Function sequoia_ffi::openpgp::cert::pgp_cert_revoke[][src]

#[no_mangle]
pub extern "C" fn pgp_cert_revoke(
    errp: Option<&mut *mut Error>,
    cert: *const Cert,
    primary_signer: *mut Box<dyn Signer>,
    code: c_int,
    reason: Option<&c_char>
) -> Maybe<Signature>
Expand description

Returns a new revocation certificate for the Cert.

C Declaration

pgp_signature_t
pgp_cert_revoke (pgp_error_t *errp,
                 const pgp_cert_t cert,
                 pgp_box_t primary_signer,
                 int code,
                 const char *reason);

This function does not consume cert.

Examples

#include <assert.h>
#include <sequoia/openpgp.h>

pgp_cert_builder_t builder;
pgp_cert_t cert;
pgp_signature_t revocation;
pgp_key_t primary_key;
pgp_key_pair_t primary_keypair;
pgp_signer_t primary_signer;
pgp_policy_t policy = pgp_standard_policy ();

builder = pgp_cert_builder_new ();
pgp_cert_builder_set_cipher_suite (&builder, PGP_CERT_CIPHER_SUITE_CV25519);
pgp_cert_builder_generate (NULL, builder, &cert, &revocation);
assert (cert);
assert (revocation);
pgp_signature_free (revocation);    /* Free the generated one.  */

primary_key = pgp_cert_primary_key (cert);
primary_keypair = pgp_key_into_key_pair (NULL, pgp_key_clone (primary_key));
pgp_key_free (primary_key);
assert (primary_keypair);
primary_signer = pgp_key_pair_as_signer (primary_keypair);
revocation = pgp_cert_revoke (NULL, cert, primary_signer,
                             PGP_REASON_FOR_REVOCATION_KEY_COMPROMISED,
                             "It was the maid :/");
assert (revocation);
pgp_signer_free (primary_signer);

pgp_packet_t packet = pgp_signature_into_packet (revocation);
cert = pgp_cert_insert_packets (NULL, cert, &packet, 1);
assert (cert);

pgp_revocation_status_t rs = pgp_cert_revocation_status (cert, policy, 0);
assert (pgp_revocation_status_variant (rs) == PGP_REVOCATION_STATUS_REVOKED);
pgp_revocation_status_free (rs);

pgp_cert_free (cert);
pgp_policy_free (policy);