gpg: Support dual keygrips.

* g10/keyid.c (keygrip_from_pk): Add arg get_second to support dual
algos.  Implement for Kyber.
(hexkeygrip_from_pk): Extend for dual algos.
* g10/call-agent.c (agent_keytotpm): Bail out for dual algos.
(agent_keytocard): Ditto.
(agent_probe_secret_key): Handle dual algos.
(agent_probe_any_secret_key): Ditto.
(agent_get_keyinfo): Allow for dual algos but take only the first key.
* g10/export.c (do_export_one_keyblock): Bail out for dual algos.
--

This also adds some fixmes which we eventually need to address.

GnuPG-bug-id: 6815

doc/DETAILS

@@ -169,10 +169,11 @@ described here.
     (the colon is quoted =\x3a=).  For a "pub" record this field is
     not used on --fixed-list-mode.  A "uat" record puts the attribute
     subpacket count here, a space, and then the total attribute
-    subpacket size.  In gpgsm the issuer name comes here.  The FPR and FP2
-    records store the fingerprints here.  The fingerprint of a
+    subpacket size.  In gpgsm the issuer name comes here.  The FPR and
+    FP2 records store the fingerprints here.  The fingerprint of a
     revocation key is also stored here.  A "grp" records puts the
-    keygrip here.
+    keygrip here; for combined algorithms the keygrips are delimited
+    by comma.
 
 *** Field 11 - Signature class
 
@@ -186,9 +187,6 @@ described here.
     "rev" and "rvs" may be followed by a comma and a 2 digit hexnumber
     with the revocation reason.
 
-    In a "grp" record the second keygrip for combined algorithms is
-    given here.
-
 *** Field 12 - Key capabilities
 
     The defined capabilities are:
@@ -248,7 +246,7 @@ described here.
 
     For pub, sub, sec, ssb, crt, and crs records this field is used
     for the ECC curve name.  For combined algorithms the first and the
-    second algorithm name, delimited by a '+', are put here.
+    second algorithm name, delimited by an underscore are put here.
 
 *** Field 18 - Compliance flags