openpgp: Make signature::Builder::sign_subkey_binding more flexible.

  - Allow the primary key to be a secret key.

2 files changed, 10 insertions, 7 deletions

diff --git a/openpgp/src/crypto/hash.rs b/openpgp/src/crypto/hash.rs
index f97d05ce..363036ff 100644
--- a/openpgp/src/crypto/hash.rs
+++ b/openpgp/src/crypto/hash.rs
@@ -393,11 +393,13 @@ impl Signature {
 
     /// Returns the message digest of the subkey binding over the
     /// specified primary key and subkey.
-    pub fn hash_subkey_binding<'a, P, S>(sig: S,
-                                         key: &key::PublicKey,
-                                         subkey: &Key<P, key::SubordinateRole>)
+    pub fn hash_subkey_binding<'a, P, Q, S>(
+        sig: S,
+        key: &Key<P, key::PrimaryRole>,
+        subkey: &Key<Q, key::SubordinateRole>)
         -> Result<Vec<u8>>
         where P: key::KeyParts,
+              Q: key::KeyParts,
               S: Into<&'a signature::Builder>
     {
 
diff --git a/openpgp/src/packet/signature/mod.rs b/openpgp/src/packet/signature/mod.rs
index 7672a9c5..6f74e471 100644
--- a/openpgp/src/packet/signature/mod.rs
+++ b/openpgp/src/packet/signature/mod.rs
@@ -193,11 +193,12 @@ impl Builder {
     ///
     /// The Signature's public-key algorithm field is set to the
     /// algorithm used by `signer`.
-    pub fn sign_subkey_binding<P>(mut self, signer: &mut dyn Signer,
-                                  primary: &key::PublicKey,
-                                  subkey: &Key<P, key::SubordinateRole>)
+    pub fn sign_subkey_binding<P, Q>(mut self, signer: &mut dyn Signer,
+                                     primary: &Key<P, key::PrimaryRole>,
+                                     subkey: &Key<Q, key::SubordinateRole>)
         -> Result<Signature>
-        where P: key:: KeyParts
+        where P: key:: KeyParts,
+              Q: key:: KeyParts,
     {
         self.pk_algo = signer.public().pk_algo();
         let digest = Signature::hash_subkey_binding(&self, primary, subkey)?;