Inspiration
Frustration with GPG's ridiculous complexity. Also inspired by last year's project, but written totally from scratch.
What it does
JFPG attempts to be a very small, simplified replacement for GPG, but with modern crypto. It currently does encryption, decryption, signing, and verification. It uses Ed25519, Curve25519 and Xsalsa20-Poly1305 as its crypto primitives.
How I built it
I used Tweetnacl, a very small crypto library written by Dan Bernstein. This means that JFPG doesn't require any dependencies to compile and run on Unix. Everything it needs is in the code.
Challenges I ran into
I wrote this on OpenBSD, so portability with Linux is a pain because glibc doesn't include many secure C functions that OpenBSD has. All of these had to be provided.
Accomplishments that I'm proud of
It covers the basics of GPG/PGP, but uses much less code, much more secure ciphers, and a better source of random numbers.
What I learned
I learned how to fix lots of little memory handling issues and write more portable C code.
What's next for JFPG
Add forward secrecy
Built With
- c
- tweetnacl
Log in or sign up for Devpost to join the conversation.