1#ifndef GPG_INTERFACE_H
2#define GPG_INTERFACE_H
34
struct strbuf;
56
#define GPG_VERIFY_VERBOSE 1
7#define GPG_VERIFY_RAW 2
8#define GPG_VERIFY_OMIT_STATUS 4
910
struct signature_check {
11char *payload;
12char *gpg_output;
13char *gpg_status;
1415
/*
16* possible "result":
17* 0 (not checked)
18* N (checked but no further result)
19* U (untrusted good)
20* G (good)
21* B (bad)
22*/
23char result;
24char *signer;
25char *key;
26};
2728
void signature_check_clear(struct signature_check *sigc);
2930
/*
31* Look at GPG signed content (e.g. a signed tag object), whose
32* payload is followed by a detached signature on it. Return the
33* offset where the embedded detached signature begins, or the end of
34* the data when there is no such signature.
35*/
36size_t parse_signature(const char *buf, size_t size);
3738
/*
39* Create a detached signature for the contents of "buffer" and append
40* it after "signature"; "buffer" and "signature" can be the same
41* strbuf instance, which would cause the detached signature appended
42* at the end.
43*/
44int sign_buffer(struct strbuf *buffer, struct strbuf *signature,
45const char *signing_key);
4647
/*
48* Run "gpg" to see if the payload matches the detached signature.
49* gpg_output, when set, receives the diagnostic output from GPG.
50* gpg_status, when set, receives the status output from GPG.
51*/
52int verify_signed_buffer(const char *payload, size_t payload_size,
53const char *signature, size_t signature_size,
54struct strbuf *gpg_output, struct strbuf *gpg_status);
5556
int git_gpg_config(const char *, const char *, void *);
57void set_signing_key(const char *);
58const char *get_signing_key(void);
59int check_signature(const char *payload, size_t plen,
60const char *signature, size_t slen,
61struct signature_check *sigc);
62void print_signature_buffer(const struct signature_check *sigc,
63unsigned flags);
6465
#endif