keys retrieved from keyserver ( are unusable

root root at
Tue Jul 27 01:32:53 CEST 2021

Hi, all

I've posted this question on a few days ago, and I am still waiting for someone to comment.

Long story short, when the public key is downloaded to my PC as a plain text .asc file, and later imported using the
function gpgme_op_keylist_from_data_start() and gpgme_op_keylist_new(), the key->can_encrypt, key->sign_certify,
and can_sign are all 0x01. 

Alternatively, if I do gpgme_op_keylist_start() using an email address with GPGME_KEYLIST_MODE_EXTERN, the key->can_encrypt,
key->can_certify and key->can_sign are all 0x00. I've tried several email addresses found on, and the
result is the same. 

Either way, I can't use this key to even encrypt data. For the key downloaded as a .asc file, if I manually 
"certify" the key first using Kleopatra prior to gpgme_op_keylist_from_data_start(), it then can be used to encrypt the
data. But my purpose is to use the public key downloaded remotely with GPGME_KEYLIST_MODE_EXTERN only, and without 
Kleopatra of course. 

The trust-model has been set to "ALWAYS", or "always" using gpgme_set_ctx_flag(). The crypto protocol used is OpenPGP. 

I can't find good hints using the sample codes in either.

Any comment/suggestion is welcome. 


More information about the Gnupg-users mailing list