1

GPGME provides information about a key's trust level as the owner_trust field which is of gpgme_validity_t type. However, I could not find a function in the documentation or the gpgme.h header file that allows me to change the validity of a key.

The GnuPG command line tool sure allows to change the trust level of a key:

$ gpg --edit-key alice@example.com
> trust

Does the GPGME library even support changing the owner_trust field? If so, how do I use it?

I am using the newest version of GPGME which is 1.16.0 (commit hash 1021c8645555502d914afffaa3707609809c9459).

Ilka
  • 50
  • 8

1 Answers1

1

It should be possible to use gpgme_op_interact to accomplish this.

The following demonstrates the process with Python bindings, but analogous code should be possible to write with the C API.

import gpg

def trust_at(level):
    done = False
    def interact_cb(status, arg):
        nonlocal done
        if status in ('KEY_CONSIDERED', 'GOT_IT', ''):
            return
        if status == 'GET_LINE':
            if arg == 'keyedit.prompt':
                if done:
                    return 'quit'
                done = True
                return 'trust'
            if arg == 'edit_ownertrust.value':
                return level
        # needed if we set trust level to 5
        if (status, arg) == ('GET_BOOL', 'edit_ownertrust.set_ultimate.okay'):
            return 'y'
        assert False
    return interact_cb

with gpg.Context() as gnupg:
    key = gnupg.get_key(FINGERPRINT)
    gnupg.interact(key, trust_at('4'))
user3840170
  • 26,597
  • 4
  • 30
  • 62
  • Thank you so much, it lgtm. Will accept as answer if I can get it to run in C++. Currently blocked by this: https://dev.gnupg.org/T5830 – Ilka Feb 13 '22 at 21:51
  • It works in C++ as well. Also, there is the [Gpgmepp library](https://github.com/KDE/gpgmepp) which has a wrapper for changing trust. But the library is a bit to heavy for my project and look unmaintained. – Ilka Feb 14 '22 at 16:01