)
in the dialog. This allows you to paste the Key ID in any
application which will allow you to search for the owner of the
secret key with that ID.
IN APPLICATIONS
Encrypting and/or signing a message
Write your message in the e-mail application or word processor of your choice.
Choose Encrypt/Sign in the FileCrypt menu. The encryption dialog appears.
To ENCRYPT the message, select the public key of the person you want to send the message to in the list of keys under the Encrypt box. The Encrypt box is checked automatically as soon as you select a key. Private keys are used to sign and decrypt messages only and are thus not shown in the list.
If you want to send the message to different people, you can select more than one public key by using the Shift key to select adjacent keys in the list or the Command key to select non-adjacent keys.
To encrypt the message, click on OK. While FileCrypt encrypts the message, a dialog showing progress bar comes up to indicate it is busy. After the encryption is finished, the message is replaced by the encrypted text, preceded by the header:
-----BEGIN PGP MESSAGE----------
and followed by the footer:
-----END PGP MESSAGE-----
Shortcut: If you want to encrypt the message for one recipient, choose Encrypt/Sign in the FileCrypt menu, type the first letters of the recipient's User ID and press Return.
NOTE: If you checked the "Encrypt to self" option in the FileCrypt preferences, the public key corresponding to your default private key will be added to the selected keys automatically. This means you will always be able to decrypt the messages you send.
If "Encrypt to self" is not checked and you did not select your public key, an alert will warn you that you will not be able to decrypt the message after you encrypt it. Click OK if that is what you want to do, or Cancel if you want to add your public key.
To SIGN the message, clcik in
the passphrase entry box and enter the passphrase for your default
key. The Sign box is checked automatically as soon as you enter your
passphrase. If you do not encrypt the message, but only sign it, you
can check the "Keep text in clear" box if you want the message to
remain readable. Click on OK to sign the message.
If you decide to sign the message and not to encrypt it, the message
is preceded by the signature header:
-----BEGIN PGP SIGNED MESSAGE----------
Information concerning the signature follows the message and is enclosed in the header:-----BEGIN PGP SIGNATURE-----
and the footer
-----END PGP SIGNATURE-----
Shortcut: If you just want to sign a message, choose Encrypt/Sign in the FileCrypt menu, press the Tab key, type your passphrase and press Return.
You can both ENCRYPT AND SIGN the message. To achieve this, do all necessary actions to encrypt the message as well as those necessary to sign it as decribed above, then click on OK.
NOTE: For obvious reasons, the "Keep text in clear" option is not available if you encrypt the message.
TIP: Being able to encrypt and/or sign only the selected portion of a message can be very useful in different situations. For example, you may want to send a message to more than one person, in which some paragraphs are not destined to all recipients. Select and encrypt the paragraphs with the according keys and then sign the entire text. All recipients will be able to verify your signature but the encrypted paragraphs will be available only to the recipients to whom they were destined.
Decrypting a message and/or verifying a signature
To decrypt an encrypted text or verify a signature, make sure the message you want to decrypt or verify is in the frontmost window and that the cursor is located in the message body, then select Decrypt/Verify from the FileCrypt menu.
If the message is ENCRYPTED, the following situations can occur:
)
in the dialog. This allows you to paste the Key ID in any
application which will allow you to search for the owner of the
secret key with that ID.
If the message is SIGNED, FileCrypt will display information on the signature:
) in
the dialog. This allows you to paste the Key ID in any application
which will allow you to search for the public key with that ID.
Once you found the public key, you will be able to verify the
signature. You can still view the message in its original state by
clicking on the Decrypt button.
NOTE: No password is required to verify a signature.
Just like with encryption, you can select just a portion of a message which corresponds with the part you want to decrypt. Note that you can only decrypt portions of a message which are enclosed by a header and footer, which you must also select.
If there is more than one block of encrypted text in a message or in your selection in a message, i.e. there are more than one header and footer, only the first encrypted block will be decrypted. Proceed as described in the previous paragraph to decrypt the other blocks.
Most email applications do not allow the modification of incoming messages. When you decrypt or verify messages in these applications, FileCrypt will display the result of its operation in a new window. If the application cannot open a new text window, FileCrypt will open the result in another application, the viewer application. The first time FileCrypt encounters this situation, you will be asked to choose the application you want to use as the viewer application. Choose an application which handles text well, such as SimpleText, BBEdit, Tex-Edit, ... You will need to designate the viewer application only once, FileCrypt will remember which application you chose.
If the result of the decryption of a message cannot be recognized as text and can thus not be shown in a text window, FileCrypt invites you to save the result as a document on the hard disk. If the encrypted message contains information about the application which created the original document, FileCrypt will use this information when it creates the new document. If this information is unavailable, you will need more information from the person who sent you the message to know with which application you can view the contents of the message.
Importing public or secret keys
In addition to importing keys thru the Import button, FileCrypt allows you to import key directly by selecting text corresponding to the keys in a message. This feature is very handy to import a key someone sent in an e-mail message or to import a key from a key server.
You can recognize keys included in a message by the following header and footer:
-----BEGIN PGP PUBLIC KEY BLOCK----------
and
-----END PGP PUBLIC KEY BLOCK-----
To import keys, select the text from the beginning of the header to the end of the footer and choose Decrypt/Verify in the FileCrypt menu.
IN THE FINDER
Encrypting and/or signing a document
Select one or more files in the Finder then choose Encrypt/Sign in the FileCrypt menu. In the Encrypt/Sign dialog which appears, set the different parameters as explained in the paragraph on Encryption in applications above and click on OK.
TIP: You can also select one or more folders, then choose Encrypt/Sign. FileCrypt will then encrypt and/or sign all files contained in the selected folders and their subfolders.
Decrypting a message and/or verifying a signature
Select one or several files in the Finder then choose Decrypt/Verify in the FileCrypt menu. You will be prompted to enter the password of your secret key to decrypt encrypted messages. For each signed message, a dialog will appear mentioning the originator of the message if his public key is in your key ring, and stating whether the signature matches the document or not. No password is required to verify a signature.
TIP: You can also select one or more folders, then choose Decrypt/Verify. FileCrypt will then decrypt and verify the signatures for all files contained in the selected folders and their subfolders. Files which are neither encrypted nor signed remain untouched.
