diff options
Diffstat (limited to 'sm/gpgsm.h')
| -rw-r--r-- | sm/gpgsm.h | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/sm/gpgsm.h b/sm/gpgsm.h index bb32db3ed..8765f9f9d 100644 --- a/sm/gpgsm.h +++ b/sm/gpgsm.h @@ -176,6 +176,9 @@ struct * HEX_OR_FILENAME. The actual value needs to be encoded as a SET OF * attribute values. */ strlist_t attributes; + + /* Compatibility flags (COMPAT_FLAG_xxxx). */ + unsigned int compat_flags; } opt; /* Debug values and macros. */ @@ -199,6 +202,18 @@ struct #define DBG_CLOCK (opt.debug & DBG_CLOCK_VALUE) #define DBG_LOOKUP (opt.debug & DBG_LOOKUP_VALUE) + +/* Compatibility flags */ +/* Telesec RSA cards produced for NRW in 2022 came with only the + * keyAgreement bit set. This flag allows there use for encryption + * anyway. Example cert: + * Issuer: /CN=DOI CA 10a/OU=DOI/O=PKI-1-Verwaltung/C=DE + * key usage: digitalSignature nonRepudiation keyAgreement + * policies: 1.3.6.1.4.1.7924.1.1:N: + */ +#define COMPAT_ALLOW_KA_TO_ENCR 1 + + /* Forward declaration for an object defined in server.c */ struct server_local_s; |