gpg: Fix leftover unprotected card backup key.

* agent/command.c (cmd_learn): Add option --reallyforce.
* agent/findkey.c (agent_write_private_key): Implement reallyforce.
Also add arg reallyforce and pass it along the call chain.

* g10/call-agent.c (agent_scd_learn): Pass --reallyforce with a
special force value.
* g10/keygen.c (card_store_key_with_backup): Use that force value.
--

This was a regression in 2.2.42.  We took the easy path to fix it by
getting the behaviour back to what we did prior to 2.2.42.  With GnuPG
2.4.4 we use an entire different and safer approach by introducing an
ephemeral private key store.

GnuPG-bug-id: 6944

agent/learncard.c

@@ -297,9 +297,12 @@ send_cert_back (ctrl_t ctrl, const char *id, void *assuan_context)
 }
 
 /* Perform the learn operation.  If ASSUAN_CONTEXT is not NULL and
-   SEND is true all new certificates are send back via Assuan.  */
+   SEND is true all new certificates are send back via Assuan.  If
+   REALLYFORCE is true a private key will be overwritten by a stub
+   key. */
 int
-agent_handle_learn (ctrl_t ctrl, int send, void *assuan_context, int force)
+agent_handle_learn (ctrl_t ctrl, int send, void *assuan_context,
+                    int force, int reallyforce)
 {
   int rc;
   struct kpinfo_cb_parm_s parm;
@@ -414,7 +417,7 @@ agent_handle_learn (ctrl_t ctrl, int send, void *assuan_context, int force)
 
         agent_card_getattr (ctrl, "$DISPSERIALNO", &dispserialno);
         rc = agent_write_shadow_key (grip, serialno, item->id, pubkey,
-                                     force, dispserialno);
+                                     force, reallyforce, dispserialno);
         xfree (dispserialno);
       }
       xfree (pubkey);