I have (finally) pushed a new version of Mymail-crypt for Gmail to the Chrome store (and github).
The extension visually appears and functions very similar to what you’re used, however, it’s got a hugely updated encryption engine underneath.
We’ve been refactoring and improving the Openpgp.js project significantly over the past year. In this version of Mymail-Crypt, I’m incorporating these changes for a better experience.
- Support for more OpenPGP clients keys — great news if you’ve had trouble with other peoples keys in the past.
- Better signature verification. There is now a “Verify Signature” button for messages that are signed but not encrypted. If a message is both encrypted and signed, Mymail-Crypt will attempt to verify the signature when you use the “Decrypt” button.
Really, there are a ton of improvements in the encryption library, but most of them are transparent. Now that this has been shipped, there are a number of other visual items and cleanup I’m hoping to turn my attention to.
Let me know if you have trouble migrating, or using the new extension!
24 thoughts on “Mymail-Crypt Version 26”
seem to be great but
Still no hope to have it in an Extension for Firefox ?
Not in the immediate future, sorry. I’m glad you voice your support though, that helps me prioritize features.
Glad to hear it. So, as sung by Depeche Mode, it’s just a question of time. 😉 thanx
how is open (www.hacker.co.in)
When I try to use the extension in chrome, it does not respond to the encrypt and sign button
Have you set up your private key and a public key of someone to send it to? Are you seeing any errors? If you haven’t set up your keys yet, https://www.youtube.com/watch?v=aAXIqnjbc-M should help.
Yep – I set up a private key and public key
Apologies, there was a caching issue in the public version for awhile that should now be resolved. Are you still seeing this?
I installed the extension, but when I tell it to verify a signature, it says “No signed, cleartext OpenPGP message was found. Was this message also encrypted?”
Message source from Gmail below (with email addresses redacted).
Content-Type: multipart/signed; boundary=”Apple-Mail=_3275CE22-F50A-4AD1-BF99-A556C46E343E”; protocol=”application/pgp-signature”; micalg=pgp-sha512
Subject: Signed with OpenPGP
Date: Sat, 9 Aug 2014 15:42:13 -0700
Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\))
X-Mailer: Apple Mail (2.1878.6)
You should see this as signed and be able to read it. Let me know..
Content-Description: Message signed with OpenPGP using GPGMail
—–BEGIN PGP SIGNATURE—–
Comment: GPGTools – https://gpgtools.org
—–END PGP SIGNATURE—–
It looks like this message is missing the following line before the text:
—–BEGIN PGP SIGNED MESSAGE—–
That line is required by the protocol to know what text is signed. Did the other person send the entire message?
Thanks. Looks like the code assumes an RFC2440 message and can’t cope with RFC3156 (which superseded RFC2015). Right?
If so, that’s a shame, because it looks like Apple Mail generates ‘3156 format.
Sorry I missed answering this.
MIME is RFC 3156. It’s a pretty different approach from OpenPGP/PGP/GPG.
OpenPGP is RFC 4880 (supersedes 2440).
1) Thank you for your fantastic Gmail extension
2) I need your help please!
I’m using the following for email encryption:
Web based: Gmail with Mymail-crypt
Outlook: Gpg4win/GnuPG Outlook plugin
I can encrypt, send and decrypt from any of the above to any other of the above, with one exception as follows:
Encrypt in Outlook using GnUPG—> message encrypts with no errors–>send to Android and Gmail. Android decrypts no problem, Gmail fails with the message below. I know the Gmail public key used to encrypt the message in Outlook is correct, as the same key works fine when encrypting and sending from K9 to Gmail
No OpenPGP message was found.
—–BEGIN PGP MESSAGE—–
Version: GnuPG v2
—–END PGP MESSAGE—–
Is there some incompatibility between GnuPG v2 and Mymail-crypt? If so is there a workaround?
Thanks in advance.
There were some changes to this awhile ago, but I missed replying to this. I’ve added some more flexibility in parsing messages. Let me know if you still see this issue.
If i write a message webased, and gmail automatically saves it to their server how wpuld my message would be sage from google server eyes?
Because they save the message before sending it…
I can’t se that this extension protect you data because gmail auto save you data before you encrypt you data. This extension have only meaning if the extension block the auto save funktion or encrypt every keyin behinde a cleartxt indput box.
Funny that the developer not have realize that. Is the extension designed by NSA as a trick?
If you have multiple keys is there a way you can select which key to use for signing when composing an email message? I don’t see this feature. Is there a workaround or is it on the slate to be added as a feature?
Thanks in advance,
I created https://github.com/seancolyer/gmail-crypt/issues/73 to address this issue.
FYI currently it will find a private key that matches the selected email, so if you have multiple email addresses you can send from and keys corresponding to each it should work.
Just curious, what is your usecase for multiple keys per email address?
I’d love to collaborate with you to make this program even better. One of the things I’d like to do is make something like Mymail crypt, but with the NaCl encryption engine, rather than PGP. This would allow users to use a key derived from a password they input rather than a stored PGP key, with great improvement in usability. You can also change keys with each message so the previous ones can no longer be decrypted (forward secrecy).
All of this is already implemented into SeeOnce (also a Chrome extension, which you can find in the Chrome store), but what’s missing is the integration with Gmail, which can come from the Mymail Crypt code.
Please drop me an email. Thanks!
I’ve installed it on a couple of PCs but i can’t seem to find the keys i generated.. anything wrong with it?
Can you direct me to a way of recovering my password? I have the PGP public key as well as the GPG private key.
I hear many things about Crypting e-mails.
Google has its own solution Google End-to-End, there are, Mailvelope, mymail-crypt, OpenPGP, GnuPG…
It seems that most of the solutions doesn’t exist on Android, and you have to use K9+APG, OpenKeychain…
Both mailvelope and mymail-crypt, does not offer a solution for android…
And Android solutions don’t offer a Gmail solution…
What is the problem ? A global solution would be not safe, too centralized, too weak ?
As lots of web articles/publication are not dated, it is difficult to know what is old or recent news.
My question 1 is : why is there no global email encryption solution for Gamil and Android whereas/while encryption is a central issue nowadays ?
My question 2 is : what is the most simple Android solution compatible with mymail-crypt ?
Thank you Sir
Please accept, Sir, the assurances of my highest considerations.
Any love for inbox? 🙂
It’s virtually unattainable to find skilled individuals On this specific subject matter, having said that, you seem like you determine what you’re discussing! Thanks