Mymail-Crypt Version 26

I have (finally) pushed a new version of Mymail-crypt for Gmail to the Chrome store (and github).

The extension visually appears and functions very similar to what you’re used, however, it’s got a hugely updated encryption engine underneath.

We’ve been refactoring and improving the Openpgp.js project significantly over the past year. In this version of Mymail-Crypt, I’m incorporating these changes for a better experience.

  • Support for more OpenPGP clients keys — great news if you’ve had trouble with other peoples keys in the past.
  • Better signature verification. There is now a “Verify Signature” button for messages that are signed but not encrypted. If a message is both encrypted and signed, Mymail-Crypt will attempt to verify the signature when you use the “Decrypt” button.

Really, there are a ton of improvements in the encryption library, but most of them are transparent. Now that this has been shipped, there are a number of other visual items and cleanup I’m hoping to turn my attention to.

Let me know if you have trouble migrating, or using the new extension!

24 thoughts on “Mymail-Crypt Version 26

    1. Not in the immediate future, sorry. I’m glad you voice your support though, that helps me prioritize features.

  1. When I try to use the extension in chrome, it does not respond to the encrypt and sign button

    Any thoughts

        1. Apologies, there was a caching issue in the public version for awhile that should now be resolved. Are you still seeing this?

  2. I installed the extension, but when I tell it to verify a signature, it says “No signed, cleartext OpenPGP message was found. Was this message also encrypted?”

    Message source from Gmail below (with email addresses redacted).

    From: REDACTED
    Content-Type: multipart/signed; boundary=”Apple-Mail=_3275CE22-F50A-4AD1-BF99-A556C46E343E”; protocol=”application/pgp-signature”; micalg=pgp-sha512
    Subject: Signed with OpenPGP
    Date: Sat, 9 Aug 2014 15:42:13 -0700
    Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\))
    X-Mailer: Apple Mail (2.1878.6)

    Content-Transfer-Encoding: 7bit
    Content-Type: text/plain;

    You should see this as signed and be able to read it. Let me know..


    Content-Transfer-Encoding: 7bit
    Content-Disposition: attachment;
    Content-Type: application/pgp-signature;
    Content-Description: Message signed with OpenPGP using GPGMail

    Comment: GPGTools –



    1. It looks like this message is missing the following line before the text:

      That line is required by the protocol to know what text is signed. Did the other person send the entire message?

  3. Thanks. Looks like the code assumes an RFC2440 message and can’t cope with RFC3156 (which superseded RFC2015). Right?

    If so, that’s a shame, because it looks like Apple Mail generates ‘3156 format.

    1. Sorry I missed answering this.

      MIME is RFC 3156. It’s a pretty different approach from OpenPGP/PGP/GPG.

      OpenPGP is RFC 4880 (supersedes 2440).

  4. 1) Thank you for your fantastic Gmail extension
    2) I need your help please!

    I’m using the following for email encryption:

    Web based: Gmail with Mymail-crypt
    Outlook: Gpg4win/GnuPG Outlook plugin
    Android: K9+APG

    I can encrypt, send and decrypt from any of the above to any other of the above, with one exception as follows:

    Encrypt in Outlook using GnUPG—> message encrypts with no errors–>send to Android and Gmail. Android decrypts no problem, Gmail fails with the message below. I know the Gmail public key used to encrypt the message in Outlook is correct, as the same key works fine when encrypting and sending from K9 to Gmail

    No OpenPGP message was found.

    Version: GnuPG v2


    Is there some incompatibility between GnuPG v2 and Mymail-crypt? If so is there a workaround?

    Thanks in advance.

    1. There were some changes to this awhile ago, but I missed replying to this. I’ve added some more flexibility in parsing messages. Let me know if you still see this issue.

  5. If i write a message webased, and gmail automatically saves it to their server how wpuld my message would be sage from google server eyes?

    Because they save the message before sending it…

    1. I can’t se that this extension protect you data because gmail auto save you data before you encrypt you data. This extension have only meaning if the extension block the auto save funktion or encrypt every keyin behinde a cleartxt indput box.

      Funny that the developer not have realize that. Is the extension designed by NSA as a trick?

  6. If you have multiple keys is there a way you can select which key to use for signing when composing an email message? I don’t see this feature. Is there a workaround or is it on the slate to be added as a feature?

    Thanks in advance,


  7. I’d love to collaborate with you to make this program even better. One of the things I’d like to do is make something like Mymail crypt, but with the NaCl encryption engine, rather than PGP. This would allow users to use a key derived from a password they input rather than a stored PGP key, with great improvement in usability. You can also change keys with each message so the previous ones can no longer be decrypted (forward secrecy).

    All of this is already implemented into SeeOnce (also a Chrome extension, which you can find in the Chrome store), but what’s missing is the integration with Gmail, which can come from the Mymail Crypt code.

    Please drop me an email. Thanks!

  8. Hello,

    I hear many things about Crypting e-mails.

    Google has its own solution Google End-to-End, there are, Mailvelope, mymail-crypt, OpenPGP, GnuPG…
    It seems that most of the solutions doesn’t exist on Android, and you have to use K9+APG, OpenKeychain…
    Both mailvelope and mymail-crypt, does not offer a solution for android…
    And Android solutions don’t offer a Gmail solution…
    What is the problem ? A global solution would be not safe, too centralized, too weak ?

    As lots of web articles/publication are not dated, it is difficult to know what is old or recent news.

    My question 1 is : why is there no global email encryption solution for Gamil and Android whereas/while encryption is a central issue nowadays ?
    My question 2 is : what is the most simple Android solution compatible with mymail-crypt ?

    Thank you Sir
    Please accept, Sir, the assurances of my highest considerations.

  9. It’s virtually unattainable to find skilled individuals On this specific subject matter, having said that, you seem like you determine what you’re discussing! Thanks

Leave a Reply

Your email address will not be published. Required fields are marked *