From d678ea32802a4896b95fc9b01c86ba7114fb2b9f Mon Sep 17 00:00:00 2001 From: Justus Winter Date: Thu, 27 Dec 2018 16:25:42 +0100 Subject: openpgp: Use Signer when revoking TPKs. --- ffi/include/sequoia/openpgp.h | 5 ++++- ffi/src/openpgp/tpk.rs | 34 ++++++++++++++++++++++++++++++---- 2 files changed, 34 insertions(+), 5 deletions(-) (limited to 'ffi') diff --git a/ffi/include/sequoia/openpgp.h b/ffi/include/sequoia/openpgp.h index 7b1aa3b6..6fe71f6b 100644 --- a/ffi/include/sequoia/openpgp.h +++ b/ffi/include/sequoia/openpgp.h @@ -894,7 +894,9 @@ sq_revocation_status_t sq_tpk_revocation_status (sq_tpk_t tpk); /// This function consumes the writer. It does *not* consume tpk. /*/ sq_signature_t sq_tpk_revoke (sq_context_t ctx, - sq_tpk_t tpk, sq_reason_for_revocation_t code, + sq_tpk_t tpk, + sq_signer_t primary_signer, + sq_reason_for_revocation_t code, const char *reason); /*/ @@ -904,6 +906,7 @@ sq_signature_t sq_tpk_revoke (sq_context_t ctx, /*/ sq_tpk_t sq_tpk_revoke_in_place (sq_context_t ctx, sq_tpk_t tpk, + sq_signer_t primary_signer, sq_reason_for_revocation_t code, const char *reason); diff --git a/ffi/src/openpgp/tpk.rs b/ffi/src/openpgp/tpk.rs index 32166a5f..6acb45de 100644 --- a/ffi/src/openpgp/tpk.rs +++ b/ffi/src/openpgp/tpk.rs @@ -20,6 +20,7 @@ use self::sequoia_openpgp::{ TPK, TSK, autocrypt::Autocrypt, + crypto, constants::ReasonForRevocation, packet::{self, Signature}, parse::PacketParserResult, @@ -254,6 +255,9 @@ fn int_to_reason_for_revocation(code: c_int) -> ReasonForRevocation { /// sq_tpk_builder_t builder; /// sq_tpk_t tpk; /// sq_signature_t revocation; +/// sq_p_key_t primary_key; +/// sq_key_pair_t primary_keypair; +/// sq_signer_t primary_signer; /// /// ctx = sq_context_new ("org.sequoia-pgp.tests", NULL); /// @@ -264,10 +268,17 @@ fn int_to_reason_for_revocation(code: c_int) -> ReasonForRevocation { /// assert (revocation); /// sq_signature_free (revocation); /* Free the generated one. */ /// -/// revocation = sq_tpk_revoke (ctx, tpk, +/// primary_key = sq_p_key_clone (sq_tpk_primary (tpk)); +/// assert (primary_key); +/// primary_keypair = sq_p_key_into_key_pair (ctx, primary_key); +/// assert (primary_keypair); +/// primary_signer = sq_key_pair_as_signer (primary_keypair); +/// revocation = sq_tpk_revoke (ctx, tpk, primary_signer, /// SQ_REASON_FOR_REVOCATION_KEY_COMPROMISED, /// "It was the maid :/"); /// assert (revocation); +/// sq_signer_free (primary_signer); +/// sq_key_pair_free (primary_keypair); /// /// sq_packet_t packet = sq_signature_to_packet (revocation); /// tpk = sq_tpk_merge_packets (ctx, tpk, &packet, 1); @@ -283,12 +294,14 @@ fn int_to_reason_for_revocation(code: c_int) -> ReasonForRevocation { #[no_mangle] pub extern "system" fn sq_tpk_revoke(ctx: *mut Context, tpk: *mut TPK, + primary_signer: *mut Box, code: c_int, reason: Option<&c_char>) -> *mut packet::Signature { let ctx = ffi_param_ref_mut!(ctx); let tpk = ffi_param_ref!(tpk); + let signer = ffi_param_ref_mut!(primary_signer); let code = int_to_reason_for_revocation(code); let reason = if let Some(reason) = reason { unsafe { @@ -298,7 +311,7 @@ pub extern "system" fn sq_tpk_revoke(ctx: *mut Context, b"" }; - fry_box!(ctx, tpk.revoke(code, reason)) + fry_box!(ctx, tpk.revoke(signer.as_mut(), code, reason)) } /// Adds a revocation certificate to the tpk. @@ -315,6 +328,9 @@ pub extern "system" fn sq_tpk_revoke(ctx: *mut Context, /// sq_tpk_builder_t builder; /// sq_tpk_t tpk; /// sq_signature_t revocation; +/// sq_p_key_t primary_key; +/// sq_key_pair_t primary_keypair; +/// sq_signer_t primary_signer; /// /// ctx = sq_context_new ("org.sequoia-pgp.tests", NULL); /// @@ -325,9 +341,17 @@ pub extern "system" fn sq_tpk_revoke(ctx: *mut Context, /// assert (revocation); /// sq_signature_free (revocation); /* Free the generated one. */ /// -/// tpk = sq_tpk_revoke_in_place (ctx, tpk, +/// primary_key = sq_p_key_clone (sq_tpk_primary (tpk)); +/// assert (primary_key); +/// primary_keypair = sq_p_key_into_key_pair (ctx, primary_key); +/// assert (primary_keypair); +/// primary_signer = sq_key_pair_as_signer (primary_keypair); +/// tpk = sq_tpk_revoke_in_place (ctx, tpk, primary_signer, /// SQ_REASON_FOR_REVOCATION_KEY_COMPROMISED, /// "It was the maid :/"); +/// assert (tpk); +/// sq_signer_free (primary_signer); +/// sq_key_pair_free (primary_keypair); /// /// sq_revocation_status_t rs = sq_tpk_revocation_status (tpk); /// assert (sq_revocation_status_variant (rs) == SQ_REVOCATION_STATUS_REVOKED); @@ -339,12 +363,14 @@ pub extern "system" fn sq_tpk_revoke(ctx: *mut Context, #[no_mangle] pub extern "system" fn sq_tpk_revoke_in_place(ctx: *mut Context, tpk: *mut TPK, + primary_signer: *mut Box, code: c_int, reason: Option<&c_char>) -> *mut TPK { let ctx = ffi_param_ref_mut!(ctx); let tpk = ffi_param_move!(tpk); + let signer = ffi_param_ref_mut!(primary_signer); let code = int_to_reason_for_revocation(code); let reason = if let Some(reason) = reason { unsafe { @@ -354,7 +380,7 @@ pub extern "system" fn sq_tpk_revoke_in_place(ctx: *mut Context, b"" }; - fry_box!(ctx, tpk.revoke_in_place(code, reason)) + fry_box!(ctx, tpk.revoke_in_place(signer.as_mut(), code, reason)) } /// Returns whether the TPK has expired. -- cgit v1.2.3