a python minimalistic tkinter GUI for sending securely crypted attachements
Imagine a non-technical person, wanting to send to you securely a document. Say .. your grandmother, or some of you customers depending on the situation.
For those situation, here's a quick and not-so-dirty solution.
- customize two lines in this project to fit you needs ( = your GPG key id, your associated email)
- install gpg on the person's computer (windows / linux tested)
- install this python script on the computer (see below)
- run it, add a file, send, done !
The idea here is to have one tailor-made tool dedicated to send emails securely to ONE recipient, hardcoded in the tool ... because it's my usecase.
Target audience was initially french only, so most messages are hardcoded in french. Deal with it.
It's not nice, maybe even on the ugly side, probably full of issues and limitations, but works for me and is straightforward to use. Mission accomplished :)
You should now basics about python installation, pip, and virtualenv, if not browse the web for it. No development skills required, but you need to install and run python.
You should now about GPG, have a public/private keypair ready, and publish it (recommended on pool.sks-keyservers.net, else you'll need to edit keyservers in GpgMail.py)
install GPG
should be easy enough, if not installed by default for your package manager day-to-day use. (apt-get install or yum, or pacman, choose your flavor)
GPG4Win is available here, install it.
On a computer using the same OS as the target OS : install python >= 3.6
Create a virtualenv, run pip install -r requirements.txt
Check it looks like it works : python GpgMail.py
Edit the head of GpgMail.py :
# customize these 2 lines for emails *recipient*'s gpg public key id
GPG_KEY_ID = "0x1254798657465446"
GPG_DEST_EMAIL = "someone@nowhere.com"note the Ox in front of the key id, don't forget it or nothing will work.
I personnaly use pyinstaller. Example below is for linux users but things are the same on windows, excpet for the zip command.
pip install pyinstaller
pyinstaller -w GpgMail.py
cd dist
zip -r gpgmail.zip GpgMail
You'll get a "dist" directory containing a "GpgMail" directory and gpgmail.zip : bring the latter to the sender's computer.
Unzip gpgmail.zip somewhere, run GpgMail from inside or GpgMail.exe on windows ... and proceed to first run configuration.
The sender need an smtp server to send emails, obviously :)
On first run, a configuration window will appear, fill in the fields :
- smtp server and port
- smtp user
- smtp password (stored crypted, but displayed clearly on first run)
- sender's email
Easy as 1, 2, 3
- 1 : add a file using the dedicated button
- 2 : add an object to the mail, and maybe some text
- 3 : click send
File is crypted, mail is sent, and only the recipient can decipher it. Profit.
logs are available alongside GpgMail executable (secure-mail.log)
You can increase verbosity by changing loglevel : in _gpg\secure-mail.conf change log_level to 10 for DEBUG. (levels are standard python logging values : 50 for less verbose to 10 for DEBUG, 20 is INFO which is also the default value)
In case gpg cannot fetch the keys, check that your DNS nameserver is 8.8.8.8 (or change it to this at least for one run). Don't ask me why, but other nameservers, such as local relay nameservers may cause unexpected issues. Using Linux, it means changing /etc/resolv.conf in most (?) cases.