axew3.com

axew3.com

Gemini w3mypgp | JS RSA-OAEP & AES-GCM Hybrid Encryption

Gemini w3mypgp v7.0

v7.2 (mission impossible)

Privacy is a right, not a ‘select’ option on a subscription page or a hidden clause in proprietary software.

Updated on 10 Mar 2026Gemini w3mypgp v7.2 (mission impossible)

Hybrid RSA-OAEP + AES-GMC

w3mypgp Gemini v7* – Made again with ❤️ for privacy

w3mypgp Gemini v7.*

You can skip directly to the How-To and Examples, but it is recommended that you read the security guidelines first, especially the – Tips for staying super secret part more below.
Ready to take your www privacy back? Let’s go!

GEMINI RSA-OAEP & AES-GCM Hybrid what’s new from UNICORN?

With the Gemini release, the RSA-OAEP & AES-GCM Hybrid engine supports one-click batch encryption. Securely package and share multiple large files with a recipient using only their Public Key.
With w3mypgp Gemini strip away the cloud to bring privacy back to where it belongs: in your hands, on your device, under your control.

Subverting the browser’s traditional role. Instead of being a “window” that leaks data to the cloud, we’ve turned it into

Hardened Cryptographic Vault that processes everything locally, in the dark, and in silence. By combining low-level Binary Packing, Thread Isolation, and Forensic Memory Management, the “GEMINI V7*” achieves what few thought possible in a single standard HTML file

  • Engine: Pure JS Web Crypto (No external dependencies).
  • Privacy: Zero-Knowledge, Zero-Server, Zero-Trace.
  • Strength: 700k Iterations / SHA-512 / AES-256-GCM.
  • Strength: RSA OAEP SHA-256 4096-bit + SHA-512 / AES-256-GCM.
  • Capacity: 500MB+ Multi-file Streaming via Web Workers.
  • License: GPLv3 (Auditable Freedom).

Security made easy

Download Gemini w3mypgp

Note very important: it is possible to save encrypted files using any name and extension. This doesn’t matter because the original filename and MIME type will be encrypted along with the file, and during the decryption, the original file name and MIME type will be reassigned.

Also the encryption timestamp will be displayed upon decryption.

Ex: save the encrypted mydoc.pdf file (or multiple encrypted files) as myprogram.exe or myfile.secret. The decrypted file will return mydoc.pdf (or all multiple original files names) as filename(s) when the file is decrypted.

If it was typed text, the decrypted file name will be (but you can rename it whatever)
“encryption date + — + time + _message.txt“.

This is valid both for the Hybrid RSA-OAEP/Aes-Gcm and AES-GCM encryptions.

Hybrid RSA-OAEP + AES-GMC

RSA-OAEP SHA-256 4096-bit and AES-GCM to pass protect files

If you lose your RSA-OAEP 4096-bit private key or your very complex AES-GCM passphrase, your files are permanently gone. Due to the mathematical complexity of these algorithms, it is physically impossible to recover the data without them—even with the most advanced supercomputers or future quantum technology. There are no known backdoors and no recovery options.

While the RAS-OAEP encryption can reuse the same Public key to encrypt files without security problems, beware that using AES-GCM encrypting files with the same password for more than one single file, it’s a “catastrophic failure” for AES-GCM. It allows an attacker to decrypt your files and forge signatures through XOR analysis.

Gemini w3mypgp v7*:
easy hybrid RSA-OAEP + AES-GCM encryption/decryption

How To
use RSA-OAEP + AES-GCM Hybrid

  • People that want to share super secret files/messages have to download the same w3mypgp HTML file. Download and unzip the file then load it with your browser from your filesystem. Or for example you can load it on your browser from this url (that’s equally safe)

axew3.com w3mypgp.html

  • Open w3mypgp.html in your browser to generate your Public/Private key pair. Download and store these files in a secure location. Share your Public Key with anyone you wish to receive secure messages from. They will use it to encrypt files that only you can decrypt. Important: Only you, as the holder of the Private Key, can unlock the messages sent to you. – Note that the way you’ll store this file containing the Private key for your own use it’s all on top of you. If an attacker discovers the Private key (or the password if pass protected using AES-GCM) the security of the files/messages will obviously be compromised. And do not forget: this is easy for someone at different levels of the network to sniff/intercept your data. And to decrypt your data.
  • Substantially:
    Use the Private key to decrypt, and share the Public with people that need to send you encrypted files/or messages. Or use the Public/Private keys to encrypt/decrypt your own files. Use your Private Key to decrypt incoming files or messages. To receive secure data from others, share your Public Key with them. Or as said use your personal keys pair to encrypt/decrypt and protect your own personal files into your hard drive.

Examples:

Example A:
User A wants to send secrets files or typed text to User B.
B sends his generated RSA-OAEP Public Key to A, which A uses to encrypt the files or messages.
A sends the encrypted files to B. These can only be decrypted by B, who is the sole owner of the RSA-OAEP Private Key.

Example B:
You wants to store secrets files into your hard drive.
– Encrypt using your generated RSA-OAEP Public Key.
– Decrypt using the RSA-OAEP Private Key.

NOTE IMPORTANT:

Maybe READ ALL this page dedicated to the old Unicorn version, there are important security info:

Secret encrypted storage of network files and messages

Tips for staying super secret

Maybe run the HTML file in your Browser in Private mode, so that any unencrypted processed data in the stack is immediately erased when you close the browser’s tab. Or click the Red reset button.

  • If my device goes into wrong hands?

You should not store the generated Private RSA-OAEP key into the same device where the encrypted files/messages resides if you do not delete the received/shared messages or you stored encrypted files using these secret keys into your drive: but if it is the case, at least, you should password encrypt the generated file that contain the Private key with a long and strong password using the AES-GCM Password Encrypt/decrypt screen, if you do not know some other possible method to stay secret, obfuscating the Private key somewhere into your hard drive, so that if an attacker gains physical access to your device, analyzing the filesystem will have no success on find out the secret Private key.

Keeping everything client-side means we’re following a Zero-Knowledge Architecture, where a server never sees the unencrypted data or the Private Key.

Bypasses the Clipboard: by loading from a file, the Password or the Private key never enters the system clipboard, protecting them from “Clipboard Sniffer” malicious installed apps on smartphones.

** If you are a Windows OS user or Android or iOS (?) and you think that their encryption or decryption programs that you may use to encrypt files or Apps to send messages sets you secret and safe. If you think that there is another way than this to be secret, and you are not a security expert and a very advanced developer that coded all the necessaries routines from scratch without errors you are (probably) wrong.

And remember again: it’s easy for someone at several network levels to sniff your data. And to decrypt your data. And for an analyst who picks up your device.

– Do not give them a chance. Enjoy your secrets using w3mypgp.html.

RED ZONE:

If you lose your RSA-OAEP Private key or the AES-GCM passphrase (if using the pass encryption), there is NO way to recover your encrypted files.

https://developer.mozilla.org/en-US/docs/Web/API/Web_Crypto_API

Take control of your internet. Use Firefox

Why should you support and use Firefox? Along with the UNIX/Linux world, it represents your digital freedom

https://firefox-source-docs.mozilla.org/contributing/index.html

🔐❤️ Built for absolute PrivacySpecial thanks go here