]>
Commit | Line | Data |
---|---|---|
2f47eae2 JH |
1 | #ifndef GPG_INTERFACE_H |
2 | #define GPG_INTERFACE_H | |
3 | ||
ef3ca954 EN |
4 | struct strbuf; |
5 | ||
94240b91 LP |
6 | #define GPG_VERIFY_VERBOSE 1 |
7 | #define GPG_VERIFY_RAW 2 | |
8 | #define GPG_VERIFY_OMIT_STATUS 4 | |
ca194d50 | 9 | |
54887b46 HJI |
10 | enum signature_trust_level { |
11 | TRUST_UNDEFINED, | |
12 | TRUST_NEVER, | |
13 | TRUST_MARGINAL, | |
14 | TRUST_FULLY, | |
15 | TRUST_ULTIMATE, | |
16 | }; | |
17 | ||
6393c956 FS |
18 | enum payload_type { |
19 | SIGNATURE_PAYLOAD_UNDEFINED, | |
20 | SIGNATURE_PAYLOAD_COMMIT, | |
21 | SIGNATURE_PAYLOAD_TAG, | |
22 | SIGNATURE_PAYLOAD_PUSH_CERT, | |
23 | }; | |
24 | ||
ffb6d7d5 | 25 | struct signature_check { |
71c214c8 | 26 | char *payload; |
02769437 | 27 | size_t payload_len; |
6393c956 FS |
28 | enum payload_type payload_type; |
29 | timestamp_t payload_timestamp; | |
b5726a5d | 30 | char *output; |
ffb6d7d5 | 31 | char *gpg_status; |
a50e7ca3 JH |
32 | |
33 | /* | |
34 | * possible "result": | |
35 | * 0 (not checked) | |
36 | * N (checked but no further result) | |
a50e7ca3 JH |
37 | * G (good) |
38 | * B (bad) | |
39 | */ | |
40 | char result; | |
ffb6d7d5 SG |
41 | char *signer; |
42 | char *key; | |
3daaaabe | 43 | char *fingerprint; |
4de9394d | 44 | char *primary_key_fingerprint; |
54887b46 | 45 | enum signature_trust_level trust_level; |
ffb6d7d5 SG |
46 | }; |
47 | ||
f80bee27 JK |
48 | void signature_check_clear(struct signature_check *sigc); |
49 | ||
482c1191 | 50 | /* |
51 | * Look at a GPG signed tag object. If such a signature exists, store it in | |
52 | * signature and the signed content in payload. Return 1 if a signature was | |
53 | * found, and 0 otherwise. | |
54 | */ | |
55 | int parse_signature(const char *buf, size_t size, struct strbuf *payload, struct strbuf *signature); | |
56 | ||
f80bee27 JK |
57 | /* |
58 | * Look at GPG signed content (e.g. a signed tag object), whose | |
59 | * payload is followed by a detached signature on it. Return the | |
60 | * offset where the embedded detached signature begins, or the end of | |
61 | * the data when there is no such signature. | |
62 | */ | |
482c1191 | 63 | size_t parse_signed_buffer(const char *buf, size_t size); |
f80bee27 | 64 | |
f80bee27 JK |
65 | /* |
66 | * Create a detached signature for the contents of "buffer" and append | |
67 | * it after "signature"; "buffer" and "signature" can be the same | |
68 | * strbuf instance, which would cause the detached signature appended | |
69 | * at the end. | |
70 | */ | |
71 | int sign_buffer(struct strbuf *buffer, struct strbuf *signature, | |
72 | const char *signing_key); | |
73 | ||
803978da JD |
74 | |
75 | /* | |
76 | * Returns corresponding string in lowercase for a given member of | |
77 | * enum signature_trust_level. For example, `TRUST_ULTIMATE` will | |
78 | * return "ultimate". | |
79 | */ | |
80 | const char *gpg_trust_level_to_str(enum signature_trust_level level); | |
81 | ||
f80bee27 JK |
82 | void set_signing_key(const char *); |
83 | const char *get_signing_key(void); | |
4838f62c FS |
84 | |
85 | /* | |
86 | * Returns a textual unique representation of the signing key in use | |
87 | * Either a GPG KeyID or a SSH Key Fingerprint | |
88 | */ | |
89 | const char *get_signing_key_id(void); | |
02769437 FS |
90 | int check_signature(struct signature_check *sigc, |
91 | const char *signature, size_t slen); | |
f80bee27 JK |
92 | void print_signature_buffer(const struct signature_check *sigc, |
93 | unsigned flags); | |
2f47eae2 JH |
94 | |
95 | #endif |