Galaxy S II and email encryption

During the course of setting up some non-GMail accounts on my SGSII (running Andriod 4.1.2), I discovered the security options in the stock email client (not the GMail client). It lets you select whether to encrypt and/or sign all email, generate and manage secret/private keys and even import them.

I don't know if this is a stock Android email client, or a stock Samsung TouchWiz client and as far as I could tell with some quick searching, the encryption bit isn't mentioned anywhere that I could find with about 15 minutes of Google-ing.

Android Email Security Options

I did some experimenting starting with generating a public/private key pair. The key creation dialogue lets you create RSA keys that are 1024 or 2048 bits, or 1024 bit DSA keys. So it looks like something PGP or GnuPG-ish.

Android Email Key Generation Android Email Key Algorithms
Android Email Key Length

There's an option to import a key, but it doesn't let you select a location or file to import from, so it must be looking in some hardocded location.

Exporting the public key I created dumps an ASCII-armoured PGP  file into /storage/sdcard0/openpgp/export with a BCPG v1.45 version identifier

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: BCPG v1.45

Some Google searching suggests the Bouncy Castle Crypto APIs as a likely candidate for this. Their libraries include APIs for OpenPGP. So it looks like I should be able to import my existing GnuPG keys and use them to encrypt/sign my emails with this client. That will be my homework for the next post.