009e26a989
* configure.ac: Set LT version to C21/A10/R0.
121 lines
4.1 KiB
Plaintext
121 lines
4.1 KiB
Plaintext
GPGME - GnuPG Made Easy
|
|
---------------------------
|
|
|
|
Copyright 2004, 2006, 2010, 2012, 2013 g10 Code GmbH
|
|
|
|
This file is free software; as a special exception the author gives
|
|
unlimited permission to copy and/or distribute it, with or without
|
|
modifications, as long as this notice is preserved.
|
|
|
|
This file is distributed in the hope that it will be useful, but
|
|
WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
|
|
implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
|
PURPOSE.
|
|
|
|
|
|
Introduction
|
|
--------------
|
|
|
|
GnuPG Made Easy (GPGME) is a C language library that allows to add
|
|
support for cryptography to a program. It is designed to make access
|
|
to public key crypto engines like GnuPG or GpgSM easier for
|
|
applications. GPGME provides a high-level crypto API for encryption,
|
|
decryption, signing, signature verification and key management.
|
|
|
|
GPGME uses GnuPG and GpgSM as its backends to support OpenPGP and the
|
|
Cryptographic Message Syntax (CMS).
|
|
|
|
GPGME runs best on GNU/Linux or *BSD systems. Other Unices may
|
|
require small portability fixes, please send us your patches.
|
|
|
|
See the files COPYING, COPYING.LESSER, and each file for copyright and
|
|
warranty information. The file AUTHORS has a list of authors and
|
|
useful web and mail addresses.
|
|
|
|
|
|
Installation
|
|
--------------
|
|
|
|
See the file INSTALL for generic installation instructions.
|
|
|
|
Check that you have unmodified sources. See below on how to do this.
|
|
Don't skip it - this is an important step!
|
|
|
|
To build GPGME, you need to install libgpg-error (>= 1.8) and
|
|
Libassuan (>= 2.0.2).
|
|
|
|
For support of the OpenPGP protocol (default), you should use the
|
|
latest version of GnuPG (>= 1.4) , available at:
|
|
ftp://ftp.gnupg.org/gcrypt/gnupg/
|
|
For support of the CMS (Cryptographic Message Syntax) protocol, you
|
|
need a GnuPG version >= 2.0.
|
|
|
|
If configure can't find the `gpg' binary in your path, you can specify
|
|
the location with the --with-gpg=/path/to/gpg argument to configure.
|
|
|
|
If configure can't find the `gpgsm' binary in your path, you can
|
|
specify the location with the --with-gpgsm=/path/to/gpgsm argument to
|
|
configure.
|
|
|
|
On some platforms GPGME based applications might hang at certain
|
|
operations when using GPGME_PROTOCOL_CMS. A workaround for this
|
|
problem is to build with the configure option --disable-fd-passing.
|
|
|
|
For building the GIT version of GPGME please see the file README.GIT
|
|
for more information.
|
|
|
|
|
|
How to Verify the Source
|
|
--------------------------
|
|
|
|
In order to check that the version of GPGME which you are going to
|
|
install is an original and unmodified one, you can do it in one of the
|
|
following ways:
|
|
|
|
a) If you have a trusted Version of GnuPG installed, you can simply check
|
|
the supplied signature:
|
|
|
|
$ gpg --verify gpgme-x.y.z.tar.gz.sig
|
|
|
|
This checks that the detached signature gpgme-x.y.z.tar.gz.sig is
|
|
indeed a a signature of gpgme-x.y.z.tar.gz. The key used to create
|
|
this signature is either of:
|
|
|
|
"pub 2048R/4F25E3B6 2011-01-12 Werner Koch (dist sig)"
|
|
"pub 1024D/87978569 1999-05-13
|
|
Marcus Brinkmann <Marcus.Brinkmann@ruhr-uni-bochum.de>
|
|
Marcus Brinkmann <mb@g10code.com>"
|
|
|
|
If you do not have this key, you can get it from any keyserver. You
|
|
have to make sure that this is really the key and not a faked one.
|
|
You can do this by comparing the output of:
|
|
|
|
$ gpg --fingerprint 0x4F25E3B6
|
|
|
|
with the fingerprint published elsewhere.
|
|
|
|
b) If you don't have any of the above programs, you have to verify
|
|
the SHA1 checksum:
|
|
|
|
$ sha1sum gpgme-x.y.z.tar.gz
|
|
|
|
This should yield an output _similar_ to this:
|
|
|
|
fd9351b26b3189c1d577f0970f9dcadc3412def1 gpgme-x.y.z.tar.gz
|
|
|
|
Now check that this checksum is _exactly_ the same as the one
|
|
published via the announcement list and probably via Usenet.
|
|
|
|
|
|
Documentation
|
|
---------------
|
|
|
|
For information how to use the library you can read the info manual,
|
|
which is also a reference book, in the doc/ directory. The programs
|
|
in the tests/gpg/ directory may also prove useful.
|
|
|
|
Please subscribe to the gnupg-devel@gnupg.org mailing list if you want
|
|
to do serious work.
|
|
|
|
For hacking on GPGME, please have a look at doc/HACKING.
|