HowTo Compile GnuPG with IDEA and Camellia Ciphers

**Updated to Include GPG and GPG2

PreRequisite Packages for Both Version

1. Dependencies:
build-essential, linux-header files, subversion, automake

(Cut and paste following inside terminal to install necessary dependencies)
sudo aptitude install build-essential linux-headers-$(uname -r) subversion automake checkinstall

2. Working Directory Structure (Using this directory structure so guide is coherent. You may choose to download your svn sources and libs and place them in a different directory)


mkdir -p ~/src
cd ~/src
mkdir -p gnupg
mkdir -p gnupg2


Compilation of GnuPG (GnuPG Version 1)
***Platforms Tested: Ubuntu, Cygwin (Although installation steps are slightly different)

Requirements
1. SVN sources of GnuPG
2. IDEA module (Optional)
3. BZIP2 Developmental library

We will be using the GnuPG svn stable branch

GnuPG (Version 1) SVN Source Files


cd ~/src
svn co svn://cvs.gnupg.org/gnupg/branches/STABLE-BRANCH-1-4 gnupg
cd gnupg


(Optional) IDEA module


cd ~/src/gnupg/cipher
wget ftp://ftp.gnupg.dk/pub/contrib-dk/idea.c.gz
gunzip idea.c.gz
cd ~/src/gnupg


BZIP2 library

sudo aptitude install libbz2-dev

Compile GnuPG enabling camellia and idea ciphers

./autogen.sh --force
./configure --enable-camellia --enable-idea --enable-maintainer-mode
make
make check

Choose one of the Following Options (First Option Recommended if Installing Within the Apt Packaging System):
sudo checkinstall -D --fstrans=no --install=yes --pkgname gnupg --pkgversion svn-`svn info|grep Revision |cut -f2 -d' '`
sudo make install


gnupg.exe will be installed to /usr/local/bin. You need to ensure in your PATH environment variable that /usr/local/bin is listed before /usr/bin (echo $PATH). This is normally to the case unless the path statement has been modified.

To check the ciphers available with gpg
gpg --version

Example showing installed gpg version:

$ gpg --version
gpg (GnuPG) 1.4.10-svn4881
Copyright (C) 2008 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: ~/.gnupg
Supported algorithms:
Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA
Cipher: 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH, CAMELLIA128,
CAMELLIA192, CAMELLIA256
Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2


(Optional)Generating the gpg.conf directory (Needed if going to be modifying default gpg behaivor)


mkdir -p ~/.gnupg
chmod 600 ~/.gnupg
cp /usr/local/share/gnupg/options.skel ~/.gnupg/gpg.conf


I would recommend reading about the various options that can be included/modified in this file, however recommend the following flags be included in the file:

enable-dsa2
personal-cipher-preferences
personal-digest-preferences
personal-compress-preferences
default-preference-list

The preferences above need preferences specified explicitly if wanting to change the default SHA1 digest algorithm to SHA256 or SHA512.

------------------------------------------------------------------------------------
Compilation of GnuPG2 (GnuPG version 2)
***Platforms Tested: Ubuntu, (Unable to compile with Cygwin)

Requirements
1. Additional Prerequisite Dependenices needed for GnuPG2
2. SVN sources of GnuPG2

Additional GnuPG2 PreRequisite Dependencies

sudo aptitude install libksba-dev libpth-dev texinfo transfig libbz2-dev
cd ~/src
wget ftp://ftp.gnupg.org/gcrypt/libassuan/libassuan-1.0.5.tar.bz2
tar jxvf libassuan-1.0.5.tar.bz2
cd libassuan-1.0.5
./configure && make

Choose one of the Following Options (First Option Recommended if Installing Within the Apt Packaging System):
sudo checkinstall -D --fstrans=no --install=yes --pkgname libassuan --pkgversion 1.0.5
sudo make install

cd ~/src
svn co svn://cvs.gnupg.org/libgcrypt/trunk libgcrypt
cd libgcrypt
./autogen.sh && ./configure --enable-maintainer-mode && make && make check

Choose one of the Following Options (First Option Recommended if Installing Within the Apt Packaging System):
sudo checkinstall -D --fstrans=no --install=yes --pkgname libgcrypt --pkgversion svn-`svn info|grep Revision |cut -f2 -d' '`
sudo make install



GnuPG2 SVN Installation -- Enabling Camellia Cipher


cd ~/src
svn co svn://cvs.gnupg.org/gnupg/trunk gnupg2
cd ~/src/gnupg2
./autogen.sh --force
./configure --sysconfdir=/etc --enable-maintainer-mode --enable-camellia
make
make check

Choose one of the Following Options (First Option Recommended if Installing Within the Apt Packaging System):
sudo checkinstall -D --fstrans=no --install=yes --pkgname gnupg2 --pkgversion svn-`svn info|grep Revision |cut -f2 -d' '`
sudo make install


gnupg2 will be installed to /usr/local/bin. You need to ensure in your PATH environment variable that /usr/local/bin is listed before /usr/bin.

To check the ciphers available with gpg2
gpg2 --version

Example showing installed gpg2 version:

$ gpg2 --version
gpg (GnuPG) 2.0.10-svn4881
libgcrypt 1.4.1
Copyright (C) 2008 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: ~/.gnupg
Supported algorithms:
Pubkey: RSA, ELG, DSA
Cipher: 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH, CAMELLIA128,
CAMELLIA192, CAMELLIA256
Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2


(Optional)Generating the gpg.conf directory (Needed if going to be modifying default gpg behaivor)


mkdir -p ~/.gnupg
chmod 600 ~/.gnupg
cp /usr/local/share/gnupg/options.skel ~/.gnupg/gpg.conf


I would recommend reading about the various options that can be included/modified in this file, however recommend the following flags be included in the file:

enable-dsa2
personal-cipher-preferences
personal-digest-preferences
personal-compress-preferences
default-preference-list

The preferences above need preferences specified explicitly if wanting to change the default SHA1 digest algorithm to SHA256 or SHA512.
_________________________________________________
Updating the GnuPG and GnuPG2 Installation

Since both GnuPG and GnuPG2 were installed from svn source packages, it is easy to update the packages when new svn sources are released.


Updating the GnuPG Installation


cd ~/src/gnupg
svn up
rm -rf autom4te.cache
./autogen.sh && ./configure --enable-maintainer-mode --enable-camellia --enable-idea && make

Depending on the method Used to Install the Original Installation (Choose One of the following):
sudo checkinstall -D --fstrans=no --install=yes --pkgname gnupg --pkgversion svn-`svn info|grep Revision |cut -f2 -d' '`
sudo make install



Updating the GnuPG2 Installation


cd ~/src/gnupg2
svn up
rm -rf autom4te.cache
./autogen.sh && ./configure --sysconfdir=/etc --enable-maintainer-mode --enable-camellia && make

Depending on the method Used to Install the Original Installation (Choose One of the following):
sudo checkinstall -D --fstrans=no --install=yes --pkgname gnupg2 --pkgversion svn-`svn info|grep Revision |cut -f2 -d' '`
sudo make install

Thank you kevdog. I have just made and installed GnuPG with IDEA, couldn't have done it without these instructions.

I do not have msgmerge (Gutsy install), so the autogen.sh script was failing. Commenting out the check allowed it to proceed.

Could you tell me what msgmerge is?? I'm unfamiliar with this tool and might update the instructions based on your response.

Updated to include GnuPG and GnuPG2

Updated to include checkinstall method to introduce installation within the apt packaging system.

Kevdog,

Thanks so much!! I was beginning to wonder if anyone was ever going to reply to one of my posts!

I had seen this article you reference before, but I was leery about implementing it, because I didn't know how it would interact with apt/synaptic/etc. when new releases came out for GPG on Ubuntu. But I'll give it a shot now that you indicate it is the preferred solution.

By the way (and this is probably better suited for the Absolute Beginner's forum), is there a way to get the source code with apt (or apt-get, etc.) and then build GPG with debuild or something like that (having included the IDEA module, of course)? I think that might be a little better to work with the Ubuntu system.

Thanks again!

Sincerely,
Jeffrey Rolland

Just my opinion

I would still use the sudo make install method rather than checkinstall to install the svn sources of gnupg. SVN are the latest and greatest releases, although they might theoretically not be stable (although Ive never run into this situation before!). The SVN version is usually many generations ahead of the version offered in the Ubuntu repositories and allows for bug fixes.

Because you are compiling from source and installing outside the apt system (when using sudo make install), the binaries will be placed within the /usr/local tree -- such as in /usr/local/bin. Its possible to keep Ubuntu's repository version installed in the system since this is installed within the /usr tree -- such as /usr/bin. Hence its possible to have two version of gnupg on the system at the same time. The directories listed in you $PATH environment variable will show which directory path is preferred, although by default, /usr/local/bin is preferred over /usr/bin.

There is no other way I know how to get the sources other than from svn or downloading the .tar.gz or .tar.bz2 files directly. It may be possible to grab the source using apt, however this likely gives you no advantage to using the binary version, since its the same version (although I suppose you could add the idea module into the default source tree). My recommendation -- stick with svn tree if possible.

Hopefully that answered your questions somewhat!

OK, I followed the HowTo (so perfectly written - thank you so much!), using the checkinstall option, and gpg now runs fine - with IDEA! - from the command line.

I didn't do the optional "Generating the gpg.conf directory" set of instructions.

However, now I can't use Seahorse. Actually, more precisely, the program "Passwords and Encryption Keys" won't load, and when I double-click on a .gpg (or .pgp) file - or right-click a .gpg (or .pgp) file and select "Open with 'Decrypt File'" - nothing happens.

Is there a simple fix to make this gpg work from the GUI again?

Thanks for all your help!

Sincerely,
Jeffrey Rolland

I never use seahorse, so I might be out in left field here, but is there a path conflict perhaps -- meaning it can't find it located in /usr/bin?

When I try to launch seahorse from the command line, I get the error messages

** Message: init gpgme version 1.1.6

** (seahorse:16667): CRITICAL **: init_gpgme: assertion `GPG_IS_OK (err)' failed

** (seahorse:16667): CRITICAL **: seahorse_pgp_source_init: assertion `GPG_IS_OK (gerr)' failed
Segmentation fault

Does this mean anything to anyone?

Just for the record, I get the same error. I'm trying to contact the developers on freenode to figure out the mess. This may take some time however. The channel is dead. Hopefully more info later :)

Actually, it is an easy fix: just open a terminal and type

"sudo ln -s /usr/local/bin/gpg /usr/bin/gpg"

(without the quotes). Works like greased lightning after that.