[mmh0000]

Highly true. Yet. If you complain or even offer patches (which will, always, without fail, be rejected).

You'll get told off by the GPG devs with something along the lines of "encryption is supposed to be hard".

[upofadown]

I have been following the GnuPG mailing list for some years now. I must of missed that. Could we have some references to where someone has been told something to the effect of "encryption is supposed to be hard".

[9dev]

How hard would it be to devise an easy to use wrapper on top of GPG, kind of porcelain-like?

[ognarb]

It already exists and it's called Kleopatra. It's developed by KDE with some support from the GPG developers and is part of the Gpg4Win suite.

It's used by quite a few companies and public administrations.

[akerl_]

The easier and more productive thing is to make an easy-to-use tool that does a specific workflow vs trying to be a swiss army knife.

https://github.com/FiloSottile/age is this for encrypting files.

https://en.wikipedia.org/wiki/Signify_(OpenBSD) and https://jedisct1.github.io/minisign/ are this for signing files.

Signal/Whatsapp/etc that use the Signal Protocal are this for messaging.

It turns out solving one problem at a time and ending up with a bunch of purpose-built tools is way easier to get right than trying to jam an entire toolbox into one thing.

[emmelaich]

There's a library wrapper, https://www.gnupg.org/software/gpgme/index.html

>GnuPG Made Easy (GPGME) is a library designed to make access to GnuPG easier for applications. It provides a High-Level Crypto API for encryption, decryption, signing, signature verification and key management. Currently it uses GnuPG's OpenPGP backend as the default, but the API isn't restricted to this engine. We have, in fact, already developed a backend for CMS (S/MIME).

[thayne]

You may be interested in https://sequoia-pgp.org/

It isn't exactly a wrapper, but it has an easier to use interface (as well as a more gpg compatible interface).