I’ve released a new version of gmail-crypt, my extension that allows OpenPGP/GPG encryption in Gmail through a Chrome extension. The biggest change in this version of gmail-crypt is the addition of key generation. This is a VERY EARLY stage key generation, the key ID’s are not calculated the same way as GPG, I’m currently not sure what the issue is. This means that it’s possible you’ll have to regenerate your key in the future!
Encrypted Email in 1 minute
The installation process is basically the same as the old version.
Click “Continue” when warned about the dangers of extensions
Click “Install” when warned about the permissions for this extension
In your browser click the Wrench(upper right hand)->Tools->Extensions
Click “Options” under gmail-crypt
Click “my keys” tab, then “generate a new key”
Fill in your name and email, click submit
Test it out by sending yourself an email in gmail and click the “encrypt me” lock icon, when receiving the message click “decrypt me” by the unlock icon.
Get your friend to install the extension and see if you can send messages. NOTE: as indicated above, these keys may have to be regenerated in the future.
With the looming creation of a unified OpenPGP library, I will perform minimal work for the time being on my js-openpgp code as I believe it will be rolled into the larger project and then used in this project. The extension has other work that needs done (Options page rewrite, stop draft uploading, allow any text to be encrypted/decrypted)
Hope this can help someone! Let me know other ideas you might have..
In my experience, most of the existing options for OpenPGP/GPG/PGP are archaic and do not work well with how people use computers today. I think that we can create a simple experience with tight integration in the browser that can make encryption much more accessible.
The project is in very early stages right now, and the current version is definitely an alpha. However, I wanted to put a version out there. Please note that this is still being developed and may not yet be suitable for your super secret needs, as noted in the license there is NO WARRANTY of any sort associated with this software.
Click here to add the extension to chrome. It will ask you for permissions.
Open the Options page for the extension
You currently need to provide your own OpenPGP/PGP/GPG key. I hope to include key creation in a later version. Paste your private key into the box on the “my keys” options page. (You need to paste an armored version of your key. If you’re running linux try “man gpg” for more info)
Add keys for your friends (or your own public key) in the “friends keys” section of the options page.
Go to your gmail inbox. Compose an email to someone who’s key you’ve added. Click on the “encrypt me” in the upper right. *Note there is currently an issue where sometimes this will not display, try refreshing the page if this is the case.
If you receive an encrypted message, click on the “decrypt me” in the upper right of the page.
Send me mail!
You can send me encrypted mail if you want to test it out. sean @ colyer . name.
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.11 (GNU/Linux)
By combining the work by Herbert Hanewinkel and Tom Wu, we are able to create a powerful library. Both of these libraries had to be modified to work together, and the OpenPGP code was mostly re-written to provide a more object oriented approach and some code simplifying that I believe will make the project easier to build on.
The project takes advantage of the “walled garden” approach to extensions. Through the use of a content script, there are changes made on the gmail page, which also interacts with a background page that serves as the middleman between the extension backend and the gmail front end. This is necessary because we want to store key information in the context of the extension, and this allows a certain level of protection between the gmail page and the key details in the extension. Google provides a good overview of this architecture.
FireGPG used to be very similar. It runs only in FireFox. It has stopped supporting Gmail
There is a lot of work still to do. Things I’d like to accomplish include: Key creation, key signing, find a good draft uploading solution, further integration with the browser, bugfixes. Check out the latest source for most recent details.
I would love help, head on over to the project page if you can help out!