Q: gpgme_op_keylist_*() on key server

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

Q: gpgme_op_keylist_*() on key server

Albrecht Dreß
Hi all,

I have a question about using the gpgme_op_keylist_*() functions for listing keys on an external key server.

When I run the attached simple C code to look up a certain key in the local key ring, the gpgme_key_t fields (revoked, expired, etc.) are filled as expected:

albrecht@deneb:~$ ./gpgme-list-test [hidden email]
searching for '[hidden email]' in local key ring
5DE249965B0358A2: Werner Koch <[hidden email]> [sign][] .E..
F2AD85AC1E42B367: Werner Koch <[hidden email]> [sign][encr] ....

However, looking up the same key on the key server, all keys seem to be unusable as none of them has the can_sign or can_encrypt flag set:

albrecht@deneb:~$ ./gpgme-list-test [hidden email] e
searching for '[hidden email]' on key servers
6FC4ECF01E42B367: Werner Koch <[hidden email]> [][] R...
2F7998F3DBFC6AD9: Werner Koch <[hidden email]> [][] ....
F2AD85AC1E42B367: Werner Koch <[hidden email]> [][] ....
5DE249965B0358A2: Werner Koch <> [][] ....
6C7EE1B8621CC013: Werner Koch <[hidden email]> [][] ....

I also noticed that the 'expired' flag is missing for 5DE249965B0358A2, although I ran 'gpg2 --refresh-keys' before.

Any idea what I am missing here?

Thanks in advance,
#include <gpgme.h>
#include <stdio.h>
#include <stdlib.h>

int main(int argc, char **argv)
        gpgme_ctx_t ctx;
        gpgme_error_t error;

        if (argc < 2) {
                fprintf(stderr, "usage: %s <pattern> [ext]\n", argv[0]);

        (void) gpgme_check_version(NULL);
        error = gpgme_new(&ctx);
        if (error) {
                fprintf(stderr, "create context: %s\n", gpgme_strerror(error));

        if (argc > 2) {
                gpgme_keylist_mode_t kl_mode;

                kl_mode = gpgme_get_keylist_mode(ctx);
                kl_mode &= ~GPGME_KEYLIST_MODE_LOCAL;
                kl_mode |= GPGME_KEYLIST_MODE_EXTERN;
                error = gpgme_set_keylist_mode(ctx, kl_mode);
                if (error) {
                        fprintf(stderr, "set key list mode: %s\n", gpgme_strerror(error));
                printf("searching for '%s' on key servers\n", argv[1]);
        } else {
                printf("searching for '%s' in local key ring\n", argv[1]);

        error = gpgme_op_keylist_start(ctx, argv[1], 0);
    while (!error) {
                gpgme_key_t key;

        error = gpgme_op_keylist_next (ctx, &key);
        if (!error) {
                printf("%s:", key->subkeys->keyid);
        if (key->uids && key->uids->name) {
          printf (" %s", key->uids->name);
        if (key->uids && key->uids->email) {
          printf(" <%s>", key->uids->email);
        printf(" [%s][%s] %c%c%c%c\n", key->can_sign ? "sign" : "", key->can_encrypt ? "encr" : "",
        key->revoked ? 'R' : '.', key->expired ? 'E' : '.', key->disabled ? 'D' : '.', key->invalid ? 'I' : '.');
    gpgme_release (ctx);

    return 0;

Gnupg-devel mailing list
[hidden email]

attachment0 (484 bytes) Download Attachment