2000-10-27 14:55:24 +00:00
|
|
|
GPGME - GnuPG Made Easy
|
|
|
|
---------------------------
|
|
|
|
|
2004-09-30 02:37:13 +00:00
|
|
|
Copyright 2004 g10 Code GmbH
|
|
|
|
|
|
|
|
This file is free software; as a special exception the author gives
|
|
|
|
unlimited permission to copy and/or distribute it, with or without
|
|
|
|
modifications, as long as this notice is preserved.
|
|
|
|
|
|
|
|
This file is distributed in the hope that it will be useful, but
|
|
|
|
WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
|
|
|
|
implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
|
|
|
PURPOSE.
|
|
|
|
|
|
|
|
|
|
|
|
Introduction
|
|
|
|
--------------
|
|
|
|
|
|
|
|
GnuPG Made Easy (GPGME) is a C language library that allows to add
|
|
|
|
support for cryptography to a program. It is designed to make access
|
|
|
|
to public key crypto engines like GnuPG or GpgSM easier for
|
|
|
|
applications. GPGME provides a high-level crypto API for encryption,
|
|
|
|
decryption, signing, signature verification and key management.
|
|
|
|
|
|
|
|
GPGME uses GnuPG and GpgSM as its backends to support OpenPGP and the
|
|
|
|
Cryptographic Message Syntax (CMS).
|
|
|
|
|
|
|
|
GPGME runs best on GNU/Linux or *BSD systems. Other Unices may
|
|
|
|
require small portability fixes, send us your patches.
|
|
|
|
|
2004-12-07 Marcus Brinkmann <marcus@g10code.de>
* README: Refer to COPYING.LESSER and "each file" instead of
COPYING.
* COPYING.LESSER: New file.
* gpgme.spec.in (%doc): Add COPYING.LESSER.
* acinclude.m4, configure.ac, Makefile.am: Change license to LGPL
2.1 or later.
* TODO: Add copyright notice.
* README.CVS: Likewise.
assuan/
2004-12-07 Marcus Brinkmann <marcus@g10code.de>
* README.1st: Add copyright notice.
doc/
2004-12-07 Marcus Brinkmann <marcus@g10code.de>
* Makefile.am: Change license to LGPL.
(gpgme_TEXINFOS): Replace gpl.texi with lesser.texi.
* gpgme.texi: Change license to LGPL (also for documentation of
GPGME's license).
* lesser.texi: New file.
* gpl.texi: File removed.
gpgme/
2004-12-07 Marcus Brinkmann <marcus@g10code.de>
* putc_unlocked.c, funopen.c: I just claim copyright on these
files and change their license to LGPL, because they are totally
trivial wrapper functions.
* isascii.c: Change copyright notice to the one from ctype/ctype.h
in the GNU C Library (CVS Head 2004-10-10), where isascii is
defined as a macro doing exactly the same as the function in this
file.
* memrchr.c: Update from the GNU C Library (CVS Head 2001-07-06).
* stpcpy.c: Update from the GNU C Library (CVS Head 2004-10-10).
* ath.c, ath-compat.c, ath.h, ath-pth.c, ath-pth-compat.c,
ath-pthread.c, ath-pthread-compat.c, context.h, conversion.c,
data.c, data-compat.c, data-fd.c, data.h, data-mem.c,
data-stream.c, data-user.c, debug.c, debug.h, decrypt.c,
decrypt-verify.c, delete.c, edit.c, encrypt.c, encrypt-sign.c,
engine-backend.h, engine.c, engine-gpgsm.c, engine.h, error.c,
export.c, genkey.c, get-env.c, gpgme.c, gpgme.h, import.c, io.h,
key.c, keylist.c, mkstatus, Makefile.am, ops.h, op-support.c,
passphrase.c, posix-io.c, posix-sema.c, posix-util.c, progress.c,
rungpg.c, sema.h, sign.c, signers.c, trust-item.c, trustlist.c,
util.h, verify.c, version.c, w32-io.c, w32-sema.c, w32-util.c,
wait.c, wait-global.c, wait.h, wait-private.c, wait-user.c: Change
license to LGPL.
tests/
2004-12-07 Marcus Brinkmann <marcus@g10code.de>
* gpg/mkdemodirs: Add copyright notice.
* gpgsm/Makefile.am, gpgsm/t-support.h, gpgsm/t-decrypt.c,
gpgsm/t-encrypt.c, gpgsm/t-export.c, gpgsm/t-genkey.c,
gpgsm/t-import.c, gpgsm/t-keylist.c, gpgsm/t-sign.c,
gpgsm/t-verify.c, gpg/Makefile.am, gpg/t-decrypt.c,
gpg/t-decrypt-verify.c, gpg/t-edit.c, gpg/t-encrypt.c,
gpg/t-encrypt-sign.c, gpg/t-encrypt-sym.c, gpg/t-eventloop.c,
gpg/t-export.c, gpg/t-genkey.c, gpg/t-import.c, gpg/t-keylist.c,
gpg/t-keylist-sig.c, gpg/t-sign.c, gpg/t-signers.c,
gpg/t-support.h, gpg/t-thread1.c, gpg/t-trustlist.c,
gpg/t-verify.c, Makefile.am, t-data.c, t-engine-info.c,
t-version.c: Change license to LGPL.
2004-12-07 21:11:53 +00:00
|
|
|
See the file COPYING.LESSER and each file for copyright and warranty
|
|
|
|
information.
|
2004-09-30 02:37:13 +00:00
|
|
|
|
|
|
|
|
|
|
|
Installation
|
|
|
|
--------------
|
|
|
|
|
|
|
|
See the file INSTALL for generic installation instructions.
|
|
|
|
|
|
|
|
Check that you have unmodified sources. See below on how to do this.
|
|
|
|
Don't skip it - this is an important step!
|
|
|
|
|
2003-06-06 03:04:09 +00:00
|
|
|
To build GPGME, you need to install libgpg-error. You need at least
|
2003-09-14 00:41:39 +00:00
|
|
|
libgpg-error 0.5.
|
2003-06-06 03:04:09 +00:00
|
|
|
|
2004-09-30 01:30:28 +00:00
|
|
|
For support of the OpenPGP protocol (default), you should use the
|
|
|
|
latest version of GnuPG 1.2, available at:
|
|
|
|
ftp://ftp.gnupg.org/gcrypt/gnupg/
|
2001-01-11 11:56:34 +00:00
|
|
|
|
2003-05-26 21:59:11 +00:00
|
|
|
You need at least GnuPG 1.2.2.
|
2000-11-16 17:26:53 +00:00
|
|
|
|
2001-11-23 01:12:04 +00:00
|
|
|
If configure can't find the `gpg' binary in your path, you can specify
|
|
|
|
the location with the --with-gpg=/path/to/gpg argument to configure.
|
2000-12-29 10:34:34 +00:00
|
|
|
|
2001-11-23 01:12:04 +00:00
|
|
|
For support of the CMS (Cryptographic Message Syntax) protocol, you
|
2004-09-30 01:30:28 +00:00
|
|
|
need the latest CVS version of GnuPG 1.9, which is available in the
|
|
|
|
GnuPG repository:
|
|
|
|
http://www.gnupg.org/(en)/download/cvs_access.html
|
|
|
|
Use the tag `GNUPG-1-9-BRANCH'. There are also snapshots available at:
|
|
|
|
ftp://ftp.gnupg.org/gcrypt/alpha/gnupg/
|
2000-12-19 10:07:32 +00:00
|
|
|
|
2004-04-06 14:22:55 +00:00
|
|
|
You need at least GpgSM 1.9.6.
|
2001-12-18 23:32:08 +00:00
|
|
|
|
2001-11-23 01:12:04 +00:00
|
|
|
If configure can't find the `gpgsm' binary in your path, you can
|
|
|
|
specify the location with the --with-gpgsm=/path/to/gpgsm argument to
|
|
|
|
configure.
|
|
|
|
|
2004-09-30 01:30:28 +00:00
|
|
|
For building the CVS version of GPGME please see the file README.CVS
|
|
|
|
for more information.
|
|
|
|
|
2004-09-30 02:37:13 +00:00
|
|
|
|
|
|
|
How to Verify the Source
|
|
|
|
--------------------------
|
|
|
|
|
|
|
|
In order to check that the version of GPGME which you are going to
|
|
|
|
install is an original and unmodified one, you can do it in one of the
|
|
|
|
following ways:
|
|
|
|
|
|
|
|
a) If you have a trusted Version of GnuPG installed, you can simply check
|
|
|
|
the supplied signature:
|
|
|
|
|
|
|
|
$ gpg --verify gpgme-x.y.z.tar.gz.sig
|
|
|
|
|
|
|
|
This checks that the detached signature gpgme-x.y.z.tar.gz.sig is
|
|
|
|
indeed a a signature of gpgme-x.y.z.tar.gz. The key used to create
|
|
|
|
this signature is either of:
|
|
|
|
|
|
|
|
"pub 1024D/57548DCD 1998-07-07 Werner Koch (gnupg sig) <dd9jn@gnu.org>"
|
|
|
|
"pub 1024D/87978569 1999-05-13
|
|
|
|
Marcus Brinkmann <Marcus.Brinkmann@ruhr-uni-bochum.de>
|
|
|
|
Marcus Brinkmann <mb@g10code.com>"
|
|
|
|
|
|
|
|
If you do not have this key, you can get it from any keyserver. You
|
|
|
|
have to make sure that this is really the key and not a faked one.
|
|
|
|
You can do this by comparing the output of:
|
|
|
|
|
|
|
|
$ gpg --fingerprint 0x57548DCD
|
|
|
|
|
|
|
|
with the fingerprint published elsewhere.
|
|
|
|
|
|
|
|
b) If you don't have any of the above programs, you have to verify
|
|
|
|
the MD5 checksum:
|
|
|
|
|
|
|
|
$ md5sum gpgme-x.y.z.tar.gz
|
|
|
|
|
|
|
|
This should yield an output _similar_ to this:
|
|
|
|
|
|
|
|
fd9351b26b3189c1d577f0970f9dcadc gpgme-x.y.z.tar.gz
|
|
|
|
|
|
|
|
Now check that this checksum is _exactly_ the same as the one
|
|
|
|
published via the announcement list and probably via Usenet.
|
|
|
|
|
|
|
|
|
|
|
|
Documentation
|
|
|
|
---------------
|
|
|
|
|
2004-09-30 01:30:28 +00:00
|
|
|
For information how to use the library you can read the info manual,
|
|
|
|
which is also a reference book, in the doc/ directory. The programs
|
|
|
|
in the tests/gpg/ directory may also prove useful.
|
2000-11-16 17:26:53 +00:00
|
|
|
|
2001-11-23 01:12:04 +00:00
|
|
|
Please subscribe to the gnupg-devel@gnupg.org mailing list if you want
|
|
|
|
to do serious work.
|