]>
Commit | Line | Data |
---|---|---|
1 | #ifndef GPG_INTERFACE_H | |
2 | #define GPG_INTERFACE_H | |
3 | ||
4 | #define GPG_VERIFY_VERBOSE 1 | |
5 | #define GPG_VERIFY_RAW 2 | |
6 | #define GPG_VERIFY_OMIT_STATUS 4 | |
7 | ||
8 | struct signature_check { | |
9 | char *payload; | |
10 | char *gpg_output; | |
11 | char *gpg_status; | |
12 | ||
13 | /* | |
14 | * possible "result": | |
15 | * 0 (not checked) | |
16 | * N (checked but no further result) | |
17 | * U (untrusted good) | |
18 | * G (good) | |
19 | * B (bad) | |
20 | */ | |
21 | char result; | |
22 | char *signer; | |
23 | char *key; | |
24 | }; | |
25 | ||
26 | void signature_check_clear(struct signature_check *sigc); | |
27 | ||
28 | /* | |
29 | * Look at GPG signed content (e.g. a signed tag object), whose | |
30 | * payload is followed by a detached signature on it. Return the | |
31 | * offset where the embedded detached signature begins, or the end of | |
32 | * the data when there is no such signature. | |
33 | */ | |
34 | size_t parse_signature(const char *buf, size_t size); | |
35 | ||
36 | void parse_gpg_output(struct signature_check *); | |
37 | ||
38 | /* | |
39 | * Create a detached signature for the contents of "buffer" and append | |
40 | * it after "signature"; "buffer" and "signature" can be the same | |
41 | * strbuf instance, which would cause the detached signature appended | |
42 | * at the end. | |
43 | */ | |
44 | int sign_buffer(struct strbuf *buffer, struct strbuf *signature, | |
45 | const char *signing_key); | |
46 | ||
47 | /* | |
48 | * Run "gpg" to see if the payload matches the detached signature. | |
49 | * gpg_output, when set, receives the diagnostic output from GPG. | |
50 | * gpg_status, when set, receives the status output from GPG. | |
51 | */ | |
52 | int verify_signed_buffer(const char *payload, size_t payload_size, | |
53 | const char *signature, size_t signature_size, | |
54 | struct strbuf *gpg_output, struct strbuf *gpg_status); | |
55 | ||
56 | int git_gpg_config(const char *, const char *, void *); | |
57 | void set_signing_key(const char *); | |
58 | const char *get_signing_key(void); | |
59 | int check_signature(const char *payload, size_t plen, | |
60 | const char *signature, size_t slen, | |
61 | struct signature_check *sigc); | |
62 | void print_signature_buffer(const struct signature_check *sigc, | |
63 | unsigned flags); | |
64 | ||
65 | #endif |