Mymail-Crypt for Gmail, version 24

I’ve finally pushed out a new version of Mymail-Crypt for Gmail. It has been a long time coming, but I was able to accomplish a number of the things I’ve been hoping to get finished for awhile.

Major Changes

  • Revived support for disabling drafts. It should work currently under the “New Compose” experience. It is still EXPERIMENTAL, but feel free to give it a go. Note: It won’t work if you pop the compose window out of the browser
  • Re-architected the plugin to provide a cleaner break between the front-end Gmail interactions and the back-end cryptography.
  • New version of OpenPGP.js. This includes a handful of updates. Notably, it bumps up the default Hash function to SHA256.
  • Upgraded to jQuery 2.0. This drops support for old browsers and certain function calls.

It is live in the Chrome Webstore, but should update automatically for you.

Please let me know if you have any issues, or post them to github. Thanks!

33 thoughts on “Mymail-Crypt for Gmail, version 24

  1. I am having issues with this extension. Using Kleopatra from gpg4win I created a key pair. in the options window for Mymail-Crypt I entered my private key under the My Keys section. Following the gpg4win documentation I sent an email to [email protected] , an automated pgp testing bot. I recieved and email back with the bots public key, which I entered in the friends’ keys section, and it was properly identified.

    I then sent another email to the bot with my public key, and I recieved an encrypted email back.

    In the Gmail area with the Decrypt button, I entered my passphraseand then hit Decrypt.

    At this point, nothing happens. The screen doesn’t change in any way, but the extension at this point locks up. After trying to decrypt a message, I can no longer access the settings for the extension. Closing Chrome and restarting does not help, The settings page will not load and no response from the decrypt button in Gmail. (Although it still shows up) Only by manually killing all chrome processes in Task manager and then relaunching chrome can I access the settings again. Every time I try to decrypt a message, it locks up again. Any help you could give would be appreciated.

    Here are my system stats:
    ASUS laptop model U47a
    Intel i7 processor
    8gb Ram
    Windows 7 Home Premium
    Gpg4win, version 2.1.1 (2013-05-28).
    Kleopatra 2.1.1
    Google Chrome Version 28.0.1500.72 m

    Thank you for your time,
    Tarn Brubaker

    1. I was able to reproduce this. It seems to be an issue with the way adele is generating messages is causing a problem. I’ve created https://github.com/seancolyer/gmail-crypt/issues/34 to track this issue. I haven’t been able to figure out exactly what’s causing this. Let me know if you find other similar issues.

      You should still be able to interact with most clients.

  2. After creating another gmail account for testing, and setting up public and private keys for both. I am able to encrpyt and decrypt messages. Thank you for the work on this extension. As I am playing around with this I was wondering is it possible to have more than one key pair for a single email address. I created a second private key from within the extension options and it showed up just fine in both my friends and my section. however I cannot seem to get the second key pair to work. When I compose a message it always defaults to the first pair with the email address I am sending it to. I cannot seen to send a message using the second pair’s key because when I put in the email address it automatically uses the first key. Any way around this or to select?

    1. Hm, you’re right this is not a supported use case. What’s the motivation for wanting to have multiple active private keys for one email address?

      It seems like one related area that could be improved is to allow better key editing to do things such as revoking or creating new subkeys, but these are slightly different than what you’re describing.

  3. Looks like a nice implementation. Messed around with keys some, ended up deleting the first one I made then made a new one. I can see the key in both public and private rings, but when I try to encrypt with it and a friend’s public key, I get an ‘unable to read your key, is your password correct’ error. How do I update the key’s password? (Fedora 19, Chrome)

    Would be nice to be able to drop the public key into an email by a more convenient means than showing it , cut, paste.

    Nicely done overall.

  4. cool plugin broo, one suggestion; can you update the plugin to exclude qouted text in gmail when encrypting? What happens is when I am communicating with a contact and our messages are encrypted they get rencrypted and makes the message very long. If you can detect the quoted text from the previous email based on the header of the message then you should skip encrypting that part of the message. This is just a suggestion, I am sure you have other more pressing things to work on.

    1. Thanks for the feedback. I’m hoping to get some time to address some lingering thoughts like this shortly. Hope you like the extension.

  5. Hi,

    Great extension, but I think there’s a small bug..

    By default I’m using the rich text mode to compose messages, and most of them are in Hebrew (which means right to left), when decrypting messages, however, the messages comes back left to right (the text is ok, it’s just indented to the left).

    Thanks and keep up the good work!

  6. I have had problems with emails that have been signed and sent with gpgtools. The signature is attached in a file called signature.asc. Could you add support to be able to verify such signed emails?

    1. Yeah, signing is unfortunately complicated in OpenPGP, we’re re-writing parts of Openpgp.js that powers mymail-crypt to address problems like this. Hopefully that will resolve a lot of the interclient signing issues we’ve seen.

    1. Not currently. Hopefully in the future we will have better attachment support. It’s technically possible, but just hasn’t been done yet.

      1. How is attachment decryption going on? I keep receiving encrypted messages in the encrypted.asc attachment, which I still cannot decode using the mymail-crypt plugin…

        1. This project has (obviously) slowed a bit lately. That being said, I was putting in some work lately on attachments that hopefully will yield some good results soon.

  7. Very nice and much needed functionality in this extension. Thanks a lot.

    I was wondering if you have any plans to support signature verification any time soon? I saw above that dealing with separate signature files is tricky, but what about plain-text ones… it shouldn’t be significantly more difficult than decrypting, right?

    Anyway, thanks again for this great product.

  8. Hello! I managed to create my key, encrypt and decrypt without any problem when I send stuff to my own mail. From the options page though I can’t manage to add friends’ public keys: when I try I get the message “Mymail-Crypt for Gmail was unable to read this key. It would be great if you could contact us so we can help figure out what went wrong”. What am I doing wrong? Thanks!

    1. There is a new version in the Chrome store that has much better key support, I believe your issues should be resolved now.

  9. I am experiencing problems importing my private key. It was generated with the native gpg tool in OSX. First I tried to import the key intact with header and footer, but then removed them, leaving just the main content of the key. Still no juice. Please advice. Thanks.

    1. Never mind about my last question. I was using my ssh-keys. It took me a while to realize that ssh-keys are different than gpg keys. Thank you. Now I was able to get the extension working properly.

      There are a couple of bugs I would like to report:
      1. When reading a message that has *not* been encrypted, the decrypt button still shows up.
      2. In the compose window, there is an annoying icon with an ‘x’ in the top right corner of the compose window. It can’t be closed or moved.

      Thanks for all our good work on this extension.

  10. doesn’t work. imported my key (which I had to export/copy/paste even though there is a gpg library), typed my passphrase, which was then accepted by the config page. I go to send an email and “Mymail-Crypt For Gmail was unable to read your key. Is your password correct?”. The program just confirmed it was correct or else it (shouldn’t have) imported the key. I applaud your effort, but this is very disappointing.

    1. Apologies for the disappointingly slow reply.

      There is a new version of Mymail-crypt published to the Chrome store which has much better key support, can you take a look at it and see if it addresses your concerns?

      FYI, you have to export/copy/paste because the extension is completely standalone, it requires nothing to be installed. Working within chrome you are not able to access the file system to read the keys.

      1. It’s ok, I think I was doing an incredibly stupid n00b move: since I had just set up gpg crypt, I didn’t have anybody else to email – and had forgotten that MY key is to read MY mail, and sending someone else encrypted mail requires using THEIR key – not mine.

        This was 100% totally my fault, but maybe your software could help by distinguishing the two types of keys, or even a bozo-reminder that outgoing mail requires THEIR key, incoming mail requires YOUR key.

        Thanks for all your efforts!

  11. Hello would you mind sharing which blog platform you’re working with?
    I’m planning to start my own blog soon but I’m having a hard
    time making a decision between BlogEngine/Wordpress/B2evolution and Drupal.
    The reason I ask is because your design seems different then most blogs and I’m looking for something
    unique. P.S My apologies for getting off-topic but I had to ask!

  12. I am finding that Mymail-Crypt is not decrypting messages created using GnuPG as in GPG4Win in Mozilla. GPG4Win should be a standard Open PGP type program, and indeed if I paste the encrypted messages into Notebook and save as a file, I can decrypt them using OpenPGP Studio – using the same keys as generated using Mymail-Crypt!

    The odd think is that this is not consistent. There was one GnuPG message which Mymail-Crypt did open sucessfully.

    Any idea on what is going on?

    While I can use Open PGP Studio on my Windoze 8 computer, Mymail-Crypt is pretty much the only game in town for my Samsung Chromebook and I would dearly love to get this extension working reliably.

    Thanks

    Geoffrey

    1. OpenPGP messages are pretty complex, and some of them are of different formats that require a different way of reading them.

      That being said, there has been a new version pushed to the Chrome store that addresses a lot of the issues with reading a variety of messages and different clients. Can you try giving that a go and see if it addresses your problems?

  13. Hi,

    I’ve just installed mymail-crypt for gmail and try to add a friend key coming from Thunderbird/enigmail.
    the public key is : (Copy/paste)

    —–BEGIN PGP SIGNATURE—–
    Version: GnuPG v2

    iQIcBAEBCAAGBQJVTQcFAAoJEJI8XpqsLgYjxFgP/RR7jtGl9BCGZhscK8+83azx
    +UkDDA3aCDBtEwttB0ZwTtzKpUrNo3aV6NVHhaikwQ9+4F0oMDIw+mYEpsLFNFQI
    z1yBvLqIwAoFyCX3fSMQMvMbCXVmGL3Vyc2ArvlSqMTIvP9qPBmAmG7K7rnhL3Ll
    6/z89E4ocuGA1Py8r64UFNO5GSnqzNRh8ojA8As2jXiu/+zl01bH5saHNUA0lnmc
    SWynD9USeDErh38nWwZNWZt4KHF/DH4UOgd8DXyKythT39Jju51vJyR7vdvbAARW
    o2/fJCr5Y4NZjvseWBLgyuODfIWSBdY153VAZ/K8rXPuZIfzMvxtgihgwfZAWIa4
    0HY8OCZ20pyt3CzOCXWwuvvkYcATnDr1p7blvmUeKDEDmY42LNBg6eNNpWz6JdBA
    kiGyA6z5IXa09XXweVvbliYe4X7KtZdhOdpUoGFgSWIi1fUE8O6bEHgVHCOsqapC
    6G+WMlibr15QLCWU+L9R12LrKscXlMw2xcyyElZTJx39oyXKThoTNfCq/T5ts6uO
    7s7icwv/jpbN3RQ2uQtRAeh4khQkiEzl0ZNuBumTT3R8Ar/Azpy13TWQ0E0cBDz7
    ZD84BO3mNYvSqIjlqEVjhdwHSxSYz23VXP0DCk0P/lrRwpb97UMRQrBdB7nIIpY9
    5sm2q3rg2jQQgbiQAq4l
    =++kI
    —–END PGP SIGNATURE—–

    When I try to insert this key, I have this error message : Error: Armored text not of type key

    Any idea ?

    Regards

    1. You’re trying to insert a Signature and not a Public Key. When someone gives you a public key it should start with:
      —–BEGIN PGP PUBLIC KEY BLOCK—–

  14. Hello,

    I hear many things about Crypting e-mails.

    Google has its own solution Google End-to-End, there are, Mailvelope, mymail-crypt, OpenPGP, GnuPG…
    It seems that most of the solutions doesn’t exist on Android, and you have to use K9+APG, OpenKeychain…
    Both mailvelope and mymail-crypt, does not offer a solution for android…
    And Android solutions don’t offer a Gmail solution…
    What is the problem ? A global solution would be not safe, too centralized, too weak ?

    As lots of web articles/publication are not dated, it is difficult to know what is old or recent news.

    My question 1 is : why is there no global email encryption solution for Gamil and Android whereas/while encryption is a central issue nowadays ?
    My question 2 is : what is the most simple Android solution compatible with mymail-crypt ?

    Thank you Sir
    Please accept, Sir, the assurances of my highest considerations.

Leave a Reply

Your email address will not be published. Required fields are marked *