When possible, check secret key material
Let's assume that Cert::canonicalize
encounters two keys with the same public bits, but different secret key material. We need to choose one (or somehow support multiple versions!) If the secret key material is unencrypted, then we check whether the secret key material is correct by creating a signature and verifying it, or encrypting a message and decrypting it. Then, we can reject invalid secret key material.