Is PGP Tool safe to use?

Yes. PGP Tool runs 100% in your browser — no data is ever sent to a server. All encryption and decryption happens client-side using openpgp.js. The code is open source under MIT license.

Can I use PGP Tool offline?

Yes. PGP Tool is a Progressive Web App (PWA) that works fully offline once installed. Enable air-gap mode to disable all network requests for maximum security.

What encryption algorithms does PGP Tool support?

PGP Tool supports RSA (2048–4096 bit) and ECC (Curve25519, P-384) for PGP key generation, AES-256-GCM for symmetric encryption and secure paste, and PBKDF2 with SHA-256 for key derivation.

How does the password generator work?

The password generator uses the browser's crypto.getRandomValues() API for cryptographically secure randomness. It supports random character passwords (6–128 chars) and EFF-wordlist passphrases (3–10 words). No passwords are stored or transmitted.

How does Secure Paste work without a server?

Secure Paste encodes the paste content directly into the URL fragment (after the # symbol). Optionally, content is encrypted with AES-256-GCM before encoding. The URL IS the paste — no server or database is involved.

Does this prove the document is mine?

It proves the document existed in this exact form at the timestamp you signed, and that the holder of the private key (presumably you) signed off on it. It does not prove authorship without an independent identity claim.

Why hash instead of sign the document directly?

Privacy and size. The hash is small and reveals nothing about the contents. You can publish the certificate without disclosing the document — only the holder of the original can later prove the match.

How tamper-evident is the timestamp?

The timestamp inside the signature is what you claimed. For independent timestamps, post the certificate to a public Bitcoin transaction, OpenTimestamps, or a notary service that publishes a verifiable log.

What hash function does Notary use?

SHA-256. The certificate also embeds the file size and a short filename hint to make later verification more user-friendly.

Can I notarize a folder or multiple files?

Hash and notarize each file individually, then sign a manifest listing all the per-file hashes. The Utilities tool can produce SHA-256 sums in bulk.

Notarize documents with SHA-256 and PGP

Create a tamper-evident notarization: SHA-256 hash of the document, an ISO-8601 timestamp, and your PGP signature over both. Proves a document existed in a specific form at a specific time.

Notary produces a compact certificate that anyone with your public key can verify: the cryptographic hash of the original file, a timestamp, and your PGP signature binding them together. The original document is not stored or transmitted — only the certificate.

Use cases include intellectual-property timestamping (writing, code, designs), evidence preservation (showing a screenshot existed unaltered before a given date), and contract execution (signing a hash of an agreed-on PDF without sharing the PDF itself).

The certificate is a small text block. Verify it later by hashing the original file again and confirming the hash, timestamp, and signature match. For court-grade timestamping, pair this with an external timestamping service or post the certificate to a public log.

Frequently asked questions

Does this prove the document is mine?: It proves the document existed in this exact form at the timestamp you signed, and that the holder of the private key (presumably you) signed off on it. It does not prove authorship without an independent identity claim.
Why hash instead of sign the document directly?: Privacy and size. The hash is small and reveals nothing about the contents. You can publish the certificate without disclosing the document — only the holder of the original can later prove the match.
How tamper-evident is the timestamp?: The timestamp inside the signature is what you claimed. For independent timestamps, post the certificate to a public Bitcoin transaction, OpenTimestamps, or a notary service that publishes a verifiable log.
What hash function does Notary use?: SHA-256. The certificate also embeds the file size and a short filename hint to make later verification more user-friendly.
Can I notarize a folder or multiple files?: Hash and notarize each file individually, then sign a manifest listing all the per-file hashes. The Utilities tool can produce SHA-256 sums in bulk.