diff options
author | Neal H. Walfield <neal@pep.foundation> | 2019-09-17 17:40:23 +0200 |
---|---|---|
committer | Neal H. Walfield <neal@pep.foundation> | 2019-09-17 17:44:38 +0200 |
commit | c2c61f44ac35e16051b2b6a3f0569265abdf15c8 (patch) | |
tree | a84fd2951bd2829041f841e19d0222708405881e | |
parent | 1324bc3db18dbf9e27db2903515ac6c8f5b30704 (diff) |
openpgp: Rename TPK::revocation_status to TPK::revoked.
- Combine TPK::revocation_status and TPK::revocation_status_at; only
keep the version with the optional time parameter.
- Rename TPK::revocation_status to TPK::revoked to match
KeyBinding::revoked, UserIDBinding::revoked, and
UserAttributeBinding::revoked.
- Do the same for the C API.
-rw-r--r-- | openpgp-ffi/include/sequoia/openpgp.h | 15 | ||||
-rw-r--r-- | openpgp-ffi/src/tpk.rs | 23 | ||||
-rw-r--r-- | openpgp/src/tpk/builder.rs | 4 | ||||
-rw-r--r-- | openpgp/src/tpk/keyiter.rs | 2 | ||||
-rw-r--r-- | openpgp/src/tpk/mod.rs | 58 | ||||
-rw-r--r-- | sqv/src/sqv.rs | 2 | ||||
-rw-r--r-- | tool/src/commands/inspect.rs | 2 |
7 files changed, 38 insertions, 68 deletions
diff --git a/openpgp-ffi/include/sequoia/openpgp.h b/openpgp-ffi/include/sequoia/openpgp.h index 8662fef1..b7a4f6be 100644 --- a/openpgp-ffi/include/sequoia/openpgp.h +++ b/openpgp-ffi/include/sequoia/openpgp.h @@ -780,23 +780,16 @@ pgp_tsk_t pgp_tpk_as_tsk (pgp_tpk_t tpk); pgp_key_t pgp_tpk_primary_key (pgp_tpk_t tpk); /*/ -/// Returns the TPK's current revocation status. -/// -/// Note: this only returns whether the TPK has been revoked, and does -/// not reflect whether an individual user id, user attribute or -/// subkey has been revoked. -/*/ -pgp_revocation_status_t pgp_tpk_revocation_status (pgp_tpk_t tpk); - -/*/ /// Returns the TPK's revocation status at the specified time. /// /// Note: this only returns whether the TPK has been revoked, and does /// not reflect whether an individual user id, user attribute or /// subkey has been revoked. +/// +/// If `when` is 0, then returns the TPK's revocation status as of the +/// time of the call. /*/ -pgp_revocation_status_t pgp_tpk_revocation_status_at (pgp_tpk_t tpk, - time_t when); +pgp_revocation_status_t pgp_tpk_revoked (pgp_tpk_t tpk, time_t when); /*/ /// Writes a revocation certificate to the writer. diff --git a/openpgp-ffi/src/tpk.rs b/openpgp-ffi/src/tpk.rs index 80801789..48169a98 100644 --- a/openpgp-ffi/src/tpk.rs +++ b/openpgp-ffi/src/tpk.rs @@ -158,8 +158,11 @@ fn pgp_tpk_primary_key(tpk: *const TPK) -> *const Key { /// Note: this only returns whether the TPK has been revoked, and does /// not reflect whether an individual user id, user attribute or /// subkey has been revoked. +/// +/// If `when` is 0, then returns the TPK's revocation status as of the +/// time of the call. #[::sequoia_ffi_macros::extern_fn] #[no_mangle] pub extern "C" -fn pgp_tpk_revocation_status_at(tpk: *const TPK, when: time_t) +fn pgp_tpk_revoked(tpk: *const TPK, when: time_t) -> *mut RevocationStatus<'static> { let when = when as i64; @@ -169,19 +172,7 @@ fn pgp_tpk_revocation_status_at(tpk: *const TPK, when: time_t) Some(time::at(time::Timespec::new(when, 0))) }; - tpk.ref_raw().revocation_status_at(when).move_into_raw() -} - -/// Returns the TPK's current revocation status. -/// -/// Note: this only returns whether the TPK has been revoked, and does -/// not reflect whether an individual user id, user attribute or -/// subkey has been revoked. -#[::sequoia_ffi_macros::extern_fn] #[no_mangle] pub extern "C" -fn pgp_tpk_revocation_status(tpk: *const TPK) - -> *mut RevocationStatus<'static> -{ - tpk.ref_raw().revocation_status().move_into_raw() + tpk.ref_raw().revoked(when).move_into_raw() } fn int_to_reason_for_revocation(code: c_int) -> ReasonForRevocation { @@ -237,7 +228,7 @@ fn int_to_reason_for_revocation(code: c_int) -> ReasonForRevocation { /// tpk = pgp_tpk_merge_packets (NULL, tpk, &packet, 1); /// assert (tpk); /// -/// pgp_revocation_status_t rs = pgp_tpk_revocation_status (tpk); +/// pgp_revocation_status_t rs = pgp_tpk_revoked (tpk, 0); /// assert (pgp_revocation_status_variant (rs) == PGP_REVOCATION_STATUS_REVOKED); /// pgp_revocation_status_free (rs); /// @@ -301,7 +292,7 @@ fn pgp_tpk_revoke(errp: Option<&mut *mut crate::error::Error>, /// pgp_signer_free (primary_signer); /// pgp_key_pair_free (primary_keypair); /// -/// pgp_revocation_status_t rs = pgp_tpk_revocation_status (tpk); +/// pgp_revocation_status_t rs = pgp_tpk_revoked (tpk, 0); /// assert (pgp_revocation_status_variant (rs) == PGP_REVOCATION_STATUS_REVOKED); /// pgp_revocation_status_free (rs); /// diff --git a/openpgp/src/tpk/builder.rs b/openpgp/src/tpk/builder.rs index 3cf4125b..5a74ea81 100644 --- a/openpgp/src/tpk/builder.rs +++ b/openpgp/src/tpk/builder.rs @@ -561,11 +561,11 @@ mod tests { let (tpk, revocation) = TPKBuilder::new() .set_cipher_suite(CipherSuite::Cv25519) .generate().unwrap(); - assert_eq!(tpk.revocation_status(), + assert_eq!(tpk.revoked(None), RevocationStatus::NotAsFarAsWeKnow); let tpk = tpk.merge_packets(vec![revocation.clone().into()]).unwrap(); - assert_eq!(tpk.revocation_status(), + assert_eq!(tpk.revoked(None), RevocationStatus::Revoked(vec![ &revocation ])); } diff --git a/openpgp/src/tpk/keyiter.rs b/openpgp/src/tpk/keyiter.rs index 862aa2be..af9f8eae 100644 --- a/openpgp/src/tpk/keyiter.rs +++ b/openpgp/src/tpk/keyiter.rs @@ -96,7 +96,7 @@ impl<'a, P: 'a + key::KeyParts, R: 'a + key::KeyRole> Iterator self.primary = true; (tpk.primary_key_signature(None), - tpk.revocation_status(), + tpk.revoked(None), tpk.primary().key().into()) } else { self.subkey_iter.next() diff --git a/openpgp/src/tpk/mod.rs b/openpgp/src/tpk/mod.rs index a514cce1..16e0ca51 100644 --- a/openpgp/src/tpk/mod.rs +++ b/openpgp/src/tpk/mod.rs @@ -1178,22 +1178,13 @@ impl TPK { /// /// Note: this only returns whether this TPK is revoked; it does /// not imply anything about the TPK or other components. - pub fn revocation_status_at<T>(&self, t: T) -> RevocationStatus + pub fn revoked<T>(&self, t: T) -> RevocationStatus where T: Into<Option<time::Tm>> { let t = t.into(); self.primary._revoked(true, self.primary_key_signature(t), t) } - /// Returns the TPK's current revocation status. - /// - /// Note: this only returns whether the primary key is revoked. If you - /// want to know whether a subkey, user id, etc., is revoked, then - /// you need to query them separately. - pub fn revocation_status(&self) -> RevocationStatus { - self.revocation_status_at(None) - } - /// Returns a revocation certificate for the TPK. /// /// # Example @@ -1213,7 +1204,7 @@ impl TPK { /// .set_cipher_suite(CipherSuite::Cv25519) /// .generate()?; /// assert_eq!(RevocationStatus::NotAsFarAsWeKnow, - /// tpk.revocation_status()); + /// tpk.revoked(None)); /// /// let mut keypair = tpk.primary().key().clone() /// .mark_parts_secret().into_keypair()?; @@ -1223,7 +1214,7 @@ impl TPK { /// /// let tpk = tpk.merge_packets(vec![sig.clone().into()])?; /// assert_eq!(RevocationStatus::Revoked(vec![&sig]), - /// tpk.revocation_status()); + /// tpk.revoked(None)); /// # Ok(()) /// # } pub fn revoke<R>(&self, primary_signer: &mut Signer<R>, @@ -1264,14 +1255,14 @@ impl TPK { /// .set_cipher_suite(CipherSuite::Cv25519) /// .generate()?; /// assert_eq!(RevocationStatus::NotAsFarAsWeKnow, - /// tpk.revocation_status()); + /// tpk.revoked(None)); /// /// let mut keypair = tpk.primary().key().clone() /// .mark_parts_secret().into_keypair()?; /// let tpk = tpk.revoke_in_place(&mut keypair, /// ReasonForRevocation::KeyCompromised, /// b"It was the maid :/")?; - /// if let RevocationStatus::Revoked(sigs) = tpk.revocation_status() { + /// if let RevocationStatus::Revoked(sigs) = tpk.revoked(None) { /// assert_eq!(sigs.len(), 1); /// assert_eq!(sigs[0].typ(), SignatureType::KeyRevocation); /// assert_eq!(sigs[0].reason_for_revocation(), @@ -2451,7 +2442,7 @@ mod test { assert_eq!(typ, SignatureType::PositiveCertificate, "{:#?}", tpk); - let revoked = tpk.revocation_status(); + let revoked = tpk.revoked(None); if direct_revoked { assert_match!(RevocationStatus::Revoked(_) = revoked, "{:#?}", tpk); @@ -2538,7 +2529,7 @@ mod test { let (tpk, _) = TPKBuilder::autocrypt(None, Some("Test")) .generate().unwrap(); assert_eq!(RevocationStatus::NotAsFarAsWeKnow, - tpk.revocation_status()); + tpk.revoked(None)); let mut keypair = tpk.primary().key().clone().mark_parts_secret() .into_keypair().unwrap(); @@ -2551,7 +2542,7 @@ mod test { Some(tpk.primary().key().fingerprint())); let tpk = tpk.merge_packets(vec![sig.into()]).unwrap(); - assert_match!(RevocationStatus::Revoked(_) = tpk.revocation_status()); + assert_match!(RevocationStatus::Revoked(_) = tpk.revoked(None)); // Have other revoke tpk. @@ -2593,7 +2584,7 @@ mod test { assert_eq!(sig.typ(), SignatureType::CertificateRevocation); let tpk = tpk.merge_packets(vec![sig.into()]).unwrap(); assert_eq!(RevocationStatus::NotAsFarAsWeKnow, - tpk.revocation_status()); + tpk.revoked(None)); let uid = tpk.userids().skip(1).next().unwrap(); assert_match!(RevocationStatus::Revoked(_) = uid.revoked(None)); @@ -2686,25 +2677,20 @@ mod test { let t23 = t2 + time::Duration::days((300.0 * f3) as i64); let t34 = t3 + time::Duration::days((300.0 * f3) as i64); - assert_eq!(tpk.revocation_status_at(te1), RevocationStatus::NotAsFarAsWeKnow); - assert_eq!(tpk.revocation_status_at(t12), RevocationStatus::NotAsFarAsWeKnow); - assert_match!(RevocationStatus::Revoked(_) = tpk.revocation_status_at(t23)); - assert_eq!(tpk.revocation_status_at(t34), RevocationStatus::NotAsFarAsWeKnow); + assert_eq!(tpk.revoked(te1), RevocationStatus::NotAsFarAsWeKnow); + assert_eq!(tpk.revoked(t12), RevocationStatus::NotAsFarAsWeKnow); + assert_match!(RevocationStatus::Revoked(_) = tpk.revoked(t23)); + assert_eq!(tpk.revoked(t34), RevocationStatus::NotAsFarAsWeKnow); // Merge in the hard revocation. let tpk = tpk.merge_packets(vec![ rev2.into() ]).unwrap(); + assert_match!(RevocationStatus::Revoked(_) = tpk.revoked(te1)); + assert_match!(RevocationStatus::Revoked(_) = tpk.revoked(t12)); + assert_match!(RevocationStatus::Revoked(_) = tpk.revoked(t23)); + assert_match!(RevocationStatus::Revoked(_) = tpk.revoked(t34)); + assert_match!(RevocationStatus::Revoked(_) = tpk.revoked(t4)); assert_match!(RevocationStatus::Revoked(_) - = tpk.revocation_status_at(te1)); - assert_match!(RevocationStatus::Revoked(_) - = tpk.revocation_status_at(t12)); - assert_match!(RevocationStatus::Revoked(_) - = tpk.revocation_status_at(t23)); - assert_match!(RevocationStatus::Revoked(_) - = tpk.revocation_status_at(t34)); - assert_match!(RevocationStatus::Revoked(_) - = tpk.revocation_status_at(t4)); - assert_match!(RevocationStatus::Revoked(_) - = tpk.revocation_status_at(time::now_utc())); + = tpk.revoked(time::now_utc())); } #[test] @@ -2715,7 +2701,7 @@ mod test { where T: Into<Option<time::Tm>> { !destructures_to!(RevocationStatus::NotAsFarAsWeKnow - = tpk.revocation_status_at(t)) + = tpk.revoked(t)) } fn subkey_revoked<T>(tpk: &TPK, t: T) -> bool @@ -2792,7 +2778,7 @@ mod test { where T: Into<Option<time::Tm>>, T: Copy { assert_match!(RevocationStatus::NotAsFarAsWeKnow - = tpk.revocation_status()); + = tpk.revoked(None)); let mut slim_shady = false; let mut eminem = false; @@ -2825,7 +2811,7 @@ mod test { where T: Into<Option<time::Tm>>, T: Copy { assert_match!(RevocationStatus::NotAsFarAsWeKnow - = tpk.revocation_status()); + = tpk.revoked(None)); assert_eq!(tpk.user_attributes().count(), 1); let ua = tpk.user_attributes().nth(0).unwrap(); diff --git a/sqv/src/sqv.rs b/sqv/src/sqv.rs index 03495107..4ef07ecd 100644 --- a/sqv/src/sqv.rs +++ b/sqv/src/sqv.rs @@ -273,7 +273,7 @@ fn real_main() -> Result<(), failure::Error> { } } - if tpk.revocation_status_at(t) + if tpk.revoked(t) != RevocationStatus::NotAsFarAsWeKnow { eprintln!( diff --git a/tool/src/commands/inspect.rs b/tool/src/commands/inspect.rs index bec79b1d..ac167e12 100644 --- a/tool/src/commands/inspect.rs +++ b/tool/src/commands/inspect.rs @@ -130,7 +130,7 @@ fn inspect_tpk(output: &mut io::Write, tpk: &openpgp::TPK, if tpk.is_tsk() { "Secret" } else { "Public" })?; writeln!(output)?; writeln!(output, " Fingerprint: {}", tpk.fingerprint())?; - inspect_revocation(output, "", tpk.revocation_status())?; + inspect_revocation(output, "", tpk.revoked(None))?; inspect_key(output, "", tpk.primary().key(), tpk.primary_key_signature(None), tpk.primary().certifications(), print_keygrips, print_certifications)?; |