Key capabilities missing in private key list

Denis Dowling dpd at
Tue May 25 15:35:03 CEST 2010


I am building an application that interfaces with gnupg using the gpgme
library. I need to get a list of all keys in the key chain that are
capable of signing some data. When I obtain the private key list is
reports all keys as having no capabilities. I traced this down to some
strange behavior in the way gnupg lists private keys. If I list a
specific key I get the output below:

$ gpg --with-colons -K test at
sec::1024:17:41485ADBDCE7CB7A:2010-04-06::::Test User (Only for testing)
<test at>::scESC:

Note that this key has sign (s), certify (c) and encrypt (e)
capabilities shown in field #12.

If I list all private keys in the key ring I get the following:

$ gpg --with-colons -K
sec::1024:17:41485ADBDCE7CB7A:2010-04-06::::Test User (Only for testing)
<test at>:::
sec::1024:17:1EE58341D4F149E4:2010-04-22::::d (d) <d>:::
sec::1024:17:A7A564AF31CA7661:2010-04-22::::Denis Dowling (test key)
<dpd at>:::

Note that none of these keys have any capabilities shown in field #12.

Is this a bug or am I missing something subtle with the key listing

I have repeated the same behavior in gnupg versions 1.4.5 from RedHat
EL5 and the latest 1.4.10 from


More information about the Gnupg-devel mailing list