OpenPGP Tools
Local, in-browser: keys, publish, fetch, inspect, encrypt/sign, decrypt/verify.
Note on publishing: keys.openpgp.org uses a VKS API with email verification.
In some browsers, direct POST to the VKS endpoints from a static HTML file can be blocked by CORS preflight.
This page therefore offers: (1) open the official upload page, and (2) generate a local curl script you can run yourself.
Create OpenPGP Keys
Local, in-browser key generation (ECC / Curve25519).
Key expiry
Never
1 year
2 years
5 years
Default is Never . You can extend expiry later (as long as you still have the private key).
Copy Public
Download Public (.asc)
Use in Publish
Open in Key info
Copy Private
Download Private (.asc)
Open in Key info
Keep your private key secret. Never share it. Back it up securely.
Emails found in key (for verification)
keys.openpgp.org requires email ownership verification for email-based discovery.
Parse key
Open upload page
Local-only publish flow:
Click Parse key .
Select the email you want to verify.
Copy the curl script and run it locally.
Click the verification link you receive by email.
Local curl script (upload + request-verify)
Copy curl
Download curl.sh
Fetch by email
Fetch by fingerprint
Open in new tab
Use in Encrypt
Fetched key (ASCII-armored)
Download as .asc
Copy
Best practice: verify fingerprints out-of-band.
Compare the fingerprint via Signal/phone/in-person.
Only then trust the key for encryption.
Download filename defaults to email-address.asc (sanitized).
Open in Key info
Paste any ASCII-armored key
Works with public or private keys. Private keys are processed locally only.
Parse
Clear
Use my Private (from Create)
Encrypt + sign
Clear
Encrypted result (ASCII-armored)
Copy
Download .asc
Use my Private (from Create)
Decrypt
Clear
Copy
Download .txt
“Decrypted” only means your private key could open it. “Verified” requires the sender public key (or another trusted source) to confirm who signed it.