February 12, 2015

Some Notes on GnuPG on Mac

Recently I'm playing a little with GnuPG and I wanted to document some things, mostly for myself…

GnuPG on Macs

It seems that GnuPG version 2 available in Homebrew is broken. Instead use MacGPG2. If you do not want to compile this by yourself, there is also a handy installer available, which comes with a plugin for Apple Mail and a graphical tool for key management.

Command Line Voodoo

Creating a signature of a file (= create hash value of file + encrypting hash value with own private key):

> gpg -a -u Bilbo --output test.txt.sig --detach-sig test.txt
  • -a: use ascii
  • -u: select the private key of sender
  • –output: [name of output file]

Verifying a signature (= check if above signature and file match):

> gpg --verify test.txt.sig test.txt
gpg: Signatur vom Do 12 Feb 10:53:20 2015 CET mittels RSA-Schlüssel ID CEB679AA
gpg: Korrekte Signatur von "Bilbo Beutlin <bilbo@shire.com>" [uneingeschränkt]

After modifying test.txt:

> gpg --verify test.txt.sig test.txt
gpg: Signatur vom Do 12 Feb 10:53:20 2015 CET mittels RSA-Schlüssel ID CEB679AA
gpg: FALSCHE Signatur von "Bilbo Beutlin <bilbo@shire.com>" [uneingeschränkt]

Encrypting a file (with the public key of a receiver):

> gpg -a --output test.txt.enc -r Gandalf --encrypt test.txt
  • -a: use ascii
  • -r: select the public key of the receiver
  • –output: [name of output file]

Decrypting a file:

(No secret key needs to be specified)

> gpg --output test.txt --decrypt test.txt.enc
gpg: verschlüsselt mit 4096-Bit RSA Schlüssel, ID DEBB8A6A, erzeugt 2015-02-12
      "Gandalf the White <gandalf@wizzard.org>"

Encrypt and sign a file

> gpg -a -u Bilbo -r Gandalf --output test.txt.enc.sig --sign --encrypt test.txt
  • -a: use ascii
  • -u: select the private key of sender
  • -r: select the public key of the receiver

Decrypt and verify

> gpg --output test.txt --decrypt test.txt.enc.sig
gpg: verschlüsselt mit 4096-Bit RSA Schlüssel, ID DEBB8A6A, erzeugt 2015-02-12
      "Gandalf the White <gandalf@wizzard.org>"
gpg: Signatur vom Do 12 Feb 11:17:23 2015 CET mittels RSA-Schlüssel ID CEB679AA
gpg: Korrekte Signatur von "Bilbo Beutlin <bilbo@shire.com>" [uneingeschränkt]

© holger 2015 - 2020 |