diff options
Diffstat (limited to 'openpgp-ffi')
-rw-r--r-- | openpgp-ffi/include/sequoia/openpgp.h | 11 | ||||
-rw-r--r-- | openpgp-ffi/src/cert.rs | 27 |
2 files changed, 38 insertions, 0 deletions
diff --git a/openpgp-ffi/include/sequoia/openpgp.h b/openpgp-ffi/include/sequoia/openpgp.h index 396cbf95..5d85b964 100644 --- a/openpgp-ffi/include/sequoia/openpgp.h +++ b/openpgp-ffi/include/sequoia/openpgp.h @@ -961,6 +961,17 @@ pgp_signature_t pgp_cert_revoke (pgp_error_t *errp, const char *reason); /*/ +/// Returns a new revocation certificate for the Cert. +/// +/// This function consumes `cert` and returns a new `Cert`. +/*/ +pgp_cert_t pgp_cert_revoke_in_place (pgp_error_t *errp, + pgp_cert_t cert, + pgp_signer_t primary_signer, + pgp_reason_for_revocation_t code, + const char *reason); + +/*/ /// Returns whether the Cert is alive at the specified time. /// /// If `when` is 0, then the current time is used. diff --git a/openpgp-ffi/src/cert.rs b/openpgp-ffi/src/cert.rs index 4cff3649..b2e8a576 100644 --- a/openpgp-ffi/src/cert.rs +++ b/openpgp-ffi/src/cert.rs @@ -253,6 +253,33 @@ fn pgp_cert_revoke(errp: Option<&mut *mut crate::error::Error>, sig.move_into_raw(errp) } +/// Returns a new revocation certificate for the Cert. +/// +/// This function consumes `cert` and returns a new `Cert`. +#[::sequoia_ffi_macros::extern_fn] #[no_mangle] pub extern "C" +fn pgp_cert_revoke_in_place(errp: Option<&mut *mut crate::error::Error>, + cert: *mut Cert, + primary_signer: *mut Box<dyn crypto::Signer>, + code: c_int, + reason: Option<&c_char>) + -> Maybe<Cert> +{ + ffi_make_fry_from_errp!(errp); + let cert = cert.move_from_raw(); + let signer = ffi_param_ref_mut!(primary_signer); + let code = int_to_reason_for_revocation(code); + let reason = if let Some(reason) = reason { + ffi_param_cstr!(reason as *const c_char).to_bytes() + } else { + b"" + }; + + let builder = CertRevocationBuilder::new(); + let builder = ffi_try_or!(builder.set_reason_for_revocation(code, reason), None); + let sig = builder.build(signer.as_mut(), &cert, None); + cert.merge_packets(sig).move_into_raw(errp) +} + /// Returns whether the Cert is alive at the specified time. /// /// If `when` is 0, then the current time is used. |