@Bozza

The ONLY software I would trust is PGP, or GPG

technically yeah, but common misconception here is to trust middleman. When you mention software, well anything else being used IS SOFTWARE as well: signal, telegram, ProtonaMail. Unless you can write a GPG-encoding software yourself [or if one has skills to verify the code then to NEVER update], then maybe keep it on separate device.

I asked grok is it easy, what's your opinion?

No, it is not easy to write your own script that properly implements PGP-style asymmetric encryption (more precisely: the OpenPGP format) — at least not if you want something secure and interoperable.

What you actually need to do it "properly" (OpenPGP style)

• Generate or parse keys (RSA, ECC Curve25519/Ed25519, etc.)
• Handle OpenPGP packet format (very complex — literal data, encrypted data, signatures, one-pass signatures, compressed packets, modification detection code (MDC), AEAD in newer versions…)
• Implement hybrid encryption:
• Generate random session key
• Encrypt session key with recipient's public key (RSA-OAEP or ElGamal or ECDH)

• Encrypt actual data with AES (usually CFB or OCB/AEAD mode)

• Correctly implement symmetric encryption modes (especially the strange OpenPGP CFB variant with MDC)
• Handle compression (ZIP/ZLIB/BZip2)
• Deal with ASCII-armor (Base64 + headers)
• Implement partial-length packets, streaming, etc.
• Add timing attack resistance, side-channel resistance, proper random number generation…
• Handle key preferences, subkeys, revocation, trust model (if you want WoT)

Even very experienced cryptographers usually don't implement OpenPGP from scratch — they use libraries like:

• Python: pgpy, gnupg (wrapper around GnuPG), pyOpenPGP
• JavaScript: openpgp.js
• Rust: sequoia-pgp, rpgp
• Java: BouncyCastle (PGP classes)
• Go: golang.org/x/crypto/openpgp (but somewhat outdated)