[thirdparty/git.git] / gpg-interface.h

#ifndef GPG_INTERFACE_H
#define GPG_INTERFACE_H

struct strbuf;

#define GPG_VERIFY_VERBOSE		1
#define GPG_VERIFY_RAW			2
#define GPG_VERIFY_OMIT_STATUS	4

enum signature_trust_level {
	TRUST_UNDEFINED,
	TRUST_NEVER,
	TRUST_MARGINAL,
	TRUST_FULLY,
	TRUST_ULTIMATE,
};

enum payload_type {
	SIGNATURE_PAYLOAD_UNDEFINED,
	SIGNATURE_PAYLOAD_COMMIT,
	SIGNATURE_PAYLOAD_TAG,
	SIGNATURE_PAYLOAD_PUSH_CERT,
};

struct signature_check {
	char *payload;
	size_t payload_len;
	enum payload_type payload_type;
	timestamp_t payload_timestamp;
	char *output;
	char *gpg_status;

	/*
	 * possible "result":
	 * 0 (not checked)
	 * N (checked but no further result)
	 * G (good)
	 * B (bad)
	 */
	char result;
	char *signer;
	char *key;
	char *fingerprint;
	char *primary_key_fingerprint;
	enum signature_trust_level trust_level;
};

void signature_check_clear(struct signature_check *sigc);

/*
 * Look at a GPG signed tag object.  If such a signature exists, store it in
 * signature and the signed content in payload.  Return 1 if a signature was
 * found, and 0 otherwise.
 */
int parse_signature(const char *buf, size_t size, struct strbuf *payload, struct strbuf *signature);

/*
 * Look at GPG signed content (e.g. a signed tag object), whose
 * payload is followed by a detached signature on it.  Return the
 * offset where the embedded detached signature begins, or the end of
 * the data when there is no such signature.
 */
size_t parse_signed_buffer(const char *buf, size_t size);

/*
 * Create a detached signature for the contents of "buffer" and append
 * it after "signature"; "buffer" and "signature" can be the same
 * strbuf instance, which would cause the detached signature appended
 * at the end.  Returns 0 on success, non-zero on failure.
 */
int sign_buffer(struct strbuf *buffer, struct strbuf *signature,
		const char *signing_key);


/*
 * Returns corresponding string in lowercase for a given member of
 * enum signature_trust_level. For example, `TRUST_ULTIMATE` will
 * return "ultimate".
 */
const char *gpg_trust_level_to_str(enum signature_trust_level level);

void set_signing_key(const char *);
const char *get_signing_key(void);

/*
 * Returns a textual unique representation of the signing key in use
 * Either a GPG KeyID or a SSH Key Fingerprint
 */
const char *get_signing_key_id(void);
int check_signature(struct signature_check *sigc,
		    const char *signature, size_t slen);
void print_signature_buffer(const struct signature_check *sigc,
			    unsigned flags);

#endif
Commit	Line	Data
2f47eae2 JH	1	#ifndef GPG_INTERFACE_H
	2	#define GPG_INTERFACE_H
	3
ef3ca954 EN	4	struct strbuf;
ef3ca954 EN	5
94240b91 LP	6	#define GPG_VERIFY_VERBOSE 1
	7	#define GPG_VERIFY_RAW 2
	8	#define GPG_VERIFY_OMIT_STATUS 4
ca194d50	9
54887b46 HJI	10	enum signature_trust_level {
	11	TRUST_UNDEFINED,
	12	TRUST_NEVER,
	13	TRUST_MARGINAL,
	14	TRUST_FULLY,
	15	TRUST_ULTIMATE,
	16	};
	17
6393c956 FS	18	enum payload_type {
	19	SIGNATURE_PAYLOAD_UNDEFINED,
	20	SIGNATURE_PAYLOAD_COMMIT,
	21	SIGNATURE_PAYLOAD_TAG,
	22	SIGNATURE_PAYLOAD_PUSH_CERT,
	23	};
	24
ffb6d7d5	25	struct signature_check {
71c214c8	26	char *payload;
02769437	27	size_t payload_len;
6393c956 FS	28	enum payload_type payload_type;
6393c956 FS	29	timestamp_t payload_timestamp;
b5726a5d	30	char *output;
ffb6d7d5	31	char *gpg_status;
a50e7ca3 JH	32
	33	/*
	34	* possible "result":
	35	* 0 (not checked)
	36	* N (checked but no further result)
a50e7ca3 JH	37	* G (good)
	38	* B (bad)
	39	*/
	40	char result;
ffb6d7d5 SG	41	char *signer;
ffb6d7d5 SG	42	char *key;
3daaaabe	43	char *fingerprint;
4de9394d	44	char *primary_key_fingerprint;
54887b46	45	enum signature_trust_level trust_level;
ffb6d7d5 SG	46	};
ffb6d7d5 SG	47
f80bee27 JK	48	void signature_check_clear(struct signature_check *sigc);
f80bee27 JK	49
482c1191	50	/*
	51	* Look at a GPG signed tag object. If such a signature exists, store it in
	52	* signature and the signed content in payload. Return 1 if a signature was
	53	* found, and 0 otherwise.
	54	*/
	55	int parse_signature(const char buf, size_t size, struct strbuf payload, struct strbuf *signature);
	56
f80bee27 JK	57	/*
	58	* Look at GPG signed content (e.g. a signed tag object), whose
	59	* payload is followed by a detached signature on it. Return the
	60	* offset where the embedded detached signature begins, or the end of
	61	* the data when there is no such signature.
	62	*/
482c1191	63	size_t parse_signed_buffer(const char *buf, size_t size);
f80bee27	64
f80bee27 JK	65	/*
	66	* Create a detached signature for the contents of "buffer" and append
	67	* it after "signature"; "buffer" and "signature" can be the same
	68	* strbuf instance, which would cause the detached signature appended
abfbff61	69	* at the end. Returns 0 on success, non-zero on failure.
f80bee27 JK	70	*/
	71	int sign_buffer(struct strbuf buffer, struct strbuf signature,
	72	const char *signing_key);
	73
803978da JD	74
	75	/*
	76	* Returns corresponding string in lowercase for a given member of
	77	* enum signature_trust_level. For example, `TRUST_ULTIMATE` will
	78	* return "ultimate".
	79	*/
	80	const char *gpg_trust_level_to_str(enum signature_trust_level level);
	81
f80bee27 JK	82	void set_signing_key(const char *);
f80bee27 JK	83	const char *get_signing_key(void);
4838f62c FS	84
	85	/*
	86	* Returns a textual unique representation of the signing key in use
	87	* Either a GPG KeyID or a SSH Key Fingerprint
	88	*/
	89	const char *get_signing_key_id(void);
02769437 FS	90	int check_signature(struct signature_check *sigc,
02769437 FS	91	const char *signature, size_t slen);
f80bee27 JK	92	void print_signature_buffer(const struct signature_check *sigc,
f80bee27 JK	93	unsigned flags);
2f47eae2 JH	94
2f47eae2 JH	95	#endif