GPGME (GnuPG Made Easy) is a library designed to make access to GnuPG easier for applications. The project provides a High-Level Crypto API for encryption, decryption, signing, signature verification and key management.
Currently it uses GnuPG as its backend but the API isn't restricted to this engine; in fact we have already developed a backend for CMS (S/MIME).
Because the direct use of GnuPG from an application can be a complicated programming task, it is suggested that all software should try to use GPGME instead. This way bug fixes or improvements can be done at a central place and every application benefits from this.
Especially authors of MUAs should consider to use GPGME. It is even planned to create a set of standard widgets for common key selection tasks.
What's New in This Release:
· A vulnerability when using GnuPG in streaming mode, which made it possible to insert additional text before or after a signed message if GnuPG was not used correctly, was fixed.