Imported Upstream version 1.12.0upstream/1.12.0

1 files changed, 148 insertions, 75 deletions

diff --git a/doc/gpgme.info-1 b/doc/gpgme.info-1
index af6d6b4..4851eeb 100644
--- a/doc/gpgme.info-1
+++ b/doc/gpgme.info-1
@@ -1,6 +1,6 @@
 This is gpgme.info, produced by makeinfo version 6.3 from gpgme.texi.
 
-Copyright © 2002–2008, 2010, 2012–2017 g10 Code GmbH.
+Copyright © 2002–2008, 2010, 2012–2018 g10 Code GmbH.
 
      Permission is granted to copy, distribute and/or modify this
      document under the terms of the GNU General Public License as
@@ -19,10 +19,10 @@ END-INFO-DIR-ENTRY
 
    This file documents the GPGME library.
 
-   This is Edition 1.11.1-beta7, last updated 20 April 2018, of ‘The
-‘GnuPG Made Easy’ Reference Manual’, for Version 1.11.1-beta7.
+   This is Edition 1.11.2-beta291, last updated 30 September 2018, of
+‘The ‘GnuPG Made Easy’ Reference Manual’, for Version 1.11.2-beta291.
 
-   Copyright © 2002–2008, 2010, 2012–2017 g10 Code GmbH.
+   Copyright © 2002–2008, 2010, 2012–2018 g10 Code GmbH.
 
      Permission is granted to copy, distribute and/or modify this
      document under the terms of the GNU General Public License as
@@ -41,9 +41,9 @@ File: gpgme.info,  Node: Top,  Next: Introduction,  Up: (dir)
 Main Menu
 *********
 
-This is Edition 1.11.1-beta7, last updated 20 April 2018, of ‘The ‘GnuPG
-Made Easy’ Reference Manual’, for Version 1.11.1-beta7 of the GPGME
-library.
+This is Edition 1.11.2-beta291, last updated 30 September 2018, of ‘The
+‘GnuPG Made Easy’ Reference Manual’, for Version 1.11.2-beta291 of the
+GPGME library.
 
 * Menu:
 
@@ -1780,6 +1780,26 @@ of the data objects is not limited by GPGME.
      object was successfully created, and ‘GPG_ERR_ENOMEM’ if not enough
      memory is available.
 
+ -- Function: gpgme_error_t gpgme_data_new_from_estream
+          (gpgme_data_t *DH, gpgrt_stream_t STREAM)
+     The function ‘gpgme_data_new_from_estream’ creates a new
+     ‘gpgme_data_t’ object and uses the gpgrt stream STREAM to read from
+     (if used as an input data object) and write to (if used as an
+     output data object).
+
+     When using the data object as an input buffer, the function might
+     read a bit more from the stream than is actually needed by the
+     crypto engine in the desired operation because of internal
+     buffering.
+
+     Note that GPGME assumes that the stream is in blocking mode.
+     Errors during I/O operations, except for EINTR, are usually fatal
+     for crypto operations.
+
+     The function returns the error code ‘GPG_ERR_NO_ERROR’ if the data
+     object was successfully created, and ‘GPG_ERR_ENOMEM’ if not enough
+     memory is available.
+
 
 File: gpgme.info,  Node: Callback Based Data Buffers,  Prev: File Based Data Buffers,  Up: Creating Data Buffers
 
@@ -2260,6 +2280,7 @@ File: gpgme.info,  Node: Context Attributes,  Next: Key Management,  Prev: Resul
 * Progress Meter Callback::       Being informed about the progress.
 * Status Message Callback::       Status messages received from gpg.
 * Locale::                        Setting the locale of a context.
+* Additional Logs::               Additional logs of a context.
 
 
 File: gpgme.info,  Node: Protocol Selection,  Next: Crypto Engine,  Up: Context Attributes
@@ -2569,6 +2590,8 @@ File: gpgme.info,  Node: Key Listing Mode,  Next: Passphrase Callback,  Prev: In
           keyring should be searched for keys in the keylisting
           operation.  This is the default.
 
+          Using only this option results in a ‘--list-keys’.
+
      ‘GPGME_KEYLIST_MODE_EXTERN’
           The ‘GPGME_KEYLIST_MODE_EXTERN’ symbol specifies that an
           external source should be searched for keys in the keylisting
@@ -2577,10 +2600,15 @@ File: gpgme.info,  Node: Key Listing Mode,  Next: Passphrase Callback,  Prev: In
           ‘GPGME_KEYLIST_MODE_LOCAL’.  For example, it can be a remote
           keyserver or LDAP certificate server.
 
+          Using only this option results in a ‘--search-keys’ for
+          ‘GPGME_PROTOCOL_OpenPGP’ and something similar to
+          ‘--list-external-keys’ for ‘GPGME_PROTOCOL_CMS’.
+
      ‘GPGME_KEYLIST_MODE_LOCATE’
           This is a shortcut for the combination of
-          ‘GPGME_KEYLIST_MODE_LOCAL’ and ‘GPGME_KEYLIST_MODE_EXTERN’ and
-          convenient when the –locate-key feature of OpenPGP is desired.
+          ‘GPGME_KEYLIST_MODE_LOCAL’ and ‘GPGME_KEYLIST_MODE_EXTERN’,
+          which results in a ‘--locate-keys’ for
+          ‘GPGME_PROTOCOL_OpenPGP’.
 
      ‘GPGME_KEYLIST_MODE_SIGS’
           The ‘GPGME_KEYLIST_MODE_SIGS’ symbol specifies that the key
@@ -2876,7 +2904,7 @@ File: gpgme.info,  Node: Status Message Callback,  Next: Locale,  Prev: Progress
           The string given in VALUE is passed to the GnuPG engines to
           request restrictions based on the origin of the request.
           Valid values are documented in the GnuPG manual and the gpg
-          man page under the option “–request-origin”.  Requires at
+          man page under the option ‘--request-origin’.  Requires at
           least GnuPG 2.2.6 to have an effect.
 
      ‘"no-symkey-cache"’
@@ -2885,6 +2913,25 @@ File: gpgme.info,  Node: Status Message Callback,  Next: Locale,  Prev: Progress
           specific salt value.  Requires at least GnuPG 2.2.7 to have an
           effect.
 
+     ‘"ignore-mdc-error"’
+          This flag passes the option ‘--ignore-mdc-error’ to gpg.  This
+          can be used to force decryption of a message which failed due
+          to a missing integrity check.  This flag must be used with
+          great caution and only if it is a known non-corrupted old
+          message and the decryption result of the former try had the
+          decryption result flag ‘legacy_cipher_nomdc’ set.  For
+          failsafe reasons this flag is reset after each operation.
+
+     ‘"auto-key-locate"’
+          The string given in VALUE is passed to gpg.  This can be used
+          to change the behavior of a ‘GPGME_KEYLIST_MODE_LOCATE’
+          keylisting.  Valid values are documented in the GnuPG manual
+          and the gpg man page under the option ‘--auto-key-locate’.
+          Requires at least GnuPG 2.1.18.
+
+          Note: Keys retrieved through ‘auto-key-locate’ are
+          automatically imported in the keyring.
+
      This function returns ‘0’ on success.
 
  -- Function: const char * gpgme_get_ctx_flag (gpgme_ctx_t CTX,
@@ -2899,7 +2946,7 @@ File: gpgme.info,  Node: Status Message Callback,  Next: Locale,  Prev: Progress
      test for an empty string can be used to get the boolean value.
 
 
-File: gpgme.info,  Node: Locale,  Prev: Status Message Callback,  Up: Context Attributes
+File: gpgme.info,  Node: Locale,  Next: Additional Logs,  Prev: Status Message Callback,  Up: Context Attributes
 
 7.4.13 Locale
 -------------
@@ -2938,6 +2985,66 @@ contexts created afterwards.
      The function returns an error if not enough memory is available.
 
 
+File: gpgme.info,  Node: Additional Logs,  Prev: Locale,  Up: Context Attributes
+
+7.4.14 Additional Logs
+----------------------
+
+Additional logs can be associated with a context.  These logs are engine
+specific and can be be obtained with ‘gpgme_op_getauditlog’.
+
+ -- Function: gpgme_error_t gpgme_op_getauditlog (gpgme_ctx_t CTX,
+          gpgme_data_t OUTPUT, unsigned int FLAGS)
+     SINCE: 1.1.1
+
+     The function ‘gpgme_op_getauditlog’ is used to obtain additional
+     logs as specified by FLAGS into the OUTPUT data.  If
+
+     The function returns the error code ‘GPG_ERR_NO_ERROR’ if a log
+     could be queried from the engine, and ‘GPG_ERR_NOT_IMPLEMENTED’ if
+     the log specified in FLAGS is not available for this engine.  If no
+     log is available ‘GPG_ERR_NO_DATA’ is returned.
+
+     The value in FLAGS is a bitwise-or combination of one or multiple
+     of the following bit values:
+
+     ‘GPGME_AUDITLOG_DIAG’
+          SINCE: 1.11.2
+
+          Obtain diagnostic output which would be written to ‘stderr’ in
+          interactive use of the engine.  This can be used to provide
+          additional diagnostic information in case of errors in other
+          operations.
+
+          Note: If log-file has been set in the configuration the log
+          will be empty and ‘GPG_ERR_NO_DATA’ will be returned.
+
+          Implemented for: ‘GPGME_PROTOCOL_OpenPGP’
+
+     ‘GPGME_AUDITLOG_DEFAULT’
+          SINCE: 1.11.2
+
+          This flag has the value 0 for compatibility reasons.  Obtains
+          additional information from the engine by issuing the
+          ‘GETAUDITLOG’ command.  For ‘GPGME_PROTOCOL_CMS’ this provides
+          additional information about the X509 certificate chain.
+
+          Implemented for: ‘GPGME_PROTOCOL_CMS’
+
+     ‘GPGME_AUDITLOG_HTML’
+          SINCE: 1.1.1
+
+          Same as ‘GPGME_AUDITLOG_DEFAULT’ but in HTML.
+
+          Implemented for: ‘GPGME_PROTOCOL_CMS’
+
+ -- Function: gpgme_error_t gpgme_op_getauditlog_start (gpgme_ctx_t CTX,
+          gpgme_data_t OUTPUT, unsigned int FLAGS)
+     SINCE: 1.1.1
+
+     This is the asynchronous variant of ‘gpgme_op_getauditlog’.
+
+
 File: gpgme.info,  Node: Key Management,  Next: Trust Item Management,  Prev: Context Attributes,  Up: Contexts
 
 7.5 Key Management
@@ -4178,6 +4285,10 @@ or-ed together.
      key the export format will be changed to PKCS#12 which also
      includes the certificate.  This flag may not be used with OpenPGP.
 
+‘GPGME_EXPORT_MODE_NOUID’
+     SINCE: 1.12.0 - experimental Do not export user ids.  Works only
+     with certain gpg version.
+
  -- Function: gpgme_error_t gpgme_op_export (gpgme_ctx_t CTX,
           const char *PATTERN, gpgme_export_mode_t MODE,
           gpgme_data_t KEYDATA)
@@ -4927,7 +5038,7 @@ File: gpgme.info,  Node: Decrypt,  Next: Verify,  Up: Crypto Operations
      you can retrieve the pointer to the result with
      ‘gpgme_op_decrypt_result’.  As with all result structures, it this
      structure shall be considered read-only and an application must not
-     allocated such a strucure on its own.  The structure contains the
+     allocate such a strucure on its own.  The structure contains the
      following members:
 
      ‘char *unsupported_algorithm’
@@ -4935,9 +5046,22 @@ File: gpgme.info,  Node: Decrypt,  Next: Verify,  Up: Crypto Operations
           describes the algorithm that is not supported.
 
      ‘unsigned int wrong_key_usage : 1’
-          SINCE: 0.9.0
+          SINCE: 0.9.0 This is true if the key was not used according to
+          its policy.
 
-          This is true if the key was not used according to its policy.
+     ‘unsigned int legacy_cipher_nomdc : 1’
+          SINCE: 1.11.2 The message was made by a legacy algorithm
+          without any integrity protection.  This might be an old but
+          legitimate message.
+
+     ‘unsigned int is_mime : 1;’
+          SINCE: 1.11.0 The message claims that the content is a MIME
+          object.
+
+     ‘unsigned int is_de_vs : 1;’
+          SINCE: 1.10.0 The message was encrypted in a VS-NfD compliant
+          way.  This is a specification in Germany for a restricted
+          communication level.
 
      ‘gpgme_recipient_t recipients’
           SINCE: 1.1.0
@@ -4968,8 +5092,8 @@ File: gpgme.info,  Node: Decrypt,  Next: Verify,  Up: Crypto Operations
           SINCE: 1.11.0
 
           A string with the symmetric encryption algorithm and mode
-          using the format "<algo>.<mode>".  Note that old non-MDC
-          encryption mode of OpenPGP is given as "PGPCFB".
+          using the format "<algo>.<mode>".  Note that the deprecated
+          non-MDC encryption mode of OpenPGP is given as "PGPCFB".
 
  -- Function: gpgme_decrypt_result_t gpgme_op_decrypt_result
           (gpgme_ctx_t CTX)
@@ -5262,7 +5386,14 @@ File: gpgme.info,  Node: Verify,  Next: Decrypt and Verify,  Prev: Decrypt,  Up:
 
      ‘char *file_name’
           This is the filename of the original plaintext message file if
-          it is known, otherwise this is a null pointer.
+          it is known, otherwise this is a null pointer.  Warning: The
+          filename is not covered by the signature.
+
+     ‘unsigned int is_mime : 1;’
+          SINCE: 1.11.0
+
+          The message claims that the content is a MIME object.
+          Warning: This flag is not covered by the signature.
 
  -- Function: gpgme_verify_result_t gpgme_op_verify_result
           (gpgme_ctx_t CTX)
@@ -7203,61 +7334,3 @@ before the final OK response:
      The server shall send one status line for every signature found on
      the message.
 
-
-File: gpgme.info,  Node: UI Server Set Input Files,  Next: UI Server Sign/Encrypt Files,  Prev: UI Server Verify,  Up: UI Server Protocol
-
-A.5 UI Server: Specifying the input files to operate on.
-========================================================
-
-All file related UI server commands operate on a number of input files
-or directories, specified by one or more ‘FILE’ commands:
-
- -- Command: FILE [--clear] NAME
-     Add the file or directory NAME to the list of pathnames to be
-     processed by the server.  The parameter NAME must be an absolute
-     path name (including the drive letter) and is percent espaced (in
-     particular, the characters %, = and white space characters are
-     always escaped).  If the option ‘--clear’ is given, the list of
-     files is cleared before adding NAME.
-
-     Historical note: The original spec did not define ‘--clear’ but the
-     keyword ‘--continued’ after the file name to indicate that more
-     files are to be expected.  However, this has never been used and
-     thus removed from the specs.
-
-
-File: gpgme.info,  Node: UI Server Sign/Encrypt Files,  Next: UI Server Verify/Decrypt Files,  Prev: UI Server Set Input Files,  Up: UI Server Protocol
-
-A.6 UI Server: Encrypting and signing files.
-============================================
-
-First, the input files need to be specified by one or more ‘FILE’
-commands.  Afterwards, the actual operation is requested:
-
- -- Command: ENCRYPT_FILES --nohup
- -- Command: SIGN_FILES --nohup
- -- Command: ENCRYPT_SIGN_FILES --nohup
-     Request that the files specified by ‘FILE’ are encrypted and/or
-     signed.  The command selects the default action.  The UI server may
-     allow the user to change this default afterwards interactively, and
-     even abort the operation or complete it only on some of the
-     selected files and directories.
-
-     What it means to encrypt or sign a file or directory is specific to
-     the preferences of the user, the functionality the UI server
-     provides, and the selected protocol.  Typically, for each input
-     file a new file is created under the original filename plus a
-     protocol specific extension (like ‘.gpg’ or ‘.sig’), which contain
-     the encrypted/signed file or a detached signature.  For
-     directories, the server may offer multiple options to the user (for
-     example ignore or process recursively).
-
-     The ‘ENCRYPT_SIGN_FILES’ command requests a combined sign and
-     encrypt operation.  It may not be available for all protocols (for
-     example, it is available for OpenPGP but not for CMS).
-
-     The option ‘--nohup’ is mandatory.  It is currently unspecified
-     what should happen if ‘--nohup’ is not present.  Because ‘--nohup’
-     is present, the server always returns ‘OK’ promptly, and completes
-     the operation asynchronously.
-