Chrome Extension for gpg in Gmail

Last month we released an alpha version of cr-gpg. This is a simple Chrome extension to enable gpg functionality in gmail (or Apps for Domains). (If you don’t know what gpg is, you should first read this and this.)

Installation :

You can grab the extension from [here] and a double click should install it , after the install is completed you should see the image above if you navigate to chrome://extensions :

Options :


Once you have installed the plugin, there are 2 required configuration options:
1) Directory with gpg binary
2) Temp folder path (writable by the browser)

(cr-gpg simply calls out to the gpg installation on your machine. Option [1] therefore is asking where it can find the gpg executable, and Option [2] is looking for a scratch directory to do its work). (We make some effort to ensure that the temp directory is well maintained). You should be able to click “Use Default” on most installations.

The “Encrypt to self” option is fairly self explanatory. If i encrypt (and send) an email to you, the encrypted email will be in my sent-items. I would be unable to read this mail though (since it has been encrypted with your public key, not mines). If you would like to be able to read the mails as well, then simply select this option (and enter your email address in the next field: “Encrypt to self Email Address”)

Now click “Save” to save these options. (cr-gpg will do some basic sanity checking on your options). You can return to these options through the extensions window or by clicking the lock icon added to your browser chrome

Convenience Functions :

The other convenience functions enabled through the lock icon allow you to do simple gpg key management, encrypt and sign blocks of text.

Embedded Functions :

When typing an email in GMail, we should now see an additional link: “Encrypt Message”
(If we have the recipients public key,) simply clicking this should encrypt the mail to the recipient as seen below.

When you receive an encrypted email, simply click on “Decrypt Message”.

Decrypting an email requires access to your private key (which is usually password protected.) Enter the password, Click “OK” and you should be good to go..

Give it a try [here], and let us know if you have bugs [here], comments, complaints or suggestions..

65 comments On Chrome Extension for gpg in Gmail

  • When I decrypt a message & reply, the encrypted version of the message is quoted in the reply.Is that expected behaviour, or is there any way to quote the decrypted version?

  • Okay. If it helps, the error message appears twice.

  • Hi Steve I will need to look into it a bit more and get back to you, the plugin is running the exact same command that you mentioned in the first post to verify a plugin.

  • Hi Jameel. Yes, it Encrypted immediately and without error.

  • Hi SteveWe only use the email when searching for keys. With regards to the verification stating that no public keys were found , It sounds like you may be getting a generic error message that was not intended for that section, this usually happens when then plugin is not communicating with the browser correctly. Can you verify that the plugin is able to encrypt emails for you ?

  • For everyone not seeing the Encrypt, Decrypt and Verify buttons in Gmail (like me at first), here's what's up.1) To encrypt, you need to click “Plain Text” at the end of the Rich Text editing buttons. Then the Encrypt link shows up at the left end of that row of links and icons.2) The decrypt and verify icons are at the upper top right of the message area when reading email. It doesn't make sense to have a decrpyt and verify button on the Compose screen.Now, onto my problem ๐Ÿ™‚ I am on Windows 7 64-bit. I sent an email to myself to test it out, and it is unable to verify, saying that no public keys were found for the recipient. But when I copy the entire email to Notepad and save it, I am able to verify at the command prompt withgpg –verify “name of file.txt”so it appears there's something going on with your plugin. Also, with the manual launcher in the top right corner (excellent for use with other sites, like social networking, btw) I am able to sign and encrypt text but cannot verify. I have to do the same trick to copy the text to Notepad, save it, and verify it from the command prompt. Being able to verify from either GUI implementation would be wonderful. Not working for me, yet. I'm wondering if your code is selecting my full name as well as email address when searching for keys and not just searching for the email address. Besides that, why is your plugin even searching for keys for the recipient in the first place when gpg is able to properly verify from the command line without specifying a key?

  • i know u are able to reply fast …. nd i m also in such need of fast reply with ur help … i m having my gpg4win installed at this location …. C:\Program Files\GNU\GnuPG\and temporary file which can be written by browser are C:\temp or C:\Users\Sitaram\AppData\Local\Google\Chrome\User Data\Tempi tried both of them , but still one thing of error is “options saved but parameters provided are invalid “… i m hopeless and helpless , hopefully needing ur help on urgent based ….

  • Sure… Win 7 x64 Running GPG4win… 1.1.4 I think.I've set up a key pair in the WinPT key manager that comes with it. My gpg binary is in: E:\Program Files\GNU\GnuPG\I didnt know what to use for a temp folder so I created one in: C:\Users*username*\AppData\Local\Google\Chrome\User Data\Default\GPG\ which I figured would be writable by the browser.I dont see an encrypt link on the compose new email page in gmail… I do get a decrypt icon when reading existing mail though… However when I click it and enter my password it always says I entered the wrong PW.If you'd like to troubleshoot this with me over email I'm at: pcsmith (at) hotmail dot com

  • Hi PC SmithThe plugin is still working , can you provide some info as to your current setup ?This might help spot a setup issue or incompatibility.Thanks

  • Does this still work? Just installed the extension and I dont see the encrypt / decrypt links when using gmail / google apps… ๐Ÿ™

  • Looks nice but I fear putting a pass phrase into a web browser window ๐Ÿ™ The WebGP extension let's gpg prompt for the phrase which is better, but it doesn't seem to integrate as well with gmail unless you press show original ๐Ÿ™

  • Hi. I do have multiple secret keys. How do I set a default? No custom settings that I'm aware of. On the encrypt issue, I don't even get the “encrypt” link in the page itself. I've only tried the “encrypt” option from the cr-gpg tab pane. And when I do it looks like the computer is thinking & then the window just disappears without producing any encrypted text or putting anything on the clipboard buffer.Thanks!

  • Hi @bkode Currently we can only import other users public keys. For you to import your private key you would need to use the base package provided by your OS. Finally we will probably be adding the feature to view existing keys in a future version.@jason For windows it best if you gpg4win , its been found that the other versions don't seem to work as well. Also you mentioned that you imported all your secret keys , do you have multiple ? If so you need to set the one you want to work with cr-gpg as the default. This is a feature that we want to add in the future as well (the ability to select which secret key to use). Finally when you say the encrypt message doesn't show up , do you have any custom settings such as a different language in use.

  • I can get it to install on both my mac (OS X Lion) or Windows 7 (32 bit) machines.* Basic functionality works fine on the Mac* The “Encrypt Message” link doesn't show up on either* On windows whenever I try to decrypt i get an invalid password error. I installed gpg to: “C:\Program Files\GNU\GnuPG\”, and imported my entire keyring including secret keys using the GPA front end.I'd really like this to work on my windows box. It's a great tool.

  • How do you import other people's public keys and your own private keys? Should we just paste the keys in the “import keys” tab? When I try to export the keys using $ gpg –export or$ gpg –export-secret-keysmy gpg doesn't attach the usernames/emails to them so I don't know how importing them would work if cr-gpg can't figure out who it corresponds to. Also, there should be a way to see which keys have been imported.

  • Hi GlennThanks for providing a solution for others as well. Hopefully this will help others when they need to get setup.

  • I found a workaround for OS X lion with GPGtools, Used the above mentioned path, and in the macgpg2 folder I copied and renamed gpg2 to just gpg, and everything works. Thank you very ,much for this excellent addon. Helps alot, Thanks againRegards Glenn

  • Hi. Iยดm using GPGtools for mac and all I find is “/usr/local/macgpg2/bin/gpg2” which the addon do not recognize. What am I doing wrong.RegardsGlenn

  • HiThe prefered method for windows is to grab the gpg application from (http://www.gpg4win.org/).They have a nice installer as well as various applications to get your started without the need to use the command line.Once you have installed gpg4win the default path should work for you unless you install to a different location. In that case use the example provided as a means to find the gpg binary.I hope this helps otherwise drop me a mail @ jameel at thinkst.com and I can try to help you out more.

  • I'm using WindowsXP Home. After I install the extension and try to configure the options using Default, I get an error “options saved but parameters provided invalic”. It appears the path to the gpg binary is not correct – but I have no idea where it is. I'm not even certain it was installed. I've searched my hard drive for the directory and cannot find anything with “gpg” in the file name.Suggestions?

  • Hi PanYou can use the command which gpg from the console to get the full path to the application (if its installed). Alternatively its general location should be @ '/opt/local/bin/gpg' which is the default location cr-gpg uses.

  • Hi Pan.You need to install it from a package manager like mac ports or download and install from: http://macgpg.sourceforge.net/

  • Where are the gpg app on mac os?

  • For me the default path on ubuntu was incorrect. You can attempt to find it by typing “locate gpg | grep bin” in the console. For me it turned out to be /usr/bin/

  • Thank you for the quick reply, Jameel.There is no 'Options saved' box, but when I view Options next time, the path is correct.

  • Hi DmitriFrom what you mentioned it sounds as if you might have a invalid path to your binary.Can you please verify that when you save your options you get the options saved alert box. Also if possible can you verify your options by either posting them here or sending me a mail @ jameel at thinkst.com.

  • Hello,Not yet sure if this is a bug or I am missing something obvious… Installed cr-gpg 0.7.8. It runs under Chromium 18.0.996.0 on Ubuntu 10.04 (32bit, i686).I compose a message to my second address (and I have the key for that address), press Encrypt message, but nothing happens. When I click Sign message, I see the passphrase prompt, but OK button does nothing.

  • Hi Anon This is the directory on your system where the gpg binary is located. If you are not sure where its located , click the 'Use default' link next to the text box. This will use the default for your system.

  • Still trying to figure out where the “Directory with gpg binary” is. Is this the chrome Extensions directory?

  • Hi AnonymousI have tested this on WinXp SP3 using the latest version of chrome (Stable) with 0.7.5 of the plugin and the plugin works fine.If you are still having issues drop me a mail at jameel [at] thinkst.com and I will see if I can help you out further.

  • Hi Anonymous I am busy looking into this atm and will let you know as soon as I have a solution

  • I also get the “CRX_FILE_NOT_READABLE” error while following Jameel's workaround…using XP SP3 with Chrome…any HELP available?

  • CRX_FILE_NOT_READABLE ? on which OS ?

  • I tried following the instructions from Jameel, but I still get the same error message.

  • thanks a lot, excellent work…!

  • HiTo fix the Package is invalid: CRX_FILE_NOT_READABLE error please follow the instructions @ (https://github.com/RC1140/cr-gpg/wiki/CRX_FILE_NOT_READABLE ) until Google fixes the issue.

  • Installing this (or attempting) just gives “Package is invalid: CRX_FILE_NOT_READABLE”

  • Hi Anon.Sadly GOOG didnt give us a heads-up before changing the Theme, so we are playing catch-up. Won't work on the new theme yet (although you can use the icon to use it manually till then)We are on it..

  • Should it work with new gmail theme?

  • Hi @malat.The last Chrome update that people got seemed to have a regression with plugins resulting in that error. (It should work fine on win64 now) and if you are still getting that error (with ours or other extensions), try downloading the file to a different directory (other than downloads) and adding it from there..

  • i will try it Sean, god bless you if works fine ๐Ÿ˜€

  • I'm working on a very similar extension except rather than use the gpg binary I'm working on making a JS library to handle that. Details are at: http://prometheusx.net/introducing-gmail-crypt/ Perhaps there would be some interest in working together?

  • please fix it for win64 machines, it's a must have extension!

  • @Malat..We will do a quick check to see whats up (i suspect we've never run it on Win64).@DaveDone!

  • Great! I've been looking for something like this for a while. Tell Haroon to give you a promotion!

  • Hi Troels.You are very welcome (in truth we use it a lot too) ;>The src is available at: https://github.com/RC1140/cr-gpg/ (but this doesn't help too much if you are a non programmer)What might help is knowing that we intentionally kept the tool really really simple (to minimize our chances of doing stuff wrong). We pass the heavy lifting to gpg (which regularly undergoes scrutiny by many).Let us know how it goes for you ;>

  • Thanks for a great tool – have been looking for this!Is it open source? Any way to verify security and privacy in this extension for us non-programmers?

  • Thats a great idea Dave. We will kick it through. Please let us know if you have thoughts / ideas / bugs..

  • Thanks! I've been looking for something like this. Are you going to publish it on the Chrome Web Store?

Leave a Reply

Site Footer

Authored with ๐Ÿ’š by Thinkst