Next: Importing Keys, Previous: Signing Keys, Up: Key Management [Contents][Index]
Exporting keys means the same as running gpg with the command
--export. However, a mode flag can be used to change the way
the export works. The available mode flags are described below, they
may be or-ed together.
GPGME_EXPORT_MODE_EXTERNIf this bit is set, the output is send directly to the default
keyserver. This is currently only allowed for OpenPGP keys. It is good
practise to not send more than a few dozens key to a keyserver at one
time. Using this flag requires that the keydata argument of the
export function is set to NULL.
GPGME_EXPORT_MODE_MINIMALSINCE: 1.3.1
If this bit is set, the smallest possible key is exported. For OpenPGP keys it removes all signatures except for the latest self-signatures. For X.509 keys it has no effect.
GPGME_EXPORT_MODE_SSHSINCE: 1.4.0
If this bit is set, the latest authentication key of the requested OpenPGP key is exported in the OpenSSH public key format. This accepts just a single key; to force the export of a specific subkey a fingerprint pattern with an appended exclamation mark may be used.
GPGME_EXPORT_MODE_SECRETSINCE: 1.6.0
Instead of exporting the public key, the secret key is exported. This
may not be combined with GPGME_EXPORT_MODE_EXTERN. For X.509
the export format is PKCS#8.
GPGME_EXPORT_MODE_SECRET_SUBKEYSINCE: 1.17.0
If this bit is set, then a secret subkey is exported. The subkey to
export must be specified with fingerprint pattern with an appended
exclamation mark. This is currently only allowed for OpenPGP keys.
This flag may not be combined with GPGME_EXPORT_MODE_EXTERN.
This flag is not supported by the export functions that take an array
of keys.
GPGME_EXPORT_MODE_RAWSINCE: 1.6.0
If this flag is used with GPGME_EXPORT_MODE_SECRET for an X.509
key the export format will be changed to PKCS#1. This flag may not be
used with OpenPGP.
GPGME_EXPORT_MODE_PKCS12SINCE: 1.6.0
If this flag is used with GPGME_EXPORT_MODE_SECRET for an X.509
key the export format will be changed to PKCS#12 which also includes
the certificate. This flag may not be used with OpenPGP.
The function gpgme_op_export extracts public keys and returns
them in the data buffer keydata. The output format of the key
data returned is determined by the ASCII armor attribute set
for the context ctx, or, if that is not set, by the encoding
specified for keydata.
If pattern is NULL, all available keys are returned.
Otherwise, pattern contains an engine specific expression that
is used to limit the list to all keys matching the pattern.
mode is usually 0; other values are described above.
The function returns the error code GPG_ERR_NO_ERROR if the
operation completed successfully, GPG_ERR_INV_VALUE if
keydata is not a valid empty data buffer, and passes through any
errors that are reported by the crypto engine support routines.
The function gpgme_op_export_start initiates a
gpgme_op_export operation. It can be completed by calling
gpgme_wait on the context. See Waiting For Completion.
The function returns the error code GPG_ERR_NO_ERROR if the
operation could be started successfully, and GPG_ERR_INV_VALUE
if keydata is not a valid empty data buffer.
The function gpgme_op_export extracts public keys and returns
them in the data buffer keydata. The output format of the key
data returned is determined by the ASCII armor attribute set
for the context ctx, or, if that is not set, by the encoding
specified for keydata.
If pattern or *pattern is NULL, all available keys
are returned. Otherwise, pattern is a NULL terminated
array of strings that are used to limit the list to all keys matching
at least one of the patterns verbatim.
mode is usually 0; other values are described above.
The function returns the error code GPG_ERR_NO_ERROR if the
operation completed successfully, GPG_ERR_INV_VALUE if
keydata is not a valid empty data buffer, and passes through any
errors that are reported by the crypto engine support routines.
The function gpgme_op_export_ext_start initiates a
gpgme_op_export_ext operation. It can be completed by calling
gpgme_wait on the context. See Waiting For Completion.
The function returns the error code GPG_ERR_NO_ERROR if the
operation could be started successfully, and GPG_ERR_INV_VALUE
if keydata is not a valid empty data buffer.
SINCE: 1.2.0
The function gpgme_op_export_keys extracts public keys and returns
them in the data buffer keydata. The output format of the key
data returned is determined by the ASCII armor attribute set
for the context ctx, or, if that is not set, by the encoding
specified for keydata.
The keys to export are taken form the NULL terminated array
keys. Only keys of the currently selected protocol of
ctx which do have a fingerprint set are considered for export.
Other keys specified by the keys are ignored. In particular
OpenPGP keys retrieved via an external key listing are not included.
mode is usually 0; other values are described above.
The function returns the error code GPG_ERR_NO_ERROR if the
operation completed successfully, GPG_ERR_INV_VALUE if
keydata is not a valid empty data buffer, GPG_ERR_NO_DATA
if no useful keys are in keys and passes through any errors that
are reported by the crypto engine support routines.
SINCE: 1.2.0
The function gpgme_op_export_keys_start initiates a
gpgme_op_export_ext operation. It can be completed by calling
gpgme_wait on the context. See Waiting For Completion.
The function returns the error code GPG_ERR_NO_ERROR if the
operation could be started successfully, and GPG_ERR_INV_VALUE
if keydata is not a valid empty data buffer, GPG_ERR_NO_DATA
if no useful keys are in keys and passes through any errors that
are reported by the crypto engine support routines.
Next: Importing Keys, Previous: Signing Keys, Up: Key Management [Contents][Index]