openpgp: Add Cert::merge_public and Cert::merge_public_and_secret.

- Secret key material is not authenticated by OpenPGP, so care must be taken when merging certificates. - Rename Cert::merge to Cert::merge_public_and_secret. - Add new function Cert::merge_public. This function can be used to merge certificates from untrusted sources as it ignores secret key material that cannot be authenticated by OpenPGP. - Fixes #584.
author: Justus Winter <justus@sequoia-pgp.org> 2020-11-27 13:22:37 +0100
committer: Justus Winter <justus@sequoia-pgp.org> 2020-11-27 13:52:35 +0100
commit: dc50161c51d5b479a54d3dc912574f9ed208892a (patch)
tree: a1afa74a6ea92fa55225daaf0b39751a04af9a50 /sqv
parent: e59df6db99bc13a6b5b1d1f6ee9e622c60591c00 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/sqv/src/sqv.rs b/sqv/src/sqv.rs
index 45106812..f84cef9e 100644
--- a/sqv/src/sqv.rs
+++ b/sqv/src/sqv.rs
@@ -102,7 +102,7 @@ impl<'a> VerificationHelper for VHelper<'a> {
                     certs.push(a);
                 } else if certs[certs.len() - 1].fingerprint() == a.fingerprint() {
                     // Merge `a` into the last element.
-                    match certs.pop().expect("non-empty vec").merge(a) {
+                    match certs.pop().expect("non-empty vec").merge_public(a) {
                         Ok(cert) => certs.push(cert),
                         Err(err) => errs.push(err),
                     }
author	Justus Winter <justus@sequoia-pgp.org>	2020-11-27 13:22:37 +0100
committer	Justus Winter <justus@sequoia-pgp.org>	2020-11-27 13:52:35 +0100
commit	dc50161c51d5b479a54d3dc912574f9ed208892a (patch)
tree	a1afa74a6ea92fa55225daaf0b39751a04af9a50 /sqv
parent	e59df6db99bc13a6b5b1d1f6ee9e622c60591c00 (diff)