changing key trust level (validity) with gpgme

Question

GPGME provides information about a key's trust level as the owner_trust field which is of gpgme_validity_t type. However, I could not find a function in the documentation or the gpgme.h header file that allows me to change the validity of a key.

The GnuPG command line tool sure allows to change the trust level of a key:

$ gpg --edit-key [email protected]
> trust

Does the GPGME library even support changing the owner_trust field? If so, how do I use it?

I am using the newest version of GPGME which is 1.16.0 (commit hash 1021c8645555502d914afffaa3707609809c9459).

Answer 1

It should be possible to use gpgme_op_interact to accomplish this.

The following demonstrates the process with Python bindings, but analogous code should be possible to write with the C API.

import gpg

def trust_at(level):
    done = False
    def interact_cb(status, arg):
        nonlocal done
        if status in ('KEY_CONSIDERED', 'GOT_IT', ''):
            return
        if status == 'GET_LINE':
            if arg == 'keyedit.prompt':
                if done:
                    return 'quit'
                done = True
                return 'trust'
            if arg == 'edit_ownertrust.value':
                return level
        # needed if we set trust level to 5
        if (status, arg) == ('GET_BOOL', 'edit_ownertrust.set_ultimate.okay'):
            return 'y'
        assert False
    return interact_cb

with gpg.Context() as gnupg:
    key = gnupg.get_key(FINGERPRINT)
    gnupg.interact(key, trust_at('4'))