gpg: Do not allow to accidently set the RENC usage.

* g10/keygen.c (print_key_flags): Print "RENC" if set.
(ask_key_flags_with_mask): Remove RENC from the possible set of
usages.  Add a direct way to set it iff the key is encryption capable.
--

This could be done by using "set your own capabilities" for an RSA
key.  In fact it was always set in this case.

GnuPG-bug-id: 7072

1 files changed, 14 insertions, 1 deletions

diff --git a/g10/keygen.c b/g10/keygen.c
index c2acf74c3..763d23ee4 100644
--- a/g10/keygen.c
+++ b/g10/keygen.c
@@ -2177,6 +2177,9 @@ print_key_flags(int flags)
 
   if(flags&PUBKEY_USAGE_AUTH)
     tty_printf("%s ",_("Authenticate"));
+
+  if(flags&PUBKEY_USAGE_RENC)
+    tty_printf("%s ", "RENC");
 }
 
 
@@ -2209,10 +2212,14 @@ ask_key_flags_with_mask (int algo, int subkey, unsigned int current,
       togglers = "11223300";
     }
 
+  /* restrict the mask to the actual useful bits.  */
+
   /* Mask the possible usage flags.  This is for example used for a
    * card based key.  For ECDH we need to allows additional usages if
-   * they are provided. */
+   * they are provided.  RENC is not directly poissible here but see
+   * below for a workaround. */
   possible = (openpgp_pk_algo_usage (algo) & mask);
+  possible &= ~PUBKEY_USAGE_RENC;
   if (algo == PUBKEY_ALGO_ECDH)
     possible |= (current & (PUBKEY_USAGE_ENC
                             |PUBKEY_USAGE_CERT
@@ -2281,6 +2288,12 @@ ask_key_flags_with_mask (int algo, int subkey, unsigned int current,
                      want to experiment with a cert-only primary key.  */
                   current |= PUBKEY_USAGE_CERT;
                 }
+              else if ((*s == 'r' || *s == 'R') && (possible&PUBKEY_USAGE_ENC))
+                {
+                  /* Allow to set RENC or an encryption capable key.
+                   * This is on purpose not shown in the menu.  */
+                  current |= PUBKEY_USAGE_RENC;
+                }
             }
           break;
         }