Secure Encryption with GPGMail on Mac OS X

Secure Encryption with GPGMail on Mac OS X
By Damien Gallop
April 26, 2002

Original article: http://www.macwrite.com/criticalmass/gpgmail-on-mac-os-x.php

Privacy has been becoming an increasing concern in more people's lives for quite a few years now. Apparently people aren't concerned about it in their email correspondence, though, if current practice is any indication. A little program called Pretty Good Privacy began to change things, and that technology is available for Mac OS X.

Last year I ventured a series entitled Mac OS X Security. One chapter in that series was entitled Email Encryption. The crux of that article was to demonstrate a couple of ways to encrypt one's email from prying eyes. The featured software was GPGMail, a front-end for the generally available GPG (Gnu Privacy Guard) package that works with Apple Mail. Since the latter changes with every major release of OS X, GPGMail has required a major rewrite every time. All of the tools are available now on the GPGMail site for the 10.1.x release of OS X.

For this to work, you need at least one other person with a similar setup, because PGP/GPG is end-to-end and doesn't involve your mail hosting server. The simple reason why "everyone" still uses plain-text email is because PGP/GPG does not come standard on any popular mailer. I suspect that it's pretty common among unix users, though, as the tools are well-developed for that platform.

The procedure below is a little unix-heavy. If you aren't somewhat comfortable at a Terminal prompt, before you begin may I recommend a quick browse of my article The Mac OS X Shell? And if you're new to OS X, you might also enjoy Mac OS X Shortcuts for New Users, a synopsis of keyboard commands and the like.

The checklist of software to download looks like this:

MD5, an application to verify your download security;
Mac GNU Privacy Guard, the encryption engine;
GPGKeys, a graphical key manager for OS X;
GPGMail Mac OS X Plugin, the graphical interface;
Entropy Gathering Daemon, a pseudo-random number generator.

MD5

First, check to see if MD5 isn't installed on your machine already. Open a Terminal window and type ls to get a directory listing. Pick any file, or create one with the command echo Test! > test.txt. Now type md5 test.txt and see if anything happens. If it returns a long encryption string, then you're in business already. If not, then carry on.

At the Terminal prompt, cd md5 into your MD5 folder (created on your desktop by StuffIt) and issue the command make cc to build MD5. You need to build it yourself to guarantee the integrity of the binary. Now copy the program file md5 into /usr/bin with the command sudo cp md5 /usr/bin so that it is accessible everywhere. To use it, type md5 filename. (If you leave out the filename, MD5 will just sit there like a dummy; give it a Ctrl-C to quit.) MD5 will return a hash string for the file. Compare the string with the published one. They should be identical. Do this for each of the three files you downloaded above. It'll be a bit late to find out that the MD5 strings don't match, but you have to start somewhere.

MacGPG

Once again, let's check to see if the thing isn't there already. Type gpg -help at a Terminal prompt, and see if anything happens. If it responds and the version number (at the top) is at least 1.0.6, then you're in business. If not, you know where we're going next.

Thankfully, MacGPG comes as an OS X package. Sweet! Run MD5 on the original archive file. This will go something like md5 GnuPGAdmin1.0.6r6.dmg.gz with a resulting hash string. Compare it to the one published at SourceForge. If the two differ, don't use your copy. Try another download instead. When you're happy, open and run the unpacked MacGPG folder, and run the OS X package to install MacGPG. Compared to the command line unix version, this package is absolutely marvelous to install. As always, you'll need an admin password to complete it. Check to make sure it is made for your version of OS X. You must be running 10.1 or later for the above version of MacGPG. Note also the file Readme.rtf in the same folder, because you need it in order to run some cryptic steps later.

These cryptic instructions are cryptic indeed for new users. Seems fitting, doesn't it? Open a Terminal session, and let's go.

[localhost:~] damien% rehash
[localhost:~] damien% gpg --gen-key
gpg (GnuPG) 1.0.6; Copyright (C) 2001 Free Software Foundation, Inc.
This program comes with ABSOLUTELY NO WARRANTY.
This is free software, and you are welcome to redistribute it
under certain conditions. See the file COPYING for details.

Please select what kind of key you want:
(1) DSA and ElGamal (default)
(2) DSA (sign only)
(4) ElGamal (sign and encrypt)
Your selection? [Press return]
DSA keypair will have 1024 bits.
About to generate a new ELG-E keypair.
minimum keysize is 768 bits
default keysize is 1024 bits
highest suggested keysize is 2048 bits
What keysize do you want? (1024) 2048
Do you really need such a large keysize? y
Requested keysize is 2048 bits
Please specify how long the key should be valid.
0 = key does not expire
= key expires in n days
w = key expires in n weeks
m = key expires in n months
y = key expires in n years
Key is valid for? (0) [Press return]
Key does not expire at all
Is this correct (y/n)? y

You need a User-ID to identify your key; the software constructs the user id
from Real Name, Comment and Email Address in this form:
"Heinrich Heine (Der Dichter) "

Real name: Bugs Bunny
Email address: bugsbunny@mac.com
Comment: Road Runner Enterprises
You selected this USER-ID:
"Bugs Bunny (Road Runner Enterprises) "

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
You need a Passphrase to protect your secret key. [Enter a passphrase that you can remember]

We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
++++++++++++++++++++++++++++++.++++++++++.++++++++
++.++++++++++.+++++.++++++++++++++++++++++++++++++
+++++.++++++++++.+++++++++++++++++++++++++>.+++++.
......+++++
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
.+++++.+++++..+++++++++++++++.++++++++++.+++++++++
++++++++++++++++...+++++...+++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++....+++++.+++
++++++++++++>+++++..+++++>+++++.>.+++++...........
..................................................
..................................................
.........<+++++...................................
..................+++++^^^^
public and secret key created and signed.
[localhost:~] damien%


Your new GPG keys will be created and placed into your ~/.gnupg folder, which is hidden inside your Home folder.

EGD

GPG requires a random number generator. If you don't have one already installed, the above process will complain. And if it does, then you'll need to install the Entropy Gathering Device, available at SourceForge. It's been too long since I first installed this, so caveat emptor. But let's give it a go. Download the archive and let StuffIt unpack it onto your desktop as, say, egd-0.8. From the Readme and in a Terminal window:

[localhost:~] damien% cd egd-0.8
[localhost:~/egd-0.8] damien% perl Makefile.PL
[localhost:~/egd-0.8] damien% make
[localhost:~/egd-0.8] damien% make test
[localhost:~/egd-0.8] damien% sudo make install
[localhost:~/egd-0.8] damien% exit


To activate EGD, you need a line in your ~/.login file. Try this. Open the file with TextEdit (you'll need to cut-and-paste the file name and path into the Go to field explicitly, since it's hidden), and add the following line:

egd.pl /etc/entropy


Now, the tricky bit here is that it won't start until you run a Terminal session. I suggest you add Terminal to your Login Applications system preferences, and press Cmd-H to hide Terminal. Meanwhile, EGD is running. Clever, no?

GPGKeys

GPGKeys unpacks as a mountable disk, and StuffIt should take care of everything for you. Merely open the disk and copy the GPGKeys program to your Applications folder. It will find everything automatically, if you installed GPG as above. Run it now, as we'll use it in a moment.

GPGMail

Finally, the GPGMail plugin itself. The GPGMail download should also unpack into a DMG file, which in turn should mount a virtual disk when you open it. Find four files there. From the Readme file, first close Mail if it's running, then copy GPGMail.mailbundle into ~/Library/Mail/Bundles/, which you can do by opening a second Finder window and negotiating down the tree from your Home folder. Next, in a Terminal window, copy and paste this command:

[localhost:~] damien% defaults write com.apple.mail EnableBundles YES

Now restart Mail, and find a new PGP item in the Message menu, and also a PGP item in Preferences. We're done.

To use GPG, you need someone with whom you can bounce encrypted email. This could be another OS X user with the same setup, or a Eudora Mail for Windows user with the PGP plugin for it, or a unix bird who does it all manually. Short of finding somebody without a lot of effort, try mailing test stuff to yourself. Why not? Your own public key needs to exist in the GPG public key database first. This should have happened automatically when you generated your key pair. So you're away.

Should you ever need them, Apple publishes its public keys for downloading. Check the Apple PGP page. This is important, because it is a real-life example of using PGP keys. This page refers to MIT's PGP server, a public key repository. From Apple's page, you find out that the Apple public key identifier is 0x096B1A47. Plug that into MIT's search engine, and get back the key's details. The key itself is a link, and can be downloaded using Download Link to Disk in your browser. Do that, and save the file to your desktop. You can also copy and paste the thing into a text file and go from there. Open GPGKeys, and pull down File, Import. Now find the file you just saved, and presto! You have just added Apple's public key to your repertoire.

Besides a little housekeeping, there are basically two tasks you do with PGP. You encrypt the message itself, and you sign it. Conversely, you'll also decrypt a message, using the sender's public key, and you'll also check PGP signatures. The GPGMail interface is intended to make these tasks fairly transparent.

However, they were not transparent enough for me, and I got a "[don't know]" error for both operations, the first time I tried. I sent off an SOS to the author, then later discovered a solution myself. The first time I created a set of keys, the public key either failed or remained invisible to GPG, though I could see the public key file itself in its folder. Since I had played with this stuff some months back, I guessed that something was either broken or incompatible, so I deleted the entire contents of the folder. It's located in ~/.gnupg, as noted above. With GPGKeys running, I created a new 2048-bit key again, then hit Window, Refresh in GPGKeys. Voila! I have a public key. No fuss, no muss. I am now convinced that my pubring.gpg file had become corrupted. Should I ever desire to publish my public key, I could upload it to the MIT server. Let's wait on that, though. As a first test, I cook a short mail message to myself, encrypt and sign it, and away I go. Now I just need a couple of PGP buddies to practise with, and I'll be an expert in no time. And so will you.

As in previous articles, I have attempted here to consolidate existing resources into one place. I take no credit for anything except that. I give all the credit to the PGP and GPG developers. Thank you to you all. You have offered us an invaluable service. Ciao.