Create PEM encoded output. Default is binary output.
Create Base-64 encoded output; i.e. PEM without the header lines.
Assume the input data is PEM encoded. Default is to autodetect the encoding but this is may fail.
Assume the input data is plain base-64 encoded.
Assume the input data is binary encoded.
gpgsm uses the UTF-8 encoding when encoding passphrases for
PKCS#12 files. This option may be used to force the passphrase to be
encoded in the specified encoding name. This is useful if the
application used to import the key uses a different encoding and thus
will not be able to import a file generated by
used values for name are
gpgsm itself automagically imports any file with a
passphrase encoded to the most commonly used encodings.
Use user_id as the standard key for signing. This key is used if no other key has been defined as a signing key. Note, that the first --local-users option also sets this key if it has not yet been set; however --default-key always overrides this.
Set the user(s) to be used for signing. The default is the first secret key found in the database.
Encrypt to the user id name. There are several ways a user id may be given (see how-to-specify-a-user-id).
Write output to file. The default is to write it to stdout.
Displays extra information with the
--list-keys commands. Especially
a line tagged
grp is printed which tells you the keygrip of a
key. This string is for example used as the file name of the
secret key. Implies
When doing a key listing, do a full validation check for each key and print the result. This is usually a slow operation because it requires a CRL lookup and other operations.
When used along with --import, a validation of the certificate to import is done and only imported if it succeeds the test. Note that this does not affect an already available certificate in the DB. This option is therefore useful to simply verify a certificate.
For standard key listings, also print the MD5 fingerprint of the certificate.
Include the keygrip in standard key listings. Note that the keygrip is always listed in --with-colons mode.
Include info about the presence of a secret key in public key listings
By default gpgsm prints distinguished names (DNs) like the Issuer or Subject in a more readable format (e.g. using a well defined order of the parts). However, this format can’t be used as input strings. This option reverts printing to standard RFC-2253 format and thus avoids the need to use –dump-cert or –with-colons to get the “real” name.