Wednesday, November 05, 2003

Right-click GPG Encryption

This procedure will add a menu-item to let you right-click on a file and encrypt it (or decrypt it) when in Windows Explorer.

Originally posted by Peter Hegt on the gnugp-user mailing list (GPG Windows tip), but I've modified the instructions to work with the current version of GnuPG.

Encryption:

1. Create the following registry key, the text "GPG Encrypt for email address" can be anything that you want to show up on the right-click menu. Since this command will encrypt the file so that it can only be read by the designated user, you'll need a different menu item for every user-key that you're going to encrypt to. (For ad-hoc encryption, you're better off using the command line, this tip is mainly to make it easier to do lots of file encryption for people you communicate with often, or to encrypt files for yourself.)

HKEY_CLASSES_ROOT\*\shell\GPG Encrypt for email address\command

2. The "(default)" value of the registry key value should be as follows (change the path to point to the proper gpg.exe file on your system, make sure you put double-quotes around the %1 to allow for spaces in the filename). The "(default)" value should already exist when you create the "command" key and will be type REG_SZ. Replace "IDorEMail" with the UserID or e-mail address of the key that you want to encrypt with.

(Default) = c:\App\gnupg\gpg.exe -r IDorEMail --encrypt -o "%1.gpg" "%1"

The end result is a GPG encrypted file with the extension of .gpg tacked on.

Decryption:

1. Create the following key:

HKEY_CLASSES_ROOT\.gpg\shell\GPG Decrypt\command

2. Change the "(default)" value of the registry key to the following:

(default) = C:\App\gnupg\gpg.exe "%1"

This will associate with any files with a .gpg extension, decrypt them (prompting you for your GPG pass-phrase), with the resulting file having the .gpg extension stripped off.

If you need help setting up GPG, see my earlier blog entry.

posted by Wuphon's at 6:51 PM