GPG Suite 2018.5

GPGMail 3.0.1 (macOS High Sierra & macOS Mojave)

Improvements

  • Various improvements concerning the activation of GPG Mail Support Plan

Fixes

  • Inline PGP signatures are verified again
  • Message from PGP Desktop or gpg4o were in some cases not decrypted [#1012]
  • Changes introduced by Apple in 10.14.1b3 to mitigate efail lead to crashes – reminder: if you rely on GPG Mail, please stay on the stable release channel of macOS [#1013]
  • Under certain conditions Mail could crash if a message was already being force fetched [#1014]
  • The button to "Load Remote Content" would sometimes disappear [#1016]

GPGMail 2.8.1 (macOS Sierra)

Fixes

  • Mail could crash when trying to verify a PGP signed message [#1003]
  • Fixes a crash in GPG Mail which was caused by an empty subject [#1005]

GPG Keychain 1.4.6

Improvements

  • Dark Mode support on macOS Mojave [#468]
  • More detailed validity ownertrust indicators [#314]
  • Added specific dialog when removing a local signature from a key [#467]

Fixes

  • Using brackets in name field during key creation, resulted in that portion being moved to the comment field [#457]
  • Increased contrast of explanatory text in signing dialog on macOS Mojave [#466]

GPG Services 1.11.6

Improvements

  • Refined details like window title [#248]
  • Added a headline for the recipient selection [#248]
  • Same names for columns as in GPG Keychain [#248]
  • Default columns now include the fingerprint [#248]
  • GPG Services now checks the content instead of the extension to decide which operation to apply. Key data will be imported, encrypted content will be decrypted and signed content will be verified [#201]

Fixes

  • GPG Keychain and GPG Services now share the same design for the validity column [#238]

GPG Suite Preferences 2.1.4

Improvements

  • Set cache time of SSH in addition to "normal" cache time [#98]
  • Dark Mode support on macOS Mojave

Fixes

  • Potential crash due to KVO loop in connection with password cache [#103]

Libmacgpg 0.8.7

Fixes

  • Custom key servers were not added to key server list [#167]
  • Do not return wrong error code when pinentry is cancelled [#168]
  • "Decrypting" a clear-signed message did not work [#170]
  • Makes sure Paddle (paddle.com) is only contacted for support plan activation

GPG Suite 2018.4

Introducing GPG Mail 3 for macOS Mojave and High Sierra

macOS Mojave is just around the corner and we couldn't be more stoked about telling you, that GPG Mail is ready.
For the best user experience, it is advised to install this release before upgrading to macOS Mojave. Otherwise you will have to manually enable GPG Mail after the upgrade.

For those of you who have been following us for a long time it might not come as much of a surprise, that after almost ten years of developing GPG Suite, we have decided to start charging a fee for continued use of GPG Mail.
After the installation of this update you will be able to test GPG Mail for another 30 days. After the trial period is over, you will still be able to decrypt incoming messages, but in order to verify and encrypt new messages, a GPG Mail Support Plan is required.
We hope you understand our decision and keep supporting us.

macOS 10.14 Mojave Support

  • GPG Mail 3 supports macOS 10.14 Mojave from day one. Enjoy secure communication on Apple's latest and greatest (remains to be seen) macOS.

Never have one of them pesky keys expire on you again

  • GPG Keychain and GPG Mail will warn you four weeks before your key is about to expire. Never worry about expiring keys again, we've got you covered! Extending your key with one simple click has never been easier.

GPG Mail 3.0

Improvements

  • Introduces proper support for PGP-Partitioned messages from PGP Desktop [#991]

Fixes

  • Messages that went through MS exchange servers could trigger Mail to crash. This was - by far - our number one crasher and it is now a thing of the past [#977]
  • Messages containing only encrypted attachments but not encrypted text were falsely displayed as partly encrypted [#986]
  • In some cases, PGP/MIME encrypted and signed message recognized as partly encrypted did not show a signature [#987]
  • PGP/MIME messages within a message/rfc822 mime part (inline) were not decrypted [#992]
  • Re-added support for embedded filenames [#990]
  • Inline PGP messages from Mailvelope were displayed as partly encrypted / partly signed [#989]
  • A message's subject line could be manipulated to look like the message was signed when it was not. Credit for this finding goes to Hanno Böck (@hanno) [#1001]

GPG Mail 2.8 (Sierra only)

Fixes

  • All fixes from GPG Mail 3 were back ported for version 2.8

GPG Keychain 1.4.5

Improvements

  • Inform users of keys about to expire and provide simple option to extend them [#59]
  • New password strength indicator - color codes and smarter indicator for password strength [#442]
  • Updated message during key generation [#455]
  • In order to prevent users from leaking their secret key, if a key pair is exported, the secret key is always listed first. That makes it easier to catch that mistake [#452]

Fixes

  • During key creation, only active email addresses are suggested [#446]
  • German umlaute were not properly encoded in key searches [#460]

GPG Services 1.11.5

Improvements

  • Remember status of "Sign", "Add to Recipients" and "Encrypt with Password" options [#128]
  • When a message or file can not be decrypted due to a missing secret key, the error message now shows the key ID of the required key. That makes it much easier to understand why decryption would not work and to determine wether the correct key was used for encryption [#195]
  • When a message or file can not be verified because the required public key does not exist, the error message now shows the key ID of the required key [#246]

MacGPG 2.2.10

Improvements

  • Updated to GnuPG 2.2.10 [#718]

Fixes

  • Using 127.0.0.1 in resolv.conf could prevent dirmngr from resolving the IP addresses of keyservers [#717]

GPG Suite 2018.3

Security Update

This releases addresses EFAIL on macOS Sierra and includes a fix for SigSpoof.
SigSpoof is an exploit affecting GnuPG < 2.2.8 which allowed an attacker to fake any signature under special circumstances. GPG Suite never used the --verbose option of GnuPG by default, so unless 'verbose' was manually added to gpg.conf , our users should have been unaffected by this vulnerability. Mitigations included in 2018.3 make sure that even users with the 'verbose' option in their gpg.conf are no longer affected.

EFAIL mitigations in GPGMail (10.13 and 10.12 only at the moment)

  • Remote content is no longer loaded within encrpyted messages
  • If a message contains more than one encrypted part only the first part is decrypted
  • In case of mixed content (plain content and encrypted content), the plain content is isolated
  • Additional mitigations for S/MIME since unfortunately Apple has yet to completely fix EFAIL

Mitigations against SigSpoof

  • GnuPG was upgraded to 2.2.8
  • In order to fix older versions of GnuPG --no-verbose is always added to the arguments passed to GnuPG by Libmacgpg

GPGMail 3.0b7 (10.13 only)

Improvements

  • Allows decryption of messages or attachments without integrity protection if explicitly required by the user [#982]

Fixes

  • Adds error strings for attachments without integrity protection

GPGMail 2.7.3 (10.12 only)

Improvements

  • EFAIL mitigations for GPGMail [#983]
  • Allows decryption of messages or attachments without integrity protection if explicitly required by the user [#982]

GPG Keychain 1.4.4

Fixes

  • Fingerprint is evenly spaced again [#454]
  • Make sure if a fingerprint is copied it is properly formatted [#454]
  • Text for "Delete key" checkbox was not properly displayed on macOS 10.9 [#449]

GPGServices 1.11.3

Improvements

  • Re-allow decryption of text and files without integrity protection [#245]
  • Display a big warning dialog if a user attempts to decrypt text or files without integrity protection (missing MDC) [#245]

Fixes

  • Encryption of large files got stuck on macOS 10.13 [#244]

MacGPG 2.2.8

Improvements

  • Updated to GnuPG 2.2.8 which includes fixes for SigSpoof [#716]
  • Update Libgcrypt to 1.8.3

Libmacgpg 0.8.5

Improvements

  • Use separate file handles for GnuPG error and status output (mitigation against SigSpoof) [#164]
  • Always pass --no-verbose to GnuPG (mitigation against SigSpoof) [#164]
  • Allow the decryption of PGP data without integrity protection if forced to do so

GPG Suite 2018.2

Security Update

This releases addresses EFAIL, an exploit of a weakness in the OpenPGP standard and the handling of mixed content – encrypted content and plain content in the same message – in macOS Mail, GPGMail, as well as other OpenPGP plugins, which could help an attacker in posession of a target's encrypted messages to extract their content once decrypted. (https://efail.de)

EFAIL mitigations in GPGMail (10.13 only at the moment)

  • Remote content is no longer loaded within encrpyted messages
  • If a message contains more than one encrypted part only the first part is decrypted
  • In case of mixed content – plain content and encrypted content – the plain content is isolated
  • Additional mitigations for S/MIME since unfortunately Apple has yet to completely fix EFAIL

Native GPG Suite update notifications

  • The GPG Suite updater uses native macOS notifications now to alert the user of updates
  • That means you will no longer be interruped in the middle of your work (or talk - sorry Edward Snowden at 34C3)

Revamped key signing dialog

  • The GPG Keychain dialog to sign a key has been vastly improved
  • It is now easier to sign your friends keys after you have verified them (thanks DKG for the input)

GPGMail 3.0b6 (10.13 only)

Improvements

  • EFAIL mitigations for GPGMail [#981]
  • Better support for iPGMail messages [#964]
  • Signatures created by subkeys now show the subkey fingerprint in the signature details
  • The signature details window was completely revamped [#619]

Fixes

  • Crash that might occur when a message looked like a MS Exchange modified PGP/MIME message as well as a Pseudo-PGP/MIME message at the same time [#978]
  • Attachments containing a detached signature are no longer erroneously recognized as encrypted attachment [#958]
  • Attachments in the .doc format could in some rare cases not be displayed [#974]
  • PGP Data within a S/MIME signed message was not decrypted properly [#973]
  • GPGMail health indicator design (in Preferences) adjusted to match macOS High Sierra's appearance [#968]
  • Improved handling of MDC errors [#980]

GPGMail 2.7.2 (10.12 only)

Improvements

  • Signatures created by subkeys now show the subkey fingerprint in the signature detail
  • The signature details window was completely revamped [#619]

Fixes

  • Improved handling of MDC errors [#980]

GPGMail 2.6.5 (10.9 - 10.11)

Improvements

  • Signatures created by subkeys now show the subkey fingerprint in the signature details
  • The signature details window was completely revamped [#619]

Fixes

  • Improved handling of MDC errors [#980]

GPG Keychain 1.4.3

Improvements

  • Revamped the key signing dialog [#282]
  • Default key server is now sks key server pool when no defaul key server is set [#445]
  • Warning message about password length improved [#438, #436]
  • Added tooltip for the key's "Disable" option [#443]

Fixes

  • Option to include secret key during key export was not always shown [#439]

GPG Suite Preferences 2.1.2

Improvements

  • Email is pre-filled in "Send Report" when user entered an email in the Crash Reporting option [#99]
  • When no key server is set, sks key server pool is used as default [#101]

GPGServices 1.11.3

Fixes

  • GPGServices again works as expected with Microsoft Office 2016 and TorBrowser [#235]

MacGPG 2.2.7

Improvements

  • Updated to GnuPG 2.2.7 [#713]
  • Enables the internal CCID driver for smart card access [#707]
  • Adds support for key servers protected by HTTP basic auth [#712]

Libmacgpg 0.8.4

Improvements

  • Use the hkps sks key server pool by default if no key server is set [#159]

Fixes

  • Aborts decryption and doesn't return decrypted data if MDC is missing or corrupted (mitigation against efail)
  • Do not allow unencrypted plaintext in an encrypted message to prevent encryption spoof [#162]
  • Do not throw an error when encrypting symmetrically and there's no pubring [#160]
  • LDAP server search now shows name and email and not only key id [#158]

GPG Suite 2018.1

Message loading fixes for GPGMail on High Sierra

  • Resolves a problem where messages where no longer being loaded in some cases until Mail was restarted

GPGMail 3.0b4 (10.13 only)

Fixes

  • In some cases Mail would no longer load new messages from the server due to a deadlock [#967]

GPG Suite 2017.3

Important bug fixes for MacGPG

  • Resolves a problem where dirmngr might have crashed during a key server search if a different keyserver than the default was used (hkps.pool.sks-keyservers.net)
  • Resolves a problem where a custom GnuPG installation was preferred to GPG Suite's MacGPG which might have lead to a variety of issues (passphrase not accepted...)

S/MIME fixes for GPGMail on High Sierra

  • Resolves a problem where a message was encrypted using OpenPGP instead of S/MIME, regardless of user preference

GPGMail 3.0b3 (10.13 only)

Fixes

  • In some cases messages were encrypted using OpenPGP instead of S/MIME, even though S/MIME was selected [#962]
  • Selecting S/MIME as security method might have prevented messages from being sent [#961]

GPG Keychain 1.4.2

Improvements

  • Adjust maximum for allowed passphrase length to 255 characters, following GnuPG 2.2's default [#437]

MacGPG 2.2.3

Fixes

  • Resolves a problem where dirmngr might have crashed during a key server search if a different key server than the default was used (hkps.pool.sks-keyservers.net) [#702]

Libmacgpg 0.8.2

Fixes

  • Resolves a problem where a custom GnuPG installation was preferred to GPG Suite's MacGPG which might have lead to a variety of issues (passphrase not accepted...) [#157]

GPG Suite 2017.2

Second Beta of GPGMail 3.0 for macOS High Sierra

  • Fixes an often occuring bug, where an encrypted message was not properly decrypted or was displayed as empty.
  • Includes compatibility improvements for macOS 10.13.2.
  • With the release of GPGMail 3.0 stable, we will start charging a small fee for GPGMail to deliver more timely updates and even better user support in the future.
  • This beta will expire once GPGMail 3.0 stable is released.

Upgrades GnuPG from 2.2 to the new version 2.2.3

Important bug fixes for GPG Keychain and GPGServices

  • Resolves a hang in GPGServices, which was triggered when verifying specific messages.
  • Fixes a bug in GPG Keychain (Libmacgpg), which resulted in key server searches failing or working key servers to be considered malfunctioning.

GPGMail 3.0b2 (10.13 only)

Improvements

  • GPGMail now detects inline PGP in incoming messages. [#945]

Fixes

  • GPGMail icon appeared twice in Mail.app Preferences in some cases. [#943]
  • Messages containing PGP data were not properly processed and displaying no content as a result. [#952]
  • Canceling a pinentry request upon sending a message crashed GPGMail. [#944]
  • GPGMail no longer crashes when a draft is saved and no sender information is available. [#955]
  • GPGMail no longer tries to encrypt drafts when no secret key is available, which resulted in a faulty error message. [#951]
  • While composing a draft S/MIME was incorrectly selected when OpenPGP should have been the default. [#953]
  • GPGMail no longer locks in a recursive loop when MailTags is installed and drafts are re-opened. [#948]
  • GPGMail correctly detects and ignores winmail.dat files when Letter Opener is installed. That means Letter Opener again works as expected and can co-exist with GPGMail. [#950]

Known Issues

  • If an error happens while trying to send a PGP signed or encrypted message, no error alert will be shown. This is related to a bug in Mail for High Sierra which we have filed with Apple (rdar://22828028).
  • If an address is entered into the Reply-To field for which no public key is available, it's not possible to encrypt a message. This is related to a bug in Mail for High Sierra which we have filed with Apple (rdar://33886415).

GPG Keychain 1.4.1

Improvements

  • Improved key server check. [#427]
  • Dialog when generating revocation certificate has been tweaked: option to export sec key is removed. [#425]

Fixes

  • On High Sierra GPG Keychain did not jump to the newly created key in the key list once key creation is done. [#431]
  • Problem when uploading the public key of a sec/pub key resolved and confirmation dialog for that case now shown as expected. [#433, #434]

GPG Suite Preferences 2.1.1

Improvements

  • Text fields in 'Send report' are now scrollable. [#97]

GPGServices 1.11.2

Fixes

  • Using GPGServices often times resulted in a hang. This has been fixed. [#241]

MacGPG 2.2.3

Improvements

  • Updated to GnuPG 2.2.3. [#701]
  • Adds code-signing to all GnuPG binaries [#700]

GPG Suite 2017.1

First Beta of GPGMail 3.0 for macOS High Sierra

  • We are happy to announce beta support for macOS High Sierra from day one. Find more details below.
  • With the release of GPGMail 3.0 stable, we will start charging a small fee for GPGMail to deliver more timely updates and even better user support in the future.
  • This beta will expire once GPGMail 3.0 stable is released.

Stable version of GPGMail for macOS Sierra

  • All major blockers have been resolved and GPGMail for macOS Sierra is now considered stable.

Upgrade GnuPG from 2.0 to the new version 2.2

  • On first use, your keys will be upgraded to the new format used in GnuPG 2.2. As a safety measure a backup of your keys will be created prior to migrating to GnuPG 2.2.0. Based on the size of your keyring the installation may take longer.
  • Smartcard users, please have a look at 2.2 migration for smartcard users.

Crash Reporter for GPGMail

  • When GPGMail crashes you will be asked whether or not you want to send us the crash report. These crash reports will help us to quickly identify and fix issues in GPGMail.
  • If you add an email address in GPG Suite Preferences we will even be able to contact you to ask for further details and you can disable the crash reporter at any time.

GPG Keychain no longer allows to upload public keys that are not yet available on the key servers

  • This change was introduced in order to avoid leaking public keys for users that might actively choose to not have their gpg keys published on key servers

GPGMail (10.13 only) 3.0b1

macOS 10.13 High Sierra beta

  • Since this is a beta, crashes or unreliable behavior are expected.

Known Issues

  • Messages may not always be decrypted automatically. De-select and re-select as a workaround
  • Mail might crash when trying to decrypt specific messages
  • Some PGP signed messages might fail to verify.
  • If an error happens while trying to send a PGP signed or encrypted message, no error alert will be shown. This is related to a bug in Mail for High Sierra which we have filed with Apple (rdar://22828028)
  • If an address is entered into the Reply-To field for which no public key is available, it's not possible to encrypt a message. This is related to a bug in Mail for High Sierra which we have filed with Apple (rdar://33886415)

GPGMail (10.12 only) 2.7

Stable version of GPGMail for macOS 10.12 Sierra

  • All major blockers have been resolved and GPGMail for macOS Sierra is considered stable.

Improvements

  • When attempting to forward the decrypted version of an encrypted message, the user will see a warning. [#870]
  • Detection of PGP/MIME encrypted messages is more lenient towards Avast modifications. [#921]
  • Properly handles PGP attachments with mime type text/plain and application/pgp (Mailvelope). [#939]
  • Display pseudo-PGP/MIME messages from iPGMail as proper PGP/MIME messages. [#929, #938]
  • Properly detects PGP data now where the PGP marker has whitespace after -----BEGIN PGP MESSAGE-----. [#924]
  • Forces Mail.app to re-download the complete message a signed PGP/MIME message is detected in order to fix verification issues. [#914]

Fixes

  • The selected key is now used for signing when more than one key is available for the sender address. In previous betas a random key was used. [#895]
  • In gpg.conf group option now works as expected on macOS Sierra. [#903]
  • Properly detect MS Exchange modified PGP/MIME encrypted messages again. [#915]
  • Canceling the pinentry request for signing upon sending a message may have lead to unexpected behavior. [#873, #902]
  • Pinentry now only asks a single time when re-opening an encrypted draft and canceling the dialog. [#893]
  • If Mail Act-On was active, messages would not be encrypted. Mail Act-On and GPGMail once again peacefully co-exist. [#888]
  • Drafts could be encrypted twice resulting in drafts showing an encrypted.asc file when re-visited. [#866]
  • Tooltips for sign and encrypt buttons are working again on macOS Sierra. [#916]
  • Keyboard shortcuts for encrypt and sign buttons are working again on macOS Sierra. [#917]

GPGMail (10.9 - 10.11) 2.6.3

Improvements

  • Detection of PGP/MIME encrypted messages is more lenient towards Avast modifications. [#921]
  • Properly detects PGP data now where the PGP marker has whitespace after -----BEGIN PGP MESSAGE-----. [#924]
  • Drafts could be encrypted twice resulting in drafts showing an encrypted.asc file when re-visited. [#866]

GPG Keychain 1.4

Improvements

  • Since the short ID has been deemed insecure for a long time, new installations of GPG Keychain now show the fingerprint column instead of the short ID. [#376]
  • GPG Keychain no longer allows uploading a public key, if the key in question does not reside on the key servers. So if you signed a key which does not exist on the key servers yet, consider mailing the updated public key to the key owner if you want to share your signature. [#186]
  • Improves the support of different languages in GPG Keychain preferences. [#382]
  • The subkey tab has received a clean-up. [#387]
  • Display the fingerprint of a subkey in the key details view. [#386]
  • Key details clean-up: Tabs have been simplified. It's now easier to add a photo to a key. [#269]
    Whenever keys are changed, created or updated, an informative key upload dialog is shown. [#277, #417, #418]
  • It's now possible to display additional information for a key signature by right-clicking on a signature in the key details > user IDs tab and downloading the key which created the signature. [#235]
  • Key details > user ID tab: the signature section now has a + button allowing to sign the selected user ID. [#421]
  • Adds VoiceOver support for key creation dialog. [#351]
  • Adds a confirmation dialog to key uploads. [#61, #405]
  • Key uploads are limited to a single key at a time. [#419]
  • When exporting a key, the filename now suggests what type of key your are exporting (Public or Secret key). [#396]
  • After importing a key it is highlighted in the key list. [#369, #404]
  • Improves subkey generation dialog to better support different languages. [403]
  • When no match is found for a search of your keys, an informative message instead of an empty key list is shown. [#371]
  • The dialog for adding a user ID or subkey is now consistent with the dialog for new keys. [#254]
  • Key creation dialog was cleaned up. [#412]
  • Removes restrictions for the name field in the key creation dialog. [#399, #402, #415]
  • The comment field is generally considered to be harmful. This version removes it from the dialog to add a user ID. [#416]
  • Adds support for png image files. [#278]
  • Key server search results window is resizable. [#267]
  • When selecting more than one key and opening the key details view, an informative message instead of an empty window is now shown. [#328]
  • When GPG Keychain is opened by double-clicking on an encrypted file instead of a file containing a gpg key, it automatically opens GPGServices to handle the file instead. [#384]

Fixes

  • Disabling or re-enabling a key in key details no longer triggers lags of the UI. [#385]
  • The escape key now consistenly closes key details. [#407]
  • When updating the expiry date, that information now is instantly updated. [#231]
  • Type any letter or an entire name on your keyboard while in the key list to get to that place in the list. This has been behaving strangely for a long time and we are really happy it now works as expected. [#342]
  • Signing keys is only available for single keys. When more than one key is selected the signing option is greyed out. [#391]
  • Fixes a rare hang which could occur during key upload. [#409]
  • Fixes a crash when opening key server preferences with no key server selected at the time. [#398]
  • Fixes a problem where the dialog to add a user ID could get stuck when the user attempted to abort. [#401]
  • The fingerprint no longer changes font-size when being marked. [#374]
  • Adds proper text to the dialog which is shown, when users try to import encrypted data. [#383]

GPG Suite Preferences (was GPGPreferences) 2.1

Crash Reporter for GPGMail

  • When GPGMail crashes you will be asked whether or not you want to send us the crash report.
  • These crash reports will help us to quickly identify and fix issues in GPGMail.
  • If you add an email address in GPG Suite Preferences we will even be able to contact you to ask for further details. [#89]
  • You can disable the crash reporter at any time.

Improvements

  • Field for caching time limited to 5 digits so that all numbers entered are visible. [#87]
  • Keys in the "Default Key" dropdown are listed in alphabetical order. [#64]
  • A confirmation dialog is shown, when stored passwords are about to be deleted or the password cache is about to be cleared. [#81]
  • Renames GPGPreferences to GPG Suite. [#94]
  • Removes the option to edit the gnupg.conf comment from GPG Suite Preferences. If a custom comment is detected, a one time dialog is displayed for users, that allows them to easily remove it. [#88]

MacGPG 2.2.0

Migration from gnupg 2.0 to 2.2

  • MacGPG now includes GnuPG 2.2. Learn more about the changes.

Fixes

  • Libgcrypt 1.8.1, including fix for CVE-2017-7526 and CVE-2017-0379. [#695, #696]
  • pinentry dialog is no longer shown twice when canceled during subkey generation. [#693]
  • Fixes a crash in scdaemon when using a Yubikey. [#689]

Libmacgpg 0.8

Improvements

  • Instead of using a custom implementation of NSTask with support for multiple pipes, adjust the code to use NSTask and reduce number of necessary pipes. [#155]

Fixes

  • Make sure that the gpg operation is aborted when a pinentry passphrase request is cancelled while signing and encrypting a file. [#156]
  • Transform gpg 2.1 error codes. [#154]
  • Use Security and CommonCrypto for installer certificate validation instead of OpenSSL. [#152]

GPG Suite 2016.10

GPGMail 2.6.2

Fixes

  • Remove "X-Pgp-Agent: GPGMail" header. We no longer expose the fact that you are using GPGMail in the mail header. [#879]

GPGKeychain 1.3.2

Fixes

  • Key creation failed on first attempt. [#377]
  • The term "key server" is now consistently used throughout GPG Keychain. [#348]
  • Don't show old info messages for current key searches. [#375]
  • Dialog for key deletion had too many buttons. This was a 10.12 specific problem. [#379]

GPGPreferences 2.0.1

Improvements

  • We added detailed version info to the about tab. [#84]

Fixes

  • Checkbox for "remember for ... seconds" setting could not be deselected. [#86]

MacGPG2 2.0.30

Fixes

  • Libgcrypt 1.6.6: Fixes a bug in the mixing functions of Libgcrypt's random number generator. CVE-2016-6313 (wrongly identified as CVE-2016-6316 in some contexts) [#685]

Security fixes

  • Fixes a privilege escalation bug in our Installer, which could allow an attacker who already had local access to a machine, to execute malicious code as root. Thanks for responsible disclosure: k4dl (@k4dl) and lumpy_ (@diretraversal)

GPG Suite 2016.08

Fixes

  • We fixed a glitch in our auto-updater.
  • Don't restart GPG Keychain so fast. This will prevent GPG Keychain from launching while other components where not ready yet. The result was an empty key list.

GPG Suite 2016.07

Simplified update process

  • The update options available in GPGMail, GPG Keychain and GPGPreferences are now in sync. They are much more intuitive now. You can search for updates on the stable channel and include beta updates if you want to help testing new features. We will make more use of the beta channel in the future. Promised! The nightly builds are used for debugging / hotfix purposes only.

10.6 - 10.8 EOL

  • We want to improve GPG Suite, but each new feature we introduced, caused difficulties on the older iterations of OS X. Thus 10.6 - 10.8 will be End of Life and are not supported in this version of GPG Suite. GPG Suite for 10.6 - 10.8 can be downloaded from https://releases.gpgtools.org/oldies.

GPGMail 2.6

New

El Capitan stable

  • GPGMail 2.6 stable is rolled out for 10.9 - 10.11. [#834]

VoiceOver support

  • We made sure that all GPGMail elements are working in VoiceOver while composing a draft. For the best VoiceOver implementation, make sure you have the latest OS X version. Known limitations: 10.10 can not access the OpenPGP indicator, 10.9 as 10.10 and button state is not announced. We suggest all of our blind users to update to 10.11 and would be really excited to hear your feedback on this.

Improvements

  • Change default so that version info is no longer attached to messages. [#837]

Fixes

  • Drafts were opened in blank state when closing mail while working on a draft and not saving it. [#860]
  • Respect Subkey key mapping. [#862]
  • Sending a mail while in fullscreen view resulted in Mail.app getting stuck on a black screen. [#852]
  • Disable the setting to 'Automatically check for updates' didn't stick. [#850]
  • Mission control showed drafts despite them already being sent. [#853]
  • Inline/PGP works again using BCC: recipients. [#869]
  • MailTags and GPGMail can again peacfully co-exist. Thanks Scott from MailTags! [#849]
  • Startup crash on 10.10 and 10.11 related to the MailTags fix. [#868]
  • Mail.app was not starting correctly after closing it while an unsaved draft was open. [#871]
  • Ensure draft state is saved and kept when re-opening draft. [#854]

GPGKeychain 1.3

New

  • Clipboard detection: When GPG Keychain is open and the user copies any text key to the clipboard, we now show a dialog asking if you want to import the key. This has been a popular request. Hope you like it! [#248]
  • Allow symbols in email addresse for key creation. [#365]

Improvements

  • The info message is now consistent when revoking a key via rev cert import and via contextual menu. [#346]
  • Key import dialog has been improved a lot. Readability and clarity ahoi! After a key import, that key will be highlighted. [#358]
  • Display info messages as dialog instead of a text window. [#290]
  • Removed delete icon from default icons. [#364]
  • Changed keyboard shortcut to update a key from the key server from ⇧⌘Y to ⌘U. That should be both easier and more intuitive. [#356]
  • For keys with only one UserID the algorithm preferences will no longer show a dropdown selection with only one entry. [#323]
  • Keyboard shortcuts in the Subkey and Key tab now work consistent. ⌘C copies fingerprint with spaces and ⇧⌘C copies fingerprint without spaces. [#359, #354]
  • Option to 'Mail public key' is not available for expired or revoked keys. You do not want to share those old keys with the world. [#301]
  • Show key details when attempting to import a key and that key already exists. [#289]

Fixes

  • Keylist is updated as expected when deleting or importing keys. [#357]

GPGPreferences 2.0

New

Settings Redesigned

  • Our long neglected child has received some major love. The settings have been completey redesigned. We hope you like the new layout.

Send Report

  • We hope you don't, but should you ever run into trouble and want to get in touch, it has never been easier. The new 'Send Report' tab provides an easy option to create a discussion on our known support platform.
  • For debugging porpuses you can attach a debug log. It will be sent via encrypted TLS connection to our hoster. There it is encrypted with out team key and then sent to our support platform.
  • This should help both you and us to be more effective in debugging problems you may be seeing.

Improvements

  • We now pre-select a key for you as default key, should none be selected already. In case you have more than one key, that will be the latest key. There's really no reason not to be using the default key option. [#68]

GPGServices 1.11

Improvements

  • Added a few CFBundleIdentifiers. [#226]

Fixes

  • Error messages where shown with error code instead of being translated to human readable text. [#224]

MacGPG 2.0.30

New

  • GnuPG 2.0.30

Libmacgpg 0.7

Improvements

  • Be more tolerant when importing keys with wrong new lines. [#64]

GPG Suite 2015.09

GPGMail 2.5.2

Smooth upgrade to El Capitan

  • Instead of seeing the "incompatible Bundle"-message, when you launch Mail with GPGMail installed after upgrading to El Capitan, you will have the option to install our newest beta for El Capitan or disable GPGMail

Fixes

  • GPGMail handles binary pgp messages as expected again. The regression was introduced in GPG Suite 2015.08. [#843]
  • Adds better support for variants of inline PGP in HTML messages.

Libmacgpg 0.6.1

Fixes

  • The most common crash in GPG suite 2015.08 was a crash in Libmacgpg when parsing PGP messages. [#150]

GPG Suite 2015.08

Security Note

A bug in a Libmacgpg subcomponent could be abused by a local user to execute shell commands with root privileges (CVE-2014-4677).
This issue was fixed in GPG Suite 2015.06.
A big thank you goes out to Bruno Bierbaumer for bringing this bug to our attention.

Note for OS X 10.6 and 10.7 users: when installing this update, you might be asked for your admin password twice.

GPGMail 2.5.1

Fixes

  • 10.8 + 10.7: GPGMail setting to "Encrypt Drafts" could not be disabled. [#841]
  • Save and display the "Update check" setting correctly. [#842]
  • Properly display messages with content-type application/pgp. [#838]
  • Preserve rich-text formatting when continuing drafts. When drafts where re-opened all formatting was lost. [#835]

GPG Keychain 1.2.1

Show key revocation date

  • Key details for revoked keys now show the date of the revocation. [#345]

Fixes

  • Drag & Drop of keys was not working when expert settings were enabled. [#343]

GPGServices 1.10.1

Supporting more applications

  • Added a ton of CFBundleIdentifiers to GPGServices in order to support more applications. [#209, #144]

MacGPG 2.0.28

Integrate MacGPG 2.0.28 [#159]

  • MacGPG is now based on gnupg 2.0.28

Fixes

  • Fixes pinentry-mac to no longer be affected by the XARA attack. [#160]

Libmacgpg 0.6

Be more tolerant towards malformed messages

  • Too many line breaks or other minor deformations of ASCII PGP data often resulted in a message that could not be decrypted. We are now much more tolerant and flexible. [#63, #145, #14, #38]

Fixes

  • No more "no pinentry" errors! We've finally found a solution to fix the infamous "no pinentry" bug, caused by a socket connection to gpg-agent which was not closed under some circumstances. [#147]
  • One of the most common crashes in the 2015.06 release has been fixed. GPGTaskHelperXPC no longer crashes. [#143]
  • Crash in Libmacgpg GPGPacket fixed. [#146]
  • Under some circumstances and empty key list was returned. [#149]
  • Uses new pinentry with keychain support for new MacGPG. [#148]

GPG Suite 2015.06

GPGMail 2.5

10.10 Yosemity support

  • This has been a long beta phase – we know. But we are very happy to announce 10.10 support is now ready for a stable release and hope you'll enjoy GPGMail 2.5 as much as we do.

Encrypt drafts by default

  • All drafts will be encrypted with your public key by default, giving you better security and preventing bad situations from the get go. This concerns all your accounts in mail.app, even if you do not have an OpenPGP key for all of them. Encrypt drafts can still be disabled in GPGMail preferences (which we do not recommend). [#648]

Show warning before sending an unencrypted reply to an encrypted message

  • Your security is important and sending an unencrypted reply to an encrypted message can pose a serious security threat since information might be leaked.
  • We now display an informative warning message which explains the situation and gives you the chance to revise the draft you are about to send.

Intuitive security indicator for encrypted mails

  • Until now we showed an open lock to indicate that the mail has been decrypted. But actually there are only two states: successful decryption (which now shows a closed lock) or no decryption at all due to an error (which results in an error message). We think the new behavior is much more intuitive. The open lock for decrypted messages was irritating and did worry quite a few users who believed the messages weren't encrypted at all. [#777]

Auto-Updates

  • We think it's a good idea to keep our users up to date with the latest fixes and improvements. So now, the automatic check for updates is enabled by default. While working on this, we discovered a bug in the way auto-updates were implemented, so that is now fixed and updates for GPGMail should be much smoother in the future. [#774, #785, #822]

Warning about drafts stored on server

  • This warning serves a very specific case, but it is very important to understand the consequences, so we are happy to now provide the user with an informative message. If drafts are stored on server and the GPGMail option to "Encrypt drafts" is being disabled, you'll see a message warning you that your drafts will be stored on those server as plain text, once you start typing a new message. [#819]

Fixes

  • GPGMail on 10.10 no longer crashes when new message creation is invoked via AppleScript. We heard you - this is a much used feature and we're glad this bug is fixed! [#768, #799, #804]
  • Mail.app crash on 10.7: Crash on creation of a new message. [#783]
  • Drafts: Sign and encrypt status for drafts were not always saved. [#761]
  • Drafts: Signed drafts were displayed as empty messages on Mavericks. [#695]
  • Drafts: A nasty bug was squashed which prevented drafts from being stored on OS X 10.8 and 10.7. [#776]
  • Drafts: In some occasions, encrypted drafts or sent messages had missing header parts, which resulted in incorrectly rendered mails.[#782]
  • GPGMail believed that for certain addresses S/MIME encryption was not available while it actually was. [#673]
  • Updates: the installer no longer stays open when Mail.app was quit during the update. [#742]
  • Displaying revoked UIDs when two keys for the same email address exist and one is revoked is a bad idea. We no longer do that. [#656]
  • Coexist peacefully: No more duplicate headers when using GPGMail and MailTags plugins together. [#747]
  • A broken signature was falsely shown as "Signed". [#714]
  • Remove trailing white-spaces so that signatures no longer get invalidated. [#686]
  • On 10.10 GPGMail failed to properly load messages with winmail.dat attachments. [#771]
  • Correctly detect inline PGP in text/html messages. [#787]
  • 10.10: ensure selecting a specific key in the "From:" menu when composing a new message is possible when more than one secret key is available for the same email address. [#809]
  • GPGMail no longer clutters Console.app with "error CFBundle RegexKit.framework Data couldn't be read" messages. [#796]
  • Attachments of weird inline PGP encrypted messages from Windows are now properly displayed. [#677]
  • When selecting an email from the sent folder and using "Send again" from the menubar, the resent mail did not respect your default setting to encrypt / sign mails. [#813]
  • Minor typo in an error messages about signature that cannot be verified fixed. [#816]
  • There was an infinite loop (scnr) error when spell check on send was enabled and the user clicked "Send anyway". [#829]

GPG Keychain 1.2

Create revocation certificate for every new key

  • Before when you lost a secret key or forgot the passphrase for it, you had to make sure to have a revocation certificate, to at least inform others that this key is no longer to be used. From our experience however we know, that not many people are creating a revocation certificate in time. And you shouldn't have to. That's why we now create a revocation certificate for you whenever you create a new key in GPG Keychain! [#244]

Send public key by mail

  • This is one of the more popular feature requests we had in the pipe: You can now send your public key by mail by selecting "Key > Mail pub key" from the menu bar (⇧⌘M). This is possible for your own public keys or also for other public keys in your keychain. A new mail in Mail.app will open and we've added a nice template text to explain what a public key acutally is and how to get started using OpenPGP if your friends are not familiar with it. [#86]

Sanity check for new key servers

  • When entering a new key server in the key server preferences, we now run a check to see if the key server is properly working, so users don't end up with a broken key server. [#150]

Warning message before revoking a key

  • Revocation certificates should never be imported without informing the user about the consequences. So before you can revoke your key we now show a message that explains any implications. [#165]

Removed option to create 1024bit keys

  • 1024bit keys are no longer considered secure, so we removed that option. [#264]

Fixes

  • Selecting many keys for cleaning operation could result in crash. [#193]
  • Canceling the progress indicator caused a crash. [#191]
  • Potential crash on key import from key server. [#227]
  • 10.7: Crash on opening GPG Keychain. [#279]
  • Potential crash when adding a User ID. [#274]
  • Endless loop when revoking a key. [#273]
  • Crash on key creation. [#240]
  • Crash when changing ownertrust. [#212]
  • Crash on several occasions in NSKeyValueCoding. [#340]
  • Key on smartcard wasn't detected by GPG Keychain. [#216]
  • Instead of crashing an error message is displayed when SSH keys are imported (which are not supported). [#210, #255]
  • Allow creation of subkeys with specific capabilities and honor RSA sign only key. [#148]
  • Show keyIDs of own keys when signing. [#192]
  • Malloc error when entering ldap key server URL. [#228]
  • Double entry for GPG Keychain under System Preferences > Security > Privacy > Contacts due to change in identifier. [#196]
  • Export of pub key does not show suffix although option to hide suffix is inactive. [#225]
  • Search for german umlaute was broken. [#217]
  • Creating sign-only keys didn't work. [#152]
  • Display details when showing an unknown error. [#341]
  • Key servers entered by users where not stored in the key server list. [#292]
  • Entering an invalid keyserver value with newlines caused a crash. [#299]
  • When trying to delete all keys, only secret keys were deleted but public keys remained. [#283]
  • Revoking a signature was broken. [#285]
  • If you are a gamer and had high APM, toggeling the filters fast enough would not change sorting but open the selected key. [#294]
  • No longer gets stuck after a users removes all algorithms except "none". [321]
  • Better error message when opening encrypted files with GPG Keychain instead of GPGServices. [#224]
  • Better default naming for exported keys: If more than one key is exported, GPG Keychain now uses "YEAR-MM-DD" and shows the number of exported keys. [#300]
  • Keep primary UserID after adding new UserID. [#172]
  • Better info message in Key > Sign dialog. [#207]
  • Display warning before deleting last self-signature. [#102]
  • When creating a new key, we auto-fill the fields with data from your address book entry. [#70]
  • Key inspector window should not stay visible when GPG Keychain is in the background. [#215]
  • Allow drag and dropping a .jpg into the Key Inspector > Photo tab... [#182]
  • Show spinner if loading photos takes more than 2 seconds. [#181]
  • Allow searching for fingerprints using human readable format (i.e. with spaces). [#204]
  • Add a toolbar button for key search/retrieval. [#221]
  • Keep position of key list after deleting a key and don't jump back to the top. [#177]
  • Removed Undo / Redo from Edit Menu until this feature is properly implemented. [#309]
  • Show validity column in default view for main window. Many users where wondering why keys where unusable. This will help indicating what is going on. [#122]
  • Column sorting using the validity column now follows validity status instead of the alphabet of the validity state. [#241]
  • Fingerprint was displayed with too many spaces. [#208]
  • Key Inspector User ID tab: the signature column and created date were too narrow. [#97, #201]
  • Show warning if pinentry crashes during key creating instead of just sitting idle. [#200]
  • New warning: when the only subkey of a key is about to be deleted, we now display an informative warning. [#103]
  • No longer display the comment column in the key list. [#271]
  • Limit long error messages so they don't go offscreen. [#170, #252]
  • Button too narrow for german translation in new key dialog. [#253]
  • Key inspector for UI improvements for german translation. [#114]
  • Resize text-fields to fit content. Really long names where not properly shortened. [#220]
  • Better error message if damaged gpg.conf is detected. [#149]
  • Don't show revoked keys in search results from key servers. If you want to see revoked keys for your key search you can enable that option under Preferences > Key server. [#262]
  • Improve naming of key search options to clarify where the search is done (local search vs search on key servers). [#265]
  • When updating keys, progress sheet listed User IDs without line breaks. [#226]
  • Incorrect progress sheet message when changing expiration date of a key. [#214]
  • When main window is maximized, instead of expanding the key inspector (key details) to the side, they now show in a separate window on top. [#236]
  • Hide "Algorithm Preferences" by default. They still exists but are now an expert setting. [#311]
  • Improved naming and reordered a few menu bar items.
  • New keys did not appear in key list when one tried to signed another key. [#303]
  • Proper sorting ignoring capitalization: why did we differentiate between capitalization and small letters in the first place? [#302]
  • When changing the primary UserID the key list no longer loses focus of the selected key. [#304]
  • Properly display important dialog windows on small screens, which might have previously been hidden by the key details window. [#307]
  • Properly display UTF-8 characters when looking at UserIDs. [#320]
  • Minor fix in german translation for Key ID. [#275]

GPGServices 1.10

Clearly indicate which keys are selected

  • Below the key list you'll now find an indicator showing if any keys are selected. Keys which are already selected will always be shown on top of the key list, so you will not accidentally encrypt to the wrong recpipient. If you want to unselect all keys we now provide a simple checkbox for that. [#183]

Fixes

  • Crash when using columns to sort keys. [#178]
  • Signing files broken. GPGServices main window not showing up, only a progress indicator. [#176]
  • Progress indicator not closed when GPGServices main window closed. [#166]
  • Be more tolerant towards deformed encrypted messages. Missing linebreaks at the end of an encrypted message no longer cause a "Decryption failed" error. [#197]
  • Be even more tolerant: Encrypted messages sent via facebook couldn't be decrypted. [#196]
  • Decryption of encrypted empty text file failed. [#172]
  • Processing of large files (>4GB) lead to errors. [#217]
  • OK button became inactive when encrypting to public keys without encrypting to own key. [#214]
  • Key count of selected keys is now always correct. There were glitches in some rare occasions. [#216]
  • 10.6: Leaking NSString objects when GPGServices was launched. [#212]
  • Filename wasn't correctly saved in the encrypted file, so that renamed encrypted files produced wrongly named decrypted files. [#161]
  • Show verification results when decrypting text. [#179]
  • Files with spaces in the filename that were encrypted and later decrypted, contained "%20" instead of spaces in the output filename. [#202]
  • Verify results now also show the Key ID in addition to Name and mail address. [#177]
  • Minor improvements in "Sign / Add to recipients" section in main window. [#188]

GPGPreferences 1.5

Update management for all tools

  • Add "Check Now" buttons for all the tools: it's never been easier to stay up-to-date with all components of GPG Suite. We now offer stable, pre-release and nightly channels for every single component of GPG Suite. [#58]

Key server sanity check

  • GPGPreferences now checks if a key server is valid and working, when a new one is entered. [#71]

Copy version info into the clipboard

  • By clicking on any version info in the Updates tab, all version info is copied into the clipboard. This makes it easier than ever to provide the complete version information along with your support requests. [#53]

Fixes

  • Respect the "display no version info" setting. When exporting a key, "MacGPG v2" was still added. This is no longer the case. [#66]
  • Crash on 10.6 caused by "Check Now" button. [#54]
  • Nightly channel didn't stick. The channel setting was not stored. [#59]
  • Crash due to invalid value on "remember the passphrase for" setting. [#69]
  • OS X 10.6: "delete stored passphrases" option didn't work properly. [#72]
  • Display "Select a key..." instead of an empty combo box when no default key is selected. [#70]
  • OS X 10.10: Text of component names in Updates tab cut off. [#65]
  • Visually distinguish installed and not installed tools in update listing. [#52]

MacGPG 2.0.27

Support for hkps key servers and new key server default

  • The default gpg.conf uses the hkps.pool.sks-keyservers.net key server by default. [#119]
  • Tries to migrate old default configurations to connect to key servers via hkps.
  • hkps sks key server pool is now new default.

No version info to protect your security

  • The new default will not show any version info in the comment field. For existing installations, you can disable showing version info using GPGPreferences. That way it's no longer possible to determine for an attacker which gnupg someone is using and can't abuse that information. [#131]

Integrate gpg 2.0.27

  • Includes a fix for a DoS based on bogus and overlong key packets.
  • Adds better error reporting for keyserver problems.
  • Includes other bug fixes related to bogus keyrings.

Fixes

  • Passphrase in pinentry wasn't display properly when 'Show typing' enabled. [#145]
  • Import filter rejected some keys on auto-import. [#134]
  • gpg-agent timout when signing Mails. [#128]
  • OS X 10.6: pinentry program entry not added to gpg-agent.conf in some rare occasions. [#125]
  • scdaemon was misbehaving badly on OS X 10.10 leading to big problems for smartcard users. Happy to announce this is fixed. [#140]
  • gpgkeys errors included in output destroying attachments. [#150]
  • When installing GPG Suite or MacGPG2 the gpg.conf is no longer cluttered with superfulous entries of key server addresses. [#152]
  • Creation of keys bigger than 4096bit was broken. After discussion on the gnupg mailing list we came to a mutual agreement and decided to remove this option.