gpg: Allow adding of Additional Decryption Subkeys.

* g10/free-packet.c (copy_public_key): Factor some code out to ...
(copy_public_key_basics): new.
* g10/build-packet.c (build_sig_subpkt_from_sig): New arg signhints.
* g10/packet.h (PUBKEY_USAGE_RENC): Fix value.
(SIGNHINT_KEYSIG, SIGNHINT_SELFSIG): Moved from sign.c.
(SIGNHINT_ADSK): New.
(PKT_public_key): Change pubkey_usage from byte to u16.
(PKT_user_id): Cosmetic fix: change help_key_usage from int to u16.
* g10/getkey.c (parse_key_usage): Make public.
* g10/misc.c (openpgp_pk_algo_usage): Take PUBKEY_USAGE_RENC in
account.
* g10/sign.c (update_keysig_packet): Set SIGNHINT_ADSK.
(make_keysig_packet): Ditto.
(do_sign): No time warp check in ADSK mode.
* g10/sig-check.c (check_signature_metadata_validity): Ditto.
* g10/keygen.c (struct opaque_data_usage_and_pk): Remove.
(write_keybinding): Do not use the removed struct.
(do_add_key_flags): Support PUBKEY_USAGE_RENC and others.
(keygen_add_key_flags_and_expire): Rewrite and make public.
* g10/keyedit.c (enum cmdids): Add cmdADDADSK.
(keyedit_menu): Add command "addadsk".
(menu_addadsk): New.
--

This makes use of a new encryption flag:

  The "restricted encryption key" (2nd,0x04) does not take part in any
  automatic selection of encryption keys.  It is only found on a
  subkey signature (type 0x18), one that refers to the key the flag
  applies to.

Followup patches will add encryption support and a --quick command.

GnuPG-bug-id: 6395

g10/packet.h

@@ -56,9 +56,15 @@
       | GCRY_PK_USAGE_AUTH | GCRY_PK_USAGE_UNKN) >= 256
 # error Please choose another value for PUBKEY_USAGE_NONE
 #endif
-#define PUBKEY_USAGE_RENC    512                 /* Restricted encryption.  */
-#define PUBKEY_USAGE_TIME    1024                /* Timestamp use.  */
 #define PUBKEY_USAGE_GROUP   512                 /* Group flag.  */
+#define PUBKEY_USAGE_RENC    1024                /* Restricted encryption.  */
+#define PUBKEY_USAGE_TIME    2048                /* Timestamp use.  */
+
+/* Bitflags to convey hints on what kind of signature is created.  */
+#define SIGNHINT_KEYSIG  1
+#define SIGNHINT_SELFSIG 2
+#define SIGNHINT_ADSK    4
+
 
 /* Helper macros.  */
 #define is_RSA(a)     ((a)==PUBKEY_ALGO_RSA || (a)==PUBKEY_ALGO_RSA_E \
@@ -287,7 +293,7 @@ typedef struct
   /* The length of ATTRIB_DATA.  */
   unsigned long attrib_len;
   byte *namehash;
-  int help_key_usage;
+  u16 help_key_usage;
   u32 help_key_expire;
   int help_full_count;
   int help_marginal_count;
@@ -388,7 +394,7 @@ typedef struct
   byte    selfsigversion; /* highest version of all of the self-sigs */
   /* The public key algorithm.  (Serialized.)  */
   byte    pubkey_algo;
-  byte    pubkey_usage;   /* for now only used to pass it to getkey() */
+  u16     pubkey_usage;   /* carries the usage info.            */
   byte    req_usage;      /* hack to pass a request to getkey() */
   byte    fprlen;         /* 0 or length of FPR.  */
   u32     has_expired;    /* set to the expiration date if expired */
@@ -861,7 +867,8 @@ gpg_error_t gpg_mpi_write_nohdr (iobuf_t out, gcry_mpi_t a);
 u32 calc_packet_length( PACKET *pkt );
 void build_sig_subpkt( PKT_signature *sig, sigsubpkttype_t type,
 			const byte *buffer, size_t buflen );
-void build_sig_subpkt_from_sig (PKT_signature *sig, PKT_public_key *pksk);
+void build_sig_subpkt_from_sig (PKT_signature *sig, PKT_public_key *pksk,
+                                unsigned int signhints);
 int  delete_sig_subpkt(subpktarea_t *buffer, sigsubpkttype_t type );
 void build_attribute_subpkt(PKT_user_id *uid,byte type,
 			    const void *buf,u32 buflen,
@@ -883,6 +890,7 @@ void free_user_id( PKT_user_id *uid );
 void free_comment( PKT_comment *rem );
 void free_packet (PACKET *pkt, parse_packet_ctx_t parsectx);
 prefitem_t *copy_prefs (const prefitem_t *prefs);
+PKT_public_key *copy_public_key_basics (PKT_public_key *d, PKT_public_key *s);
 PKT_public_key *copy_public_key( PKT_public_key *d, PKT_public_key *s );
 PKT_signature *copy_signature( PKT_signature *d, PKT_signature *s );
 PKT_user_id *scopy_user_id (PKT_user_id *sd );