openpgp: Allow for more than one designated revoker.

  - Change the API to allow for more than one designated revoker.

  - Collate all designated revokers from binding and direct key
    signature.
parent 7eae54c9
......@@ -352,13 +352,14 @@ pub trait Amalgamation<'a> {
/// contains a designated revoker.
///
/// Considers both the binding signature and the direct key
/// signature. Information in the binding signature takes
/// precedence over the direct key signature. See also [Section
/// 5.2.3.3 of RFC 4880].
///
/// [Section 5.2.3.3 of RFC 4880]: https://tools.ietf.org/html/rfc4880#section-5.2.3.3
fn revocation_key(&self) -> Option<&'a RevocationKey> {
self.map(|s| s.revocation_key())
/// signature.
fn revocation_keys(&self) -> Box<Iterator<Item = &'a RevocationKey> + 'a> {
if let Some(dk) = self.direct_key_signature() {
Box::new(self.binding_signature().revocation_keys().chain(
dk.revocation_keys()))
} else {
Box::new(self.binding_signature().revocation_keys())
}
}
}
......
......@@ -1092,16 +1092,16 @@ impl SubpacketArea {
///
/// Note: if the signature contains multiple instances of this
/// subpacket, only the last one is considered.
pub fn revocation_key(&self) -> Option<&RevocationKey> {
if let Some(sb) = self.subpacket(SubpacketTag::RevocationKey) {
pub fn revocation_keys(&self)
-> impl Iterator<Item = &RevocationKey>
{
self.subpackets(SubpacketTag::RevocationKey).filter_map(|sb| {
if let SubpacketValue::RevocationKey(rk) = &sb.value {
Some(rk)
} else {
None
}
} else {
None
}
})
}
/// Returns the value of the Issuer subpacket, which contains the
......@@ -2309,7 +2309,7 @@ fn accessors() {
sig = sig.set_revocation_key(rk.clone()).unwrap();
let sig_ =
sig.clone().sign_hash(&mut keypair, hash.clone()).unwrap();
assert_eq!(sig_.revocation_key(), Some(&rk));
assert_eq!(sig_.revocation_keys().nth(0).unwrap(), &rk);
sig = sig.set_issuer(fp.clone().into()).unwrap();
let sig_ =
......@@ -2777,7 +2777,7 @@ fn subpacket_test_2() {
"361A96BDE1A65B6D6C25AE9FF004B9A45C586126").unwrap();
let rk = RevocationKey::new(PublicKeyAlgorithm::RSAEncryptSign,
fp.clone(), false);
assert_eq!(sig.revocation_key(), Some(&rk));
assert_eq!(sig.revocation_keys().nth(0).unwrap(), &rk);
assert_eq!(sig.subpacket(SubpacketTag::RevocationKey),
Some(&Subpacket {
length: 23.into(),
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment