Chrome Extension for gpg in Gmail

Last month we released an alpha version of cr-gpg. This is a simple Chrome extension to enable gpg functionality in gmail (or Apps for Domains). (If you don't know what gpg is, you should first read this and this.)

Installation :

You can grab the extension from [here] and a double click should install it , after the install is completed you should see the image above if you navigate to chrome://extensions :

Options :

Once you have installed the plugin, there are 2 required configuration options:
1) Directory with gpg binary
2) Temp folder path (writable by the browser)

(cr-gpg simply calls out to the gpg installation on your machine. Option [1] therefore is asking where it can find the gpg executable, and Option [2] is looking for a scratch directory to do its work). (We make some effort to ensure that the temp directory is well maintained). You should be able to click "Use Default" on most installations.

The "Encrypt to self" option is fairly self explanatory. If i encrypt (and send) an email to you, the encrypted email will be in my sent-items. I would be unable to read this mail though (since it has been encrypted with your public key, not mines). If you would like to be able to read the mails as well, then simply select this option (and enter your email address in the next field: "Encrypt to self Email Address")

Now click "Save" to save these options. (cr-gpg will do some basic sanity checking on your options). You can return to these options through the extensions window or by clicking the lock icon added to your browser chrome

Convenience Functions :

The other convenience functions enabled through the lock icon allow you to do simple gpg key management, encrypt and sign blocks of text.

Embedded Functions :

When typing an email in GMail, we should now see an additional link: "Encrypt Message"
(If we have the recipients public key,) simply clicking this should encrypt the mail to the recipient as seen below.

When you receive an encrypted email, simply click on "Decrypt Message".

Decrypting an email requires access to your private key (which is usually password protected.) Enter the password, Click "OK" and you should be good to go..

Give it a try [here], and let us know if you have bugs [here], comments, complaints or suggestions..


  1. Thanks! I've been looking for something like this. Are you going to publish it on the Chrome Web Store?

  2. Thats a great idea Dave. We will kick it through. Please let us know if you have thoughts / ideas / bugs..

  3. Thanks for a great tool - have been looking for this!

    Is it open source? Any way to verify security and privacy in this extension for us non-programmers?

  4. Hi Troels.
    You are very welcome (in truth we use it a lot too) ;>
    The src is available at: (but this doesn't help too much if you are a non programmer)

    What might help is knowing that we intentionally kept the tool really really simple (to minimize our chances of doing stuff wrong). We pass the heavy lifting to gpg (which regularly undergoes scrutiny by many).

    Let us know how it goes for you ;>

  5. I could not install the extension, see screenshot here:

  6. Great! I've been looking for something like this for a while. Tell Haroon to give you a promotion!

  7. @Malat..

    We will do a quick check to see whats up (i suspect we've never run it on Win64).



  8. please fix it for win64 machines, it's a must have extension!

  9. I'm working on a very similar extension except rather than use the gpg binary I'm working on making a JS library to handle that. Details are at: Perhaps there would be some interest in working together?

  10. i will try it Sean, god bless you if works fine :-D

  11. Hi @malat.

    The last Chrome update that people got seemed to have a regression with plugins resulting in that error. (It should work fine on win64 now) and if you are still getting that error (with ours or other extensions), try downloading the file to a different directory (other than downloads) and adding it from there..

  12. Should it work with new gmail theme?

  13. Hi Anon.

    Sadly GOOG didnt give us a heads-up before changing the Theme, so we are playing catch-up. Won't work on the new theme yet (although you can use the icon to use it manually till then)

    We are on it..

  14. Installing this (or attempting) just gives "Package is invalid: CRX_FILE_NOT_READABLE"

  15. Hi

    To fix the Package is invalid: CRX_FILE_NOT_READABLE error please follow the instructions @ ( ) until Google fixes the issue.

  16. thanks a lot, excellent work...!

  17. I tried following the instructions from Jameel, but I still get the same error message.

    on which OS ?

  19. I also get the "CRX_FILE_NOT_READABLE" error while following Jameel's workaround...using XP SP3 with Chrome...any HELP available?

  20. Hi Anonymous

    I am busy looking into this atm and will let you know as soon as I have a solution

  21. Hi Anonymous

    I have tested this on WinXp SP3 using the latest version of chrome (Stable) with 0.7.5 of the plugin and the plugin works fine.

    If you are still having issues drop me a mail at jameel [at] and I will see if I can help you out further.

  22. Still trying to figure out where the "Directory with gpg binary" is. Is this the chrome Extensions directory?

  23. Hi Anon
    This is the directory on your system where the gpg binary is located. If you are not sure where its located , click the 'Use default' link next to the text box.

    This will use the default for your system.

  24. Hello,

    Not yet sure if this is a bug or I am missing something obvious... Installed cr-gpg 0.7.8. It runs under Chromium 18.0.996.0 on Ubuntu 10.04 (32bit, i686).

    I compose a message to my second address (and I have the key for that address), press Encrypt message, but nothing happens. When I click Sign message, I see the passphrase prompt, but OK button does nothing.

  25. Hi Dmitri

    From what you mentioned it sounds as if you might have a invalid path to your binary.

    Can you please verify that when you save your options you get the options saved alert box.

    Also if possible can you verify your options by either posting them here or sending me a mail @ jameel at

  26. Thank you for the quick reply, Jameel.

    There is no 'Options saved' box, but when I view Options next time, the path is correct.

  27. For me the default path on ubuntu was incorrect. You can attempt to find it by typing "locate gpg | grep bin" in the console. For me it turned out to be /usr/bin/

  28. Where are the gpg app on mac os?

  29. Hi Pan.

    You need to install it from a package manager like mac ports or download and install from:

  30. Hi Pan

    You can use the command `which gpg` from the console to get the full path to the application (if its installed).

    Alternatively its general location should be @ '/opt/local/bin/gpg' which is the default location cr-gpg uses.

    1. I'm using WindowsXP Home. After I install the extension and try to configure the options using Default, I get an error "options saved but parameters provided invalic". It appears the path to the gpg binary is not correct - but I have no idea where it is. I'm not even certain it was installed. I've searched my hard drive for the directory and cannot find anything with "gpg" in the file name.


    2. Hi

      The prefered method for windows is to grab the gpg application from (
      They have a nice installer as well as various applications to get your started without the need to use the command line.

      Once you have installed gpg4win the default path should work for you unless you install to a different location. In that case use the example provided as a means to find the gpg binary.

      I hope this helps otherwise drop me a mail @ jameel at and I can try to help you out more.

  31. Hi. I´m using GPGtools for mac and all I find is "/usr/local/macgpg2/bin/gpg2" which the addon do not recognize. What am I doing wrong.


  32. I found a workaround for OS X lion with GPGtools, Used the above mentioned path, and in the macgpg2 folder I copied and renamed gpg2 to just gpg, and everything works. Thank you very ,much for this excellent addon. Helps alot, Thanks again

    Regards Glenn

  33. Hi Glenn

    Thanks for providing a solution for others as well. Hopefully this will help others when they need to get setup.

  34. How do you import other people's public keys and your own private keys? Should we just paste the keys in the "import keys" tab? When I try to export the keys using
    $ gpg --export or
    $ gpg --export-secret-keys
    my gpg doesn't attach the usernames/emails to them so I don't know how importing them would work if cr-gpg can't figure out who it corresponds to. Also, there should be a way to see which keys have been imported.

  35. I can get it to install on both my mac (OS X Lion) or Windows 7 (32 bit) machines.

    * Basic functionality works fine on the Mac
    * The "Encrypt Message" link doesn't show up on either
    * On windows whenever I try to decrypt i get an invalid password error. I installed gpg to: "C:\Program Files\GNU\GnuPG\", and imported my entire keyring including secret keys using the GPA front end.

    I'd really like this to work on my windows box. It's a great tool.

  36. Hi
    @bkode Currently we can only import other users public keys. For you to import your private key you would need to use the base package provided by your OS. Finally we will probably be adding the feature to view existing keys in a future version.

    @jason For windows it best if you gpg4win , its been found that the other versions don't seem to work as well. Also you mentioned that you imported all your secret keys , do you have multiple ? If so you need to set the one you want to work with cr-gpg as the default. This is a feature that we want to add in the future as well (the ability to select which secret key to use). Finally when you say the encrypt message doesn't show up , do you have any custom settings such as a different language in use.

  37. Hi.

    I do have multiple secret keys. How do I set a default?

    No custom settings that I'm aware of. On the encrypt issue, I don't even get the "encrypt" link in the page itself. I've only tried the "encrypt" option from the cr-gpg tab pane. And when I do it looks like the computer is thinking & then the window just disappears without producing any encrypted text or putting anything on the clipboard buffer.


  38. Looks nice but I fear putting a pass phrase into a web browser window :-( The WebGP extension let's gpg prompt for the phrase which is better, but it doesn't seem to integrate as well with gmail unless you press show original :-(

  39. Does this still work? Just installed the extension and I dont see the encrypt / decrypt links when using gmail / google apps... :-(

  40. Hi PC Smith

    The plugin is still working , can you provide some info as to your current setup ?
    This might help spot a setup issue or incompatibility.


  41. Sure... Win 7 x64 Running GPG4win... 1.1.4 I think.

    I've set up a key pair in the WinPT key manager that comes with it. My gpg binary is in: E:\Program Files\GNU\GnuPG\

    I didnt know what to use for a temp folder so I created one in: C:\Users\*username*\AppData\Local\Google\Chrome\User Data\Default\GPG\ which I figured would be writable by the browser.

    I dont see an encrypt link on the compose new email page in gmail... I do get a decrypt icon when reading existing mail though... However when I click it and enter my password it always says I entered the wrong PW.

    If you'd like to troubleshoot this with me over email I'm at: pcsmith (at) hotmail dot com

  42. i know u are able to reply fast .... nd i m also in such need of fast reply with ur help ...

    i m having my gpg4win installed at this location .... C:\Program Files\GNU\GnuPG\
    and temporary file which can be written by browser are C:\temp or C:\Users\Sitaram\AppData\Local\Google\Chrome\User Data\Temp

    i tried both of them , but still one thing of error is "options saved but parameters provided are invalid "...

    i m hopeless and helpless , hopefully needing ur help on urgent based ....

  43. For everyone not seeing the Encrypt, Decrypt and Verify buttons in Gmail (like me at first), here's what's up.

    1) To encrypt, you need to click "Plain Text" at the end of the Rich Text editing buttons. Then the Encrypt link shows up at the left end of that row of links and icons.

    2) The decrypt and verify icons are at the upper top right of the message area when reading email. It doesn't make sense to have a decrpyt and verify button on the Compose screen.

    Now, onto my problem :) I am on Windows 7 64-bit. I sent an email to myself to test it out, and it is unable to verify, saying that no public keys were found for the recipient. But when I copy the entire email to Notepad and save it, I am able to verify at the command prompt with

    gpg --verify "name of file.txt"

    so it appears there's something going on with your plugin. Also, with the manual launcher in the top right corner (excellent for use with other sites, like social networking, btw) I am able to sign and encrypt text but cannot verify. I have to do the same trick to copy the text to Notepad, save it, and verify it from the command prompt. Being able to verify from either GUI implementation would be wonderful. Not working for me, yet. I'm wondering if your code is selecting my full name as well as email address when searching for keys and not just searching for the email address. Besides that, why is your plugin even searching for keys for the recipient in the first place when gpg is able to properly verify from the command line without specifying a key?

  44. Hi Steve

    We only use the email when searching for keys. With regards to the verification stating that no public keys were found , It sounds like you may be getting a generic error message that was not intended for that section, this usually happens when then plugin is not communicating with the browser correctly. Can you verify that the plugin is able to encrypt emails for you ?

  45. Hi Jameel. Yes, it Encrypted immediately and without error.

  46. Hi Steve
    I will need to look into it a bit more and get back to you, the plugin is running the exact same command that you mentioned in the first post to verify a plugin.

  47. Okay. If it helps, the error message appears twice.

  48. When I decrypt a message & reply, the encrypted version of the message is quoted in the reply.

    Is that expected behaviour, or is there any way to quote the decrypted version?

  49. Hi Anon

    That is expected , we don't make the decrypted text available anywhere except temporarily when you click the decrypt button. Unfortunately the only way I can think of you quoting text in a reply is with a manual copy and paste. If you think this is a feature others will need then please log an issue over at .This will allow us to track the progress and let you know when the feature is released.

  50. hello first off great extension nice to see more ways to encrypt email

    my question is is there any chance that this can be made portable ie to run off a USB stick

    thanks in advance


  51. so....this is what i did
    downloaded as well as the plugin set it the plugin to my install dir,
    and no go? what am i missing?

  52. Hi, thanks so much for your work on this much needed package. :-)

    I installed it yesterday and had it working fine, but today I can no longer see the decrypt button (I can still see the encrypt one, and I can still decrypt manually by cutting and pasting into the tool box). Any suggestions?

    I'm using Windows XP, Chrome 19.0.1084.52 and Cr-gpg (Version : 0.7.8)

    Thanks, Holly

  53. Awesome extension, big up the crew!

  54. This is really great. I have two questions though:

    1.) Being a Google Apps user, I'd like to switch to German language with the general user interface. If I do so, the buttons for Decrypt message and Encrypt message do not show up. When I switch to "English (US)" everything is fine. Any chance to show the buttons also in different languages? ;-) If this is just the German translation missing, I'm happy to help with that.

    2.) When decrypting a message, inbound base64 attachments (from multipart messages) are not shown as attachments any more, but just with pure base64 code. Do you see a chance that this can be shown as a regular attachment in the future?

  55. Thank you for developing such an important extension. However, during installation I am asked to grant access to "All data on your computer and the websites that you visit". This does not sound like the kind of thing that I want to do when I am aiming to increase my security situation thru the use of GNU Privacy Guard. I wonder if you might consider completely removing this requirement from the installation. I am unable to use the extension in its current form.

  56. Hi! I'm trying cr-gpg (0.7.8) on Windows XP (SP3) 32-bit, Google Chrome 21.0.1180.79, Gpg4win 2.1.0.
    cr-gpg installs, but if I try setting the "Directory with gpg binary" and "Temp folder path" options by clicking "Use Default", the paths entered are:


    which are obviously incorrect (on a win32 system). If I click Save, I get an error message (as expected): "options saved but parameters provided are invalid."

    No matter the incantation used in the path fields, I always see this error message when clicking Save. Here are the paths I've tried:

    C:\Program Files\GNU\GnuPG
    C:\Documents and Settings\username\Local Settings\Application Data\Google\Chrome\User Data\Temp

    C:\Program Files\GNU\GnuPG\pub
    C:\Documents and Settings\username\Local Settings\Application Data\Google\Chrome\User Data\Temp

    C/Program Files/GNU/GnuPG
    C/Documents and Settings/username/Local Settings/Application Data/Google/Chrome/User Data/Temp

    C/Program Files/GNU/GnuPG/pub
    C/Documents and Settings/username/Local Settings/Application Data/Google/Chrome/User Data/Temp

    /Program Files/GNU/GnuPG
    /Documents and Settings/username/Local Settings/Application Data/Google/Chrome/User Data/Temp

    /Program Files/GNU/GnuPG/pub
    /Documents and Settings/username/Local Settings/Application Data/Google/Chrome/User Data/Temp

    What am I missing?

  57. Hello... I also cannot configure
    Directory with gpg binary
    Temp folder path (writable by the browser)

    I am using chrome on a MAC with gpgtools

  58. @ Anonymous (August 1, 2012)
    The language specific changes have been made to the repo ( and will be rolled
    into the next version. I am not 100% sure what you are referring to with the attachments , if you could drop
    me and email with a bit more details.

    @John Brown
    This requirement you are referring to is because we use npapi which google does not have control over as such
    they mark the plugin as having full access. If you have a look at the manifest.json ( which describes the plugin you will see that we currently only
    require access to and the ability to pop open the options tab when you have not updated your settings.

    @Nom De Guerre
    The first iteration of your options should work but your temp settings may be a little to long and be causing something
    to go wrong internally. Try creating a temp directory like c:\temp and making sure your user has access to the folder.
    As mentioned to other users , drop me a mail directly and I can help to see what you are doing differently from the other

    @ Anonymous (August 28, 2012)
    You can use the command `which gpg` from the console to get the full path to the application.
    Alternatively its general location should be @ '/opt/local/bin/gpg' which is the default location cr-gpg uses.
    As mentioned to the previous users , drop me a mail so that I can get more details to figure out what might be

    This post has gotten quite long , but if you require support drop me a mail @ jameel at
    and I will try my best to help you out

  59. Jameel,
    Thank you for the explanation regarding manifest.json. The msg "All data on your computer and the websites that you visit" is unfortunate.

    I have another question. When I am composing a gmail using the web interface, I strongly suspect that the web form is auto-saving at frequent intervals. If this is so, then my partially composed message is being transmitted to google's servers multiple times "in the clear" until the cr-gpg "Encrypt message" is clicked. Does cr-gpg disable such auto-saving? What am I missing? thanks...

  60. Too bad General Petraeus and Broadwell didn't know about this.

  61. Hi it looks like the new compose window breaks the plugin again. Its possible to bring the buttons back by -> choosing the small down arrow icon in the bottom right -> then selecting 'temporarily switch back to old compose'. Dont know how long gmail will keep that function though.

  62. HI the auto save thing mentioned by JohnBrown above seems to kill the use of this plugin? Is there any way to disable that feature?

  63. Is this completely abandonded by now? I just found this, and I like the approach to use gpg (the program) directly instead trusting private keys into some javascript! But this doesn't even install anymore as it's NPAPI

  64. To come out from all these issues Gmail customer service or Gmail customer care team is needed.
    All the issues related to your Gmail can be easily solved by contacting .you can find customer service team is very helpful regarding all your problems related to your Gmail helpline number

  65. Stop being scammed by fake hackers. Hire a Ethical Hacking group who are professional and real. You might be curious that what hacking group services can provide? .. If you hire a hacker, you always have worried of losing your money. We won't keep a cent if can't do our job. 100% refund if job is not completed. Hacking Services that you will find here at: are custom to fit your hacking needs... A professional and experienced hacker providing hacking services for a variety of client needs. Specialize in many different Hacking Services some of my most popular hacking services are, Hack INTO ANY BANK WEBSITE Hack into any COMPANY WEBSITE HACK INTO ANY GOVERNMENT AGENCY WEBSITE HACK INTO SECURITY AGENCY WEBSITE AND ERASE CRIMINAL RECORDS Hack into CRAIGSLIST AND REMOVE FLAGGING HACK INTO ANY DATABASE SYSTEM HACK PAYPAL ACCOUNT HACK WORD-PRESS Blogs SERVER CRASHED hack HACK INTO ANY SCHOOL DATABASE AND CHANGE UNIVERSITY GRADES, no matter how secured HACK INTO CREDIT BUREAU DATABASE AND INCREASE YOUR CREDIT SCORE HACK ANY EMAIL OR SOCIAL NETWORK AND KNOW IF YOUR PARTNER IS CHEATING ON YOU HACK INTO YOUR PARTNER'S PHONE PICS, TEXT MESSAGE AND LISTEN TO CALLS TO KNOW IF HE IS CHEATING UNTRACEABLE INTERNET PROTOCOL HAVE YOU OR YOUR CHILD BEEN BULLIED ONLINE BEFORE AND WANT TO GET BACK AT THE PERSON, WE CAN HELP YOU TRACE THE ACTUAL LOCATION OF THE PERSON AND DO WHATEVER YOU REQUEST TO THE PERSONS COMPUTER IS ANYONE BLACKMAILING YOU ONLINE AND YOU WANT US TO GET INTO THEIR COMPUTER AND DESTROY DATA AND EVIDENCES AGAINST YOU? If you need a hacking service that is not listed, feel free to contact me at: or text only - +1(630) 755-8868. Contact me today about any of my hacking services

  66. Cyberprofessionalhacker is the real hacker out there, please be careful of imposters. they are so many hackers who claim to be what they are not.
    i have been ripped off twice by this so called hackers. please be careful
    if you need an hacker mail (, they work effectively, i can testify to that. mail them today and you will get your work done