Difference between clearsign and detached signatures?

TJ gnupg at iam.tj
Sun Aug 31 18:03:28 CEST 2014

On 31/08/14 01:47, Ingo Klöcker wrote:
> On Saturday 30 August 2014 23:11:17 TJ wrote:
>> On 30/08/14 22:20, Ingo Klöcker wrote:>
> I strongly suggest that you have a look at using some Python binding for
> gpgme instead of messing around with gpg. gpgme is _the_ library for
> using GnuPG in other programs.

Thanks - somehow I'd missed gpgme and the python-gpgme package which is
available for Debian/Ubuntu. pygpgme looks to be a very basic wrapper around
gpgme but has no documentation about how it deals with type differences.

Looking at the API documentation for gpgme the one thing I've not been able
to see how to do is set the keyring file to use. There doesn't appear to be
any function that provides for setting an existing key ring; the best I could
find is gpgme_op_import_keys() which talks about:

"the general interface to move a key from one crypto engine to another as long
  as they are compatible. In particular it is used to actually import and make
  keys permanent which have been retrieved from an external source"

In my scenario I simply need to tell the crypto engine to use the "/etc/apt/trusted.gpg"
keyring which is what I'm doing with the python-gnupg library currently. I had
expected gpgme_set_engine_info() would be the most likely function for setting the key ring.

More information about the Gnupg-users mailing list