From c6a38558479c39fb631ec5845ca9569e09ea29f0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Rodolphe=20Br=C3=A9ard?= <v.code.ngyvz7vf@what.tf>
Date: Sun, 25 Feb 2024 15:23:04 +0100
Subject: [PATCH] Allow to revoke an IKM

---
 src/ikm.rs | 30 ++++++++++++++++++++++++++++++
 1 file changed, 30 insertions(+)

diff --git a/src/ikm.rs b/src/ikm.rs
index 87ee50e..45d2fda 100644
--- a/src/ikm.rs
+++ b/src/ikm.rs
@@ -98,6 +98,17 @@ impl InputKeyMaterialList {
 		Ok(())
 	}
 
+	#[cfg(feature = "ikm-management")]
+	pub fn revoke_ikm(&mut self, id: IkmId) -> Result<()> {
+		let ikm = self
+			.ikm_lst
+			.iter_mut()
+			.find(|ikm| ikm.id == id)
+			.ok_or(Error::IkmNotFound(id))?;
+		ikm.is_revoked = true;
+		Ok(())
+	}
+
 	#[cfg(feature = "ikm-management")]
 	pub fn export(&self) -> Result<String> {
 		let data_size = (self.ikm_lst.len() * IKM_STRUCT_SIZE) + 4;
@@ -277,6 +288,25 @@ mod tests {
 		}
 	}
 
+	#[test]
+	#[cfg(feature = "ikm-management")]
+	fn revoke_ikm() {
+		let mut lst = InputKeyMaterialList::new();
+		let _ = lst.add_ikm();
+		let _ = lst.add_ikm();
+
+		let latest_ikm = lst.get_latest_ikm().unwrap();
+		assert_eq!(latest_ikm.id, 2);
+
+		let _ = lst.revoke_ikm(2);
+		let latest_ikm = lst.get_latest_ikm().unwrap();
+		assert_eq!(latest_ikm.id, 1);
+
+		let _ = lst.revoke_ikm(1);
+		let res = lst.get_latest_ikm();
+		assert!(res.is_err());
+	}
+
 	#[test]
 	#[cfg(feature = "encryption")]
 	fn get_latest_ikm() {