openpgp: Add Cert::merge_public and Cert::merge_public_and_secret.

- Secret key material is not authenticated by OpenPGP, so care must be taken when merging certificates. - Rename Cert::merge to Cert::merge_public_and_secret. - Add new function Cert::merge_public. This function can be used to merge certificates from untrusted sources as it ignores secret key material that cannot be authenticated by OpenPGP. - Fixes #584.
author: Justus Winter <justus@sequoia-pgp.org> 2020-11-27 13:22:37 +0100
committer: Justus Winter <justus@sequoia-pgp.org> 2020-11-27 13:52:35 +0100
commit: dc50161c51d5b479a54d3dc912574f9ed208892a (patch)
tree: a1afa74a6ea92fa55225daaf0b39751a04af9a50 /net
parent: e59df6db99bc13a6b5b1d1f6ee9e622c60591c00 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/net/src/wkd.rs b/net/src/wkd.rs
index c2a47d71..50f4d25e 100644
--- a/net/src/wkd.rs
+++ b/net/src/wkd.rs
@@ -385,7 +385,7 @@ impl KeyRing {
     fn insert(&mut self, cert: Cert) -> Result<()> {
         let fp = cert.fingerprint();
         if let Some(existing) = self.0.get_mut(&fp) {
-            *existing = existing.clone().merge(cert)?;
+            *existing = existing.clone().merge_public(cert)?;
         } else {
             self.0.insert(fp, cert);
         }
author	Justus Winter <justus@sequoia-pgp.org>	2020-11-27 13:22:37 +0100
committer	Justus Winter <justus@sequoia-pgp.org>	2020-11-27 13:52:35 +0100
commit	dc50161c51d5b479a54d3dc912574f9ed208892a (patch)
tree	a1afa74a6ea92fa55225daaf0b39751a04af9a50 /net
parent	e59df6db99bc13a6b5b1d1f6ee9e622c60591c00 (diff)