smartcard: generate under --card-edit with off-card backup and bkuptocard/checkbkupkey under --key-edit

[NIIBE Yutaka]

Hello,

I'm working the issue 2169: https://bugs.gnupg.org/gnupg/issue2169

Since I only do generating keys on card for testing purpose, I have
things to confirm for this use case.

# For myself, my practice is generating keys on host and doing
# keytocard.

While the support of checkbkupkey was removed, the two regressions
in 2.1 were fixed:

    * generating keys on card with off-card backup
    * bkuptocard

The checkbkupkey will be implemented again, if it's useful.  AIUC,
this command is for a user who wants to make sure if the backup file
can be used correctly with a passphrase remembered.  It would be just
simple to have another subcommand to recover a private subkey on host
from the backup (and a user will do "keytocard", if needed).

It seems that the scenario of bkuptocard is something like:

   (1) The smartcard was lost/broken.
   (2) But a user wants to read encrypted messages.
   (3) There is the public key (primary, subkeys) on host as well as
       the backup file for private key.
   (4) With new smartcard, a user recovers encryption key using the
       backup file for private key.

Is this correct?

Backup file is created on GnuPG's homedir.  So, I think that the commit
which assumes homedir for backup file makes sense:

    ee433d2b00c93b5a4e4ed54b9fb5806361df1b71

If this is useful, I'd like to backport this to 2.0.


Currently, the private key stub is precondition for the subcommand
bkuptocard:

  { "bkuptocard", cmdBKUPTOCARD, KEYEDIT_NEED_SK | KEYEDIT_ONLY_SK,
    N_("move a backup key to a smartcard")},

But I think that it is OK not to have the private key stub files on
host.

Shall I remove KEYEDIT_NEED_SK flag from "cmds"?
--