be
nice to have some alternative to GpgME.

~~~
Boulth
There is also sequoia, with an explicit goal of being easy to link to C. If
you can bear the license.

Source: [https://sequoia-pgp.org/](https://sequoia-pgp.org/)

~~~
teddyh
For those wondering, the license for Sequoia is GPLv3.

~~~
mcny
So not an option for iOS iPhone email clients?

~~~
nerdponx
Why can't you put GPL v3 software (or Apache or whatever GPL-compatible
license you prefer) into the app store?

~~~
wlesieutre
Not a lawyer, but I assume because the GPL v3 requires that other people be
able to modify the program and redistribute their modified versions. Since
Apple are the sole gatekeepers of anyone’s ability to distribute iOS apps to
users, complying with the license is problematic.

~~~
mikekchar
Here's the FSF's take on it: [https://www.fsf.org/blogs/licensing/more-about-
the-app-store...](https://www.fsf.org/blogs/licensing/more-about-the-app-
store-gpl-enforcement)

Long story short, the GPL requires you to grant a license to run the
application for any purpose. You can also not add additional constraints to
this. The App Store's terms and conditions say that you may only offer the
software to be used under the usage terms that Apple gives. These two things
are in conflict. Apple generally does not approve apps with a GPL license and
most people think it's because of this reason (as far as I know they haven't
ever made a comment about it). A few apps have apparently made it through, it
seems this has been an error on Apple's part.

------
krzyzanowskim
iOS/macOS developers have an alternative with
[https://github.com/krzyzanowskim/ObjectivePGP](https://github.com/krzyzanowskim/ObjectivePGP)
that is tailored to the Apple platforms.

