turnkey/openpgp-card
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

openpgp-card-sequoia: Fix make_cert()

Browse source 
[The primary key was missing its CS Key Flags after the changes in 4557c40b, both in the User ID selfsigs, and the DirectKey signature]
This commit is contained in:
Heiko Schaefer 2022-09-18 22:23:58 +02:00
parent 9fe1ca31c0
commit 3756521141
No known key found for this signature in database
GPG key ID: 4A849A1904CCBD7D
1 changed files with 8 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
openpgp-card-sequoia/src/util.rs
View file

@ -87,6 +87,10 @@ pub fn make_cert<'app>(
// 1a) add a direct key signature
let s = sign_on_card(&mut |signer| {
SignatureBuilder::new(SignatureType::DirectKey)
.set_key_flags(
// Flags for primary key
KeyFlags::empty().set_signing().set_certification(),
)?
.sign_direct_key(signer, key_sig.role_as_primary())
})?;
pp.push(s.into());
@ -147,7 +151,10 @@ pub fn make_cert<'app>(
uid.bind(
signer,
&cert,
SignatureBuilder::new(SignatureType::PositiveCertification),
SignatureBuilder::new(SignatureType::PositiveCertification).set_key_flags(
// Flags for primary key
KeyFlags::empty().set_signing().set_certification(),
)?,
)
})?;
pp.push(s.into());