-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 HOWTO: Build GnuPG on OS X by Gordon Worley Version 3.0.1 (6 Aug 2002) Introduction: This document describes how to build GnuPG on Mac OS X 10.1+. The process is pretty much the same as normal, but requires some extra effort to get around OS X's 'features'. For the latest version of this document, check the Mac GPG Web site . How To: Begin by downloading and verifying the GnuPG archives from . Then, you need to download the patch found on for OS X and verify them. Here's what to type: curl -O ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-1.0.7.tar.gz curl -O ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-1.0.7.tar.gz.sig curl -O http://macgpg.sourceforge.net/patches/gnupg-1.0.7-darwin.diff To verify: gpg --verify gnupg-1.0.7.tar.gz.sig or, if you don't have an older copy of GnuPG or another OpenPGP program (NEVER verify the version of GnuPG you download with itself), use the MD5 checksums found on the GnuPG Web site and compare with the checksum from: openssl md5 gnupg-1.0.7.tar.gz Do the same with the patch (the .diff file). Next, untar GnuPG: tar -xzf gnupg-1.0.7.tar.gz Copy the patch into the GnuPG folder and apply it: cp gnupg-1.0.7-darwin.diff gnupg-1.0.7/ cd gnupg-1.0.7/ patch -p 1 < gnupg-1.0.7-darwin.diff This will apply everything at once. Look at the diff files for details on what they do. Thanks to Jeremy Cooper for the asm patch, Laurie Brown for the mlock patch, and numerous folks for getting dynload working. When you run configure, you need to make sure you have the proper options set. Run configure as such for best results: ./configure Now, all you have to do is type: make sudo make install Also, it's probably a good idea to run make check before you install, to make sure that your system will be safe on which to run GnuPG. You may need to run make check with the -i option. make check -i Once you get GnuPG installed, it wouldn't hurt to check the quality of the random numbers being produced by /dev/random. To test this, first type: gpg --gen-random 0 > rnd & and after a little while kill the process (once you've got 20 or 30 MB of random numbers). Then, using a program like ent, check the quality of the numbers. Of particular interest will be the entropy, compressibility, and chi^2 p-value (this should be as high as possible, as low as possible, and as close to .5 as possible, respectively; see ent documentation for more details). If you want to install IDEA, you can find instructions on the Mac GPG Web site . Caveats: Due to complications with the current configure scripts, the tiger module is NOT compiled and loaded when you build following these instructions. The solution is to build it yourself (I haven't done that, but in theory you can) or grab it from GnuPG 1.0.6. If you already have it installed from a previous install, you will not have any trouble loading it. Contact: Questions, bug reports, etc. about this document can be sent to Gordon Worley at . Thanks: A big thank you to Sebastian Hagedorn and Bryan Blackburn , who figured out what was wrong with configure and provided fixes with 1.0.5/6. Thank you to Jeremy Cooper who did the asm patch. More thanks to Laurie Brown , who came up with the secmem patch. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (Darwin) Comment: http://www.rbisland.cx/publickeys.html iD8DBQE9UDi/K8yA4fmonfERAovOAJwJHYtKUBXO1NkFdmCVVSd1LiQt2QCeN+50 pSlQJxGH6Eq+NTBoYBZUUBg= =fUm/ -----END PGP SIGNATURE-----