From b63d203d3ba49483b079fb118a90990c452cd232 Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Thu, 5 Oct 2023 14:10:01 +0200
Subject: core: Add key capability flags has_encrypt etc.

* src/gpgme.h.in (struct _gpgme_key): Add flags has_encrypt,
has_certify, has_sign, and has_authenticate.
* src/keylist.c (finish_key): Set these flags.
* tests/run-keylist.c (main): Print them.
--

GnuPG-bug-id: 6748
---
 src/keylist.c | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

(limited to 'src/keylist.c')

diff --git a/src/keylist.c b/src/keylist.c
index 56836b5a..2f6ae824 100644
--- a/src/keylist.c
+++ b/src/keylist.c
@@ -563,6 +563,26 @@ static void
 finish_key (gpgme_ctx_t ctx, op_data_t opd)
 {
   gpgme_key_t key = opd->tmp_key;
+  gpgme_subkey_t subkey;
+
+  /* Set the has_foo flags from the subkey capabilities.  */
+  if (key)
+    {
+      /* Note that we could have set has_certify always for OpenPGP
+       * but for X.509 a key is often not allowed to certify and thus
+       * we better take it from the subkey capabilities.  */
+      for (subkey = key->subkeys; subkey; subkey = subkey->next)
+        {
+          if (subkey->can_encrypt)
+            key->has_encrypt = 1;
+          if (subkey->can_sign)
+            key->has_sign = 1;
+          if (subkey->can_certify)
+            key->has_certify = 1;
+          if (subkey->can_authenticate)
+            key->has_authenticate = 1;
+        }
+    }
 
   opd->tmp_key = NULL;
   opd->tmp_uid = NULL;
-- 
cgit v1.2.3