diff options
author | Justus Winter <justus@sequoia-pgp.org> | 2020-11-27 13:22:37 +0100 |
---|---|---|
committer | Justus Winter <justus@sequoia-pgp.org> | 2020-11-27 13:52:35 +0100 |
commit | dc50161c51d5b479a54d3dc912574f9ed208892a (patch) | |
tree | a1afa74a6ea92fa55225daaf0b39751a04af9a50 /openpgp-ffi | |
parent | e59df6db99bc13a6b5b1d1f6ee9e622c60591c00 (diff) |
openpgp: Add Cert::merge_public and Cert::merge_public_and_secret.
- Secret key material is not authenticated by OpenPGP, so care must
be taken when merging certificates.
- Rename Cert::merge to Cert::merge_public_and_secret.
- Add new function Cert::merge_public. This function can be used to
merge certificates from untrusted sources as it ignores secret key
material that cannot be authenticated by OpenPGP.
- Fixes #584.
Diffstat (limited to 'openpgp-ffi')
-rw-r--r-- | openpgp-ffi/include/sequoia/openpgp.h | 16 | ||||
-rw-r--r-- | openpgp-ffi/src/cert.rs | 22 |
2 files changed, 33 insertions, 5 deletions
diff --git a/openpgp-ffi/include/sequoia/openpgp.h b/openpgp-ffi/include/sequoia/openpgp.h index 104dede6..cb6bc31d 100644 --- a/openpgp-ffi/include/sequoia/openpgp.h +++ b/openpgp-ffi/include/sequoia/openpgp.h @@ -888,14 +888,26 @@ pgp_status_t pgp_cert_serialize (pgp_error_t *errp, pgp_writer_t writer); /*/ -/// Merges `other` into `cert`. +/// Merges `other` into `cert`, ignoring secret key material in `other`. /// /// If `other` is a different key, then nothing is merged into /// `cert`, but `cert` is still canonicalized. /// /// Consumes `cert` and `other`. /*/ -pgp_cert_t pgp_cert_merge (pgp_error_t *errp, +pgp_cert_t pgp_cert_merge_public (pgp_error_t *errp, + pgp_cert_t cert, + pgp_cert_t other); + +/*/ +/// Merges `other` into `cert`, including secret key material in `other`. +/// +/// If `other` is a different key, then nothing is merged into +/// `cert`, but `cert` is still canonicalized. +/// +/// Consumes `cert` and `other`. +/*/ +pgp_cert_t pgp_cert_merge_public_and_secret (pgp_error_t *errp, pgp_cert_t cert, pgp_cert_t other); diff --git a/openpgp-ffi/src/cert.rs b/openpgp-ffi/src/cert.rs index 6eecd3d3..37b17472 100644 --- a/openpgp-ffi/src/cert.rs +++ b/openpgp-ffi/src/cert.rs @@ -85,20 +85,36 @@ fn pgp_cert_from_packet_parser(errp: Option<&mut *mut crate::error::Error>, openpgp::Cert::try_from(*ppr).move_into_raw(errp) } -/// Merges `other` into `cert`. +/// Merges `other` into `cert`, ignoring secret key material in `other`. /// /// If `other` is a different key, then nothing is merged into /// `cert`, but `cert` is still canonicalized. /// /// Consumes `cert` and `other`. #[::sequoia_ffi_macros::extern_fn] #[no_mangle] pub extern "C" -fn pgp_cert_merge(errp: Option<&mut *mut crate::error::Error>, +fn pgp_cert_merge_public(errp: Option<&mut *mut crate::error::Error>, cert: *mut Cert, other: *mut Cert) -> Maybe<Cert> { let cert = cert.move_from_raw(); let other = other.move_from_raw(); - cert.merge(other).move_into_raw(errp) + cert.merge_public(other).move_into_raw(errp) +} + +/// Merges `other` into `cert`, including secret key material in `other`. +/// +/// If `other` is a different key, then nothing is merged into +/// `cert`, but `cert` is still canonicalized. +/// +/// Consumes `cert` and `other`. +#[::sequoia_ffi_macros::extern_fn] #[no_mangle] pub extern "C" +fn pgp_cert_merge_public_and_secret(errp: Option<&mut *mut crate::error::Error>, + cert: *mut Cert, + other: *mut Cert) + -> Maybe<Cert> { + let cert = cert.move_from_raw(); + let other = other.move_from_raw(); + cert.merge_public_and_secret(other).move_into_raw(errp) } /// Adds packets to the Cert. |