Guard7

Protect your confidential information easy.


Guard7
Version 1.0

Guard7 is a general purpose cryptography tool that can be used to encrypt, decrypt email, file, sign and verify files. It is the graphical frontend for the GNU Privacy Guard (GnuPG or GPG, http://www.gnupg.org) with additional features. Guard7 is an encryption and decryption system based on industry standard that can ensure the complete security of business negotiations or personal messages. It was developed to make the daily work with GnuPG easy and simple.

It's free!

If you can't open the link above, please launch App Store and found Guard7 by searching.

Why

The most difference between "public key cryptography" and normal "password protected cryptography" is that the first approach don't ask you to distribute any password to anyone or any unsafe place, e.g. email, chat app, or internet. That is, you send an encrypted file to someone, but don't need send any password to him/her. And most important point is, you need an encryption tool that has industrial strength to protect your confidential information.

General Features

  • Group and subkey management.
  • Drag operation for group organisation, easily manage hundreds of contacts by company and department.
  • Smoothly integrated with the macOS' built-in Mail app, easily organise dozens of recipients for email message.
  • Encrypt, Decrypt email and file by conveniently dragging operation.
  • Multiple keyring management. Switch between different keyring just requires a simple click.
  • Import keyring and key from Linux, Mac, Windows, and Unix, compatible with GnuPG 1.x and 2.x version and OpenPGP.
  • Query, download or upload key to PGP key servers.
  • Easily manage key and subkeys, edit key by simple click.
  • Without complex installation, configuration or double boring questions.

Basic Usage

You don't need to know more about public-key encryption at all, you can get industry-level information protection with just a few simple steps.

  1. Generate a key pair for yourself.
    Click and the system will generate the public and private key for you. You should send the public key to others who can then encrypt the message for you. The private key is used to decrypt message. You SHOULD NOT send your private key to anyone, just keep it VERY CAREFULLY.

  2. Distribute your public key.
    Select your key, click and then select "Export Public Key", your public key file will be created. Put your public key in the GPG server, your web site or send it directly to others via email.

  3. Import other people's public key.
    Ask someone else to send his public key to you, or if he has already distributed his public key on GPG server, you need to download it and then simply drag the key file into the system to import it.

  4. Use other people's public key to encrypt message, and then sent to them.
    Drag their email (public key) into the right drop area as recipients, and then encrypt your message or file.

  5. Decrypt message with your own private key.
    If someone else has your public key, they can encrypt message with your public key, and you can decrypt the message with your private key. When you decrypt a message or file, or verify file, you don't need to do extra actions. The system will automatically use the default master key you set, that is, you don't need to choose your own private key.

Encrypt or sign file follows the same steps and principles.

Group Contacts

Organise your contacts by company and department.

  • Click to add new group.
  • Click the minus symbol '-' under the tree to delete key or group.
  • Add key to group: drag the primary key to the group that you want it belongs to.
  • Delete association between key and group: drag the primary key out of the group to a blank space.
  • Edit group name: click the group then edit its name just like in Finder.

Tips: Drag operation only available for the primary keys that always display an email address.

File Types

  • : .asc files, key file or signed signature file.
  • : .gml files, encrypted email message.
  • : .gpg files, encrypted and compressed File.

Name Rules
Public key has format: xx@xx_pubkey.asc
Private key has format: xx@xx_privkey.asc.



Encrypt File

  1. Drag the file into drop area.
  2. Drag the recipients from left side tree into drop area.
  3. Click on the Toolbar.
  4. Select the output directory.

Decrypt File

  1. Drag the file into drop area.
  2. Click on the Toolbar.
  3. Select the output directory.


Encrypt and Decrypt Email

Click on the Toolbar to open mail box.

Sender

  1. Input your text in the mail box.
  2. Ensure the "Attach to email" checked.
  3. Drag the recipients from left side tree into drop area.
  4. Click "Encrypt"
  5. The engine will launch the macOS's built-in Mail app and create a mail automatically.
  6. The content of the encrypted message will be attached in the mail with .gml extension.

Tips: Use Up/Down arrow key to select multiple recipients.

Receiver

  1. Launch the macOS's built-in Mail app if it haven't opened.
  2. Select the mail that you want to view in Inbox.
  3. Click "Decrypt"
  4. Guard7 will decrypt the message attached in the selected email that has a .gml extension.

View message file without open Mail App

  • Save the attachment that has .gml extension to your disk.
  • Click on the Toolbar if mail box haven't opened.
  • Drag the .gml into mail box then the content will be decrypted automatically.


Encrypt and Decrypt Plain Text

Click on the Toolbar to open mail box.

Sender

  1. Input your text in the mail box.
  2. Uncheck the "Attach to email".
  3. Drag the recipients from left side tree into drop area.
  4. Click "Encrypt".
  5. The engine will produce text with two marks, begin with "-----BEGIN PGP MESSAGE-----" and end with "-----END PGP MESSAGE-----".
  6. Copy the content and paste it into Web Mail(e.g. Gmail, Yahoo! Mail), Chat Apps (such as Jabber, ICQ, Skype, Viber, Google Hangouts, WhatsApp, LINE, Discord, Ventrilo, TeamSpeak, Kik, Slack, Telegram, etc), any software that you want to translate your confidential message.

Receiver

  1. Past text that has "-----BEGIN PGP MESSAGE-----" and "-----END PGP MESSAGE-----" marks.
  2. Uncheck the "Attach to email".
  3. Click "Decrypt".
  4. The engine will decode the message and output the result in the mail box.

With the help of Guard7 you can encrypt any text message and send it in any way convenient for you.



Recipients Organisation

  1. Drag key or group form left side tree into drop area.
  2. Right click to see more details of the key.
  3. Right click to remove some recipients.

Sign File

  1. Drag the file into drop area.
  2. Click on the Toolbar.
  3. Select the output directory.

Verify File

  1. Drag the file into drop area.
  2. Click on the Toolbar.
  3. Select the location (directory) of the signed file, normally it should together with the signature file in the same directory.


Edit Key

  1. Reset expire date.
  2. Reset passphrase.
  3. Sign key with a different trust level. There's five trust level:
      1 = Don't know
      2 = I do NOT trust
      3 = I trust marginally
      4 = I trust fully
      5 = I trust ultimately
    This option help you to decide how far you trust this user to correctly verify other users' keys.
  4. Set the key as your default master key.
  5. Create subkey separately used for encrypt or signing.

Operation with Finder

  1. Drag key file into left side tree then you can import them.
  2. Drag encrypted file, signature file or message into drop area then you can decrypt, verify or read them.
  3. Select key file, signature file, encrypted file or message in Finder, right click "Open With" then you can import key, verify, decrypt or read the message.

Keyring Management

keyring is a package working like a folder that binding group info, public and private key together, it's a common zip file when you export a keyring. The system will automatically create a keyring named as "home" for you if there's no any keyring exists when you run Guard7 first time.

Click "Preferences" on main menu.

  1. Create new keyring.
    When your contacts are too many, such as thousands, or other reasons you need to create a separate keyring for a large number of contacts.

  2. Import or export keyring.
    You need to import keyring from other system, e.g. Linux. and when backup or change hardware you need to export keyring. Please compress your ~/.gpg as a tar file when import keyring from Linux.

  3. Switch keyring.
    keyring enable you to organise group, contacts like folder and can conveniently switch between them.

Key Management

  1. Never send your private key to others.
  2. Keep your private key on a USB drive is good, but print it on paper and lock it in a safe will be more reliable.
  3. Backup your keyring carefully.
  4. Sign and encrypt messages with your subkey.
  5. Sign and encrypt files with your subkey.
  6. Verify a key in an efficient way is, directly make a phone call and ask he/she read out the fingerprint of the key.

References

  1. GNU Privacy Guard, http://www.gnupg.org.
  2. Public key cryptography on Wikipedia, Public-key Cryptography.