openpgp: Rework Cert::revoke_in_place.

  - Rename `Cert::revoke_in_place` to `Cert::revoke`.

  - Return the revocation certificate; don't merge it.

  - Fixes #485.

2 files changed, 2 insertions, 77 deletions

diff --git a/openpgp-ffi/include/sequoia/openpgp.h b/openpgp-ffi/include/sequoia/openpgp.h
index 42591a4a..d6a7b219 100644
--- a/openpgp-ffi/include/sequoia/openpgp.h
+++ b/openpgp-ffi/include/sequoia/openpgp.h
@@ -958,22 +958,11 @@ pgp_revocation_status_t pgp_cert_revocation_status (pgp_cert_t cert,
                                                     pgp_policy_t policy, time_t when);
 
 /*/
-/// Writes a revocation certificate to the writer.
+/// Returns a new revocation certificate for the Cert.
 ///
-/// This function consumes the writer.  It does *not* consume cert.
+/// This function does *not* consume `cert`.
 /*/
 pgp_signature_t pgp_cert_revoke (pgp_error_t *errp,
-                              pgp_cert_t cert,
-                              pgp_signer_t primary_signer,
-                              pgp_reason_for_revocation_t code,
-                              const char *reason);
-
-/*/
-/// Adds a revocation certificate to the cert.
-///
-/// This function consumes the cert.
-/*/
-pgp_cert_t pgp_cert_revoke_in_place (pgp_error_t *errp,
                                  pgp_cert_t cert,
                                  pgp_signer_t primary_signer,
                                  pgp_reason_for_revocation_t code,
diff --git a/openpgp-ffi/src/cert.rs b/openpgp-ffi/src/cert.rs
index 3237e126..16350cd1 100644
--- a/openpgp-ffi/src/cert.rs
+++ b/openpgp-ffi/src/cert.rs
@@ -253,70 +253,6 @@ fn pgp_cert_revoke(errp: Option<&mut *mut crate::error::Error>,
     sig.move_into_raw(errp)
 }
 
-/// Adds a revocation certificate to the cert.
-///
-/// This function consumes the cert.
-///
-/// # Example
-///
-/// ```c
-/// #include <assert.h>
-/// #include <sequoia/openpgp.h>
-///
-/// pgp_cert_builder_t builder;
-/// pgp_cert_t cert;
-/// pgp_signature_t revocation;
-/// pgp_key_t primary_key;
-/// pgp_key_pair_t primary_keypair;
-/// pgp_signer_t primary_signer;
-/// pgp_policy_t policy = pgp_standard_policy ();
-///
-/// builder = pgp_cert_builder_new ();
-/// pgp_cert_builder_set_cipher_suite (&builder, PGP_CERT_CIPHER_SUITE_CV25519);
-/// pgp_cert_builder_generate (NULL, builder, &cert, &revocation);
-/// assert (cert);
-/// assert (revocation);
-/// pgp_signature_free (revocation);    /* Free the generated one.  */
-///
-/// primary_key = pgp_cert_primary_key (cert);
-/// primary_keypair = pgp_key_into_key_pair (NULL, pgp_key_clone (primary_key));
-/// pgp_key_free (primary_key);
-/// assert (primary_keypair);
-/// primary_signer = pgp_key_pair_as_signer (primary_keypair);
-/// cert = pgp_cert_revoke_in_place (NULL, cert, primary_signer,
-///                               PGP_REASON_FOR_REVOCATION_KEY_COMPROMISED,
-///                               "It was the maid :/");
-/// assert (cert);
-/// pgp_signer_free (primary_signer);
-/// pgp_key_pair_free (primary_keypair);
-///
-/// pgp_revocation_status_t rs = pgp_cert_revocation_status (cert, policy, 0);
-/// assert (pgp_revocation_status_variant (rs) == PGP_REVOCATION_STATUS_REVOKED);
-/// pgp_revocation_status_free (rs);
-///
-/// pgp_cert_free (cert);
-/// pgp_policy_free (policy);
-/// ```
-#[::sequoia_ffi_macros::extern_fn] #[no_mangle] pub extern "C"
-fn pgp_cert_revoke_in_place(errp: Option<&mut *mut crate::error::Error>,
-                           cert: *mut Cert,
-                           primary_signer: *mut Box<dyn crypto::Signer>,
-                           code: c_int,
-                           reason: Option<&c_char>)
-                           -> Maybe<Cert>
-{
-    let cert = cert.move_from_raw();
-    let signer = ffi_param_ref_mut!(primary_signer);
-    let code = int_to_reason_for_revocation(code);
-    let reason = if let Some(reason) = reason {
-        ffi_param_cstr!(reason as *const c_char).to_bytes()
-    } else {
-        b""
-    };
-
-    cert.revoke_in_place(signer.as_mut(), code, reason).move_into_raw(errp)
-}
-
 /// Returns whether the Cert is alive at the specified time.
 ///
 /// If `when` is 0, then the current time is used.