Monday, August 19, 2019

How to run Fossa Guard on Android in Firefox browser

The guideline describes how to run a free version of Fossa Guard extension V0.4.9+ on mobile Firefox browser on Android platform to enable end-to-end S/MIME encryption on top of Gmail on your mobile.

On your Android mobile:

  1. Install and run the Firefox browser
  2. Navigate to Fossa site and click 'Free Firefox version'.
  3.  
  4. Click 'Download' and then 'Open' to install the Fossa Guard extension. 
  5. Fossa Guard for Firefox is distributed as self-hosted Firefox extensions thus you need to 'Allow' the installation
  6. Give FossaGuard the following permissions:
    • Access your data for all websites to enable Certificate Revocation Lists (CRL) download following links in the certificates.
    • Access browser tabs to enable the ability to create the tab for Google's authentication and to get the response.
  7. Navigate to Fossa Guard extension via Firefox browser 'Add-ons' menu and clicks on FossaGuard extension.
  8. Select FossaGuard extension and click 'Options' in the extension details window, to get Fossa Guard settings page.
  9. Click 'Login to Extension' to associate your Google account with Fossa Guard - a new tab should appear in Firefox browser with Google authentication. 
  10.  Authenticate to corresponding Google account (we use fossa.user@gmail.com)
  11. Allow Fossa Guard to use requested permissions. On success, Google authentication will be auto-closed. 
  12.  At this point you have 2 options: Import your backup personal Certificate and key OR Enroll free personal certificate from Fossa CA.
  13.  Option with Fossa certificate enrollment is described in the blog "How to run Fossa Guard on Android" so let's import the corresponding *.p12, *.sfx file with Certificate and Private key.
  14. Navigate to the mobile web version of Gmail
  15. Ensure that you logged into Gmail with the same Google account (we use fossa.user@gmail.com).  
  16. When select one of the Inbox folders you should notice the fancy green button at the right top with 'S/MIME' label. Click it to compose S/MIME email. 
  17. Type 3 letters of your recipient address and you should get a list of corresponding contacts for selection. Fossa Guard automatically checks if the addressee has got Fossa certificate and indicates it by the green color of the email pill.
  18.  
  19. Once you finished with composing S/MIME message, click 'Send S/MIME' and it will be sent using Gmail API and should appear in Sent folder marked by the corresponding label 'S/MIME'.
  20.  
  21. Click on S/MIME labeled email to check the details and you'll discover 'smime.p7m' attachment which is unreadable for Google robots and the notification from the extension that this email was composed using S/MIME. 
  22. Click 'View Content' and you'll be requested for the passphrase to access your private key (locally within your current browser session).
  23.  
  24. Once you provide the correct passphrase the extension will decrypt the message and show you in a dedicated window.
  25. If the email address of your Gmail account does not correspond to the email address of Google account associated with the extension you'll the notification to use the same account. This is the identity check Fossa Guard makes to secure access to the private key.

No comments:

Post a Comment