From b63d203d3ba49483b079fb118a90990c452cd232 Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Thu, 5 Oct 2023 14:10:01 +0200
Subject: core: Add key capability flags has_encrypt etc.

* src/gpgme.h.in (struct _gpgme_key): Add flags has_encrypt,
has_certify, has_sign, and has_authenticate.
* src/keylist.c (finish_key): Set these flags.
* tests/run-keylist.c (main): Print them.
--

GnuPG-bug-id: 6748
---
 src/gpgme.h.in | 14 +++++++++++++-
 src/keylist.c  | 20 ++++++++++++++++++++
 2 files changed, 33 insertions(+), 1 deletion(-)

(limited to 'src')

diff --git a/src/gpgme.h.in b/src/gpgme.h.in
index 7110648e..d44994a6 100644
--- a/src/gpgme.h.in
+++ b/src/gpgme.h.in
@@ -800,8 +800,20 @@ struct _gpgme_key
   /* True if subkey is qualified for signatures according to German law.  */
   unsigned int is_qualified : 1;
 
+  /* True if key has at least one encryption subkey.  */
+  unsigned int has_encrypt : 1;
+
+  /* True if key has at least one signing subkey.  */
+  unsigned int has_sign : 1;
+
+  /* True if key has a certification capability.  */
+  unsigned int has_certify : 1;
+
+  /* True if key has at least one authentication subkey.  */
+  unsigned int has_authenticate : 1;
+
   /* Internal to GPGME, do not use.  */
-  unsigned int _unused : 17;
+  unsigned int _unused : 13;
 
   /* Origin of this key.  */
   unsigned int origin : 5;
diff --git a/src/keylist.c b/src/keylist.c
index 56836b5a..2f6ae824 100644
--- a/src/keylist.c
+++ b/src/keylist.c
@@ -563,6 +563,26 @@ static void
 finish_key (gpgme_ctx_t ctx, op_data_t opd)
 {
   gpgme_key_t key = opd->tmp_key;
+  gpgme_subkey_t subkey;
+
+  /* Set the has_foo flags from the subkey capabilities.  */
+  if (key)
+    {
+      /* Note that we could have set has_certify always for OpenPGP
+       * but for X.509 a key is often not allowed to certify and thus
+       * we better take it from the subkey capabilities.  */
+      for (subkey = key->subkeys; subkey; subkey = subkey->next)
+        {
+          if (subkey->can_encrypt)
+            key->has_encrypt = 1;
+          if (subkey->can_sign)
+            key->has_sign = 1;
+          if (subkey->can_certify)
+            key->has_certify = 1;
+          if (subkey->can_authenticate)
+            key->has_authenticate = 1;
+        }
+    }
 
   opd->tmp_key = NULL;
   opd->tmp_uid = NULL;
-- 
cgit v1.2.3