From 37565211411c71d1f3855eab957a9bf868453989 Mon Sep 17 00:00:00 2001
From: Heiko Schaefer <heiko@schaefer.name>
Date: Sun, 18 Sep 2022 22:23:58 +0200
Subject: [PATCH] openpgp-card-sequoia: Fix make_cert()

[The primary key was missing its CS Key Flags after the changes in 4557c40b, both in the User ID selfsigs, and the DirectKey signature]
---
 openpgp-card-sequoia/src/util.rs | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/openpgp-card-sequoia/src/util.rs b/openpgp-card-sequoia/src/util.rs
index e32dea3..4009285 100644
--- a/openpgp-card-sequoia/src/util.rs
+++ b/openpgp-card-sequoia/src/util.rs
@@ -87,6 +87,10 @@ pub fn make_cert<'app>(
     // 1a) add a direct key signature
     let s = sign_on_card(&mut |signer| {
         SignatureBuilder::new(SignatureType::DirectKey)
+            .set_key_flags(
+                // Flags for primary key
+                KeyFlags::empty().set_signing().set_certification(),
+            )?
             .sign_direct_key(signer, key_sig.role_as_primary())
     })?;
     pp.push(s.into());
@@ -147,7 +151,10 @@ pub fn make_cert<'app>(
             uid.bind(
                 signer,
                 &cert,
-                SignatureBuilder::new(SignatureType::PositiveCertification),
+                SignatureBuilder::new(SignatureType::PositiveCertification).set_key_flags(
+                    // Flags for primary key
+                    KeyFlags::empty().set_signing().set_certification(),
+                )?,
             )
         })?;
         pp.push(s.into());