A PGP (Pretty Good Privacy) message is a structured binary format defined in RFC 4880. It consists of data packets that can be encrypted, signed, compressed, or contain literal data. When transmitted as text, PGP messages use ASCII Armor encoding—wrapping base64-encoded binary data between -----BEGIN PGP MESSAGE----- and -----END PGP MESSAGE----- headers. Each packet has a tag (identifying its type) and a length field, followed by the packet body. Common packet types include Public-Key Encrypted Session Key (tag 1), Symmetrically Encrypted Data (tag 9), Compressed Data (tag 8), and Literal Data (tag 11).

No. This tool is a viewer and inspector only—it does not perform decryption. It parses the structure of PGP messages, identifies packet types, shows hex dumps, and reveals metadata such as armor headers and CRC checksums. Decryption requires a private key, which this tool never requests or uses. All processing happens entirely in your browser; no data is ever transmitted to any server. This makes it safe for inspecting the structure of PGP messages without compromising security.

ASCII Armor is a method of encoding binary PGP data into printable ASCII characters for safe transmission through email or text-based systems. It wraps base64-encoded binary data between header lines like -----BEGIN PGP MESSAGE----- and -----END PGP MESSAGE-----. Armor headers can include metadata fields such as Version, Comment, and Hash (for signed messages). A CRC24 checksum (3 bytes, base64-encoded after a = sign) provides integrity verification. This tool decodes the armor, validates the CRC when possible, and displays the underlying packet structure.

RFC 4880 defines several packet types, each with a numeric tag:

• Tag 1 — Public-Key Encrypted Session Key Packet (contains the session key encrypted with the recipient's public key)
• Tag 2 — Signature Packet (cryptographic signature over data)
• Tag 3 — Symmetric-Key Encrypted Session Key Packet
• Tag 6 — Public-Key Packet
• Tag 8 — Compressed Data Packet (ZIP, ZLIB, or BZip2)
• Tag 9 — Symmetrically Encrypted Data Packet (legacy, without integrity protection)
• Tag 11 — Literal Data Packet (contains filename, timestamp, and raw data)
• Tag 13 — User ID Packet (identity associated with a key)
• Tag 18 — Sym. Encrypted and Integrity Protected Data (SEIPD, with MDC)
• Tag 19 — Modification Detection Code Packet
• Tag 20 — AEAD Encrypted Data Packet (modern authenticated encryption)

This specific tool is safe because all processing occurs entirely within your browser using client-side JavaScript. No data is ever sent to any server, logged, or stored. The tool does not load external resources beyond the required CSS/JS frameworks. However, as a general security practice: never paste private keys into any online tool. If you accidentally paste a private key block, clear the input immediately. For inspecting private key structures, use offline tools like gpg --list-packets on your local machine.

OpenPGP is the open standard defined by RFC 4880 (and updated by RFC 6637, RFC 9580). PGP originally referred to the proprietary software by Phil Zimmermann, but the terms are now often used interchangeably. GnuPG (GPG) is the most popular free implementation of the OpenPGP standard. All OpenPGP-compliant messages follow the same packet structure and can be inspected with this tool regardless of which software generated them.