1 files changed, 142 insertions, 8 deletions

diff --git a/doc/gpgme.texi b/doc/gpgme.texi
index c4a29d5..d99e9bb 100644
--- a/doc/gpgme.texi
+++ b/doc/gpgme.texi
@@ -14,7 +14,7 @@
 @syncodeindex pg fn
 
 @copying
-Copyright @copyright{} 2002--2008, 2010, 2012--2017 g10 Code GmbH.
+Copyright @copyright{} 2002--2008, 2010, 2012--2018 g10 Code GmbH.
 
 @quotation
 Permission is granted to copy, distribute and/or modify this document
@@ -1909,6 +1909,25 @@ data object was successfully created, and @code{GPG_ERR_ENOMEM} if not
 enough memory is available.
 @end deftypefun
 
+@deftypefun gpgme_error_t gpgme_data_new_from_estream (@w{gpgme_data_t *@var{dh}}, @w{gpgrt_stream_t @var{stream}})
+The function @code{gpgme_data_new_from_estream} creates a new
+@code{gpgme_data_t} object and uses the gpgrt stream @var{stream} to read
+from (if used as an input data object) and write to (if used as an
+output data object).
+
+When using the data object as an input buffer, the function might read
+a bit more from the stream than is actually needed by the crypto
+engine in the desired operation because of internal buffering.
+
+Note that GPGME assumes that the stream is in blocking mode.  Errors
+during I/O operations, except for EINTR, are usually fatal for crypto
+operations.
+
+The function returns the error code @code{GPG_ERR_NO_ERROR} if the
+data object was successfully created, and @code{GPG_ERR_ENOMEM} if not
+enough memory is available.
+@end deftypefun
+
 
 @node Callback Based Data Buffers
 @subsection Callback Based Data Buffers
@@ -2426,6 +2445,7 @@ started.  In fact, these references are accessed through the
 * Progress Meter Callback::       Being informed about the progress.
 * Status Message Callback::       Status messages received from gpg.
 * Locale::                        Setting the locale of a context.
+* Additional Logs::               Additional logs of a context.
 @end menu
 
 
@@ -2762,6 +2782,8 @@ The @code{GPGME_KEYLIST_MODE_LOCAL} symbol specifies that the local
 keyring should be searched for keys in the keylisting operation.  This
 is the default.
 
+Using only this option results in a @code{--list-keys}.
+
 @item GPGME_KEYLIST_MODE_EXTERN
 The @code{GPGME_KEYLIST_MODE_EXTERN} symbol specifies that an external
 source should be searched for keys in the keylisting operation.  The
@@ -2769,10 +2791,14 @@ type of external source is dependent on the crypto engine used and
 whether it is combined with @code{GPGME_KEYLIST_MODE_LOCAL}.  For
 example, it can be a remote keyserver or LDAP certificate server.
 
+Using only this option results in a @code{--search-keys} for
+@code{GPGME_PROTOCOL_OpenPGP} and something similar to
+@code{--list-external-keys} for @code{GPGME_PROTOCOL_CMS}.
+
 @item GPGME_KEYLIST_MODE_LOCATE
 This is a shortcut for the combination of
-@code{GPGME_KEYLIST_MODE_LOCAL} and @code{GPGME_KEYLIST_MODE_EXTERN}
-and convenient when the --locate-key feature of OpenPGP is desired.
+@code{GPGME_KEYLIST_MODE_LOCAL} and @code{GPGME_KEYLIST_MODE_EXTERN}, which
+results in a @code{--locate-keys} for @code{GPGME_PROTOCOL_OpenPGP}.
 
 @item GPGME_KEYLIST_MODE_SIGS
 The @code{GPGME_KEYLIST_MODE_SIGS} symbol specifies that the key
@@ -3078,7 +3104,7 @@ the time when you verified the signature.
 The string given in @var{value} is passed to the GnuPG engines to
 request restrictions based on the origin of the request.  Valid values
 are documented in the GnuPG manual and the gpg man page under the
-option ``--request-origin''.  Requires at least GnuPG 2.2.6 to have an
+option @option{--request-origin}.  Requires at least GnuPG 2.2.6 to have an
 effect.
 
 @item "no-symkey-cache"
@@ -3086,6 +3112,25 @@ For OpenPGP disable the passphrase cache used for symmetrical en- and
 decryption.  This cache is based on the message specific salt value.
 Requires at least GnuPG 2.2.7 to have an effect.
 
+@item "ignore-mdc-error"
+This flag passes the option @option{--ignore-mdc-error} to gpg.  This
+can be used to force decryption of a message which failed due to a
+missing integrity check.  This flag must be used with great caution
+and only if it is a known non-corrupted old message and the decryption
+result of the former try had the decryption result flag
+@code{legacy_cipher_nomdc} set.  For failsafe reasons this flag is
+reset after each operation.
+
+@item "auto-key-locate"
+The string given in @var{value} is passed to gpg.  This can be used
+to change the behavior of a @code{GPGME_KEYLIST_MODE_LOCATE} keylisting.
+Valid values are documented in the GnuPG manual and the gpg man page under
+the option @option{--auto-key-locate}.
+Requires at least GnuPG 2.1.18.
+
+Note: Keys retrieved through @code{auto-key-locate} are automatically
+imported in the keyring.
+
 @end table
 
 This function returns @code{0} on success.
@@ -3146,6 +3191,70 @@ The function returns an error if not enough memory is available.
 @end deftypefun
 
 
+@node Additional Logs
+@subsection Additional Logs
+@cindex auditlog, of the engine
+@cindex auditlog
+
+Additional logs can be associated with a context.  These logs are
+engine specific and can be be obtained with @code{gpgme_op_getauditlog}.
+
+@deftypefun gpgme_error_t gpgme_op_getauditlog @
+            (@w{gpgme_ctx_t @var{ctx}}, @w{gpgme_data_t @var{output}}, @
+            @w{unsigned int @var{flags}})
+@since{1.1.1}
+
+The function @code{gpgme_op_getauditlog} is used to obtain additional
+logs as specified by @var{flags} into the @var{output} data.  If
+
+The function returns the error code @code{GPG_ERR_NO_ERROR} if a
+log could be queried from the engine, and @code{GPG_ERR_NOT_IMPLEMENTED}
+if the log specified in @var{flags} is not available for this engine.
+If no log is available @code{GPG_ERR_NO_DATA} is returned.
+
+The value in @var{flags} is a bitwise-or combination of one or
+multiple of the following bit values:
+
+@table @code
+@item GPGME_AUDITLOG_DIAG
+@since{1.11.2}
+
+Obtain diagnostic output which would be written to @code{stderr} in
+interactive use of the engine.  This can be used to provide additional
+diagnostic information in case of errors in other operations.
+
+Note: If log-file has been set in the configuration the log will
+be empty and @code{GPG_ERR_NO_DATA} will be returned.
+
+Implemented for: @code{GPGME_PROTOCOL_OpenPGP}
+
+@item GPGME_AUDITLOG_DEFAULT
+@since{1.11.2}
+
+This flag has the value 0 for compatibility reasons.  Obtains additional
+information from the engine by issuing the @code{GETAUDITLOG} command.
+For @code{GPGME_PROTOCOL_CMS} this provides additional information about
+the X509 certificate chain.
+
+Implemented for: @code{GPGME_PROTOCOL_CMS}
+
+@item GPGME_AUDITLOG_HTML
+@since{1.1.1}
+
+Same as @code{GPGME_AUDITLOG_DEFAULT} but in HTML.
+
+Implemented for: @code{GPGME_PROTOCOL_CMS}
+@end table
+@end deftypefun
+
+@deftypefun gpgme_error_t gpgme_op_getauditlog_start @
+            (@w{gpgme_ctx_t @var{ctx}}, @w{gpgme_data_t @var{output}}, @
+            @w{unsigned int @var{flags}})
+@since{1.1.1}
+
+This is the asynchronous variant of @code{gpgme_op_getauditlog}.
+@end deftypefun
+
 @node Key Management
 @section Key Management
 @cindex key management
@@ -4554,6 +4663,10 @@ If this flag is used with @code{GPGME_EXPORT_MODE_SECRET} for an X.509
 key the export format will be changed to PKCS#12 which also includes
 the certificate.  This flag may not be used with OpenPGP.
 
+@item GPGME_EXPORT_MODE_NOUID
+@since{1.12.0 - experimental}
+Do not export user ids.  Works only with certain gpg version.
+
 @end table
 
 
@@ -5368,7 +5481,7 @@ This is a pointer to a structure used to store the result of a
 data, you can retrieve the pointer to the result with
 @code{gpgme_op_decrypt_result}.  As with all result structures, it
 this structure shall be considered read-only and an application must
-not allocated such a strucure on its own.  The structure contains the
+not allocate such a strucure on its own.  The structure contains the
 following members:
 
 @table @code
@@ -5378,9 +5491,22 @@ algorithm that is not supported.
 
 @item unsigned int wrong_key_usage : 1
 @since{0.9.0}
-
 This is true if the key was not used according to its policy.
 
+@item unsigned int legacy_cipher_nomdc : 1
+@since{1.11.2}
+The message was made by a legacy algorithm without any integrity
+protection.  This might be an old but legitimate message.
+
+@item unsigned int is_mime : 1;
+@since{1.11.0}
+The message claims that the content is a MIME object.
+
+@item unsigned int is_de_vs : 1;
+@since{1.10.0}
+The message was encrypted in a VS-NfD compliant way.  This is a
+specification in Germany for a restricted communication level.
+
 @item gpgme_recipient_t recipients
 @since{1.1.0}
 
@@ -5408,7 +5534,7 @@ or @code{gpgme_get_ctx_flag (ctx, "export-session-key")} returns true
 @since{1.11.0}
 
 A string with the symmetric encryption algorithm and mode using the
-format "<algo>.<mode>".  Note that old non-MDC encryption mode of
+format "<algo>.<mode>".  Note that the deprecated non-MDC encryption mode of
 OpenPGP is given as "PGPCFB".
 
 @end table
@@ -5723,7 +5849,15 @@ verification was attempted.
 
 @item char *file_name
 This is the filename of the original plaintext message file if it is
-known, otherwise this is a null pointer.
+known, otherwise this is a null pointer.  Warning: The filename is
+not covered by the signature.
+
+@item unsigned int is_mime : 1;
+@since{1.11.0}
+
+The message claims that the content is a MIME object.  Warning: This
+flag is not covered by the signature.
+
 @end table
 @end deftp