openpgp, openpgp-ffi: Normalize TPK::revoked()

  - `TPK::revoked` returns a revocation status, not a boolean.  Rename
    it to `TPK::revocation_status()`, like it is called in the FFI.

  - Like other methods, provide a `foo_at()` method and a `foo()`
    method.

6 files changed, 71 insertions, 23 deletions

diff --git a/openpgp-ffi/include/sequoia/openpgp.h b/openpgp-ffi/include/sequoia/openpgp.h
index 141b5b7f..554a8306 100644
--- a/openpgp-ffi/include/sequoia/openpgp.h
+++ b/openpgp-ffi/include/sequoia/openpgp.h
@@ -698,7 +698,7 @@ pgp_tsk_t pgp_tpk_as_tsk (pgp_tpk_t tpk);
 pgp_key_t pgp_tpk_primary (pgp_tpk_t tpk);
 
 /*/
-/// Returns the TPK's revocation status.
+/// Returns the TPK's current revocation status.
 ///
 /// Note: this only returns whether the TPK has been revoked, and does
 /// not reflect whether an individual user id, user attribute or
@@ -707,6 +707,16 @@ pgp_key_t pgp_tpk_primary (pgp_tpk_t tpk);
 pgp_revocation_status_t pgp_tpk_revocation_status (pgp_tpk_t tpk);
 
 /*/
+/// Returns the TPK's revocation status at the specified time.
+///
+/// Note: this only returns whether the TPK has been revoked, and does
+/// not reflect whether an individual user id, user attribute or
+/// subkey has been revoked.
+/*/
+pgp_revocation_status_t pgp_tpk_revocation_status_at (pgp_tpk_t tpk,
+                                                      time_t when);
+
+/*/
 /// Writes a revocation certificate to the writer.
 ///
 /// This function consumes the writer.  It does *not* consume tpk.
diff --git a/openpgp-ffi/src/tpk.rs b/openpgp-ffi/src/tpk.rs
index 2080e494..c8b70618 100644
--- a/openpgp-ffi/src/tpk.rs
+++ b/openpgp-ffi/src/tpk.rs
@@ -151,15 +151,35 @@ fn pgp_tpk_primary(tpk: *const TPK) -> *const Key {
     tpk.ref_raw().primary().move_into_raw()
 }
 
-/// Returns the TPK's revocation status.
+/// Returns the TPK's revocation status as of a given time.
+///
+/// Note: this only returns whether the TPK has been revoked, and does
+/// not reflect whether an individual user id, user attribute or
+/// subkey has been revoked.
+#[::sequoia_ffi_macros::extern_fn] #[no_mangle] pub extern "C"
+fn pgp_tpk_revocation_status_at(tpk: *const TPK, when: time_t)
+    -> *mut RevocationStatus<'static>
+{
+    let when = when as i64;
+    let when = if when == 0 {
+        None
+    } else {
+        Some(time::at(time::Timespec::new(when, 0)))
+    };
+
+    tpk.ref_raw().revocation_status_at(when).move_into_raw()
+}
+
+/// Returns the TPK's current revocation status.
 ///
 /// Note: this only returns whether the TPK has been revoked, and does
 /// not reflect whether an individual user id, user attribute or
 /// subkey has been revoked.
 #[::sequoia_ffi_macros::extern_fn] #[no_mangle] pub extern "C"
 fn pgp_tpk_revocation_status(tpk: *const TPK)
-                             -> *mut RevocationStatus<'static> {
-    tpk.ref_raw().revoked(None).move_into_raw()
+    -> *mut RevocationStatus<'static>
+{
+    tpk.ref_raw().revocation_status().move_into_raw()
 }
 
 fn int_to_reason_for_revocation(code: c_int) -> ReasonForRevocation {
diff --git a/openpgp/src/tpk/builder.rs b/openpgp/src/tpk/builder.rs
index dc1a55e5..912ca97d 100644
--- a/openpgp/src/tpk/builder.rs
+++ b/openpgp/src/tpk/builder.rs
@@ -536,10 +536,12 @@ mod tests {
         let (tpk, revocation) = TPKBuilder::new()
             .set_cipher_suite(CipherSuite::Cv25519)
             .generate().unwrap();
-        assert_eq!(tpk.revoked(None), RevocationStatus::NotAsFarAsWeKnow);
+        assert_eq!(tpk.revocation_status(),
+                   RevocationStatus::NotAsFarAsWeKnow);
 
         let tpk = tpk.merge_packets(vec![revocation.clone().into()]).unwrap();
-        assert_eq!(tpk.revoked(None), RevocationStatus::Revoked(&[revocation]));
+        assert_eq!(tpk.revocation_status(),
+                   RevocationStatus::Revoked(&[revocation]));
     }
 
     #[test]
diff --git a/openpgp/src/tpk/mod.rs b/openpgp/src/tpk/mod.rs
index c00d6775..0eb85091 100644
--- a/openpgp/src/tpk/mod.rs
+++ b/openpgp/src/tpk/mod.rs
@@ -871,7 +871,7 @@ impl<'a> Iterator for KeyIter<'a> {
                 self.primary = true;
 
                 (tpk.primary_key_signature(),
-                 tpk.revoked(None),
+                 tpk.revocation_status(),
                  tpk.primary())
             } else {
                 self.subkey_iter.next()
@@ -1700,12 +1700,12 @@ impl TPK {
         &self.primary_other_revocations
     }
 
-    /// Returns the TPK's revocation status.
+    /// Returns the TPK's revocation status at the specified time.
     ///
     /// Note: this only returns whether the primary key is revoked.  If you
     /// want to know whether a subkey, user id, etc., is revoked, then
     /// you need to query them separately.
-    pub fn revoked<T>(&self, t: T) -> RevocationStatus
+    pub fn revocation_status_at<T>(&self, t: T) -> RevocationStatus
         where T: Into<Option<time::Tm>>
     {
         let t = t.into().unwrap_or_else(time::now_utc);
@@ -1728,6 +1728,15 @@ impl TPK {
         }
     }
 
+    /// Returns the TPK's current revocation status.
+    ///
+    /// Note: this only returns whether the primary key is revoked.  If you
+    /// want to know whether a subkey, user id, etc., is revoked, then
+    /// you need to query them separately.
+    pub fn revocation_status(&self) -> RevocationStatus {
+        self.revocation_status_at(None)
+    }
+
     /// Returns a revocation certificate for the TPK.
     ///
     /// # Example
@@ -1746,7 +1755,8 @@ impl TPK {
     /// let (tpk, _) = TPKBuilder::new()
     ///     .set_cipher_suite(CipherSuite::Cv25519)
     ///     .generate()?;
-    /// assert_eq!(RevocationStatus::NotAsFarAsWeKnow, tpk.revoked(None));
+    /// assert_eq!(RevocationStatus::NotAsFarAsWeKnow,
+    ///            tpk.revocation_status());
     ///
     /// let mut keypair = tpk.primary().clone().into_keypair()?;
     /// let sig = tpk.revoke(&mut keypair, ReasonForRevocation::KeyCompromised,
@@ -1754,7 +1764,8 @@ impl TPK {
     /// assert_eq!(sig.sigtype(), SignatureType::KeyRevocation);
     ///
     /// let tpk = tpk.merge_packets(vec![sig.clone().into()])?;
-    /// assert_eq!(RevocationStatus::Revoked(&[sig]), tpk.revoked(None));
+    /// assert_eq!(RevocationStatus::Revoked(&[sig]),
+    ///            tpk.revocation_status());
     /// # Ok(())
     /// # }
     pub fn revoke(&self, primary_signer: &mut Signer,
@@ -1798,13 +1809,14 @@ impl TPK {
     /// let (mut tpk, _) = TPKBuilder::new()
     ///     .set_cipher_suite(CipherSuite::Cv25519)
     ///     .generate()?;
-    /// assert_eq!(RevocationStatus::NotAsFarAsWeKnow, tpk.revoked(None));
+    /// assert_eq!(RevocationStatus::NotAsFarAsWeKnow,
+    ///            tpk.revocation_status());
     ///
     /// let mut keypair = tpk.primary().clone().into_keypair()?;
     /// let tpk = tpk.revoke_in_place(&mut keypair,
     ///                               ReasonForRevocation::KeyCompromised,
     ///                               b"It was the maid :/")?;
-    /// if let RevocationStatus::Revoked(sigs) = tpk.revoked(None) {
+    /// if let RevocationStatus::Revoked(sigs) = tpk.revocation_status() {
     ///     assert_eq!(sigs.len(), 1);
     ///     assert_eq!(sigs[0].sigtype(), SignatureType::KeyRevocation);
     ///     assert_eq!(sigs[0].reason_for_revocation(),
@@ -3536,7 +3548,7 @@ mod test {
             assert_eq!(sigtype, SignatureType::PositiveCertificate,
                        "{:#?}", tpk);
 
-            let revoked = tpk.revoked(None);
+            let revoked = tpk.revocation_status();
             if direct_revoked {
                 assert_match!(RevocationStatus::Revoked(_) = revoked,
                               "{:#?}", tpk);
@@ -3622,7 +3634,8 @@ mod test {
     fn revoke() {
         let (tpk, _) = TPKBuilder::autocrypt(None, Some("Test"))
             .generate().unwrap();
-        assert_eq!(RevocationStatus::NotAsFarAsWeKnow, tpk.revoked(None));
+        assert_eq!(RevocationStatus::NotAsFarAsWeKnow,
+                   tpk.revocation_status());
 
         let mut keypair = tpk.primary().clone().into_keypair().unwrap();
         let sig = tpk.revoke(&mut keypair,
@@ -3631,7 +3644,7 @@ mod test {
         assert_eq!(sig.sigtype(), SignatureType::KeyRevocation);
 
         let tpk = tpk.merge_packets(vec![sig.into()]).unwrap();
-        assert_match!(RevocationStatus::Revoked(_) = tpk.revoked(None));
+        assert_match!(RevocationStatus::Revoked(_) = tpk.revocation_status());
     }
 
     #[test]
@@ -3656,7 +3669,8 @@ mod test {
         };
         assert_eq!(sig.sigtype(), SignatureType::CertificateRevocation);
         let tpk = tpk.merge_packets(vec![sig.into()]).unwrap();
-        assert_eq!(RevocationStatus::NotAsFarAsWeKnow, tpk.revoked(None));
+        assert_eq!(RevocationStatus::NotAsFarAsWeKnow,
+                   tpk.revocation_status());
 
         let uid = tpk.userids().skip(1).next().unwrap();
         assert_match!(RevocationStatus::Revoked(_) = uid.revoked(None));
@@ -3734,13 +3748,13 @@ mod test {
         let te1 = t1 - time::Duration::days((300.0 * f1) as i64);
         let t12 = t1 + time::Duration::days((300.0 * f2) as i64);
         let t23 = t2 + time::Duration::days((300.0 * f3) as i64);
-        assert_eq!(tpk.revoked(te1), RevocationStatus::NotAsFarAsWeKnow);
-        assert_eq!(tpk.revoked(t12), RevocationStatus::NotAsFarAsWeKnow);
-        match tpk.revoked(t23) {
+        assert_eq!(tpk.revocation_status_at(te1), RevocationStatus::NotAsFarAsWeKnow);
+        assert_eq!(tpk.revocation_status_at(t12), RevocationStatus::NotAsFarAsWeKnow);
+        match tpk.revocation_status_at(t23) {
             RevocationStatus::Revoked(_) => {}
             _ => unreachable!(),
         }
-        assert_eq!(tpk.revoked(time::now_utc()), RevocationStatus::NotAsFarAsWeKnow);
+        assert_eq!(tpk.revocation_status_at(time::now_utc()), RevocationStatus::NotAsFarAsWeKnow);
     }
 
     #[test]
diff --git a/sqv/src/sqv.rs b/sqv/src/sqv.rs
index 1ab6568d..873ca9e8 100644
--- a/sqv/src/sqv.rs
+++ b/sqv/src/sqv.rs
@@ -273,7 +273,9 @@ fn real_main() -> Result<(), failure::Error> {
                                     }
                                 }
 
-                                if tpk.revoked(t) != RevocationStatus::NotAsFarAsWeKnow {
+                                if tpk.revocation_status_at(t)
+                                    != RevocationStatus::NotAsFarAsWeKnow
+                                {
                                     eprintln!(
                                         "Primary key was revoked when the \
                                          signature was created.");
diff --git a/tool/src/commands/inspect.rs b/tool/src/commands/inspect.rs
index 6578dfed..bb7257de 100644
--- a/tool/src/commands/inspect.rs
+++ b/tool/src/commands/inspect.rs
@@ -130,7 +130,7 @@ fn inspect_tpk(output: &mut io::Write, tpk: &openpgp::TPK,
              if tpk.is_tsk() { "Secret" } else { "Public" })?;
     writeln!(output)?;
     writeln!(output, "    Fingerprint: {}", tpk.fingerprint())?;
-    inspect_revocation(output, "", tpk.revoked(None))?;
+    inspect_revocation(output, "", tpk.revocation_status())?;
     inspect_key(output, "", tpk.primary(), tpk.primary_key_signature(),
                 tpk.certifications(),
                 print_keygrips, print_certifications)?;