Merge pull request #2450 from csoler/v0.6-PGPHandler

V0.6 pgp handler
2025-06-21 12:54:26 -04:00 · 2021-12-18 15:30:14 +01:00 · 2021-12-18 15:30:14 +01:00 · b971148931
commit b971148931
parent d3a36f216f 56e17f077e
27 changed files with 2367 additions and 2177 deletions
--- a/libretroshare/src/gossipdiscovery/p3gossipdiscovery.cc
+++ b/libretroshare/src/gossipdiscovery/p3gossipdiscovery.cc
@ -107,7 +107,7 @@ p3discovery2::p3discovery2(
 	addSerialType(new RsDiscSerialiser());
 	// Add self into PGP FriendList.
-	mFriendList[AuthGPG::getAuthGPG()->getGPGOwnId()] = DiscPgpInfo();
+    mFriendList[AuthPGP::getPgpOwnId()] = DiscPgpInfo();
 }
@ -219,7 +219,7 @@ void p3discovery2::removeFriend(const RsPeerId &sslId)
 		std::cerr << std::endl;
 #endif
 		/* pgp peer without any ssl entries -> check if they are still a real friend */
-		if (!(AuthGPG::getAuthGPG()->isGPGAccepted(pgpId)))
+        if (!(AuthPGP::isPGPAccepted(pgpId)))
 		{
 #ifdef P3DISC_DEBUG
 			std::cerr << "p3discovery2::addFriend() pgpId is no longer a friend, removing";
@ -604,8 +604,8 @@ void p3discovery2::updatePgpFriendList()
 	std::list<RsPgpId>::iterator lit;
 	std::map<RsPgpId, DiscPgpInfo>::iterator it;
-	RsPgpId ownPgpId = AuthGPG::getAuthGPG()->getGPGOwnId();
+    RsPgpId ownPgpId = AuthPGP::getPgpOwnId();
-    AuthGPG::getAuthGPG()->getGPGAcceptedList(pgpList);
+    AuthPGP::getPgpAcceptedList(pgpList);
 	pgpList.push_back(ownPgpId);
 	// convert to set for ordering.
@ -723,7 +723,7 @@ void p3discovery2::processPGPList(const RsPeerId &fromId, const RsDiscPgpListIte
 		std::set<RsPgpId>::const_iterator fit;
 		for(fit = item->pgpIdSet.ids.begin(); fit != item->pgpIdSet.ids.end(); ++fit)
 		{
-			if (!AuthGPG::getAuthGPG()->isGPGId(*fit))
+            if (!AuthPGP::isPGPId(*fit))
 			{
 #ifdef P3DISC_DEBUG
 				std::cerr << "p3discovery2::processPGPList() requesting certificate for PgpId: " << *fit;
@ -1058,11 +1058,11 @@ void p3discovery2::recvPGPCertificateRequest( const RsPeerId& fromId, const RsDi
 		return;
    }
-	RsPgpId ownPgpId = AuthGPG::getAuthGPG()->getGPGOwnId();
+    RsPgpId ownPgpId = AuthPGP::getPgpOwnId();
 	for(const RsPgpId& pgpId : item->pgpIdSet.ids)
 		if (pgpId == ownPgpId)
 			sendPGPCertificate(pgpId, fromId);
-		else if(ps.vs_disc != RS_VS_DISC_OFF && AuthGPG::getAuthGPG()->isGPGAccepted(pgpId))
+        else if(ps.vs_disc != RS_VS_DISC_OFF && AuthPGP::isPGPAccepted(pgpId))
 			sendPGPCertificate(pgpId, fromId);
 		else
            std::cerr << "(WW) not sending certificate " << pgpId << " asked by friend " << fromId << " because this either this cert is not a friend, or discovery is off" << std::endl;
@ -1078,7 +1078,7 @@ void p3discovery2::sendPGPCertificate(const RsPgpId &aboutId, const RsPeerId &to
    unsigned char *bin_data;
    size_t bin_len;
-	if(!AuthGPG::getAuthGPG()->exportPublicKey(aboutId,bin_data,bin_len,false,true))
+    if(!AuthPGP::exportPublicKey(aboutId,bin_data,bin_len,false,true))
    {
        std::cerr << "(EE) cannot export public key " << aboutId << " requested by peer " << toId << std::endl;
 		return ;
@ -1098,7 +1098,7 @@ void p3discovery2::recvPGPCertificate(const RsPeerId& fromId, RsDiscPgpKeyItem*
 	std::string cert_name;
 	std::list<RsPgpId> cert_signers;
-	if(!AuthGPG::getAuthGPG()->getGPGDetailsFromBinaryBlock( (unsigned char*)item->bin_data,item->bin_len, cert_pgp_id, cert_name, cert_signers ))
+    if(!AuthPGP::getPgpDetailsFromBinaryBlock( (unsigned char*)item->bin_data,item->bin_len, cert_pgp_id, cert_name, cert_signers ))
 	{
 		std::cerr << "(EE) cannot parse own PGP key sent by " << fromId << std::endl;
 		return;
@ -1147,7 +1147,7 @@ void p3discovery2::recvPGPCertificate(const RsPeerId& fromId, RsDiscPgpKeyItem*
    // otherwise the connection should already be accepted. This only happens when the short invite peer sends its own PGP key.
    if(det.skip_pgp_signature_validation)
-		AuthGPG::getAuthGPG()->AllowConnection(det.gpg_id,true);
+        AuthPGP::AllowConnection(det.gpg_id,true);
 }
        /************* from pqiServiceMonitor *******************/
--- a/libretroshare/src/gxs/rsgxsnetservice.cc
+++ b/libretroshare/src/gxs/rsgxsnetservice.cc
@ -4704,7 +4704,7 @@ bool RsGxsNetService::checkPermissionsForFriendGroup(const RsPeerId& sslId,const
        if(!grpMeta.mInternalCircle.isNull())
        {
            RsGroupInfo ginfo ;
-                    RsPgpId pgpId = mPgpUtils->getPGPId(sslId) ;
+                    RsPgpId pgpId = mPgpUtils->getPgpId(sslId) ;
 #ifdef NXS_NET_DEBUG_4
            GXSNETDEBUG_PG(sslId,grpMeta.mGroupId) << "   Group internal circle: " << grpMeta.mInternalCircle << ", We're owner. Sending to everyone in the group." << std::endl;
--- a/libretroshare/src/gxs/rsgxsnetutils.cc
+++ b/libretroshare/src/gxs/rsgxsnetutils.cc
@ -223,7 +223,7 @@ bool GrpCircleVetting::canSend(
 {
 	if(mCircles->isLoaded(circleId))
 	{
-		const RsPgpId& pgpId = mPgpUtils->getPGPId(peerId);
+		const RsPgpId& pgpId = mPgpUtils->getPgpId(peerId);
 		return mCircles->canSend(circleId, pgpId,should_encrypt);
 	}
@ -302,7 +302,7 @@ bool MsgCircleIdsRequestVetting::cleared()
    if(filtered_out_msgs>0)
        std::cerr << "(WW) " << filtered_out_msgs << " messages not sent because they are signed by author(s) not member of that circle " << mCircleId << std::endl;
-    RsPgpId pgpId = mPgpUtils->getPGPId(mPeerId);
+    RsPgpId pgpId = mPgpUtils->getPgpId(mPeerId);
    bool can_send_res = mCircles->canSend(mCircleId, pgpId,mShouldEncrypt);
    if(mShouldEncrypt)		// that means the circle is external
--- a/libretroshare/src/libretroshare.pro
+++ b/libretroshare/src/libretroshare.pro
@ -363,6 +363,7 @@ HEADERS += chat/distantchat.h \
 HEADERS +=	pqi/authssl.h \
 			pqi/authgpg.h \
 			pgp/pgphandler.h \
 			pgp/openpgpsdkhandler.h \
 			pgp/pgpkeyutil.h \
 			pgp/rscertificate.h \
 			pgp/pgpauxutils.h \
@ -535,6 +536,7 @@ SOURCES += chat/distantchat.cc \
 SOURCES +=	pqi/authgpg.cc \
 			pqi/authssl.cc \
 			pgp/pgphandler.cc \
 			pgp/openpgpsdkhandler.cc \
 			pgp/pgpkeyutil.cc \
 			pgp/rscertificate.cc \
 			pgp/pgpauxutils.cc \
--- a/libretroshare/src/pgp/openpgpsdkhandler.cc
+++ b/libretroshare/src/pgp/openpgpsdkhandler.cc
--- a/libretroshare/src/pgp/openpgpsdkhandler.h
+++ b/libretroshare/src/pgp/openpgpsdkhandler.h
@ -0,0 +1,116 @@
 /*******************************************************************************
 * libretroshare/src/pgp: pgphandler.h                                         *
 *                                                                             *
 * libretroshare: retroshare core library                                      *
 *                                                                             *
 * Copyright 2018 Cyril Soler <csoler@users.sourceforge.net>                   *
 *                                                                             *
 * This program is free software: you can redistribute it and/or modify        *
 * it under the terms of the GNU Lesser General Public License as              *
 * published by the Free Software Foundation, either version 3 of the          *
 * License, or (at your option) any later version.                             *
 *                                                                             *
 * This program is distributed in the hope that it will be useful,             *
 * but WITHOUT ANY WARRANTY; without even the implied warranty of              *
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the                *
 * GNU Lesser General Public License for more details.                         *
 *                                                                             *
 * You should have received a copy of the GNU Lesser General Public License    *
 * along with this program. If not, see <https://www.gnu.org/licenses/>.       *
 *                                                                             *
 *******************************************************************************/
 #pragma once
 #include <stdint.h>
 #include <string>
 #include <list>
 #include <map>
 #include <set>
 #include "util/rsthreads.h"
 #include "pgp/pgphandler.h"
 #include "retroshare/rstypes.h"
 extern "C" {
    // we should make sure later on to get rid of these structures in the .h
    #include "openpgpsdk/keyring.h"
 }
 /// This class offer an abstract pgp handler to be used in RetroShare.
 class OpenPGPSDKHandler: public PGPHandler
 {
 public:
        OpenPGPSDKHandler(	const std::string& path_to_public_keyring,
 						const std::string& path_to_secret_keyring, 
 						const std::string& path_to_trust_database, 
 						const std::string& pgp_lock_file) ;
        virtual ~OpenPGPSDKHandler() ;
        //================================================================================================//
        //                                Implemented API from PGPHandler                                 //
        //================================================================================================//
        //virtual std::string makeRadixEncodedPGPKey(uint32_t key_index,bool include_signatures) override;
        virtual bool removeKeysFromPGPKeyring(const std::set<RsPgpId>& key_ids,std::string& backup_file,uint32_t& error_code) override;
        virtual bool availableGPGCertificatesWithPrivateKeys(std::list<RsPgpId>& ids) override;
        virtual bool GeneratePGPCertificate(const std::string& name, const std::string& email, const std::string& passphrase, RsPgpId& pgpId, const int keynumbits, std::string& errString) override;
        virtual std::string SaveCertificateToString(const RsPgpId& id,bool include_signatures) const override;
        virtual bool exportPublicKey( const RsPgpId& id, unsigned char*& mem_block, size_t& mem_size, bool armoured, bool include_signatures ) const override;
        virtual bool exportGPGKeyPair(const std::string& filename,const RsPgpId& exported_key_id) const override;
        virtual bool exportGPGKeyPairToString( std::string& data, const RsPgpId& exportedKeyId, bool includeSignatures, std::string& errorMsg ) const override;
        virtual bool getGPGDetailsFromBinaryBlock(const unsigned char *mem_block,size_t mem_size,RsPgpId& key_id, std::string& name, std::list<RsPgpId>& signers) const override;
        virtual bool importGPGKeyPair(const std::string& filename,RsPgpId& imported_key_id,std::string& import_error) override;
        virtual bool importGPGKeyPairFromString(const std::string &data, RsPgpId &imported_key_id, std::string &import_error) override;
        virtual bool LoadCertificateFromBinaryData(const unsigned char *data,uint32_t data_len,RsPgpId& id,std::string& error_string) override;
        virtual bool LoadCertificateFromString(const std::string& pgp_cert,RsPgpId& id,std::string& error_string) override;
        virtual bool encryptTextToFile(const RsPgpId& key_id,const std::string& text,const std::string& outfile) override;
        virtual bool encryptDataBin(const RsPgpId& key_id,const void *data, const uint32_t len, unsigned char *encrypted_data, unsigned int *encrypted_data_len) override;
        virtual bool decryptDataBin(const RsPgpId& /*key_id*/,const void *encrypted_data, const uint32_t encrypted_len, unsigned char *data, unsigned int *data_len) override;
        virtual bool decryptTextFromFile(const RsPgpId&,std::string& text,const std::string& inputfile) override;
        virtual bool SignDataBin(const RsPgpId& id,const void *data, const uint32_t len, unsigned char *sign, unsigned int *signlen,bool use_raw_signature, std::string reason /* = "" */) override;
        virtual bool privateSignCertificate(const RsPgpId& ownId,const RsPgpId& id_of_key_to_sign) override;
        virtual bool VerifySignBin(const void *literal_data, uint32_t literal_data_length, unsigned char *sign, unsigned int sign_len, const PGPFingerprintType& key_fingerprint) override;
        virtual bool getKeyFingerprint(const RsPgpId& id, RsPgpFingerprint& fp) const override;
        virtual bool haveSecretKey(const RsPgpId& id) const override;
        virtual bool syncDatabase() override;
    private:
        bool locked_syncPublicKeyring() ;
        void initCertificateInfo(PGPCertificateInfo& cert,const ops_keydata_t *keydata,uint32_t i) ;
        bool LoadCertificate(const unsigned char *data,uint32_t data_len,bool armoured,RsPgpId& id,std::string& error_string) ;
 		// Returns true if the signatures have been updated
 		//
 		bool validateAndUpdateSignatures(PGPCertificateInfo& cert,const ops_keydata_t *keydata) ;
        /** Check public/private key and import them into the keyring
         * @param keyring keyring with the new public/private key pair. Will be freed by the function.
         * @param imported_key_id PGP id of the imported key
         * @param import_error human readbale error message
         * @returns true on success
         * */
        bool checkAndImportKeyPair(ops_keyring_t *keyring, RsPgpId& imported_key_id,std::string& import_error);
 		const ops_keydata_t *locked_getPublicKey(const RsPgpId&,bool stamp_the_key) const;
 		const ops_keydata_t *locked_getSecretKey(const RsPgpId&) const ;
 		void locked_mergeKeyringFromDisk(ops_keyring_t *keyring, std::map<RsPgpId,PGPCertificateInfo>& kmap, const std::string& keyring_file) ;
 		bool locked_addOrMergeKey(ops_keyring_t *keyring,std::map<RsPgpId,PGPCertificateInfo>& kmap,const ops_keydata_t *keydata) ;
 		// Members.
 		//
 		ops_keyring_t *_pubring ;
 		ops_keyring_t *_secring ;
        void printOPSKeys() const;
        // Helper functions.
 		//
 		static std::string makeRadixEncodedPGPKey(const ops_keydata_t *key,bool include_signatures) ;
 		static ops_keyring_t *allocateOPSKeyring() ;
 		static void addNewKeyToOPSKeyring(ops_keyring_t*, const ops_keydata_t&) ;
 		static bool mergeKeySignatures(ops_keydata_t *dst,const ops_keydata_t *src) ;	// returns true if signature lists are different
 };
--- a/libretroshare/src/pgp/pgpauxutils.cc
+++ b/libretroshare/src/pgp/pgpauxutils.cc
@ -34,17 +34,17 @@ PgpAuxUtilsImpl::PgpAuxUtilsImpl()
 const RsPgpId& PgpAuxUtilsImpl::getPGPOwnId() 
 {
-	return AuthGPG::getAuthGPG()->getGPGOwnId();
+    return AuthPGP::getPgpOwnId();
 }
-RsPgpId PgpAuxUtilsImpl::getPGPId(const RsPeerId& sslid)
+RsPgpId PgpAuxUtilsImpl::getPgpId(const RsPeerId& sslid)
 {
 	return rsPeers->getGPGId(sslid);
 }
 bool PgpAuxUtilsImpl::getKeyFingerprint(const RsPgpId& id,PGPFingerprintType& fp) const
 {
-	return AuthGPG::getAuthGPG()->getKeyFingerprint(id, fp);
+    return AuthPGP::getKeyFingerprint(id, fp);
 }
 bool PgpAuxUtilsImpl::VerifySignBin(const void *data, 
@ -54,17 +54,17 @@ bool PgpAuxUtilsImpl::VerifySignBin(const void *data,
 		const PGPFingerprintType& withfingerprint)
 {
-	return AuthGPG::getAuthGPG()->VerifySignBin(data, len, sign, signlen, withfingerprint);
+    return AuthPGP::VerifySignBin(data, len, sign, signlen, withfingerprint);
 }
-bool PgpAuxUtilsImpl::getGPGAllList(std::list<RsPgpId> &ids)
+bool PgpAuxUtilsImpl::getPgpAllList(std::list<RsPgpId> &ids)
 {
-	return AuthGPG::getAuthGPG()->getGPGAllList(ids);
+    return AuthPGP::getPgpAllList(ids);
 }
 bool PgpAuxUtilsImpl::parseSignature(unsigned char *sign, unsigned int signlen, RsPgpId& issuer) const 
 {
-	return AuthGPG::getAuthGPG()->parseSignature(sign,signlen,issuer);
+    return AuthPGP::parseSignature(sign,signlen,issuer);
 }
--- a/libretroshare/src/pgp/pgpauxutils.h
+++ b/libretroshare/src/pgp/pgpauxutils.h
@ -35,8 +35,8 @@ class PgpAuxUtils
 	virtual ~PgpAuxUtils(){}
 	virtual const RsPgpId &getPGPOwnId()  = 0;
-	virtual RsPgpId getPGPId(const RsPeerId& sslid) = 0;
+    virtual RsPgpId getPgpId(const RsPeerId& sslid) = 0;
-	virtual bool getGPGAllList(std::list<RsPgpId> &ids) = 0;
+    virtual bool getPgpAllList(std::list<RsPgpId> &ids) = 0;
 	virtual	bool getKeyFingerprint(const RsPgpId& id,PGPFingerprintType& fp) const = 0;
 	virtual bool parseSignature(unsigned char *sign, unsigned int signlen, RsPgpId& issuer) const =0;
@ -49,12 +49,12 @@ public:
 	PgpAuxUtilsImpl();
 	virtual const RsPgpId &getPGPOwnId();
-	virtual RsPgpId getPGPId(const RsPeerId& sslid);
+    virtual RsPgpId getPgpId(const RsPeerId& sslid);
 	virtual bool parseSignature(unsigned char *sign, unsigned int signlen, RsPgpId& issuer) const ;
 	virtual	bool getKeyFingerprint(const RsPgpId& id,PGPFingerprintType& fp) const;
 	virtual bool VerifySignBin(const void *data, uint32_t len, unsigned char *sign, unsigned int signlen, const PGPFingerprintType& withfingerprint);
-	virtual bool getGPGAllList(std::list<RsPgpId> &ids);
+    virtual bool getPgpAllList(std::list<RsPgpId> &ids);
 };
--- a/libretroshare/src/pgp/pgphandler.cc
+++ b/libretroshare/src/pgp/pgphandler.cc
--- a/libretroshare/src/pgp/pgphandler.h
+++ b/libretroshare/src/pgp/pgphandler.h
@ -29,12 +29,6 @@
 #include <util/rsthreads.h>
 #include <retroshare/rstypes.h>
 extern "C" {
 #include <openpgpsdk/types.h>
 #include <openpgpsdk/keyring.h>
 #include <openpgpsdk/keyring_local.h>
 }
 typedef std::string (*PassphraseCallback)(void *data, const char *uid_title, const char *uid_hint, const char *passphrase_info, int prev_was_bad,bool *cancelled) ;
 class PGPCertificateInfo
@ -56,9 +50,11 @@ class PGPCertificateInfo
 		mutable rstime_t _time_stamp ;		// last time the key was used (received, used for signature verification, etc)
 		PGPFingerprintType _fpr;           /* fingerprint */
 	//	RsPgpId          _key_id ;
-		uint32_t _key_index ;			// index to array of keys in the public keyring 
+        // Index to array of keys in the public keyring. Dependign on the specific implementation
        // of how the keyring is stored, this may be used differently.
        uint32_t _key_index ;
 		static const uint32_t PGP_CERTIFICATE_FLAG_ACCEPT_CONNEXION      = 0x0001 ;
 		static const uint32_t PGP_CERTIFICATE_FLAG_HAS_OWN_SIGNATURE     = 0x0002 ;
@ -87,46 +83,80 @@ public:
 		virtual ~PGPHandler() ;
        //=======================================================================================//
        //      Methods that needs to be derived depending on how PGP is implemented             //
        //=======================================================================================//
        // Removes the given keys from the keyring. Also backup the keyring to a file which name is automatically generated
        // and given pack for proper display.
        //
        virtual bool removeKeysFromPGPKeyring(const std::set<RsPgpId>& key_ids,std::string& backup_file,uint32_t& error_code) =0;
        //virtual std::string makeRadixEncodedPGPKey(uint32_t key_index,bool include_signatures) =0;
        virtual bool availableGPGCertificatesWithPrivateKeys(std::list<RsPgpId>& ids)=0;
        virtual bool GeneratePGPCertificate(const std::string& name, const std::string& email, const std::string& passwd, RsPgpId& pgpId, const int keynumbits, std::string& errString) =0;
        virtual std::string SaveCertificateToString(const RsPgpId& id,bool include_signatures) const=0;
        /** The caller is in charge of freeing `mem` once finished */
        virtual bool exportPublicKey( const RsPgpId& id, unsigned char*& mem_block, size_t& mem_size, bool armoured, bool include_signatures ) const =0;
        virtual bool exportGPGKeyPair(const std::string& filename,const RsPgpId& exported_key_id) const=0;
        virtual bool exportGPGKeyPairToString( std::string& data, const RsPgpId& exportedKeyId, bool includeSignatures, std::string& errorMsg ) const =0;
        // Gets info about the key. Who are the signers, what's the owner's name, etc.
        //
        virtual bool getGPGDetailsFromBinaryBlock(const unsigned char *mem,size_t mem_size,RsPgpId& key_id, std::string& name, std::list<RsPgpId>& signers) const =0;
        virtual bool importGPGKeyPair(const std::string& filename,RsPgpId& imported_id,std::string& import_error) =0;
        /**
 		 * @param ids list of gpg certificate ids (note, not the actual certificates)
 		 */
 		bool getGPGFilteredList(std::list<RsPgpId>& list,bool (*filter)(const PGPCertificateInfo&) = NULL) const ;
 		bool haveSecretKey(const RsPgpId& id) const ;
-		bool importGPGKeyPair(const std::string& filename,RsPgpId& imported_id,std::string& import_error) ;
+        virtual	bool importGPGKeyPairFromString(const std::string& data,RsPgpId& imported_id,std::string& import_error) =0;
 		bool importGPGKeyPairFromString(const std::string& data,RsPgpId& imported_id,std::string& import_error) ;
 		bool exportGPGKeyPair(const std::string& filename,const RsPgpId& exported_id) const ;
 		bool exportGPGKeyPairToString(
 		        std::string& data, const RsPgpId& exportedKeyId,
 		        bool includeSignatures, std::string& errorMsg ) const;
-		bool availableGPGCertificatesWithPrivateKeys(std::list<RsPgpId>& ids);
+        virtual bool LoadCertificateFromString(const std::string& pem, RsPgpId& gpg_id, std::string& error_string)=0;
-		bool GeneratePGPCertificate(const std::string& name, const std::string& email, const std::string& passwd, RsPgpId& pgpId, const int keynumbits, std::string& errString) ;
+        virtual bool LoadCertificateFromBinaryData(const unsigned char *bin_data,uint32_t bin_data_len, RsPgpId& gpg_id, std::string& error_string)=0;
-		bool LoadCertificateFromString(const std::string& pem, RsPgpId& gpg_id, std::string& error_string);
+        virtual bool encryptTextToFile(const RsPgpId& key_id,const std::string& text,const std::string& outfile) =0;
-		bool LoadCertificateFromBinaryData(const unsigned char *bin_data,uint32_t bin_data_len, RsPgpId& gpg_id, std::string& error_string);
+        virtual bool decryptTextFromFile(const RsPgpId& key_id,std::string& text,const std::string& encrypted_inputfile) =0;
 		std::string SaveCertificateToString(const RsPgpId& id,bool include_signatures) const ;
 		/** The caller is in charge of freeing `mem` once finished */
 		bool exportPublicKey( const RsPgpId& id,
 		                      unsigned char*& mem, size_t& mem_size,
 		                      bool armoured, bool include_signatures) const;
 		bool parseSignature(unsigned char *sign, unsigned int signlen,RsPgpId& issuer_id) ;
 		bool SignDataBin(const RsPgpId& id, const void *data, const uint32_t len, unsigned char *sign, unsigned int *signlen, bool make_raw_signature=false, std::string reason = "") ;
 		bool VerifySignBin(const void *data, uint32_t data_len, unsigned char *sign, unsigned int sign_len, const PGPFingerprintType& withfingerprint) ;
 		bool privateSignCertificate(const RsPgpId& own_id,const RsPgpId& id_of_key_to_sign) ;
        // The client should supply a memory chunk to store the data. The length will be updated to the real length of the data.
        //
-		bool encryptDataBin(const RsPgpId& key_id,const void *data, const uint32_t len
+        virtual bool encryptDataBin(const RsPgpId& key_id,const void *data, const uint32_t len , unsigned char *encrypted_data, unsigned int *encrypted_data_len) =0;
-		                    , unsigned char *encrypted_data, unsigned int *encrypted_data_len) ;
+        virtual bool decryptDataBin(const RsPgpId& key_id,const void *encrypted_data, const uint32_t encrypted_len , unsigned char *data, unsigned int *data_len) =0;
 		bool decryptDataBin(const RsPgpId& key_id,const void *encrypted_data, const uint32_t encrypted_len
 		                    , unsigned char *data, unsigned int *data_len) ;
-		bool encryptTextToFile(const RsPgpId& key_id,const std::string& text,const std::string& outfile) ;
+        virtual bool SignDataBin(const RsPgpId& id, const void *data, const uint32_t len, unsigned char *sign, unsigned int *signlen, bool make_raw_signature=false, std::string reason = "") =0;
-		bool decryptTextFromFile(const RsPgpId& key_id,std::string& text,const std::string& encrypted_inputfile) ;
+        virtual bool privateSignCertificate(const RsPgpId& own_id,const RsPgpId& id_of_key_to_sign) =0;
        virtual bool VerifySignBin(const void *data, uint32_t data_len, unsigned char *sign, unsigned int sign_len, const PGPFingerprintType& withfingerprint) =0;
        /**
         * @brief Get PGP fingerprint for the given key
         * @param id PGP 64bit key id
         * @param fp storage for the retrived key fingerpring, the contained value
         *	is meaningfull only if true is returned
         * @return true if the key was found, false if not
         */
        virtual bool getKeyFingerprint(const RsPgpId& id, RsPgpFingerprint& fp) const=0;
        virtual bool haveSecretKey(const RsPgpId& id) const =0;
        // Syncs the keyrings and trust database between memory and disk. The algorithm is:
        // 1 - lock the keyrings
        // 2 - compare file modification dates with last writing date
        // 		- if file is modified, load it, and merge with memory
        // 3 - look into memory modification flags
        // 		- if flag says keyring has changed, write to disk
        //
        virtual bool syncDatabase() =0;
        //=======================================================================================//
        //                              Common methods to PGPHandler                             //
        //=======================================================================================//
 		bool getGPGFilteredList(std::list<RsPgpId>& list,bool (*filter)(const PGPCertificateInfo&) = NULL) const ;
        bool parseSignature(unsigned char *sign, unsigned int signlen,RsPgpId& issuer_id) ;
 		void setAcceptConnexion(const RsPgpId&,bool) ;
@ -135,11 +165,6 @@ public:
 		void locked_updateOwnSignatureFlag(PGPCertificateInfo&, const RsPgpId&, PGPCertificateInfo&, const RsPgpId&) ;
 		// Removes the given keys from the keyring. Also backup the keyring to a file which name is automatically generated
 		// and given pack for proper display.
 		//
 		bool removeKeysFromPGPKeyring(const std::set<RsPgpId>& key_ids,std::string& backup_file,uint32_t& error_code) ;
 		//bool isKeySupported(const RsPgpId& id) const ;
 		bool privateTrustCertificate(const RsPgpId& id,int valid_level) ;	
@ -174,66 +199,18 @@ public:
 	 */
 	static RsPgpId pgpIdFromFingerprint(const RsPgpFingerprint& f);
 	/**
 	 * @brief Get PGP fingerprint for the given key
 	 * @param id PGP 64bit key id
 	 * @param fp storage for the retrived key fingerpring, the contained value
 	 *	is meaningfull only if true is returned
 	 * @return true if the key was found, false if not
 	 */
 	bool getKeyFingerprint(const RsPgpId& id, RsPgpFingerprint& fp) const;
 		// Gets info about the key. Who are the signers, what's the owner's name, etc.
 		//
 		bool getGPGDetailsFromBinaryBlock(const unsigned char *mem,size_t mem_size,RsPgpId& key_id, std::string& name, std::list<RsPgpId>& signers) const ;
 		// Debug stuff.
 		virtual bool printKeys() const ;
-		// Syncs the keyrings and trust database between memory and disk. The algorithm is:
+    protected:
 		// 1 - lock the keyrings
 		// 2 - compare file modification dates with last writing date
 		// 		- if file is modified, load it, and merge with memory
 		// 3 - look into memory modification flags
 		// 		- if flag says keyring has changed, write to disk
 		//
 		bool syncDatabase() ;
 	private:
 		bool LoadCertificate(const unsigned char *bin_data,uint32_t bin_data_len, bool armoured, RsPgpId& gpg_id, std::string& error_string);
 		void initCertificateInfo(PGPCertificateInfo& cert,const ops_keydata_t *keydata,uint32_t i) ;
 		// Returns true if the signatures have been updated
 		//
 		bool validateAndUpdateSignatures(PGPCertificateInfo& cert,const ops_keydata_t *keydata) ;
        /** Check public/private key and import them into the keyring
         * @param keyring keyring with the new public/private key pair. Will be freed by the function.
         * @param imported_key_id PGP id of the imported key
         * @param import_error human readbale error message
         * @returns true on success
         * */
        bool checkAndImportKeyPair(ops_keyring_t *keyring, RsPgpId& imported_key_id,std::string& import_error);
 		const ops_keydata_t *locked_getPublicKey(const RsPgpId&,bool stamp_the_key) const;
 		const ops_keydata_t *locked_getSecretKey(const RsPgpId&) const ;
 		void locked_readPrivateTrustDatabase() ;
 		bool locked_writePrivateTrustDatabase() ;
 		bool locked_syncPublicKeyring() ;
        bool locked_syncTrustDatabase() ;
 		void locked_mergeKeyringFromDisk(ops_keyring_t *keyring, std::map<RsPgpId,PGPCertificateInfo>& kmap, const std::string& keyring_file) ;
 		bool locked_addOrMergeKey(ops_keyring_t *keyring,std::map<RsPgpId,PGPCertificateInfo>& kmap,const ops_keydata_t *keydata) ;
 		// Members.
 		//
 		mutable RsMutex pgphandlerMtx ;
 		ops_keyring_t *_pubring ;
 		ops_keyring_t *_secring ;
 		std::map<RsPgpId,PGPCertificateInfo> _public_keyring_map ;	// used for fast access to keys. Gives the index in the keyring.
 		std::map<RsPgpId,PGPCertificateInfo> _secret_keyring_map ;
@ -249,11 +226,5 @@ public:
 		rstime_t _secring_last_update_time ;
 		rstime_t _trustdb_last_update_time ;
 		// Helper functions.
 		//
 		static std::string makeRadixEncodedPGPKey(const ops_keydata_t *key,bool include_signatures) ;
 		static ops_keyring_t *allocateOPSKeyring() ;
 		static void addNewKeyToOPSKeyring(ops_keyring_t*, const ops_keydata_t&) ;
 		static PassphraseCallback _passphrase_callback ;
 		static bool mergeKeySignatures(ops_keydata_t *dst,const ops_keydata_t *src) ;	// returns true if signature lists are different
 };
--- a/libretroshare/src/pqi/authgpg.cc
+++ b/libretroshare/src/pqi/authgpg.cc
@ -46,7 +46,7 @@
 //const rstime_t STORE_KEY_TIMEOUT = 1 * 60 * 60; //store key is call around every hour
-AuthGPG *AuthGPG::_instance = NULL ;
+AuthPGP *AuthPGP::_instance = NULL ;
 void cleanupZombies(int numkill); // function to cleanup zombies under OSX.
@ -54,34 +54,46 @@ void cleanupZombies(int numkill); // function to cleanup zombies under OSX.
 /* Function to sign X509_REQ via GPGme.  */
-bool AuthGPG::decryptTextFromFile(std::string& text,const std::string& inputfile)
+int AuthPGP::availablePgpCertificatesWithPrivateKeys(std::list<RsPgpId>& pgpIds)
 {
-	return PGPHandler::decryptTextFromFile(mOwnGpgId,text,inputfile) ;
+    return instance()->mPgpHandler->availableGPGCertificatesWithPrivateKeys(pgpIds);
 }
 bool AuthPGP::getPgpDetailsFromBinaryBlock(const unsigned char *mem,size_t mem_size,RsPgpId& key_id, std::string& name, std::list<RsPgpId>& signers)
 {
    return instance()->mPgpHandler->getGPGDetailsFromBinaryBlock(mem,mem_size,key_id,name,signers);
 }
 void AuthPGP::registerToConfigMgr(const std::string& fname,p3ConfigMgr *CfgMgr)
 {
    CfgMgr->addConfiguration(fname, instance());
 }
 bool AuthPGP::decryptTextFromFile(std::string& text,const std::string& inputfile)
 {
    return instance()->mPgpHandler->decryptTextFromFile(instance()->mOwnGpgId,text,inputfile) ;
 }
-bool AuthGPG::removeKeysFromPGPKeyring(const std::set<RsPgpId>& pgp_ids,std::string& backup_file,uint32_t& error_code)
+bool AuthPGP::removeKeysFromPGPKeyring(const std::set<RsPgpId>& pgp_ids,std::string& backup_file,uint32_t& error_code)
 {
 //	std::list<RsPgpId> pids ;
 //
 //	for(std::list<RsPgpId>::const_iterator it(pgp_ids.begin());it!=pgp_ids.end();++it)
 //		pids.push_back(RsPgpId(*it)) ;
-    return PGPHandler::removeKeysFromPGPKeyring(pgp_ids,backup_file,error_code) ;
+    return instance()->mPgpHandler->removeKeysFromPGPKeyring(pgp_ids,backup_file,error_code) ;
 }
 // bool AuthGPG::decryptTextFromString(std::string& encrypted_text,std::string& output)
 // {
-// 	return PGPHandler::decryptTextFromString(mOwnGpgId,encrypted_text,output) ;
+// 	return instance()->mPgpHandler->decryptTextFromString(mOwnGpgId,encrypted_text,output) ;
 // }
-bool AuthGPG::encryptTextToFile(const std::string& text,const std::string& outfile)
+bool AuthPGP::encryptTextToFile(const std::string& text,const std::string& outfile)
 {
-	return PGPHandler::encryptTextToFile(mOwnGpgId,text,outfile) ;
+    return instance()->mPgpHandler->encryptTextToFile(instance()->mOwnGpgId,text,outfile) ;
 }
 // bool AuthGPG::encryptTextToString(const std::string& pgp_id,const std::string& text,std::string& outstr)
 // {
-// 	return PGPHandler::encryptTextToString(RsPgpId(pgp_id),text,outstr) ;
+// 	return instance()->mPgpHandler->encryptTextToString(RsPgpId(pgp_id),text,outstr) ;
 // }
 std::string pgp_pwd_callback(void * /*hook*/, const char *uid_title, const char *uid_hint, const char * /*passphrase_info*/, int prev_was_bad,bool *cancelled)
@ -95,7 +107,7 @@ std::string pgp_pwd_callback(void * /*hook*/, const char *uid_title, const char
 	return password ;
 }
-void AuthGPG::init(
+void AuthPGP::init(
        const std::string& path_to_public_keyring,
        const std::string& path_to_secret_keyring,
        const std::string& path_to_trustdb,
@ -107,14 +119,14 @@ void AuthGPG::init(
 		std::cerr << "AuthGPG::init() called twice!" << std::endl ;
 	}
-//	if(cb) PGPHandler::setPassphraseCallback(cb);else
+//	if(cb) instance()->mPgpHandler->setPassphraseCallback(cb);else
-	PGPHandler::setPassphraseCallback(pgp_pwd_callback);
+    instance()->mPgpHandler->setPassphraseCallback(pgp_pwd_callback);
-	_instance = new AuthGPG( path_to_public_keyring,
+	_instance = new AuthPGP( path_to_public_keyring,
 	                         path_to_secret_keyring,
 	                         path_to_trustdb, pgp_lock_file );
 }
-void AuthGPG::exit()
+void AuthPGP::exit()
 {
 	if(_instance)
 	{
@ -124,9 +136,8 @@ void AuthGPG::exit()
 	}
 }
-AuthGPG::AuthGPG(const std::string& path_to_public_keyring,const std::string& path_to_secret_keyring,const std::string& path_to_trustdb,const std::string& pgp_lock_file)
+AuthPGP::AuthPGP(const std::string& path_to_public_keyring,const std::string& path_to_secret_keyring,const std::string& path_to_trustdb,const std::string& pgp_lock_file)
        :p3Config(),
 	PGPHandler(path_to_public_keyring,path_to_secret_keyring,path_to_trustdb,pgp_lock_file),
 	gpgMtxService("AuthGPG-service"),
 	gpgMtxEngine("AuthGPG-engine"),
 	gpgMtxData("AuthGPG-data"),
@ -135,6 +146,8 @@ AuthGPG::AuthGPG(const std::string& path_to_public_keyring,const std::string& pa
 	_force_sync_database(false),
 	mCount(0)
 {
    mPgpHandler = new OpenPGPSDKHandler(path_to_public_keyring,path_to_secret_keyring,path_to_trustdb,pgp_lock_file);
    start("AuthGPG");
 }
@ -149,7 +162,7 @@ AuthGPG::AuthGPG(const std::string& path_to_public_keyring,const std::string& pa
 //{
 //	std::list<RsPgpId> pids ;
 //
-//	PGPHandler::availableGPGCertificatesWithPrivateKeys(pids) ;
+//	mPgpHandler->availableGPGCertificatesWithPrivateKeys(pids) ;
 //
 //	for(std::list<RsPgpId>::const_iterator it(pids.begin());it!=pids.end();++it)
 //		ids.push_back( (*it).toStdString() ) ;
@ -165,17 +178,17 @@ AuthGPG::AuthGPG(const std::string& path_to_public_keyring,const std::string& pa
 * This function must be called successfully (return == 1)
 * before anything else can be done. (except above fn).
 */
-int AuthGPG::GPGInit(const RsPgpId &ownId)
+int AuthPGP::PgpInit(const RsPgpId &ownId)
 {
 #ifdef DEBUG_AUTHGPG
 	std::cerr << "AuthGPG::GPGInit() called with own gpg id : " << ownId.toStdString() << std::endl;
 #endif
-	mOwnGpgId = RsPgpId(ownId);
+    instance()->mOwnGpgId = ownId;
 	//force the validity of the private key. When set to unknown, it caused signature and text encryptions bugs
-	privateTrustCertificate(ownId, 5);
+    instance()->privateTrustCertificate(ownId, 5);
-	updateOwnSignatureFlag(mOwnGpgId) ;
+    instance()->mPgpHandler->updateOwnSignatureFlag(ownId) ;
 #ifdef DEBUG_AUTHGPG
 	std::cerr << "AuthGPG::GPGInit finished." << std::endl;
@ -184,11 +197,11 @@ int AuthGPG::GPGInit(const RsPgpId &ownId)
 	return 1;
 }
- AuthGPG::~AuthGPG()
+ AuthPGP::~AuthPGP()
 {
 }
-void AuthGPG::threadTick()
+void AuthPGP::threadTick()
 {
    rstime::rs_usleep(100 * 1000); //100 msec
@ -204,13 +217,13 @@ void AuthGPG::threadTick()
        /// 	- checks whether the keyring has changed on disk.
        /// 	- merges/updates according to status.
        ///
-        PGPHandler::syncDatabase() ;
+        mPgpHandler->syncDatabase() ;
        mCount = 0;
        _force_sync_database = false ;
    }//if (++count >= 100 || _force_sync_database)
 }
-void AuthGPG::processServices()
+void AuthPGP::processServices()
 {
    AuthGPGOperation *operation = NULL;
    AuthGPGService *service = NULL;
@ -251,7 +264,7 @@ void AuthGPG::processServices()
 			 /* don't bother loading - if we already have the certificate */
-			 if (isGPGId(loadOrSave->m_certGpgId))
+             if (mPgpHandler->isGPGId(loadOrSave->m_certGpgId))
 			 {
 #ifdef GPG_DEBUG
 				 std::cerr << "AuthGPGimpl::processServices() Skipping load - already have it" << std::endl;
@ -305,66 +318,66 @@ void AuthGPG::processServices()
    delete operation;
 }
-bool AuthGPG::DoOwnSignature(const void *data, unsigned int datalen, void *buf_sigout, unsigned int *outl, std::string reason /* = "" */)
+bool AuthPGP::DoOwnSignature(const void *data, unsigned int datalen, void *buf_sigout, unsigned int *outl, std::string reason /* = "" */)
 {
-	return PGPHandler::SignDataBin(mOwnGpgId,data,datalen,(unsigned char *)buf_sigout,outl,false,reason) ;
+    return instance()->mPgpHandler->SignDataBin(mOwnGpgId,data,datalen,(unsigned char *)buf_sigout,outl,false,reason) ;
 }
 /* import to GnuPG and other Certificates */
-bool AuthGPG::VerifySignature(const void *data, int datalen, const void *sig, unsigned int siglen, const PGPFingerprintType& withfingerprint)
+bool AuthPGP::VerifySignature(const void *data, int datalen, const void *sig, unsigned int siglen, const PGPFingerprintType& withfingerprint)
 {
-	return PGPHandler::VerifySignBin((unsigned char*)data,datalen,(unsigned char*)sig,siglen,withfingerprint) ;
+    return instance()->mPgpHandler->VerifySignBin((unsigned char*)data,datalen,(unsigned char*)sig,siglen,withfingerprint) ;
 }
-bool AuthGPG::parseSignature(const void *sig, unsigned int siglen, RsPgpId& issuer_id)
+bool AuthPGP::parseSignature(const void *sig, unsigned int siglen, RsPgpId& issuer_id)
 {
-    return PGPHandler::parseSignature((unsigned char*)sig,siglen,issuer_id) ;
+    return instance()->mPgpHandler->parseSignature((unsigned char*)sig,siglen,issuer_id) ;
 }
-bool AuthGPG::exportProfile(const std::string& fname,const RsPgpId& exported_id)
+bool AuthPGP::exportProfile(const std::string& fname,const RsPgpId& exported_id)
 {
-	return PGPHandler::exportGPGKeyPair(fname,exported_id) ;
+    return instance()->mPgpHandler->exportGPGKeyPair(fname,exported_id) ;
 }
-bool AuthGPG::exportIdentityToString(
+bool AuthPGP::exportIdentityToString(
        std::string& data, const RsPgpId& pgpId, bool includeSignatures,
        std::string& errorMsg )
 {
-	return PGPHandler::exportGPGKeyPairToString(
+    return instance()->mPgpHandler->exportGPGKeyPairToString(
 	            data, pgpId, includeSignatures, errorMsg);
 }
-bool AuthGPG::importProfile(const std::string& fname,RsPgpId& imported_id,std::string& import_error)
+bool AuthPGP::importProfile(const std::string& fname,RsPgpId& imported_id,std::string& import_error)
 {
-	return PGPHandler::importGPGKeyPair(fname,imported_id,import_error) ;
+    return instance()->mPgpHandler->importGPGKeyPair(fname,imported_id,import_error) ;
 }
-bool AuthGPG::importProfileFromString(const std::string &data, RsPgpId &gpg_id, std::string &import_error)
+bool AuthPGP::importProfileFromString(const std::string &data, RsPgpId &gpg_id, std::string &import_error)
 {
-    return PGPHandler::importGPGKeyPairFromString(data, gpg_id, import_error);
+    return instance()->mPgpHandler->importGPGKeyPairFromString(data, gpg_id, import_error);
 }
-bool   AuthGPG::active()
+bool   AuthPGP::active()
 {
-        RsStackMutex stack(gpgMtxData); /******* LOCKED ******/
+        RsStackMutex stack(instance()->gpgMtxData); /******* LOCKED ******/
-        return gpgKeySelected;
+        return instance()->gpgKeySelected;
 }
-bool    AuthGPG::GeneratePGPCertificate(const std::string& name, const std::string& email, const std::string& passwd, RsPgpId& pgpId, const int keynumbits, std::string& errString)
+bool    AuthPGP::GeneratePgpCertificate(const std::string& name, const std::string& email, const std::string& passwd, RsPgpId& pgpId, const int keynumbits, std::string& errString)
 {
-	RsStackMutex stack(gpgMtxEngine); /******* LOCKED ******/
+    RsStackMutex stack(instance()->gpgMtxEngine); /******* LOCKED ******/
-	return PGPHandler::GeneratePGPCertificate(name, email, passwd, pgpId, keynumbits, errString) ;
+    return instance()->mPgpHandler->GeneratePGPCertificate(name, email, passwd, pgpId, keynumbits, errString) ;
 }
 /**** These Two are common */
-std::string AuthGPG::getGPGName(const RsPgpId& id,bool *success)
+std::string AuthPGP::getPgpName(const RsPgpId& id,bool *success)
 {
-	RsStackMutex stack(gpgMtxData); /******* LOCKED ******/
+    RsStackMutex stack(instance()->gpgMtxData); /******* LOCKED ******/
-	const PGPCertificateInfo *info = getCertificateInfo(id) ;
+    const PGPCertificateInfo *info = instance()->mPgpHandler->getCertificateInfo(id) ;
 	if(info != NULL)
 	{
@ -378,11 +391,25 @@ std::string AuthGPG::getGPGName(const RsPgpId& id,bool *success)
 	}
 }
-/**** These Two are common */
+AuthPGP *AuthPGP::instance()
 std::string AuthGPG::getGPGEmail(const RsPgpId& id,bool *success)
 {
-	RsStackMutex stack(gpgMtxData); /******* LOCKED ******/
+    if(!_instance)
-	const PGPCertificateInfo *info = getCertificateInfo(id) ;
+    {
        RsFatal() << "AuthGPG::instance() called before AuthGPG::init()! This should not happen." << std::endl;
        return nullptr;
    }
    return _instance;
 }
 bool AuthPGP::isPGPId(const RsPgpId& id)
 {
    return instance()->mPgpHandler->isGPGId(id);
 }
 /**** These Two are common */
 std::string AuthPGP::getPgpEmail(const RsPgpId& id,bool *success)
 {
    RsStackMutex stack(instance()->gpgMtxData); /******* LOCKED ******/
    const PGPCertificateInfo *info = instance()->mPgpHandler->getCertificateInfo(id) ;
 	if(info != NULL)
 	{
@ -398,30 +425,30 @@ std::string AuthGPG::getGPGEmail(const RsPgpId& id,bool *success)
 /**** GPG versions ***/
-const RsPgpId& AuthGPG::getGPGOwnId()
+const RsPgpId& AuthPGP::getPgpOwnId()
 {
-	RsStackMutex stack(gpgMtxData); /******* LOCKED ******/
+    RsStackMutex stack(instance()->gpgMtxData); /******* LOCKED ******/
-	return mOwnGpgId ;
+    return instance()->mOwnGpgId ;
 }
-std::string AuthGPG::getGPGOwnName()
+std::string AuthPGP::getPgpOwnName()
 {
-	return getGPGName(mOwnGpgId) ;
+    return getPgpName(instance()->mOwnGpgId) ;
 }
-bool	AuthGPG::getGPGAllList(std::list<RsPgpId> &ids)
+bool	AuthPGP::getPgpAllList(std::list<RsPgpId> &ids)
 {
-	RsStackMutex stack(gpgMtxData); /******* LOCKED ******/
+    RsStackMutex stack(instance()->gpgMtxData); /******* LOCKED ******/
-	PGPHandler::getGPGFilteredList(ids) ;
+    instance()->mPgpHandler->getGPGFilteredList(ids) ;
 	return true;
 }
-const PGPCertificateInfo *AuthGPG::getCertInfoFromStdString(const std::string& pgp_id) const
+const PGPCertificateInfo *AuthPGP::getCertInfoFromStdString(const std::string& pgp_id) const
 {
 	try
 	{
-		return PGPHandler::getCertificateInfo(RsPgpId(pgp_id)) ;
+        return instance()->mPgpHandler->getCertificateInfo(RsPgpId(pgp_id)) ;
 	}
 	catch(std::exception& e)
 	{
@ -429,13 +456,13 @@ const PGPCertificateInfo *AuthGPG::getCertInfoFromStdString(const std::string& p
 		return NULL ;
 	}
 }
-bool AuthGPG::haveSecretKey(const RsPgpId& id) const
+bool AuthPGP::haveSecretKey(const RsPgpId& id)
 {
-	return PGPHandler::haveSecretKey(id) ;
+    return instance()->mPgpHandler->haveSecretKey(id) ;
 }
-bool AuthGPG::isKeySupported(const RsPgpId& id) const
+bool AuthPGP::isKeySupported(const RsPgpId& id)
 {
-	const PGPCertificateInfo *pc = getCertificateInfo(id) ;
+    const PGPCertificateInfo *pc = instance()->mPgpHandler->getCertificateInfo(id) ;
 	if(pc == NULL)
 		return false ;
@ -443,11 +470,11 @@ bool AuthGPG::isKeySupported(const RsPgpId& id) const
 	return !(pc->_flags & PGPCertificateInfo::PGP_CERTIFICATE_FLAG_UNSUPPORTED_ALGORITHM) ;
 }
-bool AuthGPG::getGPGDetails(const RsPgpId& pgp_id, RsPeerDetails &d)
+bool AuthPGP::getPgpDetails(const RsPgpId& pgp_id, RsPeerDetails &d)
 {
-	RsStackMutex stack(gpgMtxData); /******* LOCKED ******/
+    RsStackMutex stack(instance()->gpgMtxData); /******* LOCKED ******/
-	const PGPCertificateInfo *pc = PGPHandler::getCertificateInfo(pgp_id) ;
+    const PGPCertificateInfo *pc = instance()->mPgpHandler->getCertificateInfo(pgp_id) ;
 	if(pc == NULL)
 		return false ;
@ -474,28 +501,26 @@ bool AuthGPG::getGPGDetails(const RsPgpId& pgp_id, RsPeerDetails &d)
 	return true;
 }
-bool AuthGPG::getGPGFilteredList(std::list<RsPgpId>& list,bool (*filter)(const PGPCertificateInfo&))
+bool AuthPGP::getGPGFilteredList(std::list<RsPgpId>& list,bool (*filter)(const PGPCertificateInfo&))
 {
-	RsStackMutex stack(gpgMtxData); /******* LOCKED ******/
+    return instance()->mPgpHandler->getGPGFilteredList(list,filter) ;
 	return PGPHandler::getGPGFilteredList(list,filter) ;
 }
 static bool filter_Validity(const PGPCertificateInfo& /*info*/) { return true ; } //{ return info._validLvl >= PGPCertificateInfo::GPGME_VALIDITY_MARGINAL ; }
 static bool filter_Accepted(const PGPCertificateInfo& info) { return info._flags & PGPCertificateInfo::PGP_CERTIFICATE_FLAG_ACCEPT_CONNEXION ; }
 static bool filter_OwnSigned(const PGPCertificateInfo& info) { return info._flags & PGPCertificateInfo::PGP_CERTIFICATE_FLAG_HAS_OWN_SIGNATURE ; }
-bool	AuthGPG::getGPGValidList(std::list<RsPgpId> &ids)
+bool	AuthPGP::getPgpValidList(std::list<RsPgpId> &ids)
 {
 	return getGPGFilteredList(ids,&filter_Validity);
 }
-bool	AuthGPG::getGPGAcceptedList(std::list<RsPgpId> &ids)
+bool	AuthPGP::getPgpAcceptedList(std::list<RsPgpId> &ids)
 {
 	return getGPGFilteredList(ids,&filter_Accepted);
 }
-bool	AuthGPG::getGPGSignedList(std::list<RsPgpId> &ids)
+bool	AuthPGP::getPgpSignedList(std::list<RsPgpId> &ids)
 {
 	return getGPGFilteredList(ids,&filter_OwnSigned);
 }
@ -504,9 +529,9 @@ bool	AuthGPG::getGPGSignedList(std::list<RsPgpId> &ids)
 // {
 // 	RsStackMutex stack(gpgMtxData); /******* LOCKED ******/
 // #ifdef LIMIT_CERTIFICATE_SIZE
-// 	certificate = PGPHandler::SaveCertificateToString(RsPgpId(id),false) ;
+// 	certificate = instance()->mPgpHandler->SaveCertificateToString(RsPgpId(id),false) ;
 // #else
-// 	certificate = PGPHandler::SaveCertificateToString(RsPgpId(id),true) ;
+// 	certificate = instance()->mPgpHandler->SaveCertificateToString(RsPgpId(id),true) ;
 // #endif
 //
 // // #ifdef LIMIT_CERTIFICATE_SIZE
@ -528,20 +553,20 @@ bool	AuthGPG::getGPGSignedList(std::list<RsPgpId> &ids)
 /* SKTAN : do not know how to use std::string id */
- std::string AuthGPG::SaveCertificateToString(const RsPgpId &id,bool include_signatures)
+ std::string AuthPGP::SaveCertificateToString(const RsPgpId &id,bool include_signatures)
 {
- 	RsStackMutex stack(gpgMtxEngine); /******* LOCKED ******/
+    RsStackMutex stack(instance()->gpgMtxEngine); /******* LOCKED ******/
- 	return PGPHandler::SaveCertificateToString(id,include_signatures) ;
+    return instance()->mPgpHandler->SaveCertificateToString(id,include_signatures) ;
 }
 /* import to GnuPG and other Certificates */
-bool AuthGPG::LoadPGPKeyFromBinaryData(const unsigned char *data,uint32_t data_len, RsPgpId& gpg_id,std::string& error_string)
+bool AuthPGP::LoadPGPKeyFromBinaryData(const unsigned char *data,uint32_t data_len, RsPgpId& gpg_id,std::string& error_string)
 {
-	RsStackMutex stack(gpgMtxEngine); /******* LOCKED ******/
+    RsStackMutex stack(instance()->gpgMtxEngine); /******* LOCKED ******/
-	if(PGPHandler::LoadCertificateFromBinaryData(data,data_len,gpg_id,error_string))
+    if(instance()->mPgpHandler->LoadCertificateFromBinaryData(data,data_len,gpg_id,error_string))
 	{
-		updateOwnSignatureFlag(gpg_id,mOwnGpgId) ;
+        instance()->mPgpHandler->updateOwnSignatureFlag(gpg_id,instance()->mOwnGpgId) ;
 		return true ;
 	}
@ -549,13 +574,13 @@ bool AuthGPG::LoadPGPKeyFromBinaryData(const unsigned char *data,uint32_t data_l
 }
 /* import to GnuPG and other Certificates */
-bool AuthGPG::LoadCertificateFromString(const std::string &str, RsPgpId& gpg_id,std::string& error_string)
+bool AuthPGP::LoadCertificateFromString(const std::string &str, RsPgpId& gpg_id,std::string& error_string)
 {
-	RsStackMutex stack(gpgMtxEngine); /******* LOCKED ******/
+    RsStackMutex stack(instance()->gpgMtxEngine); /******* LOCKED ******/
-	if(PGPHandler::LoadCertificateFromString(str,gpg_id,error_string))
+    if(instance()->mPgpHandler->LoadCertificateFromString(str,gpg_id,error_string))
 	{
-		updateOwnSignatureFlag(gpg_id,mOwnGpgId) ;
+        instance()->mPgpHandler->updateOwnSignatureFlag(gpg_id,instance()->mOwnGpgId) ;
 		return true ;
 	}
@ -576,7 +601,7 @@ bool AuthGPG::LoadCertificateFromString(const std::string &str, RsPgpId& gpg_id,
 /*************************************/
 /* These take PGP Ids */
-bool AuthGPG::AllowConnection(const RsPgpId& gpg_id, bool accept)
+bool AuthPGP::AllowConnection(const RsPgpId& gpg_id, bool accept)
 {
 #ifdef GPG_DEBUG
        std::cerr << "AuthGPG::AllowConnection(" << gpg_id << ")" << std::endl;
@ -584,11 +609,11 @@ bool AuthGPG::AllowConnection(const RsPgpId& gpg_id, bool accept)
 	/* Was a "Reload Certificates" here -> be shouldn't be needed -> and very expensive, try without. */
 	{
-		RsStackMutex stack(gpgMtxData);
+        RsStackMutex stack(instance()->gpgMtxData);
-		PGPHandler::setAcceptConnexion(gpg_id,accept) ;
+        instance()->mPgpHandler->setAcceptConnexion(gpg_id,accept) ;
 	}
-	IndicateConfigChanged();
+    instance()->IndicateConfigChanged();
 	RsServer::notify()->notifyListChange(NOTIFY_LIST_FRIENDS, accept ? NOTIFY_TYPE_ADD : NOTIFY_TYPE_DEL);
@ -596,16 +621,16 @@ bool AuthGPG::AllowConnection(const RsPgpId& gpg_id, bool accept)
 }
 /* These take PGP Ids */
-bool AuthGPG::SignCertificateLevel0(const RsPgpId &id)
+bool AuthPGP::SignCertificateLevel0(const RsPgpId &id)
 {
 #ifdef GPG_DEBUG
 	std::cerr << "AuthGPG::SignCertificat(" << id << ")" << std::endl;
 #endif
-	return privateSignCertificate(id) ;
+    return instance()->privateSignCertificate(id) ;
 }
-bool AuthGPG::RevokeCertificate(const RsPgpId &id)
+bool AuthPGP::RevokeCertificate(const RsPgpId &id)
 {
 	/* remove unused parameter warnings */
 	(void) id;
@ -617,46 +642,59 @@ bool AuthGPG::RevokeCertificate(const RsPgpId &id)
 	return false;
 }
-bool AuthGPG::TrustCertificate(const RsPgpId& id, int trustlvl)
+bool AuthPGP::TrustCertificate(const RsPgpId& id, int trustlvl)
 {
 #ifdef GPG_DEBUG
 	std::cerr << "AuthGPG::TrustCertificate(" << id << ", " << trustlvl << ")" << std::endl;
 #endif
-	return privateTrustCertificate(id, trustlvl) ;
+    return instance()->privateTrustCertificate(id, trustlvl) ;
 }
-bool AuthGPG::encryptDataBin(const RsPgpId& pgp_id,const void *data, unsigned int datalen, unsigned char *sign, unsigned int *signlen)
+bool AuthPGP::encryptDataBin(const RsPgpId& pgp_id,const void *data, unsigned int datalen, unsigned char *sign, unsigned int *signlen)
 {
-	return PGPHandler::encryptDataBin(RsPgpId(pgp_id),data,datalen,sign,signlen) ;
+    return instance()->mPgpHandler->encryptDataBin(RsPgpId(pgp_id),data,datalen,sign,signlen) ;
 }
-bool AuthGPG::decryptDataBin(const void *data, unsigned int datalen, unsigned char *sign, unsigned int *signlen)
+bool AuthPGP::decryptDataBin(const void *data, unsigned int datalen, unsigned char *sign, unsigned int *signlen)
 {
-	return PGPHandler::decryptDataBin(mOwnGpgId,data,datalen,sign,signlen) ;
+    return instance()->mPgpHandler->decryptDataBin(instance()->mOwnGpgId,data,datalen,sign,signlen) ;
 }
-bool AuthGPG::SignDataBin(const void *data, unsigned int datalen, unsigned char *sign, unsigned int *signlen, std::string reason /*= ""*/)
+bool AuthPGP::SignDataBin(const void *data, unsigned int datalen, unsigned char *sign, unsigned int *signlen, std::string reason /*= ""*/)
 {
-	return DoOwnSignature(data, datalen, sign, signlen, reason);
+    return instance()->DoOwnSignature(data, datalen, sign, signlen, reason);
 }
-bool AuthGPG::VerifySignBin(const void *data, uint32_t datalen, unsigned char *sign, unsigned int signlen, const PGPFingerprintType& withfingerprint)
+bool AuthPGP::exportPublicKey( const RsPgpId& id, unsigned char*& mem_block, size_t& mem_size, bool armoured, bool include_signatures )
 {
-	return VerifySignature(data, datalen, sign, signlen, withfingerprint);
+    return instance()->mPgpHandler->exportPublicKey(id,mem_block,mem_size,armoured,include_signatures);
 }
 bool AuthPGP::isPgpPubKeyAvailable(const RsPgpId& pgp_id)
 {
    return instance()->mPgpHandler->isPgpPubKeyAvailable(pgp_id);
 }
 bool AuthPGP::getKeyFingerprint(const RsPgpId& id,PGPFingerprintType& fp)
 {
    return instance()->mPgpHandler->getKeyFingerprint(id,fp);
 }
 bool AuthPGP::VerifySignBin(const void *data, uint32_t datalen, unsigned char *sign, unsigned int signlen, const PGPFingerprintType& withfingerprint)
 {
    return instance()->VerifySignature(data, datalen, sign, signlen, withfingerprint);
 }
 /* Sign/Trust stuff */
-int	AuthGPG::privateSignCertificate(const RsPgpId &id)
+int	AuthPGP::privateSignCertificate(const RsPgpId &id)
 {
 	RsStackMutex stack(gpgMtxData); /******* LOCKED ******/
-	int ret = PGPHandler::privateSignCertificate(mOwnGpgId,id) ;
+    int ret = mPgpHandler->privateSignCertificate(mOwnGpgId,id) ;
 	_force_sync_database = true ;
 	return ret ;
 }
 /* revoke the signature on Certificate */
-int	AuthGPG::privateRevokeCertificate(const RsPgpId &/*id*/)
+int	AuthPGP::privateRevokeCertificate(const RsPgpId &/*id*/)
 {
 	//RsStackMutex stack(gpgMtx); /******* LOCKED ******/
 	std::cerr << __PRETTY_FUNCTION__ << ": not implemented!" << std::endl;
@ -664,7 +702,7 @@ int	AuthGPG::privateRevokeCertificate(const RsPgpId &/*id*/)
 	return 0;
 }
-int	AuthGPG::privateTrustCertificate(const RsPgpId& id, int trustlvl)
+int	AuthPGP::privateTrustCertificate(const RsPgpId& id, int trustlvl)
 {
 	RsStackMutex stack(gpgMtxData); /******* LOCKED ******/
@ -672,10 +710,10 @@ int	AuthGPG::privateTrustCertificate(const RsPgpId& id, int trustlvl)
 	//         The trust level is only a user-defined property that has nothing to
 	//         do with the fact that we allow connections or not.
-	if(!isGPGAccepted(id))
+    if(!isPGPAccepted(id))
 		return 0;
-	int res = PGPHandler::privateTrustCertificate(id,trustlvl) ;
+    int res = instance()->mPgpHandler->privateTrustCertificate(id,trustlvl) ;
 	_force_sync_database = true ;
 	return res ;
 }
@ -684,20 +722,24 @@ int	AuthGPG::privateTrustCertificate(const RsPgpId& id, int trustlvl)
 // --------------------------------  Config functions  ------------------------------ //
 // -----------------------------------------------------------------------------------//
 //
-RsSerialiser *AuthGPG::setupSerialiser()
+RsSerialiser *AuthPGP::setupSerialiser()
 {
        RsSerialiser *rss = new RsSerialiser ;
        rss->addSerialType(new RsGeneralConfigSerialiser());
        return rss ;
 }
 bool AuthPGP::isPGPAccepted(const RsPgpId& id)
 {
    return instance()->mPgpHandler->isGPGAccepted(id);
 }
-bool AuthGPG::saveList(bool& cleanup, std::list<RsItem*>& lst)
+bool AuthPGP::saveList(bool& cleanup, std::list<RsItem*>& lst)
 {
 #ifdef GPG_DEBUG
 	std::cerr << "AuthGPG::saveList() called" << std::endl ;
 #endif
 	std::list<RsPgpId> ids ;
-	getGPGAcceptedList(ids) ;				// needs to be done before the lock
+    getPgpAcceptedList(ids) ;				// needs to be done before the lock
 	RsStackMutex stack(gpgMtxData); /******* LOCKED ******/
@ -722,7 +764,7 @@ bool AuthGPG::saveList(bool& cleanup, std::list<RsItem*>& lst)
 	return true;
 }
-bool AuthGPG::loadList(std::list<RsItem*>& load)
+bool AuthPGP::loadList(std::list<RsItem*>& load)
 {
 #ifdef GPG_DEBUG
 	std::cerr << "AuthGPG::loadList() Item Count: " << load.size() << std::endl;
@ -745,7 +787,7 @@ bool AuthGPG::loadList(std::list<RsItem*>& load)
 			std::list<RsTlvKeyValue>::iterator kit;
 			for(kit = vitem->tlvkvs.pairs.begin(); kit != vitem->tlvkvs.pairs.end(); ++kit)
 				if (kit->key != mOwnGpgId.toStdString())
-					PGPHandler::setAcceptConnexion(RsPgpId(kit->key), (kit->value == "TRUE"));
+                    instance()->mPgpHandler->setAcceptConnexion(RsPgpId(kit->key), (kit->value == "TRUE"));
 		}
 		delete (*it);
 	}
@ -753,16 +795,16 @@ bool AuthGPG::loadList(std::list<RsItem*>& load)
 	return true;
 }
-bool AuthGPG::addService(AuthGPGService *service)
+bool AuthPGP::addService(AuthGPGService *service)
 {
-	RsStackMutex stack(gpgMtxService); /********* LOCKED *********/
+    RsStackMutex stack(instance()->gpgMtxService); /********* LOCKED *********/
-	if (std::find(services.begin(), services.end(), service) != services.end()) {
+    if (std::find(instance()->services.begin(), instance()->services.end(), service) != instance()->services.end()) {
 		/* it exists already! */
 		return false;
 	}
-	services.push_back(service);
+    instance()->services.push_back(service);
 	return true;
 }
--- a/libretroshare/src/pqi/authgpg.h
+++ b/libretroshare/src/pqi/authgpg.h
@ -34,7 +34,7 @@
 #include "util/rsthreads.h"
 #include "pqi/p3cfgmgr.h"
-#include "pgp/pgphandler.h"
+#include "pgp/openpgpsdkhandler.h"
 #define MAX_GPG_SIGNATURE_SIZE  4096
@ -89,7 +89,7 @@ public:
    virtual void setGPGOperation(AuthGPGOperation *operation) = 0;
 };
-class AuthGPG: public p3Config, public RsTickingThread, public PGPHandler
+class AuthPGP: public p3Config, public RsTickingThread
 {
 public:
    static void init(const std::string& path_to_pubring,
@ -97,8 +97,11 @@ public:
                     const std::string& path_to_trustdb,
                     const std::string& pgp_lock_file);
    static void registerToConfigMgr(const std::string& fname,p3ConfigMgr *CfgMgr);
    static void exit();
-		static AuthGPG *getAuthGPG() { return _instance ; }
+
    static bool isPGPId(const RsPgpId& id) ;
    static bool isPGPAccepted(const RsPgpId& id) ;
 		/**
 		 * @param ids list of gpg certificate ids (note, not the actual certificates)
@ -118,7 +121,7 @@ public:
 		 * (see storage at the end of the class)
 		 *
 		 ****/
-		virtual bool    active(); 
+        static bool    active();
 		// /* Initialize */
 		// virtual bool    InitAuth ();
@ -126,8 +129,11 @@ public:
 		/* Init by generating new Own PGP Cert, or selecting existing PGP Cert */
-		virtual int  GPGInit(const RsPgpId &ownId);
+        static int  PgpInit(const RsPgpId &ownId);
-		virtual bool GeneratePGPCertificate(const std::string& name, const std::string& email, const std::string& passwd, RsPgpId &pgpId, const int keynumbits, std::string &errString);
+        static bool GeneratePgpCertificate(const std::string& name, const std::string& email, const std::string& passwd, RsPgpId &pgpId, const int keynumbits, std::string &errString);
        static bool getPgpDetailsFromBinaryBlock(const unsigned char *mem,size_t mem_size,RsPgpId& key_id, std::string& name, std::list<RsPgpId>& signers) ;
        static int availablePgpCertificatesWithPrivateKeys(std::list<RsPgpId>& pgpIds);
        /*********************************************************************************/
 		/************************* STAGE 3 ***********************************************/
@ -140,29 +146,33 @@ public:
 		 * provide access to details in cache list.
 		 *
 		 ****/
-		virtual std::string getGPGName(const RsPgpId &pgp_id,bool *success = NULL);
+        static std::string getPgpName(const RsPgpId &pgp_id,bool *success = NULL);
-		virtual std::string getGPGEmail(const RsPgpId &pgp_id,bool *success = NULL);
+        static std::string getPgpEmail(const RsPgpId &pgp_id,bool *success = NULL);
        static bool exportPublicKey( const RsPgpId& id, unsigned char*& mem_block, size_t& mem_size, bool armoured, bool include_signatures );
        /* PGP web of trust management */
-        virtual const RsPgpId& getGPGOwnId();
+        static const RsPgpId& getPgpOwnId();
-		virtual std::string getGPGOwnName();
+        static std::string getPgpOwnName();
        //virtual std::string getGPGOwnEmail();
-		virtual bool	isKeySupported(const RsPgpId &id) const ;
+        static bool getKeyFingerprint(const RsPgpId& id,PGPFingerprintType& fp) ;
-		virtual bool	haveSecretKey(const RsPgpId &id) const ;
+        static bool isKeySupported(const RsPgpId &id) ;
-		virtual bool	getGPGDetails(const RsPgpId& id, RsPeerDetails &d);
+        static bool isPgpPubKeyAvailable(const RsPgpId& pgp_id);
-		virtual bool	getGPGAllList(std::list<RsPgpId> &ids);
+        static bool haveSecretKey(const RsPgpId &id) ;
-		virtual bool	getGPGValidList(std::list<RsPgpId> &ids);
+        static bool getPgpDetails(const RsPgpId& id, RsPeerDetails &d);
-		virtual bool	getGPGAcceptedList(std::list<RsPgpId> &ids);
+        static bool getPgpAllList(std::list<RsPgpId> &ids);
-		virtual bool	getGPGSignedList(std::list<RsPgpId> &ids);
+        static bool getPgpValidList(std::list<RsPgpId> &ids);
-		virtual bool   importProfile(const std::string& filename,RsPgpId& gpg_id,std::string& import_error) ;
+        static bool getPgpAcceptedList(std::list<RsPgpId> &ids);
-        virtual bool   importProfileFromString(const std::string& data,RsPgpId& gpg_id,std::string& import_error) ;
+        static bool getPgpSignedList(std::list<RsPgpId> &ids);
-		virtual bool   exportProfile(const std::string& filename,const RsPgpId& gpg_id) ;
+        static bool importProfile(const std::string& filename,RsPgpId& gpg_id,std::string& import_error) ;
-		virtual bool exportIdentityToString(
+        static bool importProfileFromString(const std::string& data,RsPgpId& gpg_id,std::string& import_error) ;
        static bool exportProfile(const std::string& filename,const RsPgpId& gpg_id) ;
        static bool exportIdentityToString(
 		        std::string& data, const RsPgpId& pgpId, bool includeSignatures,
 		        std::string& errorMsg );
-        virtual bool   removeKeysFromPGPKeyring(const std::set<RsPgpId> &pgp_ids,std::string& backup_file,uint32_t& error_code) ;
+        static bool   removeKeysFromPGPKeyring(const std::set<RsPgpId> &pgp_ids,std::string& backup_file,uint32_t& error_code) ;
 		/*********************************************************************************/
 		/************************* STAGE 4 ***********************************************/
@ -171,9 +181,9 @@ public:
 		 * STAGE 4: Loading and Saving Certificates. (Strings and Files)
 		 *
 		 ****/
-		virtual bool LoadCertificateFromString(const std::string &pem, RsPgpId& gpg_id,std::string& error_string);
+        static bool LoadCertificateFromString(const std::string &pem, RsPgpId& gpg_id,std::string& error_string);
-		virtual bool LoadPGPKeyFromBinaryData(const unsigned char *data,uint32_t data_len, RsPgpId& gpg_id,std::string& error_string);
+        static bool LoadPGPKeyFromBinaryData(const unsigned char *data,uint32_t data_len, RsPgpId& gpg_id,std::string& error_string);
-		virtual std::string SaveCertificateToString(const RsPgpId &id,bool include_signatures) ;
+        static std::string SaveCertificateToString(const RsPgpId &id,bool include_signatures) ;
 		// Cached certificates.
 		//bool   getCachedGPGCertificate(const RsPgpId &id, std::string &certificate);
@ -188,12 +198,12 @@ public:
 		 * done in gpgroot already.
 		 *
 		 ****/
-		virtual bool AllowConnection(const RsPgpId &gpg_id, bool accept);
+        static bool AllowConnection(const RsPgpId &gpg_id, bool accept);
-		virtual bool SignCertificateLevel0(const RsPgpId &id);
+        static bool SignCertificateLevel0(const RsPgpId &id);
-		virtual bool RevokeCertificate(const RsPgpId &id);  /* Particularly hard - leave for later */
+        static bool RevokeCertificate(const RsPgpId &id);  /* Particularly hard - leave for later */
-		virtual bool TrustCertificate(const RsPgpId& id,  int trustlvl); //trustlvl is 2 for none, 3 for marginal and 4 for full trust
+        static bool TrustCertificate(const RsPgpId& id,  int trustlvl); //trustlvl is 2 for none, 3 for marginal and 4 for full trust
 		/*********************************************************************************/
 		/************************* STAGE 7 ***********************************************/
@ -204,39 +214,39 @@ public:
 		 * There should also be Encryption Functions... (do later).
 		 *
 		 ****/
-		virtual bool SignDataBin(const void *data, const uint32_t len, unsigned char *sign, unsigned int *signlen, std::string reason = "");
+        static bool SignDataBin(const void *data, const uint32_t len, unsigned char *sign, unsigned int *signlen, std::string reason = "");
-		virtual bool VerifySignBin(const void*, uint32_t, unsigned char*, unsigned int, const PGPFingerprintType& withfingerprint);
+        static bool VerifySignBin(const void*, uint32_t, unsigned char*, unsigned int, const PGPFingerprintType& withfingerprint);
-		virtual bool parseSignature(const void *sig, unsigned int siglen, RsPgpId& issuer_id);
+        static bool parseSignature(const void *sig, unsigned int siglen, RsPgpId& issuer_id);
-		virtual bool encryptDataBin(const RsPgpId& pgp_id,const void *data, const uint32_t len, unsigned char *encr, unsigned int *encrlen);
+        static bool encryptDataBin(const RsPgpId& pgp_id,const void *data, const uint32_t len, unsigned char *encr, unsigned int *encrlen);
-		virtual bool decryptDataBin(const void *data, const uint32_t len, unsigned char *decr, unsigned int *decrlen);
+        static bool decryptDataBin(const void *data, const uint32_t len, unsigned char *decr, unsigned int *decrlen);
-		virtual bool decryptTextFromFile(      std::string& text,const std::string& filename);
+        static bool decryptTextFromFile(      std::string& text,const std::string& filename);
-		virtual bool encryptTextToFile  (const std::string& text,const std::string& filename);
+        static bool encryptTextToFile  (const std::string& text,const std::string& filename);
 //		virtual bool decryptTextFromString(      std::string& encrypted_text,std::string&     clear_string);
 //		virtual bool encryptTextToString  (const std::string& pgp_id,const std::string&     clear_text,std::string& encrypted_string);
-		bool getGPGFilteredList(std::list<RsPgpId>& list,bool (*filter)(const PGPCertificateInfo&) = NULL) ;
+        static bool getGPGFilteredList(std::list<RsPgpId>& list,bool (*filter)(const PGPCertificateInfo&) = NULL) ;
 		//END of PGP public functions
 		/* GPG service */
-		virtual bool addService(AuthGPGService *service) ;
+        static bool addService(AuthGPGService *service) ;
 		// This is for debug purpose only. Don't use it !!
-		static void setAuthGPG_debug(AuthGPG *auth_gpg) { _instance = auth_gpg ; } 
+        static void setAuthGPG_debug(AuthPGP *auth_gpg) { _instance = auth_gpg ; }
 	protected:
-		AuthGPG(const std::string& path_to_pubring, const std::string& path_to_secring,const std::string& path_to_trustdb,const std::string& pgp_lock_file);
+        AuthPGP(const std::string& path_to_pubring, const std::string& path_to_secring,const std::string& path_to_trustdb,const std::string& pgp_lock_file);
-		virtual ~AuthGPG();
+        virtual ~AuthPGP();
 		/*****************************************************************/
 		/***********************  p3config  ******************************/
 		/* Key Functions to be overloaded for Full Configuration */
-		virtual RsSerialiser *setupSerialiser();
+        virtual RsSerialiser *setupSerialiser() override;
-		virtual bool saveList(bool &cleanup, std::list<RsItem *>&);
+        virtual bool saveList(bool &cleanup, std::list<RsItem *>&) override;
-		virtual bool    loadList(std::list<RsItem *>& load);
+        virtual bool    loadList(std::list<RsItem *>& load) override;
 		/*****************************************************************/
 private:
@ -274,8 +284,7 @@ private:
 	void threadTick() override; /// @see RsTickingThread
 private:
-
+        static AuthPGP *instance();
 		static AuthGPG *instance_gpg; // pointeur vers le singleton
 		RsMutex gpgMtxService;
 		RsMutex gpgMtxEngine;
@ -290,6 +299,8 @@ private:
 		rstime_t mStoreKeyTime;
        PGPHandler *mPgpHandler;
 		RsPgpId mOwnGpgId;
 		bool gpgKeySelected;
        bool _force_sync_database ;
@ -297,7 +308,7 @@ private:
 		std::list<AuthGPGService*> services ;
-		static AuthGPG *_instance ;
+        static AuthPGP *_instance ;
 };
 #endif
--- a/libretroshare/src/pqi/authssl.cc
+++ b/libretroshare/src/pqi/authssl.cc
@ -759,8 +759,7 @@ X509 *AuthSSLimpl::SignX509ReqWithGPG(X509_REQ *req, long /*days*/)
        //long version = 0x00;
        unsigned long chtype = MBSTRING_UTF8;
        X509_NAME *issuer_name = X509_NAME_new();
-        X509_NAME_add_entry_by_txt(issuer_name, "CN", chtype,
+        X509_NAME_add_entry_by_txt(issuer_name, "CN", chtype, (unsigned char *) AuthPGP::getPgpOwnId().toStdString().c_str(), -1, -1, 0);
                        (unsigned char *) AuthGPG::getAuthGPG()->getGPGOwnId().toStdString().c_str(), -1, -1, 0);
 /****
        X509_NAME_add_entry_by_NID(issuer_name, 48, 0,
                        (unsigned char *) "email@email.com", -1, -1, 0);
@ -770,7 +769,7 @@ X509 *AuthSSLimpl::SignX509ReqWithGPG(X509_REQ *req, long /*days*/)
                        (unsigned char *) "loc", -1, -1, 0);
 ****/
-        std::cerr << "AuthSSLimpl::SignX509Req() Issuer name: " << AuthGPG::getAuthGPG()->getGPGOwnId().toStdString() << std::endl;
+        std::cerr << "AuthSSLimpl::SignX509Req() Issuer name: " << AuthPGP::getPgpOwnId().toStdString() << std::endl;
 #ifdef V07_NON_BACKWARD_COMPATIBLE_CHANGE_002
 		static const uint64_t CERTIFICATE_SERIAL_NUMBER = RS_CERTIFICATE_VERSION_NUMBER_07_0001 ;
@ -945,7 +944,7 @@ X509 *AuthSSLimpl::SignX509ReqWithGPG(X509_REQ *req, long /*days*/)
        std::cerr << "Buffers Allocated" << std::endl;
        /* NOW Sign via GPG Functions */
-        if (!AuthGPG::getAuthGPG()->SignDataBin(buf_in, inl, buf_sigout, (unsigned int *) &sigoutl,"AuthSSLimpl::SignX509ReqWithGPG()"))
+        if (!AuthPGP::SignDataBin(buf_in, inl, buf_sigout, (unsigned int *) &sigoutl,"AuthSSLimpl::SignX509ReqWithGPG()"))
        {
                sigoutl = 0;
                goto err;
@ -1040,7 +1039,7 @@ bool AuthSSLimpl::AuthX509WithGPG(X509 *x509,bool verbose, uint32_t& diagnostic)
 {
 	RsPgpId issuer = RsX509Cert::getCertIssuer(*x509);
 	RsPeerDetails pd;
-	if (!AuthGPG::getAuthGPG()->getGPGDetails(issuer, pd))
+    if (!AuthPGP::getPgpDetails(issuer, pd))
 	{
 		RsInfo() << __PRETTY_FUNCTION__ << " X509 NOT authenticated : "
 		         << "AuthGPG::getAuthGPG()->getGPGDetails(" << issuer
@ -1185,9 +1184,7 @@ bool AuthSSLimpl::AuthX509WithGPG(X509 *x509,bool verbose, uint32_t& diagnostic)
 		// passed, verify the signature itself
-		if (!AuthGPG::getAuthGPG()->VerifySignBin(
+        if (!AuthPGP::VerifySignBin( signed_data, signed_data_length, signature->data, static_cast<unsigned int>(signature->length), pd.fpr ))
 		            signed_data, signed_data_length, signature->data,
 		            static_cast<unsigned int>(signature->length), pd.fpr ))
 		{
 			diagnostic = RS_SSL_HANDSHAKE_DIAGNOSTIC_WRONG_SIGNATURE;
 			goto err;
@ -1383,7 +1380,7 @@ int AuthSSLimpl::VerifyX509Callback(int /*preverify_ok*/, X509_STORE_CTX* ctx)
    std::cerr << "******* VerifyX509Callback cert: " << std::hex << ctx->cert <<std::dec << std::endl;
 #endif
-	if ( !isSslOnlyFriend && pgpId != AuthGPG::getAuthGPG()->getGPGOwnId() && !AuthGPG::getAuthGPG()->isGPGAccepted(pgpId) )
+    if ( !isSslOnlyFriend && pgpId != AuthPGP::getPgpOwnId() && !AuthPGP::isPGPAccepted(pgpId) )
 	{
 		std::string errMsg = "Connection attempt signed by PGP key id: " +
 		        pgpId.toStdString() + " not accepted because it is not"
--- a/libretroshare/src/pqi/p3peermgr.cc
+++ b/libretroshare/src/pqi/p3peermgr.cc
@ -812,11 +812,11 @@ int p3PeerMgrIMPL::getFriendCount(bool ssl, bool online)
 	// count all gpg id's
 	std::list<RsPgpId> gpgIds;
-	AuthGPG::getAuthGPG()->getGPGAcceptedList(gpgIds);
+    AuthPGP::getPgpAcceptedList(gpgIds);
 	// add own gpg id, if we have more than one location
 	std::list<RsPeerId> ownSslIds;
-	getAssociatedPeers(AuthGPG::getAuthGPG()->getGPGOwnId(), ownSslIds);
+    getAssociatedPeers(AuthPGP::getPgpOwnId(), ownSslIds);
 	return gpgIds.size() + ((ownSslIds.size() > 0) ? 1 : 0);
 }
@ -962,7 +962,7 @@ bool p3PeerMgrIMPL::addFriend(const RsPeerId& input_id, const RsPgpId& input_gpg
        // check that the PGP key is known
-        if(!AuthGPG::getAuthGPG()->isGPGId(gpg_id))
+        if(!AuthPGP::isPGPId(gpg_id))
        {
 			RsErr() << "Trying to add SSL id (" << id << ") to be validated with unknown PGP key (" << gpg_id << ". This is a bug!" << std::endl;
 			return false;
@ -970,7 +970,7 @@ bool p3PeerMgrIMPL::addFriend(const RsPeerId& input_id, const RsPgpId& input_gpg
 		//Authentication is now tested at connection time, we don't store the ssl cert anymore
 		//
-		if (!AuthGPG::getAuthGPG()->isGPGAccepted(gpg_id) &&  gpg_id != AuthGPG::getAuthGPG()->getGPGOwnId())
+        if (!AuthPGP::isPGPAccepted(gpg_id) &&  gpg_id != AuthPGP::getPgpOwnId())
 		{
 #ifdef PEER_DEBUG
 			std::cerr << "p3PeerMgrIMPL::addFriend() gpg is not accepted" << std::endl;
@ -1024,7 +1024,7 @@ bool p3PeerMgrIMPL::addFriend(const RsPeerId& input_id, const RsPgpId& input_gpg
 		pstate.id = id;
 		pstate.gpg_id = gpg_id;
-		pstate.name = AuthGPG::getAuthGPG()->getGPGName(gpg_id);
+        pstate.name = AuthPGP::getPgpName(gpg_id);
 		pstate.vs_disc = vs_disc;
 		pstate.vs_dht = vs_dht;
@ -1126,8 +1126,8 @@ bool p3PeerMgrIMPL::addSslOnlyFriend( const RsPeerId& sslId, const RsPgpId& pgp_
 	 * superficially set to true the PGP signature verification would have been
 	 * skipped and the attacker connection would be accepted.
 	 * If the PGP key is available add it as full friend. */
-	if(AuthGPG::getAuthGPG()->isPgpPubKeyAvailable(pgp_id))
+    if(AuthPGP::isPgpPubKeyAvailable(pgp_id))
-		AuthGPG::getAuthGPG()->AllowConnection(pgp_id, true);
+        AuthPGP::AllowConnection(pgp_id, true);
 	else
 		pstate.skip_pgp_signature_validation = true;
@ -2470,7 +2470,7 @@ bool  p3PeerMgrIMPL::loadList(std::list<RsItem *>& load)
 			    setOwnNetworkMode(pitem->netMode);
 			    setOwnVisState(pitem->vs_disc, pitem->vs_dht);
-			    mOwnState.gpg_id = AuthGPG::getAuthGPG()->getGPGOwnId();
+                mOwnState.gpg_id = AuthPGP::getPgpOwnId();
 			    mOwnState.location = AuthSSL::getAuthSSL()->getOwnLocation();
 		    }
 		    else
@ -2642,7 +2642,7 @@ bool  p3PeerMgrIMPL::loadList(std::list<RsItem *>& load)
 #endif
 		    for(uint32_t i=0;i<sitem->pgp_ids.size();++i)
-			    if(AuthGPG::getAuthGPG()->isGPGAccepted(sitem->pgp_ids[i]) || sitem->pgp_ids[i] == AuthGPG::getAuthGPG()->getGPGOwnId())
+                if(AuthPGP::isPGPAccepted(sitem->pgp_ids[i]) || sitem->pgp_ids[i] == AuthPGP::getPgpOwnId())
 			    {
 				    mFriendsPermissionFlags[sitem->pgp_ids[i]] = sitem->service_flags[i] ;
 #ifdef PEER_DEBUG
@ -2684,7 +2684,7 @@ bool  p3PeerMgrIMPL::loadList(std::list<RsItem *>& load)
        for(auto group_pair:groupList)
        {
            for(auto profileIdIt(group_pair.second.peerIds.begin());profileIdIt!=group_pair.second.peerIds.end();)
-                if(AuthGPG::getAuthGPG()->isGPGAccepted(*profileIdIt) || *profileIdIt == AuthGPG::getAuthGPG()->getGPGOwnId())
+                if(AuthPGP::isPGPAccepted(*profileIdIt) || *profileIdIt == AuthPGP::getPgpOwnId())
                    ++profileIdIt;
                else
                {
--- a/libretroshare/src/pqi/pqissl.cc
+++ b/libretroshare/src/pqi/pqissl.cc
@ -1213,8 +1213,7 @@ int pqissl::Authorise_SSL_Connection()
 	}
 	RsPgpId pgpId = RsX509Cert::getCertIssuer(*peercert);
-	if( !isSslOnlyFriend && pgpId != AuthGPG::getAuthGPG()->getGPGOwnId() &&
+    if( !isSslOnlyFriend && pgpId != AuthPGP::getPgpOwnId() && !AuthPGP::isPGPAccepted(pgpId) )
 	        !AuthGPG::getAuthGPG()->isGPGAccepted(pgpId) )
 	{
 		RsFatal() << __PRETTY_FUNCTION__ << " pgpId: " << pgpId
 		          << " is not friend. It is very unlikely to happen at this "
--- a/libretroshare/src/pqi/pqissllistener.cc
+++ b/libretroshare/src/pqi/pqissllistener.cc
@ -797,8 +797,7 @@ int pqissllistener::completeConnection(int fd, IncomingSSLInfo& info)
 		exit(failure);
 	}
-	if( !isSslOnlyFriend && pgpId != AuthGPG::getAuthGPG()->getGPGOwnId() &&
+    if( !isSslOnlyFriend && pgpId != AuthPGP::getPgpOwnId() && !AuthPGP::isPGPAccepted(pgpId) )
 	        !AuthGPG::getAuthGPG()->isGPGAccepted(pgpId) )
 	{
 		RsFatal() << __PRETTY_FUNCTION__ << " pgpId: " << pgpId
 		          << " is not friend. It is very unlikely to happen at this "
--- a/libretroshare/src/rsserver/p3face-config.cc
+++ b/libretroshare/src/rsserver/p3face-config.cc
@ -118,7 +118,7 @@ void RsServer::rsGlobalShutDown()
 //         if(mWire) mWire->join();
 // #endif
-	AuthGPG::exit();
+	AuthPGP::exit();
 	mShutdownCallback(0);
 }
--- a/libretroshare/src/rsserver/p3peers.cc
+++ b/libretroshare/src/rsserver/p3peers.cc
@ -254,7 +254,7 @@ bool p3Peers::setPeerMaximumRates(const RsPgpId& pid,uint32_t maxUploadRate,uint
 bool p3Peers::haveSecretKey(const RsPgpId& id)
 {
-	return AuthGPG::getAuthGPG()->haveSecretKey(id);
+    return AuthPGP::haveSecretKey(id);
 }
 /* There are too many dependancies of this function
@ -273,7 +273,7 @@ bool p3Peers::getPeerDetails(const RsPeerId& id, RsPeerDetails &d)
 	if (id == sOwnId)
 	{
 		mPeerMgr->getOwnNetStatus(ps);
-		ps.gpg_id = AuthGPG::getAuthGPG()->getGPGOwnId();
+        ps.gpg_id = AuthPGP::getPgpOwnId();
 	}
 	else if (!mPeerMgr->getFriendNetStatus(id, ps))
 	{
@ -559,17 +559,17 @@ bool p3Peers::isProxyAddress(const uint32_t type, const sockaddr_storage& addr)
 bool p3Peers::isKeySupported(const RsPgpId& id)
 {
-	return AuthGPG::getAuthGPG()->isKeySupported(id);
+    return AuthPGP::isKeySupported(id);
 }
 std::string p3Peers::getGPGName(const RsPgpId &gpg_id)
 {
 	/* get from mAuthMgr as it should have more peers? */
-        return AuthGPG::getAuthGPG()->getGPGName(gpg_id);
+        return AuthPGP::getPgpName(gpg_id);
 }
 bool p3Peers::isPgpFriend(const RsPgpId& pgpId)
-{ return AuthGPG::getAuthGPG()->isGPGAccepted(pgpId); }
+{ return AuthPGP::isPGPAccepted(pgpId); }
 bool p3Peers::isSslOnlyFriend(const RsPeerId& sslId)
 {
@ -597,7 +597,7 @@ std::string p3Peers::getPeerName(const RsPeerId& ssl)
 #endif
 	std::string name;
 	if (ssl == AuthSSL::getAuthSSL()->OwnId()) 
-		return AuthGPG::getAuthGPG()->getGPGOwnName();
+        return AuthPGP::getPgpOwnName();
 	if (mPeerMgr->getPeerName(ssl, name)) 
 	{
@ -617,7 +617,7 @@ bool	p3Peers::getGPGAllList(std::list<RsPgpId> &ids)
 #endif
        /* get from mAuthMgr */
-        AuthGPG::getAuthGPG()->getGPGAllList(ids);
+        AuthPGP::getPgpAllList(ids);
        return true;
 }
@ -628,7 +628,7 @@ bool	p3Peers::getGPGValidList(std::list<RsPgpId> &ids)
 #endif
        /* get from mAuthMgr */
-        AuthGPG::getAuthGPG()->getGPGValidList(ids);
+        AuthPGP::getPgpValidList(ids);
        return true;
 }
@ -639,14 +639,14 @@ bool	p3Peers::getGPGSignedList(std::list<RsPgpId> &ids)
 #endif
        /* get from mAuthMgr */
-        AuthGPG::getAuthGPG()->getGPGSignedList(ids);
+        AuthPGP::getPgpSignedList(ids);
        return true;
 }
 bool p3Peers::getPgpFriendList(std::vector<RsPgpId>& pgpIds)
 {
 	std::list<RsPgpId> ids;
-	if(AuthGPG::getAuthGPG()->getGPGAcceptedList(ids))
+    if(AuthPGP::getPgpAcceptedList(ids))
 	{
 		pgpIds.clear();
 		std::copy(ids.begin(), ids.end(), std::back_inserter(pgpIds));
@ -660,7 +660,7 @@ bool	p3Peers::getGPGAcceptedList(std::list<RsPgpId> &ids)
 #ifdef P3PEERS_DEBUG
        std::cerr << "p3Peers::getGPGAcceptedList()" << std::endl;
 #endif
-        AuthGPG::getAuthGPG()->getGPGAcceptedList(ids);
+        AuthPGP::getPgpAcceptedList(ids);
        return true;
 }
@ -676,7 +676,7 @@ bool	p3Peers::getAssociatedSSLIds(const RsPgpId &gpg_id, std::list<RsPeerId> &id
 bool    p3Peers::gpgSignData(const void *data, const uint32_t len, unsigned char *sign, unsigned int *signlen, std::string reason /* = "" */)
 {
-	return AuthGPG::getAuthGPG()->SignDataBin(data,len,sign,signlen, reason);
+    return AuthPGP::SignDataBin(data,len,sign,signlen, reason);
 }
 RsPgpId p3Peers::pgpIdFromFingerprint(const RsPgpFingerprint& fpr)
@ -691,7 +691,7 @@ bool	p3Peers::getGPGDetails(const RsPgpId &pgp_id, RsPeerDetails &d)
 #endif
 	/* get from mAuthMgr */
-	bool res = AuthGPG::getAuthGPG()->getGPGDetails(pgp_id, d);
+    bool res = AuthPGP::getPgpDetails(pgp_id, d);
 	d.isOnlyGPGdetail = true ;
 	d.service_perm_flags = mPeerMgr->servicePermissionFlags(pgp_id) ;
@ -706,7 +706,7 @@ const RsPgpId& p3Peers::getGPGOwnId()
 #endif
 	/* get from mAuthMgr */
-        return AuthGPG::getAuthGPG()->getGPGOwnId();
+        return AuthPGP::getPgpOwnId();
 }
 RsPgpId p3Peers::getGPGId(const RsPeerId& sslid)
@ -718,7 +718,7 @@ RsPgpId p3Peers::getGPGId(const RsPeerId& sslid)
 	/* get from mAuthMgr */
 	if (sslid == AuthSSL::getAuthSSL()->OwnId()) 
 	{
-		return AuthGPG::getAuthGPG()->getGPGOwnId();
+        return AuthPGP::getPgpOwnId();
 	}
 	peerState pcs;
 	if (mPeerMgr->getFriendNetStatus(sslid, pcs))
@ -739,12 +739,12 @@ bool 	p3Peers::addFriend(const RsPeerId &ssl_id, const RsPgpId &gpg_id,ServicePe
 #ifdef P3PEERS_DEBUG
 	std::cerr << "p3Peers::addFriend() with : id : " << id << "; gpg_id : " << gpg_id << std::endl;
 #endif
-	if(AuthGPG::getAuthGPG()->isGPGId(gpg_id)) 
+    if(AuthPGP::isPGPId(gpg_id))
 	{
 #ifdef P3PEERS_DEBUG
 		std::cerr << "p3Peers::addFriend() Authorising GPG Id: " << gpg_id << std::endl;
 #endif
-		if (AuthGPG::getAuthGPG()->AllowConnection(gpg_id, true))
+        if (AuthPGP::AllowConnection(gpg_id, true))
 		{
 #ifdef P3PEERS_DEBUG
 			std::cerr << "p3Peers::addFriend() Authorization OK." << std::endl;
@ -797,7 +797,7 @@ bool p3Peers::addSslOnlyFriend( const RsPeerId& sslId, const RsPgpId& pgp_id,con
 bool 	p3Peers::removeKeysFromPGPKeyring(const std::set<RsPgpId>& pgp_ids,std::string& backup_file,uint32_t& error_code)
 {
-	return AuthGPG::getAuthGPG()->removeKeysFromPGPKeyring(pgp_ids,backup_file,error_code) ;
+    return AuthPGP::removeKeysFromPGPKeyring(pgp_ids,backup_file,error_code) ;
 }
 bool 	p3Peers::removeFriendLocation(const RsPeerId &sslId)
@ -817,7 +817,7 @@ bool 	p3Peers::removeFriend(const RsPgpId& gpgId)
 #ifdef P3PEERS_DEBUG
 	std::cerr << "p3Peers::removeFriend() " << gpgId << std::endl;
 #endif
-	if (gpgId == AuthGPG::getAuthGPG()->getGPGOwnId()) {
+    if (gpgId == AuthPGP::getPgpOwnId()) {
        std::cerr << "p3Peers::removeFriend() ERROR  we're not going to remove our own GPG id."  << std::endl;
 		return false;
 	}
@ -825,7 +825,7 @@ bool 	p3Peers::removeFriend(const RsPgpId& gpgId)
 #ifdef P3PEERS_DEBUG
 	std::cerr << "p3Peers::removeFriend() Removing GPG Id: " << gpgId << std::endl;
 #endif
-	if (AuthGPG::getAuthGPG()->AllowConnection(gpgId, false))
+    if (AuthPGP::AllowConnection(gpgId, false))
 	{
 #ifdef P3PEERS_DEBUG
 		std::cerr << "p3Peers::removeFriend() OK." << std::endl;
@ -1113,9 +1113,7 @@ std::string p3Peers::getPGPKey(const RsPgpId& pgp_id,bool include_signatures)
 	rs_owner_ptr<unsigned char> mem_block = nullptr;
 	size_t mem_block_size = 0;
-	if( !AuthGPG::getAuthGPG()->exportPublicKey(
+    if( !AuthPGP::exportPublicKey( RsPgpId(pgp_id), mem_block, mem_block_size, false, include_signatures ) )
 	             RsPgpId(pgp_id), mem_block, mem_block_size,
 	             false, include_signatures ) )
 	{
 		RsErr() << __PRETTY_FUNCTION__
 		        << " Failure retriving certificate for id " << pgp_id
@ -1146,8 +1144,7 @@ bool p3Peers::GetPGPBase64StringAndCheckSum(
 	rs_owner_ptr<unsigned char> mem_block = nullptr;
 	size_t mem_block_size = 0;
-	if(!AuthGPG::getAuthGPG()->exportPublicKey(
+    if(!AuthPGP::exportPublicKey( gpg_id,mem_block,mem_block_size,false,false ))
 	            gpg_id,mem_block,mem_block_size,false,false ))
 		return false;
 	RsBase64::encode(mem_block, mem_block_size, gpg_base64_string, true, false);
@ -1644,7 +1641,7 @@ std::string p3Peers::GetRetroshareInvite( const RsPeerId& sslId, RetroshareInvit
 		unsigned char *mem_block = nullptr;
 		size_t mem_block_size = 0;
-		if(!AuthGPG::getAuthGPG()->exportPublicKey( RsPgpId(detail.gpg_id), mem_block, mem_block_size, false, !!(invite_flags & RetroshareInviteFlags::PGP_SIGNATURES) ))
+		if(!AuthPGP::exportPublicKey( RsPgpId(detail.gpg_id), mem_block, mem_block_size, false, !!(invite_flags & RetroshareInviteFlags::PGP_SIGNATURES) ))
 		{
 			std::cerr << "Cannot output certificate for id \"" << detail.gpg_id
 			          << "\". Sorry." << std::endl;
@ -1680,7 +1677,7 @@ bool p3Peers::loadCertificateFromString(
 	}
 	RsPgpId gpgid;
-	bool res = AuthGPG::getAuthGPG()->LoadCertificateFromString( crt->armouredPGPKey(), gpgid, error_string );
+    bool res = AuthPGP::LoadCertificateFromString( crt->armouredPGPKey(), gpgid, error_string );
 	gpg_id = gpgid;
 	ssl_id = crt->sslid();
@ -1697,7 +1694,7 @@ bool p3Peers::loadCertificateFromString(
 }
 bool p3Peers::loadPgpKeyFromBinaryData( const unsigned char *bin_key_data,uint32_t bin_key_len, RsPgpId& gpg_id, std::string& error_string )
 {
-	bool res = AuthGPG::getAuthGPG()->LoadPGPKeyFromBinaryData( bin_key_data,bin_key_len, gpg_id, error_string );
+    bool res = AuthPGP::LoadPGPKeyFromBinaryData( bin_key_data,bin_key_len, gpg_id, error_string );
    if(res)
 		mPeerMgr->notifyPgpKeyReceived(gpg_id);
@ -1716,9 +1713,7 @@ bool p3Peers::loadDetailsFromStringCert( const std::string &certstr,
 	RsCertificate& cert = *certPtr;
-	if(!AuthGPG::getAuthGPG()->getGPGDetailsFromBinaryBlock(
+    if(!AuthPGP::getPgpDetailsFromBinaryBlock( cert.pgp_key(), cert.pgp_key_size(), pd.gpg_id, pd.name, pd.gpgSigners ))
 	            cert.pgp_key(), cert.pgp_key_size(),
 	            pd.gpg_id, pd.name, pd.gpgSigners ))
 		return false;
 	Dbg4() << __PRETTY_FUNCTION__ << " Parsing cert for sslid, location, ext "
@ -1796,7 +1791,7 @@ bool 	p3Peers::signGPGCertificate(const RsPgpId &id, const std::string &gpg_pass
        rsNotify->cachePgpPassphrase(gpg_passphrase);
        rsNotify->setDisableAskPassword(true);
-        bool res = AuthGPG::getAuthGPG()->SignCertificateLevel0(id);
+        bool res = AuthPGP::SignCertificateLevel0(id);
        rsNotify->clearPgpPassphrase();
        rsNotify->setDisableAskPassword(false);
@ -1810,7 +1805,7 @@ bool 	p3Peers::trustGPGCertificate(const RsPgpId &id, uint32_t trustlvl)
 	std::cerr << "p3Peers::TrustCertificate() " << id;
 	std::cerr << std::endl;
 #endif
-	return AuthGPG::getAuthGPG()->TrustCertificate(id, trustlvl);
+    return AuthPGP::TrustCertificate(id, trustlvl);
 }
 	/* Group Stuff */
--- a/libretroshare/src/rsserver/p3serverconfig.cc
+++ b/libretroshare/src/rsserver/p3serverconfig.cc
@ -140,7 +140,7 @@ bool p3ServerConfig::setConfigurationOption(uint32_t key, const std::string &opt
 int 	p3ServerConfig::getConfigNetStatus(RsConfigNetStatus &status)
 {
 	status.ownId = AuthSSL::getAuthSSL()->OwnId();
-	status.ownName = AuthGPG::getAuthGPG()->getGPGOwnName();
+    status.ownName = AuthPGP::getPgpOwnName();
 	// Details from PeerMgr.
 	peerState pstate;
--- a/libretroshare/src/rsserver/rsaccounts.cc
+++ b/libretroshare/src/rsserver/rsaccounts.cc
@ -731,10 +731,10 @@ static bool checkAccount(const std::string &accountdir, AccountDetails &account,
 		if(! RsAccounts::GetPGPLoginDetails(account.mPgpId, account.mPgpName, account.mPgpEmail))
 			return false ;
-		if(!AuthGPG::getAuthGPG()->haveSecretKey(account.mPgpId))
+        if(!AuthPGP::haveSecretKey(account.mPgpId))
 			return false ;
-		if(!AuthGPG::getAuthGPG()->isKeySupported(account.mPgpId))
+        if(!AuthPGP::isKeySupported(account.mPgpId))
 		{
 			std::string keystring = account.mPgpId.toStdString() + " " + account.mPgpName + "&#60;" + account.mPgpEmail ;
 			unsupported_keys[keystring].push_back("Location: " + account.mLocation + "&nbsp;&nbsp;(" + account.mSslId.toStdString() + ")") ;
@ -882,8 +882,9 @@ static bool checkAccount(const std::string &accountdir, AccountDetails &account,
                /* Generating GPGme Account */
-int      RsAccountsDetail::GetPGPLogins(std::list<RsPgpId> &pgpIds) {
+int      RsAccountsDetail::GetPGPLogins(std::list<RsPgpId>& pgpIds)
-        AuthGPG::getAuthGPG()->availableGPGCertificatesWithPrivateKeys(pgpIds);
+{
    AuthPGP::availablePgpCertificatesWithPrivateKeys(pgpIds);
    return 1;
 }
@ -894,10 +895,10 @@ int      RsAccountsDetail::GetPGPLoginDetails(const RsPgpId& id, std::string &na
        #endif
 		  bool ok = true ;
-        name = AuthGPG::getAuthGPG()->getGPGName(id,&ok);
+        name = AuthPGP::getPgpName(id,&ok);
 		  if(!ok)
 			  return 0 ;
-        email = AuthGPG::getAuthGPG()->getGPGEmail(id,&ok);
+        email = AuthPGP::getPgpEmail(id,&ok);
 		  if(!ok)
 			  return 0 ;
@ -917,7 +918,7 @@ bool RsAccountsDetail::SelectPGPAccount(const RsPgpId& pgpId)
 {
 	bool retVal = false;
-	if (0 < AuthGPG::getAuthGPG() -> GPGInit(pgpId))
+    if (0 < AuthPGP::PgpInit(pgpId))
 	{
 		retVal = true;
 #ifdef DEBUG_ACCOUNTS
@ -937,7 +938,7 @@ bool RsAccountsDetail::SelectPGPAccount(const RsPgpId& pgpId)
 bool     RsAccountsDetail::GeneratePGPCertificate(const std::string& name, const std::string& email, const std::string& passwd, RsPgpId &pgpId, const int keynumbits, std::string &errString)
 {
-	return AuthGPG::getAuthGPG()->GeneratePGPCertificate(name, email, passwd, pgpId, keynumbits, errString);
+    return AuthPGP::GeneratePgpCertificate(name, email, passwd, pgpId, keynumbits, errString);
 }
 		// PGP Support Functions.
@ -949,24 +950,24 @@ void RsAccountsDetail::getUnsupportedKeys(std::map<std::string,std::vector<std::
 bool RsAccountsDetail::exportIdentity(const std::string& fname,const RsPgpId& id)
 {
-	return AuthGPG::getAuthGPG()->exportProfile(fname,id);
+    return AuthPGP::exportProfile(fname,id);
 }
 bool RsAccountsDetail::importIdentity(const std::string& fname,RsPgpId& id,std::string& import_error)
 {
-	return AuthGPG::getAuthGPG()->importProfile(fname,id,import_error);
+    return AuthPGP::importProfile(fname,id,import_error);
 }
 bool RsAccountsDetail::importIdentityFromString(const std::string &data, RsPgpId &imported_pgp_id, std::string &import_error)
 {
-    return AuthGPG::getAuthGPG()->importProfileFromString(data, imported_pgp_id, import_error);
+    return AuthPGP::importProfileFromString(data, imported_pgp_id, import_error);
 }
 bool RsAccountsDetail::exportIdentityToString(
        std::string& data, const RsPgpId& pgpId, bool includeSignatures,
        std::string& errorMsg )
 {
-	return AuthGPG::getAuthGPG()->exportIdentityToString(
+    return AuthPGP::exportIdentityToString(
 	            data, pgpId, includeSignatures, errorMsg );
 }
@ -1057,7 +1058,7 @@ bool     RsAccountsDetail::GenerateSSLCertificate(const RsPgpId& pgp_id, const s
 	int nbits = 4096;
-	//std::string pgp_name = AuthGPG::getAuthGPG()->getGPGName(pgp_id);
+    //std::string pgp_name = AuthGPG::getGPGName(pgp_id);
 	// Create the filename .....
 	// Temporary Directory for creating files....
@ -1332,7 +1333,7 @@ bool RsAccounts::init(const std::string& opt_base_dir,int& error_code)
 	if(!RsDirUtil::checkCreateDirectory(pgp_dir))
 		throw std::runtime_error("Cannot create pgp directory " + pgp_dir) ;
-	AuthGPG::init(	pgp_dir + "/retroshare_public_keyring.gpg",
+	AuthPGP::init(	pgp_dir + "/retroshare_public_keyring.gpg",
 	                pgp_dir + "/retroshare_secret_keyring.gpg",
 	                pgp_dir + "/retroshare_trustdb.gpg",
 	                pgp_dir + "/lock");
--- a/libretroshare/src/rsserver/rsinit.cc
+++ b/libretroshare/src/rsserver/rsinit.cc
@ -512,7 +512,7 @@ RsInit::LoadCertificateStatus RsInit::LockAndLoadCertificates(
 		if(!RsAccounts::GetAccountDetails(accountId, pgpId, pgpName, pgpEmail, location))
 			throw RsInit::ERR_UNKNOWN; // invalid PreferredAccount;
-		if(0 == AuthGPG::getAuthGPG() -> GPGInit(pgpId))
+        if(0 == AuthPGP::PgpInit(pgpId))
 			throw RsInit::ERR_UNKNOWN; // PGP Error.
 		LoadCertificateStatus retVal =
@ -912,8 +912,8 @@ int RsServer::StartupRetroShare()
 	/* History Manager */
 	mHistoryMgr = new p3HistoryMgr();
 	mPeerMgr = new p3PeerMgrIMPL( AuthSSL::getAuthSSL()->OwnId(),
-				AuthGPG::getAuthGPG()->getGPGOwnId(),
+                AuthPGP::getPgpOwnId(),
-				AuthGPG::getAuthGPG()->getGPGOwnName(),
+                AuthPGP::getPgpOwnName(),
 				AuthSSL::getAuthSSL()->getOwnLocation());
 	mNetMgr = new p3NetMgrIMPL();
 	mLinkMgr = new p3LinkMgrIMPL(mPeerMgr, mNetMgr);
@ -1613,7 +1613,8 @@ int RsServer::StartupRetroShare()
 	//mConfigMgr->addConfiguration("ftserver.cfg", ftserver);
 	//
-	mConfigMgr->addConfiguration("gpg_prefs.cfg"   , AuthGPG::getAuthGPG());
+    AuthPGP::registerToConfigMgr(std::string("gpg_prefs.cfg"),mConfigMgr);
 	mConfigMgr->addConfiguration("gxsnettunnel.cfg", mGxsNetTunnel);
 	mConfigMgr->addConfiguration("peers.cfg"       , mPeerMgr);
 	mConfigMgr->addConfiguration("general.cfg"     , mGeneralConfig);
@ -1799,7 +1800,7 @@ int RsServer::StartupRetroShare()
 	/* Add AuthGPG services */
 	/**************************************************************************/
-	//AuthGPG::getAuthGPG()->addService(mDisc);
+    //AuthGPG::addService(mDisc);
 	/**************************************************************************/
 	/* Force Any Last Configuration Options */
--- a/libretroshare/src/rsserver/rsloginhandler.cc
+++ b/libretroshare/src/rsserver/rsloginhandler.cc
@ -60,8 +60,7 @@ bool RsLoginHandler::checkAndStoreSSLPasswdIntoGPGFile(
 		return true ;
 	}
-	bool ok = AuthGPG::getAuthGPG()->encryptTextToFile(
+    bool ok = AuthPGP::encryptTextToFile( ssl_passwd, getSSLPasswdFileName(ssl_id));
 	            ssl_passwd, getSSLPasswdFileName(ssl_id));
 	if (!ok) std::cerr << "Encrypting went wrong !" << std::endl;
@ -90,7 +89,7 @@ bool RsLoginHandler::getSSLPasswdFromGPGFile(const RsPeerId& ssl_id,std::string&
 #endif
 	std::string plain;
-	if ( AuthGPG::getAuthGPG()->decryptTextFromFile( plain, getSSLPasswdFileName(ssl_id)) )
+    if ( AuthPGP::decryptTextFromFile( plain, getSSLPasswdFileName(ssl_id)) )
 	{
 		sslPassword = plain;
 #ifdef DEBUG_RSLOGINHANDLER
--- a/libretroshare/src/services/p3idservice.cc
+++ b/libretroshare/src/services/p3idservice.cc
@ -1067,7 +1067,7 @@ bool p3IdService::createIdentity(uint32_t& token, RsIdentityParameters &params)
    if(params.isPgpLinked)
    {
-        ssdata.pgp.pgpId = AuthGPG::getAuthGPG()->getGPGOwnId();
+        ssdata.pgp.pgpId = AuthPGP::getPgpOwnId();
        ssdata.pgp.lastCheckTs = time(nullptr);
    }
@ -3619,7 +3619,7 @@ RsGenExchange::ServiceCreate_Return p3IdService::service_CreateGroup(
 		unsigned int sign_size = MAX_SIGN_SIZE;
        memset(signarray,0,MAX_SIGN_SIZE) ;	// just in case.
-		int	result = AuthGPG::getAuthGPG()->SignDataBin(
+        int	result = AuthPGP::SignDataBin(
 			            static_cast<const void*>(hash.toByteArray()),
 			            hash.SIZE_IN_BYTES, signarray, &sign_size,
 			            __PRETTY_FUNCTION__ )
@ -4096,7 +4096,7 @@ void p3IdService::getPgpIdList()
 #endif // DEBUG_IDS
 	std::list<RsPgpId> list;
-	mPgpUtils->getGPGAllList(list);
+	mPgpUtils->getPgpAllList(list);
 	RsStackMutex stack(mIdMtx); /********** STACK LOCKED MTX ******/
@ -4593,7 +4593,7 @@ void p3IdService::generateDummy_FriendPGP()
 	// Now Generate for friends.
 	std::list<RsPgpId> gpgids;
 	std::list<RsPgpId>::const_iterator it;
-	mPgpUtils->getGPGAllList(gpgids);
+	mPgpUtils->getPgpAllList(gpgids);
 	RsGxsIdGroup id;
--- a/tests/unittests/libretroshare/gxs/nxs_test/nxsdummyservices.cc
+++ b/tests/unittests/libretroshare/gxs/nxs_test/nxsdummyservices.cc
@ -134,11 +134,11 @@ const RsPgpId& rs_nxs_test::RsDummyPgpUtils::getPGPOwnId() {
 	return mOwnId;
 }
-RsPgpId rs_nxs_test::RsDummyPgpUtils::getPGPId(const RsPeerId& /*sslid*/) {
+RsPgpId rs_nxs_test::RsDummyPgpUtils::getPgpId(const RsPeerId& /*sslid*/) {
 	return RsPgpId().random();
 }
-bool rs_nxs_test::RsDummyPgpUtils::getGPGAllList(std::list<RsPgpId>& /*ids*/) {
+bool rs_nxs_test::RsDummyPgpUtils::getPgpAllList(std::list<RsPgpId>& /*ids*/) {
 	return true;
 }
--- a/tests/unittests/libretroshare/gxs/nxs_test/nxsdummyservices.h
+++ b/tests/unittests/libretroshare/gxs/nxs_test/nxsdummyservices.h
@ -164,8 +164,8 @@ namespace rs_nxs_test
 		virtual ~RsDummyPgpUtils(){}
 		const RsPgpId &getPGPOwnId() ;
-		RsPgpId getPGPId(const RsPeerId& sslid) ;
+		RsPgpId getPgpId(const RsPeerId& sslid) ;
-		bool getGPGAllList(std::list<RsPgpId> &ids) ;
+		bool getPgpAllList(std::list<RsPgpId> &ids) ;
 		bool getKeyFingerprint(const RsPgpId& id,PGPFingerprintType& fp) const;
 		bool parseSignature(unsigned char *sign, unsigned int signlen, RsPgpId& issuer) const;
--- a/tests/unittests/libretroshare/services/gxs/FakePgpAuxUtils.cc
+++ b/tests/unittests/libretroshare/services/gxs/FakePgpAuxUtils.cc
@ -24,7 +24,7 @@
 FakePgpAuxUtils::FakePgpAuxUtils(const RsPeerId& ownId)
 {
-	mOwnId = getPGPId(ownId);
+	mOwnId = getPgpId(ownId);
 	addPeerIdToPgpList(ownId);
 }
@ -39,7 +39,7 @@ void FakePgpAuxUtils::addPeerListToPgpList(const std::list<RsPeerId> &ids)
 void FakePgpAuxUtils::addPeerIdToPgpList(const RsPeerId &id)
 {
-	RsPgpId pgpId = getPGPId(id);
+	RsPgpId pgpId = getPgpId(id);
 	if (mPgpList.end() == std::find(mPgpList.begin(), mPgpList.end(), pgpId))
 	{
 		mPgpList.push_back(pgpId);
@ -51,7 +51,7 @@ const RsPgpId & FakePgpAuxUtils::getPGPOwnId()
 	return mOwnId;
 }
-RsPgpId FakePgpAuxUtils::getPGPId(const RsPeerId& sslid)
+RsPgpId FakePgpAuxUtils::getPgpId(const RsPeerId& sslid)
 {
 	/* convert an sslId */
 	std::string idstring = sslid.toStdString();
@ -95,7 +95,7 @@ bool FakePgpAuxUtils::VerifySignBin(const void* /*data*/, uint32_t /*len*/, unsi
 	return true;
 }
-bool FakePgpAuxUtils::getGPGAllList(std::list<RsPgpId> &ids)
+bool FakePgpAuxUtils::getPgpAllList(std::list<RsPgpId> &ids)
 {
 	ids = mPgpList;
 	return true;
--- a/tests/unittests/libretroshare/services/gxs/FakePgpAuxUtils.h
+++ b/tests/unittests/libretroshare/services/gxs/FakePgpAuxUtils.h
@ -28,7 +28,7 @@ public:
 	FakePgpAuxUtils(const RsPeerId& ownId);
 	virtual const RsPgpId &getPGPOwnId();
-	virtual RsPgpId getPGPId(const RsPeerId& sslid);
+	virtual RsPgpId getPgpId(const RsPeerId& sslid);
 	virtual	bool getKeyFingerprint(const RsPgpId& id,PGPFingerprintType& fp) const;
 	virtual bool parseSignature(unsigned char *sign, unsigned int signlen, RsPgpId& issuer) const;
@ -36,7 +36,7 @@ public:
 	virtual void addPeerListToPgpList(const std::list<RsPeerId> &ids);
 	virtual void addPeerIdToPgpList(const RsPeerId &id);
-	virtual bool getGPGAllList(std::list<RsPgpId> &ids);
+	virtual bool getPgpAllList(std::list<RsPgpId> &ids);
 private:
 	RsPgpId mOwnId;
 	std::list<RsPgpId> mPgpList;