keys made with the RSAEncrypt usage flag should be usable for encrypt…

[s-lanc44]

keys made with the RSAEncrypt usage flag should be usable for encryption. keys nowadays are made with the RSAEncryptOrSign but older keys are not.

[dkg]

While this code looks technically correct, it'd probably be better to include a test that shows that encrypting to such an old key works.

However, in the course of looking into making a test, i have to ask whether this is a concretely useful change, or just something that makes the OpenPGP ecosystem worse.

RSA encrypt-only and RSA sign-only keys were formally deprecated ("SHOULD NOT be generated") in RFC 4880, released in November 2007, over 15 years ago.

I don't know of any public key material that is that old that is a good idea to still encrypt to in practice.

For archival purposes, i can see why you might want a test that enables decryption of material with such a secret key, but in general i don't think it's a good idea to enable encryption now, in 2023.