Warning, /gpgme/README is written in an unsupported language. File is not indexed.

0001                        GPGME - GnuPG Made Easy
0002                      ---------------------------
0003 
0004 Copyright 2001-2018 g10 Code GmbH
0005 
0006 This file is free software; as a special exception the author gives
0007 unlimited permission to copy and/or distribute it, with or without
0008 modifications, as long as this notice is preserved.
0009 
0010 This file is distributed in the hope that it will be useful, but
0011 WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
0012 implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
0013 PURPOSE.
0014 
0015 
0016 Introduction
0017 --------------
0018 
0019 GnuPG Made Easy (GPGME) is a C language library that allows to add
0020 support for cryptography to a program.  It is designed to make access
0021 to public key crypto engines like GnuPG or GpgSM easier for
0022 applications.  GPGME provides a high-level crypto API for encryption,
0023 decryption, signing, signature verification and key management.
0024 
0025 GPGME comes with language bindings for Common Lisp, C++, QT, Python2,
0026 and Python 3.
0027 
0028 GPGME uses GnuPG as its backend to support OpenPGP and the
0029 Cryptographic Message Syntax (CMS).
0030 
0031 See the files COPYING, COPYING.LESSER, and each file for copyright and
0032 warranty information.  The file AUTHORS has a list of authors and
0033 useful web and mail addresses.
0034 
0035 
0036 Installation
0037 --------------
0038 
0039 See the file INSTALL for generic installation instructions.
0040 
0041 Check that you have unmodified sources.  See below on how to do this.
0042 Don't skip it - this is an important step!
0043 
0044 To build GPGME, you need to install libgpg-error (>= 1.24) and
0045 Libassuan (>= 2.4.2).
0046 
0047 For support of the OpenPGP and the CMS protocols, you should use the
0048 latest version of GnuPG (>= 2.1.18) , available at:
0049 https://gnupg.org/ftp/gcrypt/gnupg/.
0050 
0051 For building the Git version of GPGME please see the file README.GIT
0052 for more information.
0053 
0054 
0055 How to Verify the Source
0056 --------------------------
0057 
0058 In order to check that the version of GPGME which you are going to
0059 install is an original and unmodified one, you can do it in one of the
0060 following ways:
0061 
0062 a) If you have a trusted Version of GnuPG installed, you can simply check
0063    the supplied signature:
0064 
0065         $ gpg --verify gpgme-x.y.z.tar.gz.sig gpgme-x.y.z.tar.gz
0066 
0067    This checks that the detached signature gpgme-x.y.z.tar.gz.sig is
0068    indeed a a signature of gpgme-x.y.z.tar.gz.  The key used to create
0069    this signature is at least one of:
0070 
0071      rsa2048 2011-01-12 [expires: 2019-12-31]
0072      Key fingerprint = D869 2123 C406 5DEA 5E0F  3AB5 249B 39D2 4F25 E3B6
0073      Werner Koch (dist sig)
0074 
0075      rsa2048 2014-10-29 [expires: 2019-12-31]
0076      Key fingerprint = 46CC 7308 65BB 5C78 EBAB  ADCF 0437 6F3E E085 6959
0077      David Shaw (GnuPG Release Signing Key) <dshaw 'at' jabberwocky.com>
0078 
0079      rsa2048 2014-10-29 [expires: 2020-10-30]
0080      Key fingerprint = 031E C253 6E58 0D8E A286  A9F2 2071 B08A 33BD 3F06
0081      NIIBE Yutaka (GnuPG Release Key) <gniibe 'at' fsij.org>
0082 
0083      rsa3072 2017-03-17 [expires: 2027-03-15]
0084      Key fingerprint = 5B80 C575 4298 F0CB 55D8  ED6A BCEF 7E29 4B09 2E28
0085      Andre Heinecke (Release Signing Key)
0086 
0087    The keys are available at <https://gnupg.org/signature_key.html>
0088    and in released GnuPG tarballs in the file g10/distsigkey.gpg .
0089    You have to make sure that these are really the desired keys and
0090    not faked one.  You should do this by comparing the fingerprints
0091    with the fingerprints published elsewhere.
0092 
0093 b) If you don't have any of the above programs, you have to verify
0094    the SHA1 checksum:
0095 
0096         $ sha1sum gpgme-x.y.z.tar.gz
0097 
0098    This should yield an output _similar_ to this:
0099 
0100    fd9351b26b3189c1d577f0970f9dcadc3412def1  gpgme-x.y.z.tar.gz
0101 
0102    Now check that this checksum is _exactly_ the same as the one
0103    published via the announcement list and probably via Usenet.
0104 
0105 
0106 Documentation
0107 ---------------
0108 
0109 For information how to use the library you can read the info manual,
0110 which is also a reference book, in the doc/ directory.  The programs
0111 in the tests/ directory may also prove useful.
0112 
0113 Please subscribe to the gnupg-devel@gnupg.org mailing list if you want
0114 to do serious work.
0115 
0116 For hacking on GPGME, please have a look at doc/HACKING.