KeyMgr Class

Properties Methods Events Config Settings Errors

The KeyMgr class is used to create and manage OpenPGP keys.

Syntax

KeyMgr

Remarks

The KeyMgr class can be used to perform a variety of key-related actions. You can create, delete, import, export, and manage keys. Both individual keys and keyrings can be created and used.

Property List

The following is the full list of the properties of the class with short descriptions. Click on the links for further details.


KeyCurve	This property specifies the elliptic curve used in the ECDSA or EdDSA key.
KeyEffectiveDate	The date when this key becomes valid.
KeyEncoded	The key.
KeyExpirationDate	The date the key expires.
KeyFingerprint	The hex-encoded, 20-byte fingerprint of the key.
KeyId	The hex-encoded, 4-byte key Id.
KeyOtherUserIds	If the specified key has alternate user Ids associated with it, this property returns a comma-separated list of the other user Ids.
KeyPassphrase	The passphrase for the key's secret key (if any).
KeyPublicKey	The public key of the key.
KeyPublicKeyAlgorithm	A text description of the public key algorithm of the key.
KeyPublicKeyLength	The length of the public key in bits.
KeyRevoked	Whether or not the key is revoked.
KeySecretKey	The secret key of the key (if available).
KeySecretKeyAvailable	Whether or not a secret key is available for the selected key.
KeyUsage	A text description of UsageFlags .
KeyUsageFlags	Flags that show the intended use for the key.
KeyUserId	The user Id of the key.
Keyring	The location on disk of the keyring.

Method List

The following is the full list of the methods of the class with short descriptions. Click on the links for further details.


AddRevoker	Adds a designated revoker to the key.
AddUserId	Adds the specified user Id to the current key.
ChangeExpirationDate	Changes the expiration date of the key.
ChangePassphrase	Changes the passphrase of the current key.
Config	Sets or retrieves a configuration setting.
CreateKey	Creates an OpenPGP key pair.
CreateSubKey	Creates a new subkey.
DeleteKey	Deletes the specified key.
ExportPublicKey	Exports the public key of the current key.
ExportSecretKey	Exports the private key of the current key.
ImportKey	Imports the key specified by UserId to the current keyring.
ImportKeyB	Imports the key specified by UserId to the current keyring.
ListKeys	Lists keys in the specified Keyring .
ListSignatures	Lists all signatures of the current key.
ListSubkeys	Lists the subkeys of the currently selected key.
LoadKeyring	Loads the keyring from disk.
LoadKeyringB	Loads the keyring from SecretKeyringData and PublicKeyringData .
Reset	Resets the class properties.
RevokeKey	Revokes the specified key.
SaveKeyring	Saves the current Keyring to disk.
SignUserId	Signs the specified user Id of the current key.
VerifyPassphrase	Verifies the passphrase of specified key.

Event List

The following is the full list of the events fired by the class with short descriptions. Click on the links for further details.


Error	Information about errors during data delivery.
KeyList	Fires for each key in the keyring when ListKeys is called.
KeyPassphrase	Fired if the passphrase of current key is incorrect or empty.
SignatureList	Fires for each signature of the current key when ListSignatures is called.
Status	Shows the progress of the operation.
SubkeyList	Fires once for each subkey listed when ListSubkeys is called.

Config Settings

The following is a list of config settings for the class with short descriptions. Click on the links for further details.


AllowEmptyPassword	Whether a key can be created without a password.
ContinueOnInvalidKey	Whether to continue loading the keyring when an invalid key is found.
CreateRSASubkeyforEncrypt	Whether to create a subkey when creating an RSA key.
CurrentKeyPrimaryKeyUsageFlags	The usage flags of the currently selected primary key.
Curve	The elliptic curve used when calling CreateKey.
DSAPublicSubKeyLength	Specifies the public subkey length when creating a DSA key.
EnsureValidDSASignatureHashAlgorithm	Whether or not to select a suitable signature hash algorithm automatically.
ImportAllKeys	Whether or not to import all keys found in a key file.
KeyEncryptionAlgorithm	The encryption algorithm used when creating a key.
KeyIdLength	Specifies the length of the key's Id.
KeyringFormat	Which format of keyring to use.
KeyUsage	Flags that show intended use for the key being created.
KeyValidityTime	The validity period for the key being created.
LogLevel	Specifies the level of detail that is logged.
PublicKeyAlgorithm	The public key algorithm for the key being created.
PublicKeyLength	Specifies the public key length when creating a key.
PublicKeyringFile	The file name of the public keyring file.
PublicKeySignatureHashAlgorithm	The public key signature hash algorithm used when creating a key.
RawKeyData	Returns detailed key and keyring data for debugging purposes.
RevocationCode	The reason why the key was revoked.
RevocationReason	Text describing why the key was revoked.
Revoker	The revoker's key Id.
SecretKeyringFile	The file name of the secret keyring file.
SubKeyAlgorithm	The subkey algorithm for the subkey being created.
SubKeyCurve	The elliptic curve of the sub key.
SubKeyUsage	Flags that show intended use for the subkey being created.
UseFipsCompliantAlgorithms	Restricts the usage to FIPS compliant algorithms only.
VersionHeader	The Version header value in ASCII armored public keys.
BuildInfo	Information about the product's build.
CodePage	The system code page used for Unicode to Multibyte translations.
LicenseInfo	Information about the current license.
MaskSensitive	Whether sensitive data is masked in log messages.
ProcessIdleEvents	Whether the class uses its internal event loop to process events when the main thread is idle.
SelectWaitMillis	The length of time in milliseconds the class will wait when DoEvents is called if there are no events to process.
UseInternalSecurityAPI	Tells the class whether or not to use the system security libraries or an internal implementation.

KeyCurve Property (KeyMgr Class)

This property specifies the elliptic curve used in the ECDSA or EdDSA key.

Syntax

ANSI (Cross Platform)
char* GetKeyCurve();

Unicode (Windows)
LPWSTR GetKeyCurve();

char* ipworksopenpgp_keymgr_getkeycurve(void* lpObj);

QString GetKeyCurve();

Default Value

Remarks

This property specifies the elliptic curve used in the ECDSA or EdDSA key. This property is only applicable if KeyPublicKeyAlgorithm is ECDSA or EdDSA. Possible values are:


Value	PublicKeyAlgorithm	Description
secp256r1	ECDSA	NIST curve P-256
secp384r1	ECDSA	NIST curve P-384
secp521r1	ECDSA	NIST curve P-521
Ed25519	EdDSA	Ed25519
secp256k1	EdDSA	Secp256k1

This property is read-only and not available at design time.

Data Type

String

KeyEffectiveDate Property (KeyMgr Class)

The date when this key becomes valid.

Syntax

ANSI (Cross Platform)
char* GetKeyEffectiveDate();

Unicode (Windows)
LPWSTR GetKeyEffectiveDate();

char* ipworksopenpgp_keymgr_getkeyeffectivedate(void* lpObj);

QString GetKeyEffectiveDate();

Default Value

Remarks

The date when this key becomes valid. Prior to this it is not valid. The following is an example of a valid encoded date:

23-Jan-2000 15:00:00.

This property is read-only and not available at design time.

Data Type

String

KeyEncoded Property (KeyMgr Class)

The key.

Syntax

ANSI (Cross Platform)
int GetKeyEncoded(char* &lpKeyEncoded, int &lenKeyEncoded);
int SetKeyEncoded(const char* lpKeyEncoded, int lenKeyEncoded);

Unicode (Windows)
INT GetKeyEncoded(LPSTR &lpKeyEncoded, INT &lenKeyEncoded);
INT SetKeyEncoded(LPCSTR lpKeyEncoded, INT lenKeyEncoded);

int ipworksopenpgp_keymgr_getkeyencoded(void* lpObj, char** lpKeyEncoded, int* lenKeyEncoded);
int ipworksopenpgp_keymgr_setkeyencoded(void* lpObj, const char* lpKeyEncoded, int lenKeyEncoded);

QByteArray GetKeyEncoded();
int SetKeyEncoded(QByteArray qbaKeyEncoded);

Default Value

Remarks

The key. This property is used to assign a specific key. The KeyUserId properties may also be used to specify a key.

This property is not available at design time.

Data Type

Binary String

KeyExpirationDate Property (KeyMgr Class)

The date the key expires.

Syntax

ANSI (Cross Platform)
char* GetKeyExpirationDate();

Unicode (Windows)
LPWSTR GetKeyExpirationDate();

char* ipworksopenpgp_keymgr_getkeyexpirationdate(void* lpObj);

QString GetKeyExpirationDate();

Default Value

Remarks

The date the key expires. After this date the key will no longer be valid. The following is an example of a valid encoded date:

23-Jan-2001 15:00:00.

This property is read-only and not available at design time.

Data Type

String

KeyFingerprint Property (KeyMgr Class)

The hex-encoded, 20-byte fingerprint of the key.

Syntax

ANSI (Cross Platform)
char* GetKeyFingerprint();

Unicode (Windows)
LPWSTR GetKeyFingerprint();

char* ipworksopenpgp_keymgr_getkeyfingerprint(void* lpObj);

QString GetKeyFingerprint();

Default Value

Remarks

The hex-encoded, 20-byte fingerprint of the key.

This is in the form:

5E70662EA810E768391A2FE8F7B7D49C89C9D7B1

This property is read-only and not available at design time.

Data Type

String

KeyId Property (KeyMgr Class)

The hex-encoded, 4-byte key Id.

Syntax

ANSI (Cross Platform)
char* GetKeyId();

Unicode (Windows)
LPWSTR GetKeyId();

char* ipworksopenpgp_keymgr_getkeyid(void* lpObj);

QString GetKeyId();

Default Value

Remarks

The hex-encoded, 4-byte key Id. It is same as last 4 bytes of KeyFingerprint.

This is in the form:

89C9D7B1

The KeyIdLength setting may be set to a value of 8 to return the last 8 bytes instead of the last 4 bytes.

This property is read-only and not available at design time.

Data Type

String

KeyOtherUserIds Property (KeyMgr Class)

If the specified key has alternate user Ids associated with it, this property returns a comma-separated list of the other user Ids.

Syntax

ANSI (Cross Platform)
char* GetKeyOtherUserIds();

Unicode (Windows)
LPWSTR GetKeyOtherUserIds();

char* ipworksopenpgp_keymgr_getkeyotheruserids(void* lpObj);

QString GetKeyOtherUserIds();

Default Value

Remarks

If the specified key has alternate user Ids associated with it, this property returns a comma-separated list of the other user Ids.

This property is read-only and not available at design time.

Data Type

String

KeyPassphrase Property (KeyMgr Class)

The passphrase for the key's secret key (if any).

Syntax

ANSI (Cross Platform)
char* GetKeyPassphrase();
int SetKeyPassphrase(const char* lpszKeyPassphrase);

Unicode (Windows)
LPWSTR GetKeyPassphrase();
INT SetKeyPassphrase(LPCWSTR lpszKeyPassphrase);

char* ipworksopenpgp_keymgr_getkeypassphrase(void* lpObj);
int ipworksopenpgp_keymgr_setkeypassphrase(void* lpObj, const char* lpszKeyPassphrase);

QString GetKeyPassphrase();
int SetKeyPassphrase(QString qsKeyPassphrase);

Default Value

Remarks

The passphrase for the key's secret key (if any). This must be specified before operations requiring the secret key are attempted. The passphrase may be supplied in this property or through the KeyPassphrase event, which will fire when a passphrase is required.

The passphrase is required when using the following methods in KeyMgr:

AddUserId
SignUserId
ChangeExpirationDate
ChangePassphrase

When using the OpenPGP class, or an email-based class, the following methods require a passphrase for the key:

Decrypt
Sign
SignAndEncrypt

This property is not available at design time.

Data Type

String

KeyPublicKey Property (KeyMgr Class)

The public key of the key.

Syntax

ANSI (Cross Platform)
char* GetKeyPublicKey();

Unicode (Windows)
LPWSTR GetKeyPublicKey();

char* ipworksopenpgp_keymgr_getkeypublickey(void* lpObj);

QString GetKeyPublicKey();

Default Value

Remarks

The public key of the key. The key is provided as ASCII armored data.

This property is read-only and not available at design time.

Data Type

String

KeyPublicKeyAlgorithm Property (KeyMgr Class)

A text description of the public key algorithm of the key.

Syntax

ANSI (Cross Platform)
char* GetKeyPublicKeyAlgorithm();

Unicode (Windows)
LPWSTR GetKeyPublicKeyAlgorithm();

char* ipworksopenpgp_keymgr_getkeypublickeyalgorithm(void* lpObj);

QString GetKeyPublicKeyAlgorithm();

Default Value

Remarks

A text description of the public key algorithm of the key. Possible values are:

RSA
DSA
ECDSA
EdDSA
RSA-Legacy

This property is read-only and not available at design time.

Data Type

String

KeyPublicKeyLength Property (KeyMgr Class)

The length of the public key in bits.

Syntax

ANSI (Cross Platform)
int GetKeyPublicKeyLength();

Unicode (Windows)
INT GetKeyPublicKeyLength();

int ipworksopenpgp_keymgr_getkeypublickeylength(void* lpObj);

int GetKeyPublicKeyLength();

Default Value

Remarks

The length of the public key in bits. Common values are 512, 1024, and 2048.

If the KeyPublicKeyAlgorithm property is ECDSA or EcDSA the length of the public key is determined by the KeyCurve. Possible lenghts are:


Curve	Public Key Length (bits)
secp256r1	256
secp384r1	384
secp521r1	521
Ed25519	256
secp256k1	256

This property is read-only and not available at design time.

Data Type

Integer

KeyRevoked Property (KeyMgr Class)

Whether or not the key is revoked.

Syntax

ANSI (Cross Platform)
int GetKeyRevoked();

Unicode (Windows)
BOOL GetKeyRevoked();

int ipworksopenpgp_keymgr_getkeyrevoked(void* lpObj);

bool GetKeyRevoked();

Default Value

FALSE

Remarks

Whether or not the key is revoked.

This property is read-only and not available at design time.

Data Type

Boolean

KeySecretKey Property (KeyMgr Class)

The secret key of the key (if available).

Syntax

ANSI (Cross Platform)
char* GetKeySecretKey();

Unicode (Windows)
LPWSTR GetKeySecretKey();

char* ipworksopenpgp_keymgr_getkeysecretkey(void* lpObj);

QString GetKeySecretKey();

Default Value

Remarks

The secret key of the key (if available). The key is provided as ASCII armored data.

This property is read-only and not available at design time.

Data Type

String

KeySecretKeyAvailable Property (KeyMgr Class)

Whether or not a secret key is available for the selected key.

Syntax

ANSI (Cross Platform)
int GetKeySecretKeyAvailable();

Unicode (Windows)
BOOL GetKeySecretKeyAvailable();

int ipworksopenpgp_keymgr_getkeysecretkeyavailable(void* lpObj);

bool GetKeySecretKeyAvailable();

Default Value

FALSE

Remarks

Whether or not a secret key is available for the selected key.

This property is read-only and not available at design time.

Data Type

Boolean

KeyUsage Property (KeyMgr Class)

A text description of UsageFlags .

Syntax

ANSI (Cross Platform)
char* GetKeyUsage();

Unicode (Windows)
LPWSTR GetKeyUsage();

char* ipworksopenpgp_keymgr_getkeyusage(void* lpObj);

QString GetKeyUsage();

Default Value

Remarks

A text description of KeyUsageFlags.

The value will be of one or more of the following strings, separated by commas:

Certifying Other Certificates
Signing Emails and Files
Encrypting Emails and Files
Split Key
Authenticate Against Servers
Group Key

This property is read-only and not available at design time.

Data Type

String

KeyUsageFlags Property (KeyMgr Class)

Flags that show the intended use for the key.

Syntax

ANSI (Cross Platform)
int GetKeyUsageFlags();

Unicode (Windows)
INT GetKeyUsageFlags();

int ipworksopenpgp_keymgr_getkeyusageflags(void* lpObj);

int GetKeyUsageFlags();

Default Value

Remarks

Flags that show the intended use for the key. The default value is 0x0F. The value of KeyUsageFlags is a combination of the following flags:


0x01	This key may be used to certify other keys.
0x02	This key may be used to sign data.
0x0C	This key may be used to encrypt communications and encrypt storage.
0x10	The private component of this key may have been split by a secret-sharing mechanism.
0x20	This key may be used for authentication.
0x80	The private component of this key may be in the possession of more than one person.

Please refer to the KeyUsage property for a text representation of KeyUsageFlags.

This property is read-only and not available at design time.

Data Type

Integer

KeyUserId Property (KeyMgr Class)

The user Id of the key.

Syntax

ANSI (Cross Platform)
char* GetKeyUserId();
int SetKeyUserId(const char* lpszKeyUserId);

Unicode (Windows)
LPWSTR GetKeyUserId();
INT SetKeyUserId(LPCWSTR lpszKeyUserId);

char* ipworksopenpgp_keymgr_getkeyuserid(void* lpObj);
int ipworksopenpgp_keymgr_setkeyuserid(void* lpObj, const char* lpszKeyUserId);

QString GetKeyUserId();
int SetKeyUserId(QString qsKeyUserId);

Default Value

Remarks

The user Id of the key. When a key is loaded this property is populated with the user Id associated with the key. This property may be set to load a key from the Keyring. When this property is set the class will search the Keyring for a key associated with the UserId specified.

When loading a key with multiple user Ids, this property will be populated with the UserId that was most recently added to the key. To discover all of the UserIds associated with a key query this property and KeyOtherUserIds after loading the key.

The UserId format is:

FirstName LastName (Comment) <Email>

Not all values are required when selecting or generating a key, but at least FirstName or Email are required.

When using this property to select a key you may also specify the key's Id, or any of its subkeys' Ids, instead of a user Id. The class will then search for a key with a matching Id. This is helpful in situations where you do not have the UserId but still need to load the key, such as within the OpenPGP class's RecipientInfo event.

This property is not available at design time.

Data Type

String

Keyring Property (KeyMgr Class)

The location on disk of the keyring.

Syntax

ANSI (Cross Platform)
char* GetKeyring();

Unicode (Windows)
LPWSTR GetKeyring();

char* ipworksopenpgp_keymgr_getkeyring(void* lpObj);

QString GetKeyring();

Default Value

Remarks

To load a keyring use the LoadKeyring method.

This property is read-only.

Data Type

String

AddRevoker Method (KeyMgr Class)

Adds a designated revoker to the key.

Syntax

ANSI (Cross Platform)
int AddRevoker(const char* lpszUserId);

Unicode (Windows)
INT AddRevoker(LPCWSTR lpszUserId);

int ipworksopenpgp_keymgr_addrevoker(void* lpObj, const char* lpszUserId);

int AddRevoker(const QString& qsUserId);

Remarks

This method adds a designated revoker to the selected Key. The UserId parameter specifies the revoker to add. The revoker's key must be present in the current keyring. Use this with caution: once added, a revoker cannot be removed. The key's passphrase is required for this operation and may be specified via KeyPassphrase or through the KeyPassphrase event.

The UserId format is:

FirstName LastName (Comment) <Email>

Not all values are required when selecting or generating a key, but at least FirstName or Email are required.

Error Handling (C++)

This method returns a result code; 0 indicates success, while a non-zero error code indicates that this method encountered an error during its execution. If an error occurs, the GetLastError() method can be called to retrieve the associated error message. (Note: This method's result code can also be obtained by calling the GetLastErrorCode() method after it returns.)

AddUserId Method (KeyMgr Class)

Adds the specified user Id to the current key.

Syntax

ANSI (Cross Platform)
int AddUserId(const char* lpszUserId);

Unicode (Windows)
INT AddUserId(LPCWSTR lpszUserId);

int ipworksopenpgp_keymgr_adduserid(void* lpObj, const char* lpszUserId);

int AddUserId(const QString& qsUserId);

Remarks

The key's passphrase is required for this operation and may be specified via KeyPassphrase or through the KeyPassphrase event.

The UserId format is:

FirstName LastName (Comment) <Email>

Not all values are required when selecting or generating a key, but at least FirstName or Email are required.

Error Handling (C++)

ChangeExpirationDate Method (KeyMgr Class)

Changes the expiration date of the key.

Syntax

ANSI (Cross Platform)
int ChangeExpirationDate(int iExpirationDate);

Unicode (Windows)
INT ChangeExpirationDate(INT iExpirationDate);

int ipworksopenpgp_keymgr_changeexpirationdate(void* lpObj, int iExpirationDate);

int ChangeExpirationDate(int iExpirationDate);

Remarks

This method changes the expiration date of the current Key. The ExpirationDate parameter specifies the number of days for which the key is valid starting today. For instance a value of "31" means the key is valid for the next 31 days.

The special value "0" means the key will never expire.

The key's passphrase is required for this operation and may be specified via KeyPassphrase or through the KeyPassphrase event.

Note: See KeyValidityTime for information on specifying the expiration date when creating the key with CreateKey.

Error Handling (C++)

ChangePassphrase Method (KeyMgr Class)

Changes the passphrase of the current key.

Syntax

ANSI (Cross Platform)
int ChangePassphrase(const char* lpszPassphrase);

Unicode (Windows)
INT ChangePassphrase(LPCWSTR lpszPassphrase);

int ipworksopenpgp_keymgr_changepassphrase(void* lpObj, const char* lpszPassphrase);

int ChangePassphrase(const QString& qsPassphrase);

Remarks

The Passphrase parameter specifies the new passphrase.

The key's passphrase is required for this operation and may be specified via KeyPassphrase or through the KeyPassphrase event.

Error Handling (C++)

Config Method (KeyMgr Class)

Sets or retrieves a configuration setting.

Syntax

ANSI (Cross Platform)
char* Config(const char* lpszConfigurationString);

Unicode (Windows)
LPWSTR Config(LPCWSTR lpszConfigurationString);

char* ipworksopenpgp_keymgr_config(void* lpObj, const char* lpszConfigurationString);

QString Config(const QString& qsConfigurationString);

Remarks

Config is a generic method available in every class. It is used to set and retrieve configuration settings for the class.

These settings are similar in functionality to properties, but they are rarely used. In order to avoid "polluting" the property namespace of the class, access to these internal properties is provided through the Config method.

To set a configuration setting named PROPERTY, you must call Config("PROPERTY=VALUE"), where VALUE is the value of the setting expressed as a string. For boolean values, use the strings "True", "False", "0", "1", "Yes", or "No" (case does not matter).

To read (query) the value of a configuration setting, you must call Config("PROPERTY"). The value will be returned as a string.

Error Handling (C++)

This method returns a String value; after it returns, call the GetLastErrorCode() method to obtain its result code; 0 indicates success, while a non-zero error code indicates that this method encountered an error during its execution. If an error occurs, the GetLastError() method can be called to retrieve the associated error message.

CreateKey Method (KeyMgr Class)

Creates an OpenPGP key pair.

Syntax

ANSI (Cross Platform)
int CreateKey(const char* lpszUserId, const char* lpszPassphrase);

Unicode (Windows)
INT CreateKey(LPCWSTR lpszUserId, LPCWSTR lpszPassphrase);

int ipworksopenpgp_keymgr_createkey(void* lpObj, const char* lpszUserId, const char* lpszPassphrase);

int CreateKey(const QString& qsUserId, const QString& qsPassphrase);

Remarks

This method creates a new OpenPGP key pair. The UserId parameter specifies the user Id of the key.

The UserId format is:

FirstName LastName (Comment) <Email>

Not all values are required when selecting or generating a key, but at least FirstName or Email are required.

Additional configuration settings may be set to further configure the details of the key being created. Please see the following settings for details:

KeyEncryptionAlgorithm
KeyUsage
KeyValidityTime
PublicKeyLength
PublicKeyAlgorithm
PublicKeySignatureHashAlgorithm
Curve
SubKeyCurve

Error Handling (C++)

CreateSubKey Method (KeyMgr Class)

Creates a new subkey.

Syntax

ANSI (Cross Platform)
int CreateSubKey();

Unicode (Windows)
INT CreateSubKey();

int ipworksopenpgp_keymgr_createsubkey(void* lpObj);

int CreateSubKey();

Remarks

This method creates a new subkey. Before calling this method the KeyId property must be set to a valid private key.

The following settings may optionally be set to define specific values for the created subkey:

KeyValidityTime
PublicKeyLength
SubKeyAlgorithm
SubKeyCurve
SubKeyUsage

Error Handling (C++)

DeleteKey Method (KeyMgr Class)

Deletes the specified key.

Syntax

ANSI (Cross Platform)
int DeleteKey(const char* lpszUserId);

Unicode (Windows)
INT DeleteKey(LPCWSTR lpszUserId);

int ipworksopenpgp_keymgr_deletekey(void* lpObj, const char* lpszUserId);

int DeleteKey(const QString& qsUserId);

Remarks

This method deletes the key specified by UserId from the current keyring. Below is a table of the type of Ids that may be specified to identify the key:


Id Type	Example
UserId	FirstName LastName <user@mail.com>
UserId (name only)	FirstName LastName
UserId (first name only)	FirstName
UserId (email only)	user@mail.com
Short KeyId	89C9D7B1
Long KeyId	F7B7D49C89C9D7B1

Error Handling (C++)

ExportPublicKey Method (KeyMgr Class)

Exports the public key of the current key.

Syntax

ANSI (Cross Platform)
int ExportPublicKey(const char* lpszFileName, int buseAsciiArmor);

Unicode (Windows)
INT ExportPublicKey(LPCWSTR lpszFileName, BOOL buseAsciiArmor);

int ipworksopenpgp_keymgr_exportpublickey(void* lpObj, const char* lpszFileName, int buseAsciiArmor);

int ExportPublicKey(const QString& qsFileName, bool buseAsciiArmor);

Remarks

This method exports the public key of the currently selected Key. The FileName parameter specifies the file on disk to which the public key will be written. The UseAsciiArmor parameter determines whether or not ASCII armoring is used when writing the key to disk.

Note: When UseAsciiArmor is set to True the VersionHeader setting may also be set to specify your own header value.

Error Handling (C++)

ExportSecretKey Method (KeyMgr Class)

Exports the private key of the current key.

Syntax

ANSI (Cross Platform)
int ExportSecretKey(const char* lpszFileName, int buseAsciiArmor);

Unicode (Windows)
INT ExportSecretKey(LPCWSTR lpszFileName, BOOL buseAsciiArmor);

int ipworksopenpgp_keymgr_exportsecretkey(void* lpObj, const char* lpszFileName, int buseAsciiArmor);

int ExportSecretKey(const QString& qsFileName, bool buseAsciiArmor);

Remarks

This method exports the private key of the currently selected Key. The FileName parameter specifies the file on disk that the private key will be written to. The UseAsciiArmor parameter determines whether or not ASCII armoring is used when writing the key to disk.

Error Handling (C++)

ImportKey Method (KeyMgr Class)

Imports the key specified by UserId to the current keyring.

Syntax

ANSI (Cross Platform)
int ImportKey(const char* lpszFileName, const char* lpszUserId);

Unicode (Windows)
INT ImportKey(LPCWSTR lpszFileName, LPCWSTR lpszUserId);

int ipworksopenpgp_keymgr_importkey(void* lpObj, const char* lpszFileName, const char* lpszUserId);

int ImportKey(const QString& qsFileName, const QString& qsUserId);

Remarks

This method imports the key specified by UserId from the key file specified by FileName into the current Keyring. The imported key will be automatically selected and available in the Key property.

If the FileName specifies a key file which contains multiple keys only the key belonging to UserId will be imported.

If UserId is set to "*" or "" (empty string) all keys in the key file will be imported. The ImportAllKeys setting controls the behavior of the class in this case.

Note: If you simply wish to select a key in the current ring set KeyUserId instead.

Error Handling (C++)

ImportKeyB Method (KeyMgr Class)

Imports the key specified by UserId to the current keyring.

Syntax

ANSI (Cross Platform)
int ImportKeyB(const char* lpData, int lenData, const char* lpszUserId);

Unicode (Windows)
INT ImportKeyB(LPCSTR lpData, INT lenData, LPCWSTR lpszUserId);

int ipworksopenpgp_keymgr_importkeyb(void* lpObj, const char* lpData, int lenData, const char* lpszUserId);

int ImportKeyB(QByteArray qbaData, const QString& qsUserId);

Remarks

This method imports the key specified by UserId from the key data specified by Data into the current Keyring. The imported key will be automatically selected and available in the Key property.

If the Data specifies key data that contains multiple keys only the key belonging to UserId will be imported.

If UserId is set to "*" or "" (empty string) all keys in the key data will be imported. The ImportAllKeys setting controls the behavior of the class in this case.

Note: If you simply wish to select a key in the current ring set KeyUserId instead.

Error Handling (C++)

ListKeys Method (KeyMgr Class)

Lists keys in the specified Keyring .

Syntax

ANSI (Cross Platform)
char* ListKeys();

Unicode (Windows)
LPWSTR ListKeys();

char* ipworksopenpgp_keymgr_listkeys(void* lpObj);

QString ListKeys();

Remarks

This method lists the keys (public/private key pairs) in the specified keyring. The results are provided through the KeyList event.

KeyList data will also be returned from this method, however it is recommended to use the KeyList event if possible.

Error Handling (C++)

ListSignatures Method (KeyMgr Class)

Lists all signatures of the current key.

Syntax

ANSI (Cross Platform)
char* ListSignatures();

Unicode (Windows)
LPWSTR ListSignatures();

char* ipworksopenpgp_keymgr_listsignatures(void* lpObj);

QString ListSignatures();

Remarks

This method lists all the signatures of the currently selected key. The SignatureList event will fire for each signature.

SignatureList data will also be returned from this method. However, it is recommended to use the SignatureList event if possible.

Error Handling (C++)

ListSubkeys Method (KeyMgr Class)

Lists the subkeys of the currently selected key.

Syntax

ANSI (Cross Platform)
char* ListSubkeys();

Unicode (Windows)
LPWSTR ListSubkeys();

char* ipworksopenpgp_keymgr_listsubkeys(void* lpObj);

QString ListSubkeys();

Remarks

This method lists all subkeys of current key. The SubkeyList event will be fired for each subkey.

SubkeyList data will also be returned from this method, however it is recommended to use the SubkeyList event if possible.

Error Handling (C++)

LoadKeyring Method (KeyMgr Class)

Loads the keyring from disk.

Syntax

ANSI (Cross Platform)
int LoadKeyring(const char* lpszKeyringPath);

Unicode (Windows)
INT LoadKeyring(LPCWSTR lpszKeyringPath);

int ipworksopenpgp_keymgr_loadkeyring(void* lpObj, const char* lpszKeyringPath);

int LoadKeyring(const QString& qsKeyringPath);

Remarks

This method loads the keyring from disk. If the keyring is stored in a directory, set KeyringPath to the directory. The directory must contain the files "secring.gpg" and "pubring.gpg". A keyring may also be stored in a single file. If the keyring is a file KeyringPath should be set to the path of the file.

When this method is called the class will read the keyring and populate the Key property with the first key found in the keyring. Set KeyUserId to select a different key in the current keyring.

Error Handling (C++)

LoadKeyringB Method (KeyMgr Class)

Loads the keyring from SecretKeyringData and PublicKeyringData .

Syntax

ANSI (Cross Platform)
int LoadKeyringB(const char* lpSecretKeyringData, int lenSecretKeyringData, const char* lpPublicKeyringData, int lenPublicKeyringData);

Unicode (Windows)
INT LoadKeyringB(LPCSTR lpSecretKeyringData, INT lenSecretKeyringData, LPCSTR lpPublicKeyringData, INT lenPublicKeyringData);

int ipworksopenpgp_keymgr_loadkeyringb(void* lpObj, const char* lpSecretKeyringData, int lenSecretKeyringData, const char* lpPublicKeyringData, int lenPublicKeyringData);

int LoadKeyringB(QByteArray qbaSecretKeyringData, QByteArray qbaPublicKeyringData);

Remarks

This method loads the keyring from SecretKeyringData and PublicKeyringData.

When this method is called the class will read the keyring and populate the Key property with the first key found in the keyring. Set KeyUserId to select a different key in the current keyring.

Error Handling (C++)

Reset Method (KeyMgr Class)

Resets the class properties.

Syntax

ANSI (Cross Platform)
int Reset();

Unicode (Windows)
INT Reset();

int ipworksopenpgp_keymgr_reset(void* lpObj);

int Reset();

Remarks

This method resets all message and key properties to their default values.

Error Handling (C++)

RevokeKey Method (KeyMgr Class)

Revokes the specified key.

Syntax

ANSI (Cross Platform)
char* RevokeKey(const char* lpszKeyId);

Unicode (Windows)
LPWSTR RevokeKey(LPCWSTR lpszKeyId);

char* ipworksopenpgp_keymgr_revokekey(void* lpObj, const char* lpszKeyId);

QString RevokeKey(const QString& qsKeyId);

Remarks

This method revokes the key specified by KeyId and returns the revocation certificate.

When creating a revocation certificate there are two supported formats. The first format includes only the revocation signature. This format is returned by this method. The second format includes both the public key and the revocation signature. This format can be obtained by calling ExportPublicKey after calling this method. Both formats are common, and both formats are acceptable when calling ImportKey.

Before calling this method a key must be selected and available in the Key* properties.

The KeyId may be the Id of the main key or a subkey.

Error Handling (C++)

SaveKeyring Method (KeyMgr Class)

Saves the current Keyring to disk.

Syntax

ANSI (Cross Platform)
int SaveKeyring(const char* lpszKeyringPath);

Unicode (Windows)
INT SaveKeyring(LPCWSTR lpszKeyringPath);

int ipworksopenpgp_keymgr_savekeyring(void* lpObj, const char* lpszKeyringPath);

int SaveKeyring(const QString& qsKeyringPath);

Remarks

This method saves the current keyring to disk. There are two output options. The keyring may either be saved to a single key file or may be saved to a directory.

To save the keyring to a directory set KeyringPath to the path. The directory must already exist. The class will create a "pubring.gpg" and "secring.gpg" file in the specified directory. If the files already exist they will be overwritten.

To save the keyring to a key file set KeyringPath to a path and file name. If the file already exists it will be overwritten.

Error Handling (C++)

SignUserId Method (KeyMgr Class)

Signs the specified user Id of the current key.

Syntax

ANSI (Cross Platform)
int SignUserId(const char* lpszUserId, const char* lpszIssuerUserId);

Unicode (Windows)
INT SignUserId(LPCWSTR lpszUserId, LPCWSTR lpszIssuerUserId);

int ipworksopenpgp_keymgr_signuserid(void* lpObj, const char* lpszUserId, const char* lpszIssuerUserId);

int SignUserId(const QString& qsUserId, const QString& qsIssuerUserId);

Remarks

This method signs the UserId with the IssuerUserId.

To sign all user Ids in the current key set the UserId parameter to "*".

The key's passphrase is required for this operation and may be specified via KeyPassphrase or through the KeyPassphrase event.

Error Handling (C++)

VerifyPassphrase Method (KeyMgr Class)

Verifies the passphrase of specified key.

Syntax

ANSI (Cross Platform)
int VerifyPassphrase(const char* lpszPassphrase);

Unicode (Windows)
INT VerifyPassphrase(LPCWSTR lpszPassphrase);

int ipworksopenpgp_keymgr_verifypassphrase(void* lpObj, const char* lpszPassphrase);

bool VerifyPassphrase(const QString& qsPassphrase);

Remarks

This method verifies the passphrase of the key specified by UserId.

If the password is correct, this method returns True; otherwise, this method returns False.

Error Handling (C++)

This method returns a Boolean value; after it returns, call the GetLastErrorCode() method to obtain its result code; 0 indicates success, while a non-zero error code indicates that this method encountered an error during its execution. If an error occurs, the GetLastError() method can be called to retrieve the associated error message.

Error Event (KeyMgr Class)

Information about errors during data delivery.

Syntax

ANSI (Cross Platform)
virtual int FireError(KeyMgrErrorEventParams *e);

typedef struct {
  int ErrorCode;
  const char *Description;
  int reserved;
} KeyMgrErrorEventParams;


Unicode (Windows)
virtual INT FireError(KeyMgrErrorEventParams *e);

typedef struct {
  INT ErrorCode;
  LPCWSTR Description;
  INT reserved;
} KeyMgrErrorEventParams;

#define EID_KEYMGR_ERROR 1

virtual INT IPWORKSOPENPGP_CALL FireError(INT &iErrorCode, LPSTR &lpszDescription);

class KeyMgrErrorEventParams {
public:
  int ErrorCode();

  const QString &Description();

  int EventRetVal();
  void SetEventRetVal(int iRetVal);
};

// To handle, connect one or more slots to this signal.
void Error(KeyMgrErrorEventParams *e);

// Or, subclass KeyMgr and override this emitter function.
virtual int FireError(KeyMgrErrorEventParams *e) {...}

Remarks

The Error event is fired in case of exceptional conditions during message processing. Normally the class fails with an error.

The ErrorCode parameter contains an error code, and the Description parameter contains a textual description of the error. For a list of valid error codes and their descriptions, please refer to the Error Codes section.

KeyList Event (KeyMgr Class)

Fires for each key in the keyring when ListKeys is called.

Syntax

ANSI (Cross Platform)
virtual int FireKeyList(KeyMgrKeyListEventParams *e);

typedef struct {
  const char *UserId;
  const char *KeyId;
  const char *Fingerprint;
  int HasSecretKey;
  const char *PublicKeyAlgorithm;
  int PublicKeyLength;
  const char *Curve;
  int reserved;
} KeyMgrKeyListEventParams;


Unicode (Windows)
virtual INT FireKeyList(KeyMgrKeyListEventParams *e);

typedef struct {
  LPCWSTR UserId;
  LPCWSTR KeyId;
  LPCWSTR Fingerprint;
  BOOL HasSecretKey;
  LPCWSTR PublicKeyAlgorithm;
  INT PublicKeyLength;
  LPCWSTR Curve;
  INT reserved;
} KeyMgrKeyListEventParams;

#define EID_KEYMGR_KEYLIST 2

virtual INT IPWORKSOPENPGP_CALL FireKeyList(LPSTR &lpszUserId, LPSTR &lpszKeyId, LPSTR &lpszFingerprint, BOOL &bHasSecretKey, LPSTR &lpszPublicKeyAlgorithm, INT &iPublicKeyLength, LPSTR &lpszCurve);

class KeyMgrKeyListEventParams {
public:
  const QString &UserId();

  const QString &KeyId();

  const QString &Fingerprint();

  bool HasSecretKey();

  const QString &PublicKeyAlgorithm();

  int PublicKeyLength();

  const QString &Curve();

  int EventRetVal();
  void SetEventRetVal(int iRetVal);
};

// To handle, connect one or more slots to this signal.
void KeyList(KeyMgrKeyListEventParams *e);

// Or, subclass KeyMgr and override this emitter function.
virtual int FireKeyList(KeyMgrKeyListEventParams *e) {...}

Remarks

This event fires once for each key in the Keyring when ListKeys is called.

UserId holds the current user Id of the key.

The UserId format is:

FirstName LastName (Comment) <Email>

Not all values are required when selecting or generating a key, but at least FirstName or Email are required.

KeyId is the hex-encoded, 4-byte or 8-byte Id of the key. It is the same as the last 4 or 8 bytes of the Fingerprint. For instance:

BF52A0AB

Fingerprint holds the hex-encoded, 20-byte fingerprint of the key. This is in the form:

5E70662EA810E768391A2FE8F7B7D49C89C9D7B1

HasSecretKey returns True if the key contains a secret key.

PublicKeyAlgorithm is the public key algorithm. Possible values are:

RSA
DSA
ECDSA
EdDSA

PublicKeyLength is the length of the public key. Common values are 512, 1024, and 2048. If the PublicKeyAlgorithm is ECDSA or EdDSA the length of the public key is determined by the Curve. Possible lengths are:


Curve	Public Key Length (bits)
secp256r1	256
secp384r1	384
secp521r1	521
Ed25519	256
secp256k1	256

Curve is the curve used by the key when PublicKeyAlgorithm is ECDSA or EdDSA. Possible values are:


Value	PublicKeyAlgorithm	Description
secp256r1	ECDSA	NIST curve P-256
secp384r1	ECDSA	NIST curve P-384
secp521r1	ECDSA	NIST curve P-521
Ed25519	EdDSA	Ed25519
secp256k1	EdDSA	Secp256k1

KeyPassphrase Event (KeyMgr Class)

Fired if the passphrase of current key is incorrect or empty.

Syntax

ANSI (Cross Platform)
virtual int FireKeyPassphrase(KeyMgrKeyPassphraseEventParams *e);

typedef struct {
  const char *UserId;
  const char *KeyId;
  char *Passphrase;
  int reserved;
} KeyMgrKeyPassphraseEventParams;


Unicode (Windows)
virtual INT FireKeyPassphrase(KeyMgrKeyPassphraseEventParams *e);

typedef struct {
  LPCWSTR UserId;
  LPCWSTR KeyId;
  LPWSTR Passphrase;
  INT reserved;
} KeyMgrKeyPassphraseEventParams;

#define EID_KEYMGR_KEYPASSPHRASE 3

virtual INT IPWORKSOPENPGP_CALL FireKeyPassphrase(LPSTR &lpszUserId, LPSTR &lpszKeyId, LPSTR &lpszPassphrase);

class KeyMgrKeyPassphraseEventParams {
public:
  const QString &UserId();

  const QString &KeyId();

  const QString &Passphrase();
  void SetPassphrase(const QString &qsPassphrase);

  int EventRetVal();
  void SetEventRetVal(int iRetVal);
};

// To handle, connect one or more slots to this signal.
void KeyPassphrase(KeyMgrKeyPassphraseEventParams *e);

// Or, subclass KeyMgr and override this emitter function.
virtual int FireKeyPassphrase(KeyMgrKeyPassphraseEventParams *e) {...}

Remarks

This event fires when the passphrase for the key is required. The passphrase must be specified before operations requiring the secret key are attempted. The passphrase may be supplied by setting the Passphrase parameter in this event, or by specifying the KeyPassphrase property before attempting the operation.

The passphrase is required when using the following methods in KeyMgr:

AddUserId
SignUserId
ChangeExpirationDate
ChangePassphrase

When using the OpenPGP class, or an email-based class, the following methods require a passphrase for the key:

Decrypt
Sign
SignAndEncrypt

SignatureList Event (KeyMgr Class)

Fires for each signature of the current key when ListSignatures is called.

Syntax

ANSI (Cross Platform)
virtual int FireSignatureList(KeyMgrSignatureListEventParams *e);

typedef struct {
  const char *UserId;
  const char *IssuerKeyId;
  const char *IssuerUserId;
  const char *PublicKeyAlgorithm;
  const char *Curve;
  const char *HashAlgorithm;
  const char *EffectiveDate;
  int SignatureClass;
  int ValidityStatus;
  int reserved;
} KeyMgrSignatureListEventParams;


Unicode (Windows)
virtual INT FireSignatureList(KeyMgrSignatureListEventParams *e);

typedef struct {
  LPCWSTR UserId;
  LPCWSTR IssuerKeyId;
  LPCWSTR IssuerUserId;
  LPCWSTR PublicKeyAlgorithm;
  LPCWSTR Curve;
  LPCWSTR HashAlgorithm;
  LPCWSTR EffectiveDate;
  INT SignatureClass;
  INT ValidityStatus;
  INT reserved;
} KeyMgrSignatureListEventParams;

#define EID_KEYMGR_SIGNATURELIST 4

virtual INT IPWORKSOPENPGP_CALL FireSignatureList(LPSTR &lpszUserId, LPSTR &lpszIssuerKeyId, LPSTR &lpszIssuerUserId, LPSTR &lpszPublicKeyAlgorithm, LPSTR &lpszCurve, LPSTR &lpszHashAlgorithm, LPSTR &lpszEffectiveDate, INT &iSignatureClass, INT &iValidityStatus);

class KeyMgrSignatureListEventParams {
public:
  const QString &UserId();

  const QString &IssuerKeyId();

  const QString &IssuerUserId();

  const QString &PublicKeyAlgorithm();

  const QString &Curve();

  const QString &HashAlgorithm();

  const QString &EffectiveDate();

  int SignatureClass();

  int ValidityStatus();

  int EventRetVal();
  void SetEventRetVal(int iRetVal);
};

// To handle, connect one or more slots to this signal.
void SignatureList(KeyMgrSignatureListEventParams *e);

// Or, subclass KeyMgr and override this emitter function.
virtual int FireSignatureList(KeyMgrSignatureListEventParams *e) {...}

Remarks

This event fires once for each signature of the current key when ListSignatures is called.

UserId holds the current user Id of the key.

The UserId format is:

FirstName LastName (Comment) <Email>

Not all values are required when selecting or generating a key, but at least FirstName or Email are required.

IssuerKeyId is the hex-encoded, 4- or-8-byte Id of the issuer's key. It is the same as the last 4 or 8 bytes of the Fingerprint. For instance: BF52A0AB

IssuerUserId is the user Id of the issuer. If this is empty the issuer's key could not be found in the current keyring.

PublicKeyAlgorithm is the public key algorithm. Possible values are:

RSA
DSA
ECDSA
EdDSA

Curve is the curve used by the key when PublicKeyAlgorithm is ECDSA or EdDSA. Possible values are:


Value	PublicKeyAlgorithm	Description
secp256r1	ECDSA	NIST curve P-256
secp384r1	ECDSA	NIST curve P-384
secp521r1	ECDSA	NIST curve P-521
Ed25519	EdDSA	Ed25519
secp256k1	EdDSA	Secp256k1

HashAlgorithm is the hash algorithm used by the signature. Possible values are:

SHA1
SHA256
SHA384
SHA512
SHA224
MD5

EffectiveDate is the date when this signature became valid. The following example illustrates the format of an encoded date: 23-Jan-2000 15:00:00 .

SignatureClass is the type of signature. Possible values are:


16	Generic Signature
17	Personal Signature
18	Casual Signature
19	Positive Signature (self-signed)

ValidityStatus specifies the current validity status of the signature. Possible values are:


1	Invalid
2	Valid
3	Unknown (the issuer's public key could not be found)

Status Event (KeyMgr Class)

Shows the progress of the operation.

Syntax

ANSI (Cross Platform)
virtual int FireStatus(KeyMgrStatusEventParams *e);

typedef struct {
  const char *Message;
  int reserved;
} KeyMgrStatusEventParams;


Unicode (Windows)
virtual INT FireStatus(KeyMgrStatusEventParams *e);

typedef struct {
  LPCWSTR Message;
  INT reserved;
} KeyMgrStatusEventParams;

#define EID_KEYMGR_STATUS 5

virtual INT IPWORKSOPENPGP_CALL FireStatus(LPSTR &lpszMessage);

class KeyMgrStatusEventParams {
public:
  const QString &Message();

  int EventRetVal();
  void SetEventRetVal(int iRetVal);
};

// To handle, connect one or more slots to this signal.
void Status(KeyMgrStatusEventParams *e);

// Or, subclass KeyMgr and override this emitter function.
virtual int FireStatus(KeyMgrStatusEventParams *e) {...}

Remarks

The event is fired for informational and logging purposes only. It may be used to track the progress of an operation.

The level of detail is controlled by the LogLevel setting.

SubkeyList Event (KeyMgr Class)

Fires once for each subkey listed when ListSubkeys is called.

Syntax

ANSI (Cross Platform)
virtual int FireSubkeyList(KeyMgrSubkeyListEventParams *e);

typedef struct {
  const char *KeyId;
  const char *Fingerprint;
  const char *PublicKeyAlgorithm;
  int PublicKeyLength;
  const char *Curve;
  int UsageFlags;
  const char *Usage;
  const char *EffectiveDate;
  const char *ExpirationDate;
  int Revoked;
  int reserved;
} KeyMgrSubkeyListEventParams;


Unicode (Windows)
virtual INT FireSubkeyList(KeyMgrSubkeyListEventParams *e);

typedef struct {
  LPCWSTR KeyId;
  LPCWSTR Fingerprint;
  LPCWSTR PublicKeyAlgorithm;
  INT PublicKeyLength;
  LPCWSTR Curve;
  INT UsageFlags;
  LPCWSTR Usage;
  LPCWSTR EffectiveDate;
  LPCWSTR ExpirationDate;
  BOOL Revoked;
  INT reserved;
} KeyMgrSubkeyListEventParams;

#define EID_KEYMGR_SUBKEYLIST 6

virtual INT IPWORKSOPENPGP_CALL FireSubkeyList(LPSTR &lpszKeyId, LPSTR &lpszFingerprint, LPSTR &lpszPublicKeyAlgorithm, INT &iPublicKeyLength, LPSTR &lpszCurve, INT &iUsageFlags, LPSTR &lpszUsage, LPSTR &lpszEffectiveDate, LPSTR &lpszExpirationDate, BOOL &bRevoked);

class KeyMgrSubkeyListEventParams {
public:
  const QString &KeyId();

  const QString &Fingerprint();

  const QString &PublicKeyAlgorithm();

  int PublicKeyLength();

  const QString &Curve();

  int UsageFlags();

  const QString &Usage();

  const QString &EffectiveDate();

  const QString &ExpirationDate();

  bool Revoked();

  int EventRetVal();
  void SetEventRetVal(int iRetVal);
};

// To handle, connect one or more slots to this signal.
void SubkeyList(KeyMgrSubkeyListEventParams *e);

// Or, subclass KeyMgr and override this emitter function.
virtual int FireSubkeyList(KeyMgrSubkeyListEventParams *e) {...}

Remarks

This event fires once for each subkey when ListSubkeys is called.

KeyId is the hex-encoded, 4- or 8-byte Id of the key. It is the same as the last 4 or 8 bytes of the Fingerprint. For instance:

BF52A0AB

Fingerprint holds the hex-encoded, 20-byte fingerprint of the key. This is in the form:

5E70662EA810E768391A2FE8F7B7D49C89C9D7B1

PublicKeyAlgorithm is the public key algorithm. Possible values are:

RSA
Elgamal
ECDH (Only used with ECDSA and EdDSA keys)

PublicKeyLength is the length of the public key. Common values are 512, 1024, and 2048.

Curve is the curve used by the key when PublicKeyAlgorithm is ECDH. Possible values are:


Value	Description
secp256r1	NIST curve P-256
secp384r1	NIST curve P-384
secp521r1	NIST curve P-521
Curve25519	Curve25519
Ed25519	Ed25519

Usage is the textual description of UsageFlags.

The value will be of one or more of the following strings, separated by commas:

Certifying Other Certificates
Signing Emails and Files
Encrypting Emails and Files
Split Key
Authenticate Against Servers
Group Key

UsageFlags is an integer flag that shows the intended use for the key. The value is a combination of the following flags:


0x01	This key may be used to certify other keys.
0x02	This key may be used to sign data.
0x0C	This key may be used to encrypt communications and encrypt storage.
0x10	The private component of this key may have been split by a secret-sharing mechanism.
0x20	This key may be used for authentication.
0x80	The private component of this key may be in the possession of more than one person.

EffectiveDate is the date when this key became valid. The following example illustrates the format of an encoded date: 23-Jan-2000 15:00:00.

ExpirationDate is the date the key expires. After this date the key will no longer be valid. The following example illustrates the format of an encoded date: 23-Jan-2000 15:00:00. If the ExpirationDate is not populated this indicates that the key never expires.

Revoked Indicates whether the subkey is revoked or not.

Config Settings (KeyMgr Class)

The class accepts one or more of the following configuration settings. Configuration settings are similar in functionality to properties, but they are rarely used. In order to avoid "polluting" the property namespace of the class, access to these internal properties is provided through the Config method.

KeyMgr Config Settings

AllowEmptyPassword: Whether a key can be created without a password.

This controls whether a password will be used to encrypt a key. When true, CreateKey will accept an empty string as the password, leaving the key unencrypted. The default is false.

ContinueOnInvalidKey: Whether to continue loading the keyring when an invalid key is found.

This setting determines whether the class will continue loading keys when an invalid key is found. This is applicable when calling LoadKeyring. If set to False (default) the class fails with an error. If set to True the class will fire the Error event with information about the key which failed to load, and then continue loading additional keys.

CreateRSASubkeyforEncrypt: Whether to create a subkey when creating an RSA key.

This setting determines whether the class will additionally create a subkey marked for encryption when calling CreateKey when PublicKeyAlgorithm is set to "RSA". The default is true.

CurrentKeyPrimaryKeyUsageFlags: The usage flags of the currently selected primary key.

When queried, this will return the usage flags of the currently selected primary key, returned in decimal representation. Individual flags may be checked against the list at KeyUsageFlags.

Curve: The elliptic curve used when calling CreateKey.

This setting specifies the curve to use when creating ECDSA or EdDSA keys. This setting is only applicable when PublicKeyAlgorithm is set to ECDSA or EdDSA. Possible values are:


Value	PublicKeyAlgorithm	Description
secp256r1	ECDSA	NIST curve P-256
secp384r1	ECDSA	NIST curve P-384
secp521r1	ECDSA	NIST curve P-521
Ed25519	EdDSA	Ed25519
secp256k1	EdDSA	Secp256k1

The default value is secp256r1 for ECDSA keys and Ed25519 for EdDSA keys.

DSAPublicSubKeyLength: Specifies the public subkey length when creating a DSA key.

This setting is only applicable when creating DSA keys with CreateKey. This specifies the length of the public ElGamal subkey. The value is 0 means this setting is not used and the subkey will have the length defined in PublicKeyLength. The default value is 0.

EnsureValidDSASignatureHashAlgorithm: Whether or not to select a suitable signature hash algorithm automatically.

This setting specifies whether the class ensures a valid hash algorithm is selected for use with the loaded DSA or ECDSA key. The default value is True.

DSA Notes

DSA requires that the hash be 160 bits or larger, which means MD5 is not a suitable algorithm. When DSA Signature Hash Algorithm selection is enabled (default) the class will use the preferred algorithm from the key if it meets the requirements for DSA. If the preferred algorithm is MD5 and does not meed the requirements for DSA the class will automatically use a suitable algorithm based on the Q element of the DSA key (may be SHA1, SHA224, or SHA256).

ECDSA Notes

The ECDSA Signature Hash Algorithm requirements are directly related to the KeyCurve used by the key. When this setting is enabled (default) the class will use the preferred algorithm from the key if it meets the requirements for ECDSA. If the preferred algorithm does not meet the requirements the class will automatically select a valid hash algorithm based on the curve as follows:


Curve	Hash Algorithm
secp256r1	SHA256
secp384r1	SHA384
secp521r1	SHA512
secp256k1	SHA256

ImportAllKeys: Whether or not to import all keys found in a key file.

When calling ImportKey with a UserId parameter of "*" or "", the class will import all keys found in the file if this property is set to True (default). If this is set to False when the UserId parameter of ImportKey is set to "*" or "", only the first key found in the file will be imported. The default value is True.

KeyEncryptionAlgorithm: The encryption algorithm used when creating a key.

Specifies the encryption algorithm to use when calling CreateKey. The default value is "CAST5". Possible values are "CAST5", "3DES", "AES256", "AES192", "AES128", "IDEA", and "BLOWFISH".

KeyIdLength: Specifies the length of the key's Id.

When querying the KeyId property the value will be returned with the length (in octets) specified. The default value is 4. The only other acceptable value is 8.

KeyringFormat: Which format of keyring to use.

GPG has two formats to store multiple keys. Set this to the correct format. keymgr1.Config("KeyringFormat=2");


Config Value	Keyring Format
1	GPG 2.0 and older (Default)
2	GPG 2.1 and newer

Versions 2.0 and older use keyrings. Public keys are stored in pubring.gpg. Secret keys are stored in secring.gpg.

Versions 2.1 and newer use a keybox. Public keys are stored in a .kbx file. Private keys are stored in private-keys-v1.d.

KeyUsage: Flags that show intended use for the key being created.

When calling CreateKey this setting defines the flags that show the intended use for the key. The default value is (0x0F). The value of KeyUsage is a combination of the following flags:


0x01	This key may be used to certify other keys.
0x02	This key may be used to sign data.
0x0C	This key may be used to encrypt communications and encrypt storage.
0x10	The private component of this key may have been split by a secret-sharing mechanism.
0x20	This key may be used for authentication.
0x80	The private component of this key may be in the possession of more than one person.

KeyValidityTime: The validity period for the key being created.

When CreateKey creates a new key, the key is valid the moment it is created. KeyValidityTime determines the number of days until expiration. The default value is 365 days. The special value 0 means the key will never expire.

LogLevel: Specifies the level of detail that is logged.

This setting controls the level of detail that is logged through the Status event. Possible values are:


0 (None)	No events are logged.
1 (Info - default)	Informational events are logged.
2 (Verbose)	Detailed data is logged.
3 (Debug)	Debug data is logged.

PublicKeyAlgorithm: The public key algorithm for the key being created.

Specifies the public key algorithm to use when creating the key via CreateKey. The default value is "RSA". Possible values are:

RSA
DSA
ECDSA
EdDSA
RSA-Legacy

The "RSA-Legacy" algorithm should not be used under normal circumstances. It should only be used to create PGP 2.6.2 compatible keys, when required. This type of key will not have subkeys.

Note: When creating a DSA key only PublicKeyLength values of 512 and 1024 are supported. Additionally the PublicKeySignatureHashAlgorithm value "MD5" is not supported with DSA keys.

ECDSA and EdDSA Notes

When creating an ECDSA or EdDSA key the PublicKeyLength value is automatically determined based on the Curve. The Curve and SubKeyCurve settings is also applicable.

If Curve and SubKeyCurve are not specified the following defaults will be used:


PublicKeyAlgorithm	Default Curve
ECDSA	secp256r1
EdDSA	Ed2519

PublicKeyLength: Specifies the public key length when creating a key.

Specifies the length of the public key when calling CreateKey. The default value is 1024. Common values are 512, 1024, and 2048.

When PublicKeyAlgorithm is set to ECDSA or EdDSA this setting is not applicable and the public key length is automatically determined based on the Curve selected. The public key length values are as follows:


Curve	Public Key Length (bits)
secp256r1	256
secp384r1	384
secp521r1	521
Ed25519	256
secp256k1	256

PublicKeyringFile: The file name of the public keyring file.

This specifies the name of the public keyring file. The default value is "pubring.gpg". This may be set to a file name only, or a full path including the file name.

PublicKeySignatureHashAlgorithm: The public key signature hash algorithm used when creating a key.

This setting specifies the public key signature algorithm to be used when calling CreateKey. The default value is "SHA256". Possible values are:

SHA1
MD5
SHA256 (default)
SHA384
SHA512
SHA224

RawKeyData: Returns detailed key and keyring data for debugging purposes.

This setting will return detailed debugging information about the current key and keyring.

RevocationCode: The reason why the key was revoked.

This setting specifies why the key was revoked. It is only applicable if KeyRevoked is True. This may be set before calling RevokeKey and may be inspected after importing and selecting a revoked key. Possible values are:


0	No reason specified
1	Key is superseded
2	Key material has been compromised
3	Key is retired and no longer used
4	User Id information is no longer valid
100-110	Private Use

The default value is 0.

RevocationReason: Text describing why the key was revoked.

This setting specifies text description of why the key was revoked. It is only applicable if KeyRevoked is True. This may be set before calling RevokeKey and may be queried after importing and selecting a revoked key. The default value is an empty string.

Revoker: The revoker's key Id.

This setting returns the key Id of the designated revoker associated with this key. This will only be present if a separate revoker was added to the key (for instance by calling AddRevoker). If more than one revoker was added this setting will return a comma-separated list of key Ids.

SecretKeyringFile: The file name of the secret keyring file.

This specifies the name of the secret keyring file. The default value is "secring.gpg". This may be set to a file name only, or a full path including the file name.

SubKeyAlgorithm: The subkey algorithm for the subkey being created.

Specifies the public key algorithm to use when creating the key via CreateSubKey. The default value is empty string and the class will automatically select an appropriate algorithm based on PublicKeyAlgorithm and SubKeyUsage. In most cases "RSA" is used by default. If this setting is empty string and PublicKeyAlgorithm is set to "DSA" and SubKeyUsage is set to "0x0C" (Encryption) then "ElGamal" will be used. This setting may be set to any of the following values which will override the default automatic behavior:


Key Algorithm	Supported Operations
RSA	Sign and Encrypt
DSA	Sign
ElGamal	Encrypt
ECDSA	Sign
EdDSA	Sign
ECDH	Encrypt

SubKeyCurve: The elliptic curve of the sub key.

When calling CreateKey and PublicKeyAlgorithm is set to ECDSA or EdDSA this setting may optionally be specified to set a curve for the subkey which differs from the key curve specified by Curve. Possible values are:


Value	Description
secp256r1	NIST curve P-256
secp384r1	NIST curve P-384
secp521r1	NIST curve P-521
Curve25519	Curve25519
Ed25519	Ed25519

The default value for ECDSA keys is the same value as specified in Curve. The default value for EdDSA keys is Curve25519.

Note: It is valid to specify the subkey curve of Curve25519 when Curve is set to secp256r1, secp384r1, or secp521r1. It is also valid to set a subkey curve of secp256r1, secp384r1, or secp521r1 when Curve is set to Ed25519.

SubKeyUsage: Flags that show intended use for the subkey being created.

When calling CreateSubKey this setting defines the flags that show the intended use for the key. The default value is (0x0C). The value of SubKeyUsage is a combination of the following flags:


0x01	This key may be used to certify other keys.
0x02	This key may be used to sign data.
0x0C	This key may be used to encrypt communications and encrypt storage.
0x10	The private component of this key may have been split by a secret-sharing mechanism.
0x20	This key may be used for authentication.
0x80	The private component of this key may be in the possession of more than one person.

UseFipsCompliantAlgorithms: Restricts the usage to FIPS compliant algorithms only.

When enabled the class will only support FIPS compliant algorithms. If a non-FIPS compliant algorithm is used an exception is thrown. The following algorithms are supported when this setting is True:

3DES
AES128
AES192
AES256
RSA
DSA
SHA1
SHA256
SHA384
SHA512
SHA224

The default value is False.

VersionHeader: The Version header value in ASCII armored public keys.

This setting specifies the Version header value included in newly created public keys. This includes keys that are exported via ExportPublicKey where the UseAsciiArmor parameter is true. The default value is "IPWorks! OpenPGP v9.0".

Base Config Settings

BuildInfo: Information about the product's build.

When queried, this setting will return a string containing information about the product's build.

CodePage: The system code page used for Unicode to Multibyte translations.

The default code page is Unicode UTF-8 (65001).

The following is a list of valid code page identifiers:


Identifier	Name
037	IBM EBCDIC - U.S./Canada
437	OEM - United States
500	IBM EBCDIC - International
708	Arabic - ASMO 708
709	Arabic - ASMO 449+, BCON V4
710	Arabic - Transparent Arabic
720	Arabic - Transparent ASMO
737	OEM - Greek (formerly 437G)
775	OEM - Baltic
850	OEM - Multilingual Latin I
852	OEM - Latin II
855	OEM - Cyrillic (primarily Russian)
857	OEM - Turkish
858	OEM - Multilingual Latin I + Euro symbol
860	OEM - Portuguese
861	OEM - Icelandic
862	OEM - Hebrew
863	OEM - Canadian-French
864	OEM - Arabic
865	OEM - Nordic
866	OEM - Russian
869	OEM - Modern Greek
870	IBM EBCDIC - Multilingual/ROECE (Latin-2)
874	ANSI/OEM - Thai (same as 28605, ISO 8859-15)
875	IBM EBCDIC - Modern Greek
932	ANSI/OEM - Japanese, Shift-JIS
936	ANSI/OEM - Simplified Chinese (PRC, Singapore)
949	ANSI/OEM - Korean (Unified Hangul Code)
950	ANSI/OEM - Traditional Chinese (Taiwan; Hong Kong SAR, PRC)
1026	IBM EBCDIC - Turkish (Latin-5)
1047	IBM EBCDIC - Latin 1/Open System
1140	IBM EBCDIC - U.S./Canada (037 + Euro symbol)
1141	IBM EBCDIC - Germany (20273 + Euro symbol)
1142	IBM EBCDIC - Denmark/Norway (20277 + Euro symbol)
1143	IBM EBCDIC - Finland/Sweden (20278 + Euro symbol)
1144	IBM EBCDIC - Italy (20280 + Euro symbol)
1145	IBM EBCDIC - Latin America/Spain (20284 + Euro symbol)
1146	IBM EBCDIC - United Kingdom (20285 + Euro symbol)
1147	IBM EBCDIC - France (20297 + Euro symbol)
1148	IBM EBCDIC - International (500 + Euro symbol)
1149	IBM EBCDIC - Icelandic (20871 + Euro symbol)
1200	Unicode UCS-2 Little-Endian (BMP of ISO 10646)
1201	Unicode UCS-2 Big-Endian
1250	ANSI - Central European
1251	ANSI - Cyrillic
1252	ANSI - Latin I
1253	ANSI - Greek
1254	ANSI - Turkish
1255	ANSI - Hebrew
1256	ANSI - Arabic
1257	ANSI - Baltic
1258	ANSI/OEM - Vietnamese
1361	Korean (Johab)
10000	MAC - Roman
10001	MAC - Japanese
10002	MAC - Traditional Chinese (Big5)
10003	MAC - Korean
10004	MAC - Arabic
10005	MAC - Hebrew
10006	MAC - Greek I
10007	MAC - Cyrillic
10008	MAC - Simplified Chinese (GB 2312)
10010	MAC - Romania
10017	MAC - Ukraine
10021	MAC - Thai
10029	MAC - Latin II
10079	MAC - Icelandic
10081	MAC - Turkish
10082	MAC - Croatia
12000	Unicode UCS-4 Little-Endian
12001	Unicode UCS-4 Big-Endian
20000	CNS - Taiwan
20001	TCA - Taiwan
20002	Eten - Taiwan
20003	IBM5550 - Taiwan
20004	TeleText - Taiwan
20005	Wang - Taiwan
20105	IA5 IRV International Alphabet No. 5 (7-bit)
20106	IA5 German (7-bit)
20107	IA5 Swedish (7-bit)
20108	IA5 Norwegian (7-bit)
20127	US-ASCII (7-bit)
20261	T.61
20269	ISO 6937 Non-Spacing Accent
20273	IBM EBCDIC - Germany
20277	IBM EBCDIC - Denmark/Norway
20278	IBM EBCDIC - Finland/Sweden
20280	IBM EBCDIC - Italy
20284	IBM EBCDIC - Latin America/Spain
20285	IBM EBCDIC - United Kingdom
20290	IBM EBCDIC - Japanese Katakana Extended
20297	IBM EBCDIC - France
20420	IBM EBCDIC - Arabic
20423	IBM EBCDIC - Greek
20424	IBM EBCDIC - Hebrew
20833	IBM EBCDIC - Korean Extended
20838	IBM EBCDIC - Thai
20866	Russian - KOI8-R
20871	IBM EBCDIC - Icelandic
20880	IBM EBCDIC - Cyrillic (Russian)
20905	IBM EBCDIC - Turkish
20924	IBM EBCDIC - Latin-1/Open System (1047 + Euro symbol)
20932	JIS X 0208-1990 & 0121-1990
20936	Simplified Chinese (GB2312)
21025	IBM EBCDIC - Cyrillic (Serbian, Bulgarian)
21027	Extended Alpha Lowercase
21866	Ukrainian (KOI8-U)
28591	ISO 8859-1 Latin I
28592	ISO 8859-2 Central Europe
28593	ISO 8859-3 Latin 3
28594	ISO 8859-4 Baltic
28595	ISO 8859-5 Cyrillic
28596	ISO 8859-6 Arabic
28597	ISO 8859-7 Greek
28598	ISO 8859-8 Hebrew
28599	ISO 8859-9 Latin 5
28605	ISO 8859-15 Latin 9
29001	Europa 3
38598	ISO 8859-8 Hebrew
50220	ISO 2022 Japanese with no halfwidth Katakana
50221	ISO 2022 Japanese with halfwidth Katakana
50222	ISO 2022 Japanese JIS X 0201-1989
50225	ISO 2022 Korean
50227	ISO 2022 Simplified Chinese
50229	ISO 2022 Traditional Chinese
50930	Japanese (Katakana) Extended
50931	US/Canada and Japanese
50933	Korean Extended and Korean
50935	Simplified Chinese Extended and Simplified Chinese
50936	Simplified Chinese
50937	US/Canada and Traditional Chinese
50939	Japanese (Latin) Extended and Japanese
51932	EUC - Japanese
51936	EUC - Simplified Chinese
51949	EUC - Korean
51950	EUC - Traditional Chinese
52936	HZ-GB2312 Simplified Chinese
54936	Windows XP: GB18030 Simplified Chinese (4 Byte)
57002	ISCII Devanagari
57003	ISCII Bengali
57004	ISCII Tamil
57005	ISCII Telugu
57006	ISCII Assamese
57007	ISCII Oriya
57008	ISCII Kannada
57009	ISCII Malayalam
57010	ISCII Gujarati
57011	ISCII Punjabi
65000	Unicode UTF-7
65001	Unicode UTF-8

The following is a list of valid code page identifiers for Mac OS only:


Identifier	Name
1	ASCII
2	NEXTSTEP
3	JapaneseEUC
4	UTF8
5	ISOLatin1
6	Symbol
7	NonLossyASCII
8	ShiftJIS
9	ISOLatin2
10	Unicode
11	WindowsCP1251
12	WindowsCP1252
13	WindowsCP1253
14	WindowsCP1254
15	WindowsCP1250
21	ISO2022JP
30	MacOSRoman
10	UTF16String
0x90000100	UTF16BigEndian
0x94000100	UTF16LittleEndian
0x8c000100	UTF32String
0x98000100	UTF32BigEndian
0x9c000100	UTF32LittleEndian
65536	Proprietary

LicenseInfo: Information about the current license.

When queried, this setting will return a string containing information about the license this instance of a class is using. It will return the following information:

Product: The product the license is for.
Product Key: The key the license was generated from.
License Source: Where the license was found (e.g., RuntimeLicense, License File).
License Type: The type of license installed (e.g., Royalty Free, Single Server).
Last Valid Build: The last valid build number for which the license will work.

MaskSensitive: Whether sensitive data is masked in log messages.

In certain circumstances it may be beneficial to mask sensitive data, like passwords, in log messages. Set this to true to mask sensitive data. The default is true.

This setting only works on these classes: AS3Receiver, AS3Sender, Atom, Client(3DS), FTP, FTPServer, IMAP, OFTPClient, SSHClient, SCP, Server(3DS), Sexec, SFTP, SFTPServer, SSHServer, TCPClient, TCPServer.

ProcessIdleEvents: Whether the class uses its internal event loop to process events when the main thread is idle.

If set to False, the class will not fire internal idle events. Set this to False to use the class in a background thread on Mac OS. By default, this setting is True.

SelectWaitMillis: The length of time in milliseconds the class will wait when DoEvents is called if there are no events to process.

If there are no events to process when DoEvents is called, the class will wait for the amount of time specified here before returning. The default value is 20.

UseInternalSecurityAPI: Whether or not to use the system security libraries or an internal implementation.

When set to false, the class will use the system security libraries by default to perform cryptographic functions where applicable.

Setting this configuration setting to true tells the class to use the internal implementation instead of using the system security libraries.

On Windows, this setting is set to false by default. On Linux/macOS, this setting is set to true by default.

To use the system security libraries for Linux, OpenSSL support must be enabled. For more information on how to enable OpenSSL, please refer to the OpenSSL Notes section.

Trappable Errors (KeyMgr Class)

Error Handling (C++)

Call the GetLastErrorCode() method to obtain the last called method's result code; 0 indicates success, while a non-zero error code indicates that this method encountered an error during its execution. Known error codes are listed below. If an error occurs, the GetLastError() method can be called to retrieve the associated error message.

OpenPGP Errors


	101 Cannot decode ASCII Armor data.
	102 Unknown ASCII Armor data type.
	103 Checksum failed.
	104 Unknown ASCII Armor header.
	105 Cannot decode PGP packet.
	106 Cannot encode PGP packet.
	107 Unknown PGP packet tag.
	108 Unsupported version.
	109 Unsupported algorithm.
	110 Unknown subpacket.
	111 Internal error.
	112 Feature not supported.
	113 Secret data was not encrypted.
	114 Cannot find the key.
	115 Error reading file.
	116 Error writing file.
	117 Error reading key.
	118 Error writing key.
	119 Cannot verify signature.
	120 Cannot create signature.
	121 Invalid UserId.
	122 Invalid passphrase.
	123 Data encryption failed.
	124 Error creating key.
	125 Unsupported symmetric algorithm.
	126 Unsupported hash.
	127 Unsupported compression algorithm.
	128 Invalid key usage.
	129 Component is busy.
	130 Error decrypting data.
	131 Data is not compressed.
	132 Error decompressing data.
	133 Error compressing data.
	134 Unsupported signature.
	135 Failed to overwrite file.
	141 No input.
	142 Signing was required, but the message was not signed.
	143 Encryption was required, but the message was not encrypted.
	146 No data integrity packet was found (MDC), but one was required.
	200 Out of memory.