Cryptlet :: A little bit 'o' privacy for Gmail in a bookmarklet.
What it does
The SJCL defaults are left alone. This means Cryptlet generates a 128 bit symmetric AES key using randomized salts and initialization vectors, and encrypts in CCM mode.
- Safari : Paste the bookmarklet into the URL bar after navigating to Gmail. Alternatively, add it as a bookmark and hit it after navigating to Gmail.
- Chrome : Add the bookmarklet as a bookmark and hit it after navigating to Gmail. Chrome doesn't support pasting a bookmarklet this long.
- Firefox: Not supported. Yet.
To encrypt: Compose a message, and click the "Encrypt" button before sending your mail. Enter in a good password. Don't forget it, because the body will disappear. Yes, Gmail's auto-save renders this insecure. Cryptlet doesn't recognize the composition area for replies right now, so you'll have to compose a fresh email.
To decrypt: You'll notice that emails now have a "Decrypt" link at the end of their text. If you received an encrypted email, click "Decrypt" and enter the password it was encrypted with. If you enter the right password, you will see the original message. The decrypted message will not persist if you navigate away from the page.
Is this a good way to secure my email?
Absolutely not. Do NOT use this to secure your email. You should use PGP and a non-webmail client for actual security. Ideally, cryptlet is 'kinda neat'. Nothing more.
Building / Requirements
0.0.2 : Loads before any events fire. 0.0.1 : First version