ENGINE-775: Helps if revoke actually returns a useful status and not always PEP_UNKNOWN_ERROR

src/pgp_sequoia.c

@@ -3184,7 +3184,7 @@ PEP_STATUS pgp_revoke_key(
     status = _pgp_get_decrypted_key(session, iter, &key);
 
     if (!key || status != PEP_STATUS_OK) {
-        ERROR_OUT (err, PEP_UNKNOWN_ERROR,
+        ERROR_OUT (err, (status != PEP_STATUS_OK ? status : PEP_UNKNOWN_ERROR),
                    "%s has no usable certification capable key", fpr);           
     }               
                 

test/src/RevocationTest.cc

@@ -76,6 +76,18 @@ namespace {
                 session = NULL;
             }
 
+            const char* alice_filename = "test_keys/alice-no-passwords.pgp";
+            const char* alice_pub_filename = "test_keys/pub/alice-0x2A649B9F_pub.asc";
+            const char* bob_filename = "test_keys/bob-primary-with-password-bob-subkey-without.pgp";
+            const char* carol_filename = "test_keys/carol-subkeys-password-carol.pgp";
+            const char* david_filename = "test_keys/david-encryption-subkey-password-encrypt-signing-subkey-password-sign.pgp";
+            const char* erwin_filename = "test_keys/erwin-primary-encrypted-erwin-subkey-unencrypted.pgp";
+            const char* alice_fpr = "03AF88F728B8E9AADA7F370BD41801C62A649B9F";
+            const char* bob_fpr = "5C76378A62B04CF3F41BEC8D4940FC9FA1878736";
+            const char* carol_fpr = "A5B3473EA7CBB5DF7A4F595A8883DC4BCD8BAC06";
+            const char* david_fpr = "7F72E4B27C6161455CD9C50FE7A05D7BF3FF4E19";
+            const char* erwin_fpr = "A34048189F0067DF0006FB28CBD7CFBCC0FA7F97";
+
         private:
             const char* test_suite_name;
             const char* test_name;
@@ -130,3 +142,50 @@ TEST_F(RevocationTest, check_revocation) {
     free_stringlist(keylist);
 #endif
 }
+
+TEST_F(RevocationTest, check_revoke_key_needs_passphrase) {
+    ASSERT_TRUE(slurp_and_import_key(session, bob_filename));
+    stringlist_t* found_key = NULL;
+    PEP_STATUS status = find_keys(session, bob_fpr, &found_key);
+    ASSERT_EQ(status, PEP_STATUS_OK);
+    ASSERT_NE(found_key, nullptr);
+    ASSERT_NE(found_key->value, nullptr);
+
+    // Key imported.
+    // Now: revoke it.
+    status = revoke_key(session, bob_fpr, NULL);
+    ASSERT_EQ(status, PEP_PASSPHRASE_REQUIRED);
+
+}
+
+TEST_F(RevocationTest, check_revoke_key_wrong_passphrase) {
+    ASSERT_TRUE(slurp_and_import_key(session, bob_filename));
+    stringlist_t* found_key = NULL;
+    PEP_STATUS status = find_keys(session, bob_fpr, &found_key);
+    ASSERT_EQ(status, PEP_STATUS_OK);
+    ASSERT_NE(found_key, nullptr);
+    ASSERT_NE(found_key->value, nullptr);
+    
+    config_passphrase(session, "julio");
+
+    // Key imported.
+    // Now: revoke it.
+    status = revoke_key(session, bob_fpr, NULL);
+    ASSERT_EQ(status, PEP_WRONG_PASSPHRASE);    
+}
+
+TEST_F(RevocationTest, check_revoke_key_correct_passphrase) {
+    ASSERT_TRUE(slurp_and_import_key(session, bob_filename));
+    stringlist_t* found_key = NULL;
+    PEP_STATUS status = find_keys(session, bob_fpr, &found_key);
+    ASSERT_EQ(status, PEP_STATUS_OK);
+    ASSERT_NE(found_key, nullptr);
+    ASSERT_NE(found_key->value, nullptr);
+    
+    config_passphrase(session, "bob");
+
+    // Key imported.
+    // Now: revoke it.
+    status = revoke_key(session, bob_fpr, NULL);
+    ASSERT_EQ(status, PEP_STATUS_OK);        
+}