Creating cert key for CA: expand availibility of hash algoritms for signing certs

[techge]

When trying to create a root certificate on OpenPGP Card (signature slot) for a AD CS, only a few hash algorithms for signing certificates issued by the CA can be chosen.
Vincent already suggest to fix it by:

Try to replace MS_STRONG_PROV with MS_ENH_RSA_AES_PROV (you may change PROV_RSA_FULL with PROV_RSA_AES).

I will try to do it, but as I have no working building environment set up yet, it may take some time...

[vletoux]

see 639d935

[vletoux]

Using SHA2 with MS CA requires a KSP and won't work with a CSP

As a proof, Ms Base Smart Card CSP supports only legacy algorithms

[jans23]

I saw commit 2ab1db2. Is this worth retesting already or WIP?

[vletoux]

KSP is read only (no key generation). Not tested at all.
No WIP for the moment.

[vletoux]

Please test the latest release