First make a directory to hold the compiled files:
Create a text file
Open a new terminal for the PATH changes to take effect, or just append
Download the latest GnuPG from https://www.gnupg.org/download/index.html. The latest version is 2.0.24 as of today. Download the signature file and verify the signature. Extract the archive:
In the
Download the latest libgpg-error, along with its signature file, and verify the signature. Extract the archive, configure, make and install:
Download the latest libgcrypt, along with its signature file. Extract the archive, configure, make and install:
As you can see, I disabled AESNI support, because while I can examine the source code of this software to get some confidence that there are no backdoors, I can't examine the implementation of the AESNI instructions in the CPU. Therefore I can't trust that hardware AESNI doesn't have a backdoor. I also disabled assembly, because otherwise it fails to compile on OS X.
Download the latest libksba, along with its signature file. Extract the archive, configure, make and install:
Download the latest libassuan, along with its signature file, and verify the signature. Extract the archive, configure, make and install:
Download the latest pinentry, along with its signature file, and verify the signature. Extract the archive, configure, make and install:
If you don't disable gtk and qt options, it will complain about not finding X.
You also need to download the latest pth, along with its signature file. Extract the archive, configure, make and install:
Back to
You run into a problem here, the compilation fails:
If you look at
It's meant to include
If you replace that line with
and then type
sudo mkdir /usr/local/gpg
Create a text file
/etc/paths.d/gpg with the following contents:/usr/local/gpg/bin
Open a new terminal for the PATH changes to take effect, or just append
/usr/local/gpg/bin to your $PATH.Download the latest GnuPG from https://www.gnupg.org/download/index.html. The latest version is 2.0.24 as of today. Download the signature file and verify the signature. Extract the archive:
tar xjf ~/Downloads/gnupg-2.0.24.tar.bz2 cd gnupg-2.0.24
In the
README file you'll see that you need the following dependenciesGnuPG 2.0 depends on the following packages: libgpg-error (ftp://ftp.gnupg.org/gcrypt/libgpg-error/) libgcrypt (ftp://ftp.gnupg.org/gcrypt/libgcrypt/) libksba (ftp://ftp.gnupg.org/gcrypt/libksba/) libassuan >= 2.0 (ftp://ftp.gnupg.org/gcrypt/libassuan/) You also need the Pinentry package for most function of GnuPG; however it is not a build requirement. Pinentry is available at ftp://ftp.gnupg.org/gcrypt/pinentry/ .
Download the latest libgpg-error, along with its signature file, and verify the signature. Extract the archive, configure, make and install:
tar xzf ~/Downloads/libgpg-error-1.13.tar.gz cd libgpg-error-1.13 ./configure --prefix /usr/local/gpg make sudo make install
Download the latest libgcrypt, along with its signature file. Extract the archive, configure, make and install:
tar xzf ~/Downloads/libgcrypt-1.6.1.tar.gz cd libgcrypt-1.6.1 ./configure --prefix /usr/local/gpg --disable-aesni-support --disable-asm make make check sudo make install
As you can see, I disabled AESNI support, because while I can examine the source code of this software to get some confidence that there are no backdoors, I can't examine the implementation of the AESNI instructions in the CPU. Therefore I can't trust that hardware AESNI doesn't have a backdoor. I also disabled assembly, because otherwise it fails to compile on OS X.
Download the latest libksba, along with its signature file. Extract the archive, configure, make and install:
tar xjf ~/Downloads/libksba-1.3.0.tar.bz2 cd libksba-1.3.0 ./configure --prefix /usr/local/gpg make sudo make install
Download the latest libassuan, along with its signature file, and verify the signature. Extract the archive, configure, make and install:
tar xjf ~/Downloads/libassuan-2.1.1.tar.bz2 cd libassuan-2.1.1 ./configure --prefix /usr/local/gpg make sudo make install
Download the latest pinentry, along with its signature file, and verify the signature. Extract the archive, configure, make and install:
tar xjf ~/Downloads/pinentry-0.8.3.tar.bz2 cd pinentry-0.8.3 ./configure --prefix /usr/local/gpg --disable-pinentry-gtk --disable-pinentry-gtk2 --disable-pinentry-qt --disable-pinentry-qt4 make make install
If you don't disable gtk and qt options, it will complain about not finding X.
You also need to download the latest pth, along with its signature file. Extract the archive, configure, make and install:
tar xzf ~/Downloads/pth-2.0.7.tar.gz cd pth-2.0.7 ./configure --prefix /usr/local/gpg make make test make install
Back to
gnupg:cd gnupg-2.0.24 ./configure --prefix /usr/local/gpg make
You run into a problem here, the compilation fails:
...
Making all in gl
...
gcc -DHAVE_CONFIG_H -I. -I.. -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -MT allocsa.o -MD -MP -MF .deps/allocsa.Tpo -c -o allocsa.o allocsa.c
In file included from allocsa.c:21:
In file included from ./allocsa.h:23:
In file included from /Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX10.9.sdk/usr/include/stdlib.h:65:
In file included from /Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX10.9.sdk/usr/include/sys/wait.h:110:
In file included from /Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX10.9.sdk/usr/include/sys/resource.h:72:
In file included from ./stdint.h:66:
/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX10.9.sdk/usr/include/inttypes.h:235:8: error:
unknown type name 'intmax_t'
extern intmax_t
...
If you look at
/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX10.9.sdk/usr/include/sys/resource.h:72, you can see that it says#include <stdint.h>
It's meant to include
/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX10.9.sdk/usr/include/stdint.h, which would get intmax_t defined by including _types/_intmax_t.h. Unfortunately instead of including the correct stdint.h, it ends up including gl/stdint.h from GnuPG. If you look at gl/stdint.h on line 46, you see:# include "///Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/../lib/clang/5.1/include/stdint.h"
If you replace that line with
# include "/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX10.9.sdk/usr/include/stdint.h"
and then type
make, everything compiles just fine. Then you run sudo make install and everything's done.