— Function: gpgme_error_t gpgme_op_encrypt (gpgme_ctx_t ctx, gpgme_key_t recp[], gpgme_encrypt_flags_t flags, gpgme_data_t plain, gpgme_data_t cipher)

The function gpgme_op_encrypt encrypts the plaintext in the data object plain for the recipients recp and stores the ciphertext in the data object cipher. The type of the ciphertext created is determined by the ASCII armor and text mode attributes set for the context ctx.

key must be a NULL-terminated array of keys. The user must keep references for all keys during the whole duration of the call (but see gpgme_op_encrypt_start for the requirements with the asynchronous variant).

The value in flags is a bitwise-or combination of one or multiple of the following bit values:

GPGME_ENCRYPT_ALWAYS_TRUST

The GPGME_ENCRYPT_ALWAYS_TRUST symbol specifies that all the recipients in recp should be trusted, even if the keys do not have a high enough validity in the keyring. This flag should be used with care; in general it is not a good idea to use any untrusted keys.

If GPG_ERR_UNUSABLE_PUBKEY is returned, some recipients in recp are invalid, but not all. In this case the plaintext might be encrypted for all valid recipients and returned in cipher (if this happens depends on the crypto engine). More information about the invalid recipients is available with gpgme_op_encrypt_result.

If recp is NULL, symmetric rather than public key encryption is performed. Symmetrically encrypted cipher text can be deciphered with gpgme_op_decrypt. Note that in this case the crypto backend needs to retrieve a passphrase from the user. Symmetric encryption is currently only supported for the OpenPGP crypto backend.

The function returns the error code GPG_ERR_NO_ERROR if the ciphertext could be created successfully, GPG_ERR_INV_VALUE if ctx, recp, plain or cipher is not a valid pointer, GPG_ERR_UNUSABLE_PUBKEY if recp contains some invalid recipients, GPG_ERR_BAD_PASSPHRASE if the passphrase for the symmetric key could not be retrieved, and passes through any errors that are reported by the crypto engine support routines.

— Function: gpgme_error_t gpgme_op_encrypt_start (gpgme_ctx_t ctx, gpgme_key_t recp[], gpgme_encrypt_flags_t flags, gpgme_data_t plain, gpgme_data_t cipher)

The function gpgme_op_encrypt_start initiates a gpgme_op_encrypt operation. It can be completed by calling gpgme_wait on the context. See Waiting For Completion.

References to the keys only need to be held for the duration of this call. The user can release its references to the keys after this function returns, even if the operation is not yet finished.

The function returns the error code GPG_ERR_NO_ERROR if the operation could be started successfully, GPG_ERR_INV_VALUE if ctx, rset, plain or cipher is not a valid pointer, and GPG_ERR_UNUSABLE_PUBKEY if rset does not contain any valid recipients.

— Data type: gpgme_encrypt_result_t

This is a pointer to a structure used to store the result of a gpgme_op_encrypt operation. After successfully encrypting data, you can retrieve the pointer to the result with gpgme_op_encrypt_result. The structure contains the following members:

gpgme_invalid_key_t invalid_recipients

A linked list with information about all invalid keys for which the data could not be encrypted.

— Function: gpgme_encrypt_result_t gpgme_op_encrypt_result (gpgme_ctx_t ctx)

The function gpgme_op_encrypt_result returns a gpgme_encrypt_result_t pointer to a structure holding the result of a gpgme_op_encrypt operation. The pointer is only valid if the last operation on the context was a gpgme_op_encrypt, gpgme_op_encrypt_start, gpgme_op_sign or gpgme_op_sign_start operation. If this operation failed, this might be a NULL pointer. The returned pointer is only valid until the next operation is started on the context.

— Function: gpgme_error_t gpgme_op_encrypt_sign (gpgme_ctx_t ctx, gpgme_key_t recp[], gpgme_encrypt_flags_t flags, gpgme_data_t plain, gpgme_data_t cipher)

The function gpgme_op_encrypt_sign does a combined encrypt and sign operation. It is used like gpgme_op_encrypt, but the ciphertext also contains signatures for the signers listed in ctx.

The combined encrypt and sign operation is currently only available for the OpenPGP crypto engine.

— Function: gpgme_error_t gpgme_op_encrypt_sign_start (gpgme_ctx_t ctx, gpgme_key_t recp, gpgme_encrypt_flags_t flags, gpgme_data_t plain, gpgme_data_t cipher)

The function gpgme_op_encrypt_sign_start initiates a gpgme_op_encrypt_sign operation. It can be completed by calling gpgme_wait on the context. See Waiting For Completion.

The function returns the error code GPG_ERR_NO_ERROR if the operation could be started successfully, and GPG_ERR_INV_VALUE if ctx, rset, plain or cipher is not a valid pointer.