scd:p15: Support special extended usage flags for OpenPGP keys.

* scd/app-p15.c (struct gpgusage_flags_s): New. (struct prkdf_object_s): Add field gpgusage. (struct app_local_s): Add field any_gpgusage. (dump_gpgusage_flags): New. (read_p15_info): Parse athe gpgusage flags. (do_getattr): Take care of the gpgusage flags. -- This features allows to mark keys to be used for OpenPGP. This is done by putting additional extended key infos into the certificate stored on the cards. Only if any such extended key usage is detected for a stored certificate this new mode chimes in. This feature gives the card issuer a high flexibility on how to make sure certain keys are used with OpenPGP.
2025-07-02 22:46:30 +02:00 · 2021-03-10 11:03:02 +01:00 · 2021-03-10 11:03:02 +01:00 · 08b5ac492a
commit 08b5ac492a
parent a1f281eeec
2 changed files with 98 additions and 6 deletions
--- a/doc/DETAILS
+++ b/doc/DETAILS
@ -1562,6 +1562,11 @@ Status codes are:
  1.3.6.1.4.1.11591.2.4.1.4          gpgSubCertID attribute
  1.3.6.1.4.1.11591.2.5          LDAP URL extensions
  1.3.6.1.4.1.11591.2.5.1          gpgNtds=1 (auth. with current AD user)
+  1.3.6.1.4.1.11591.2.6          GnuPG extended key usage
+  1.3.6.1.4.1.11591.2.6.1          use for certification key
+  1.3.6.1.4.1.11591.2.6.2          use for signing key
+  1.3.6.1.4.1.11591.2.6.3          use for encryption key
+  1.3.6.1.4.1.11591.2.6.4          use for authentication key
  1.3.6.1.4.1.11591.2.12242973   invalid encoded OID
 #+end_example