Add revoke command

cassh.sh

@@ -205,10 +205,42 @@ main_mkfile()
 	cat "$PATH_CA_PUB"
 }
 
+main_revoke()
+{
+	qflag=
+	vflag=
+	while getopts fqv flag; do
+		case $flag in
+		q)	qflag=-q ;;
+		v)	vflag=${vflag:--}v ;;
+		*)	usage ;;
+		esac
+	done
+	shift $(($OPTIND - 1))
+
+	if [ ! -f "$PATH_KRL_SERIAL" ]; then
+		echo 1 >"$PATH_KRL_SERIAL"
+	fi
+	read -r serial <"$PATH_KRL_SERIAL"
+
+	uflag=
+	if [ -f "$PATH_KRL" ]; then
+		uflag=-u
+	fi
+
+	ssh-keygen -kf "$PATH_KRL" -Us "$PATH_CA_PUB" -z "$serial" \
+	    $qflag $vflag $uflag "$@" || exit 1
+
+	serial=$(($serial + 1))
+	echo $serial >"$PATH_KRL_SERIAL"
+}
+
 set -u
 
 PATH_CA_PUB=./ca.pub
 PATH_CA_SERIAL=./serial.txt
+PATH_KRL=./krl
+PATH_KRL_SERIAL=./krl_serial.txt
 PATH_PUBKEYS_DIR=./pubkeys
 
 if [ $# -lt 1 ]; then
@@ -220,5 +252,6 @@ shift
 case $cmd in
 issue)	main_issue "$@" ;;
 mkfile)	main_mkfile "$@" ;;
+revoke)	main_revoke "$@" ;;
 *)	usage ;;
 esac