ffi: Wrap RevocationStatus.

2 files changed, 92 insertions, 1 deletions

diff --git a/ffi/include/sequoia/openpgp.h b/ffi/include/sequoia/openpgp.h
index 23959b4b..0331a2ad 100644
--- a/ffi/include/sequoia/openpgp.h
+++ b/ffi/include/sequoia/openpgp.h
@@ -111,6 +111,55 @@ sq_keyid_t sq_fingerprint_to_keyid (const sq_fingerprint_t fp);
 /*/
 int sq_fingerprint_equal (const sq_fingerprint_t a, const sq_fingerprint_t b);
 
+/* sequoia::openpgp::RevocationStatus.  */
+
+/*/
+/// Holds a revocation status.
+/*/
+typedef struct sq_revocation_status *sq_revocation_status_t;
+
+typedef enum sq_revocation_status_variant {
+  /*/
+  /// The key is definitely revoked.
+  ///
+  /// All self-revocations are returned, the most recent revocation
+  /// first.
+  /*/
+  SQ_REVOCATION_STATUS_REVOKED,
+
+  /*/
+  /// We have a third-party revocation certificate that is allegedly
+  /// from a designated revoker, but we don't have the designated
+  /// revoker's key to check its validity.
+  ///
+  /// All such certificates are returned.  The caller must check
+  /// them manually.
+  /*/
+  SQ_REVOCATION_STATUS_COULD_BE,
+
+  /*/
+  /// The key does not appear to be revoked, but perhaps an attacker
+  /// has performed a DoS, which prevents us from seeing the
+  /// revocation certificate.
+  /*/
+  SQ_REVOCATION_STATUS_NOT_AS_FAR_AS_WE_KNOW,
+
+  /* Dummy value to make sure the enumeration has a defined size.  Do
+     not use this value.  */
+  SQ_REVOCATION_STATUS_FORCE_WIDTH = INT_MAX,
+} sq_revocation_status_variant_t;
+
+/*/
+/// Returns the revocation status's variant.
+/*/
+sq_revocation_status_variant_t sq_revocation_status_variant (
+    sq_revocation_status_t rs);
+
+/*/
+/// Frees the revocation status.
+/*/
+void sq_revocation_status_free (sq_revocation_status_t rs);
+
 
 /* openpgp::armor.  */
 
diff --git a/ffi/src/openpgp.rs b/ffi/src/openpgp.rs
index 28cbc726..25f42509 100644
--- a/ffi/src/openpgp.rs
+++ b/ffi/src/openpgp.rs
@@ -12,10 +12,18 @@ use libc::{self, uint8_t, uint64_t, c_char, c_int, size_t, ssize_t};
 extern crate openpgp;
 
 use self::openpgp::{
-    armor, Fingerprint, KeyID, PacketPile, TPK, TSK, Packet, crypto::Password,
+    armor,
+    Fingerprint,
+    KeyID,
+    RevocationStatus,
+    PacketPile,
+    TPK,
+    TSK,
+    Packet,
     packet::{
         Signature,
     },
+    crypto::Password,
 };
 use self::openpgp::tpk::{CipherSuite, TPKBuilder};
 use self::openpgp::parse::{PacketParserResult, PacketParser, PacketParserEOF};
@@ -812,6 +820,40 @@ pub extern "system" fn sq_tpk_into_tsk(tpk: *mut TPK)
     box_raw!(tpk.into_tsk())
 }
 
+fn revocation_status_to_int(rs: &RevocationStatus) -> c_int {
+    match rs {
+        RevocationStatus::Revoked(_) => 0,
+        RevocationStatus::CouldBe(_) => 1,
+        RevocationStatus::NotAsFarAsWeKnow => 2,
+    }
+}
+
+/// Returns the TPK's revocation status variant.
+#[no_mangle]
+pub extern "system" fn sq_revocation_status_variant(
+    rs: *mut RevocationStatus)
+    -> c_int
+{
+    assert!(! rs.is_null());
+    let rs = unsafe {
+        Box::from_raw(rs as *mut RevocationStatus)
+    };
+    let variant = revocation_status_to_int(rs.as_ref());
+    Box::into_raw(rs);
+    variant
+}
+
+/// Frees a sq_revocation_status_t.
+#[no_mangle]
+pub extern "system" fn sq_revocation_status_free(
+    rs: *mut RevocationStatus)
+{
+    if rs.is_null() { return };
+    unsafe {
+        drop(Box::from_raw(rs))
+    };
+}
+
 /* TPKBuilder */
 
 /// Creates a default `sq_tpk_builder_t`.