Function sequoia_ffi::openpgp::cert::pgp_cert_revoke [−][src]
#[no_mangle]
pub extern "C" fn pgp_cert_revoke(
errp: Option<&mut *mut Error>,
cert: *const Cert,
primary_signer: *mut Box<dyn Signer>,
code: c_int,
reason: Option<&c_char>
) -> Maybe<Signature>
Expand description
Returns a new revocation certificate for the Cert.
C Declaration
pgp_signature_t
pgp_cert_revoke (pgp_error_t *errp,
const pgp_cert_t cert,
pgp_box_t primary_signer,
int code,
const char *reason);
This function does not consume cert
.
Examples
#include <assert.h>
#include <sequoia/openpgp.h>
pgp_cert_builder_t builder;
pgp_cert_t cert;
pgp_signature_t revocation;
pgp_key_t primary_key;
pgp_key_pair_t primary_keypair;
pgp_signer_t primary_signer;
pgp_policy_t policy = pgp_standard_policy ();
builder = pgp_cert_builder_new ();
pgp_cert_builder_set_cipher_suite (&builder, PGP_CERT_CIPHER_SUITE_CV25519);
pgp_cert_builder_generate (NULL, builder, &cert, &revocation);
assert (cert);
assert (revocation);
pgp_signature_free (revocation); /* Free the generated one. */
primary_key = pgp_cert_primary_key (cert);
primary_keypair = pgp_key_into_key_pair (NULL, pgp_key_clone (primary_key));
pgp_key_free (primary_key);
assert (primary_keypair);
primary_signer = pgp_key_pair_as_signer (primary_keypair);
revocation = pgp_cert_revoke (NULL, cert, primary_signer,
PGP_REASON_FOR_REVOCATION_KEY_COMPROMISED,
"It was the maid :/");
assert (revocation);
pgp_signer_free (primary_signer);
pgp_packet_t packet = pgp_signature_into_packet (revocation);
cert = pgp_cert_insert_packets (NULL, cert, &packet, 1);
assert (cert);
pgp_revocation_status_t rs = pgp_cert_revocation_status (cert, policy, 0);
assert (pgp_revocation_status_variant (rs) == PGP_REVOCATION_STATUS_REVOKED);
pgp_revocation_status_free (rs);
pgp_cert_free (cert);
pgp_policy_free (policy);