Page MenuHome GnuPG
Create Task
Maniphest T3325

Allow encryption/signing in GPGME using a specified subkey
Closed, ResolvedPublic
Actions

Description

There is currently no way to encorce signing/encryption to a subkey in GPGME in the same way we allow
it with the '!' suffix on the CLI.

This can be implemented by allowing to set a selected flag in the gpgme_subkey_t. engine-gpg.c could then scan the subkeys for such a flag and use that fingerprint with the '!' suffix.

Event Timeline

werner created this task.Aug 2 2017, 11:43 AM
aheinecke added a subscriber: aheinecke.Aug 2 2017, 11:46 AM
marcus moved this task from Backlog to QA for next release on the gpgme board.Aug 23 2017, 5:09 PM
marcus moved this task from QA for next release to Backlog on the gpgme board.
BenM added a subscriber: BenM.Apr 11 2018, 3:09 AM
werner closed this task as Resolved.Apr 17 2018, 12:44 PM
werner claimed this task.

With the recpstring feature in 1.11 this is now possible because the args are passed verbatim to gpg.

Daniel added a subscriber: Daniel.Feb 25 2019, 2:44 AM

@werner Looks like recpstring is only supported for encrypt and encrypt+sign, but not just for signing. Is there a way to specify the subkey to use when signing?

werner added a comment.Feb 25 2019, 8:41 AM

Please see the section 'Selecting Signers'.

Daniel added a comment.Feb 25 2019, 9:18 AM

@werner This one? https://www.gnupg.org/documentation/manuals/gpgme/Selecting-Signers.html

It doesn't mention subkeys. Signing just seems to use a "default" subkey.