gpgsm: Allow ECC encryption keys with just keyAgreement specified.

* sm/certlist.c (cert_usage_p): Allow keyAgreement for ECC. * sm/fingerprint.c (gpgsm_is_ecc_key): New. -- For ECC encryption keys keyAgreement is the keyUsage we want.
author: Werner Koch <[email protected]> 2022-10-24 15:38:49 +0000
committer: Werner Koch <[email protected]> 2022-10-25 09:57:23 +0000
commit: 6bd0dd762c0d6b6860894152cb51e23b0a55bfba (patch)
tree: 946d148e087e9274b76d9b5f98fa9a064a1a22bf /sm/certlist.c
parent: gpgsm: Use macro constants for cert_usage_p. (diff)
download: gnupg-6bd0dd762c0d6b6860894152cb51e23b0a55bfba.tar.gz
gnupg-6bd0dd762c0d6b6860894152cb51e23b0a55bfba.zip
1 files changed, 2 insertions, 1 deletions
diff --git a/sm/certlist.c b/sm/certlist.c
index 9949fb4df..b5f9f7874 100644
--- a/sm/certlist.c
+++ b/sm/certlist.c
@@ -170,7 +170,8 @@ cert_usage_p (ksba_cert_t cert, int mode, int silent)
     }
 
   encr_bits = (KSBA_KEYUSAGE_KEY_ENCIPHERMENT|KSBA_KEYUSAGE_DATA_ENCIPHERMENT);
-  if ((opt.compat_flags & COMPAT_ALLOW_KA_TO_ENCR))
+  if ((opt.compat_flags & COMPAT_ALLOW_KA_TO_ENCR)
+      || gpgsm_is_ecc_key (cert))
     encr_bits |= KSBA_KEYUSAGE_KEY_AGREEMENT;
 
   sign_bits = (KSBA_KEYUSAGE_DIGITAL_SIGNATURE|KSBA_KEYUSAGE_NON_REPUDIATION);
author	Werner Koch <[email protected]>	2022-10-24 15:38:49 +0000
committer	Werner Koch <[email protected]>	2022-10-25 09:57:23 +0000
commit	6bd0dd762c0d6b6860894152cb51e23b0a55bfba (patch)
tree	946d148e087e9274b76d9b5f98fa9a064a1a22bf /sm/certlist.c
parent	gpgsm: Use macro constants for cert_usage_p. (diff)
download	gnupg-6bd0dd762c0d6b6860894152cb51e23b0a55bfba.tar.gz gnupg-6bd0dd762c0d6b6860894152cb51e23b0a55bfba.zip