diff options
| author | Werner Koch <wk@gnupg.org> | 2021-03-10 11:03:02 +0100 |
|---|---|---|
| committer | Werner Koch <wk@gnupg.org> | 2021-03-10 11:03:02 +0100 |
| commit | 08b5ac492afc6c6e7eaaa1f70d67c81cbda2c9be (patch) | |
| tree | 0980bb559f1f6d3e377f08fbcdca65e00f015c45 /doc/DETAILS | |
| parent | scd: Swapped openpgp card vendor 0x000a with new 0x000d. (diff) | |
| download | gnupg2-08b5ac492afc6c6e7eaaa1f70d67c81cbda2c9be.tar.xz gnupg2-08b5ac492afc6c6e7eaaa1f70d67c81cbda2c9be.zip | |
scd:p15: Support special extended usage flags for OpenPGP keys.
* scd/app-p15.c (struct gpgusage_flags_s): New.
(struct prkdf_object_s): Add field gpgusage.
(struct app_local_s): Add field any_gpgusage.
(dump_gpgusage_flags): New.
(read_p15_info): Parse athe gpgusage flags.
(do_getattr): Take care of the gpgusage flags.
--
This features allows to mark keys to be used for OpenPGP. This is
done by putting additional extended key infos into the certificate
stored on the cards. Only if any such extended key usage is detected
for a stored certificate this new mode chimes in.
This feature gives the card issuer a high flexibility on how to make
sure certain keys are used with OpenPGP.
Diffstat (limited to 'doc/DETAILS')
| -rw-r--r-- | doc/DETAILS | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/doc/DETAILS b/doc/DETAILS index bec42a454..6b1087c91 100644 --- a/doc/DETAILS +++ b/doc/DETAILS @@ -1562,6 +1562,11 @@ Status codes are: 1.3.6.1.4.1.11591.2.4.1.4 gpgSubCertID attribute 1.3.6.1.4.1.11591.2.5 LDAP URL extensions 1.3.6.1.4.1.11591.2.5.1 gpgNtds=1 (auth. with current AD user) + 1.3.6.1.4.1.11591.2.6 GnuPG extended key usage + 1.3.6.1.4.1.11591.2.6.1 use for certification key + 1.3.6.1.4.1.11591.2.6.2 use for signing key + 1.3.6.1.4.1.11591.2.6.3 use for encryption key + 1.3.6.1.4.1.11591.2.6.4 use for authentication key 1.3.6.1.4.1.11591.2.12242973 invalid encoded OID #+end_example |