GPG Suite 2017.1

First Beta of GPGMail 3.0 for macOS High Sierra

  • We are happy to announce beta support for macOS High Sierra from day one. Find more details below.
  • With the release of GPGMail 3.0 stable, we will start charging a small fee for GPGMail to deliver more timely updates and even better user support in the future.
  • This beta will expire once GPGMail 3.0 stable is released.

Stable version of GPGMail for macOS Sierra

  • All major blockers have been resolved and GPGMail for macOS Sierra is now considered stable.

Upgrade GnuPG from 2.0 to the new version 2.2

  • On first use, your keys will be upgraded to the new format used in GnuPG 2.2. As a safety measure a backup of your keys will be created prior to migrating to GnuPG 2.2.0. Based on the size of your keyring the installation may take longer.
  • Smartcard users, please have a look at 2.2 migration for smartcard users.

Crash Reporter for GPGMail

  • When GPGMail crashes you will be asked whether or not you want to send us the crash report. These crash reports will help us to quickly identify and fix issues in GPGMail.
  • If you add an email address in GPG Suite Preferences we will even be able to contact you to ask for further details and you can disable the crash reporter at any time.

GPG Keychain no longer allows to upload public keys that are not yet available on the key servers

  • This change was introduced in order to avoid leaking public keys for users that might actively choose to not have their gpg keys published on key servers

GPGMail (10.13 only) 3.0b1

macOS 10.13 High Sierra beta

  • Since this is a beta, crashes or unreliable behavior are expected.

Known Issues

  • Messages may not always be decrypted automatically. De-select and re-select as a workaround
  • Mail might crash when trying to decrypt specific messages
  • Some PGP signed messages might fail to verify.
  • If an error happens while trying to send a PGP signed or encrypted message, no error alert will be shown. This is related to a bug in Mail for High Sierra which we have filed with Apple (rdar://22828028)
  • If an address is entered into the Reply-To field for which no public key is available, it's not possible to encrypt a message. This is related to a bug in Mail for High Sierra which we have filed with Apple (rdar://33886415)

GPGMail (10.12 only) 2.7

Stable version of GPGMail for macOS 10.12 Sierra

  • All major blockers have been resolved and GPGMail for macOS Sierra is considered stable.

Improvements

  • When attempting to forward the decrypted version of an encrypted message, the user will see a warning. [#870]
  • Detection of PGP/MIME encrypted messages is more lenient towards Avast modifications. [#921]
  • Properly handles PGP attachments with mime type text/plain and application/pgp (Mailvelope). [#939]
  • Display pseudo-PGP/MIME messages from iPGMail as proper PGP/MIME messages. [#929, #938]
  • Properly detects PGP data now where the PGP marker has whitespace after -----BEGIN PGP MESSAGE-----. [#924]
  • Forces Mail.app to re-download the complete message a signed PGP/MIME message is detected in order to fix verification issues. [#914]

Fixes

  • The selected key is now used for signing when more than one key is available for the sender address. In previous betas a random key was used. [#895]
  • In gpg.conf group option now works as expected on macOS Sierra. [#903]
  • Properly detect MS Exchange modified PGP/MIME encrypted messages again. [#915]
  • Canceling the pinentry request for signing upon sending a message may have lead to unexpected behavior. [#873, #902]
  • Pinentry now only asks a single time when re-opening an encrypted draft and canceling the dialog. [#893]
  • If Mail Act-On was active, messages would not be encrypted. Mail Act-On and GPGMail once again peacefully co-exist. [#888]
  • Drafts could be encrypted twice resulting in drafts showing an encrypted.asc file when re-visited. [#866]
  • Tooltips for sign and encrypt buttons are working again on macOS Sierra. [#916]
  • Keyboard shortcuts for encrypt and sign buttons are working again on macOS Sierra. [#917]

GPGMail (10.9 - 10.11) 2.6.3

Improvements

  • Detection of PGP/MIME encrypted messages is more lenient towards Avast modifications. [#921]
  • Properly detects PGP data now where the PGP marker has whitespace after -----BEGIN PGP MESSAGE-----. [#924]
  • Drafts could be encrypted twice resulting in drafts showing an encrypted.asc file when re-visited. [#866]

GPG Keychain 1.4

Improvements

  • Since the short ID has been deemed insecure for a long time, new installations of GPG Keychain now show the fingerprint column instead of the short ID. [#376]
  • GPG Keychain no longer allows uploading a public key, if the key in question does not reside on the key servers. So if you signed a key which does not exist on the key servers yet, consider mailing the updated public key to the key owner if you want to share your signature. [#186]
  • Improves the support of different languages in GPG Keychain preferences. [#382]
  • The subkey tab has received a clean-up. [#387]
  • Display the fingerprint of a subkey in the key details view. [#386]
  • Key details clean-up: Tabs have been simplified. It's now easier to add a photo to a key. [#269]
    Whenever keys are changed, created or updated, an informative key upload dialog is shown. [#277, #417, #418]
  • It's now possible to display additional information for a key signature by right-clicking on a signature in the key details > user IDs tab and downloading the key which created the signature. [#235]
  • Key details > user ID tab: the signature section now has a + button allowing to sign the selected user ID. [#421]
  • Adds VoiceOver support for key creation dialog. [#351]
  • Adds a confirmation dialog to key uploads. [#61, #405]
  • Key uploads are limited to a single key at a time. [#419]
  • When exporting a key, the filename now suggests what type of key your are exporting (Public or Secret key). [#396]
  • After importing a key it is highlighted in the key list. [#369, #404]
  • Improves subkey generation dialog to better support different languages. [403]
  • When no match is found for a search of your keys, an informative message instead of an empty key list is shown. [#371]
  • The dialog for adding a user ID or subkey is now consistent with the dialog for new keys. [#254]
  • Key creation dialog was cleaned up. [#412]
  • Removes restrictions for the name field in the key creation dialog. [#399, #402, #415]
  • The comment field is generally considered to be harmful. This version removes it from the dialog to add a user ID. [#416]
  • Adds support for png image files. [#278]
  • Key server search results window is resizable. [#267]
  • When selecting more than one key and opening the key details view, an informative message instead of an empty window is now shown. [#328]
  • When GPG Keychain is opened by double-clicking on an encrypted file instead of a file containing a gpg key, it automatically opens GPGServices to handle the file instead. [#384]

Fixes

  • Disabling or re-enabling a key in key details no longer triggers lags of the UI. [#385]
  • The escape key now consistenly closes key details. [#407]
  • When updating the expiry date, that information now is instantly updated. [#231]
  • Type any letter or an entire name on your keyboard while in the key list to get to that place in the list. This has been behaving strangely for a long time and we are really happy it now works as expected. [#342]
  • Signing keys is only available for single keys. When more than one key is selected the signing option is greyed out. [#391]
  • Fixes a rare hang which could occur during key upload. [#409]
  • Fixes a crash when opening key server preferences with no key server selected at the time. [#398]
  • Fixes a problem where the dialog to add a user ID could get stuck when the user attempted to abort. [#401]
  • The fingerprint no longer changes font-size when being marked. [#374]
  • Adds proper text to the dialog which is shown, when users try to import encrypted data. [#383]

GPG Suite Preferences (was GPGPreferences) 2.1

Crash Reporter for GPGMail

  • When GPGMail crashes you will be asked whether or not you want to send us the crash report.
  • These crash reports will help us to quickly identify and fix issues in GPGMail.
  • If you add an email address in GPG Suite Preferences we will even be able to contact you to ask for further details. [#89]
  • You can disable the crash reporter at any time.

Improvements

  • Field for caching time limited to 5 digits so that all numbers entered are visible. [#87]
  • Keys in the "Default Key" dropdown are listed in alphabetical order. [#64]
  • A confirmation dialog is shown, when stored passwords are about to be deleted or the password cache is about to be cleared. [#81]
  • Renames GPGPreferences to GPG Suite. [#94]
  • Removes the option to edit the gnupg.conf comment from GPG Suite Preferences. If a custom comment is detected, a one time dialog is displayed for users, that allows them to easily remove it. [#88]

MacGPG 2.2.0

Migration from gnupg 2.0 to 2.2

  • MacGPG now includes GnuPG 2.2. Learn more about the changes.

Fixes

  • Libgcrypt 1.8.1, including fix for CVE-2017-7526 and CVE-2017-0379. [#695, #696]
  • pinentry dialog is no longer shown twice when canceled during subkey generation. [#693]
  • Fixes a crash in scdaemon when using a Yubikey. [#689]

Libmacgpg 0.8

Improvements

  • Instead of using a custom implementation of NSTask with support for multiple pipes, adjust the code to use NSTask and reduce number of necessary pipes. [#155]

Fixes

  • Make sure that the gpg operation is aborted when a pinentry passphrase request is cancelled while signing and encrypting a file. [#156]
  • Transform gpg 2.1 error codes. [#154]
  • Use Security and CommonCrypto for installer certificate validation instead of OpenSSL. [#152]