1

The newer version of GnuPG which is 2.1 has the function "gpgme_op_createkey" in the library GPGme. The older one this:

gpgme_op_genkey(mContext, def.c_str(), NULL, NULL);

Which accepts data in this format:

char *def = "<GnupgKeyParms format=\"internal\"> \n"
                " Key-Type: default \n"
                " Subkey-Type: default \n"
                " Name-Real: Joe Tester3 \n"
                " Name-Comment: with stupid passphrase \n"
                " Name-Email: joe3@foo.bar \n"
                " Expire-Date: 0 \n"
                " Passphrase: abc \n"
                " </GnupgKeyParms>";

However, the newer version of GnuPG accepts fewer arguments:

  gpgme_op_createkey(gpgme_ctx_t ctx, const char *userid, const char *algo, unsigned long reserved, unsigned long expires,
                        gpgme_key_t certkey, unsigned int flags);

How can I provide to the newer function "gpgme_op_createkey", say, passphrase? subkey-type?

Also, if it's ECC, how can I choose which curve to use? For example "ed25519"?

Haji
  • 11
  • 1

1 Answers1

0

You can only set the passphrase through the callback mechanism. You have to set pinentry-mode to loopback and then set a passphrase callback.

As for subkey-type, this is not exposed. GnuPG will decide based on the capabilities. If you want to control it generate a key with only the "Certify" capability and then use "gpgme_op_createsubkey" to add explict subkeys.

The curve can be set through the algo name. If you want ECC you can just use "future-default" as the algo name. This will create a cv25519 / ed25519 key.

gpgme_op_createkey ends up using "gpg --quick-gen-key" so you might want to read the manpage of that command.

Note that for c++ you could also use the c++ language bindings of GPGME which help with memory management and are a bit nicer to use for c++ hackers.

Andre Heinecke
  • 546
  • 4
  • 4