1#ifndef GPG_INTERFACE_H2#define GPG_INTERFACE_H34#define GPG_VERIFY_VERBOSE 15#define GPG_VERIFY_RAW 26#define GPG_VERIFY_OMIT_STATUS 478struct signature_check {9char *payload;10char *gpg_output;11char *gpg_status;1213/*14* possible "result":15* 0 (not checked)16* N (checked but no further result)17* U (untrusted good)18* G (good)19* B (bad)20*/21char result;22char *signer;23char *key;24};2526void signature_check_clear(struct signature_check *sigc);2728/*29* Look at GPG signed content (e.g. a signed tag object), whose30* payload is followed by a detached signature on it. Return the31* offset where the embedded detached signature begins, or the end of32* the data when there is no such signature.33*/34size_t parse_signature(const char *buf, size_t size);3536void parse_gpg_output(struct signature_check *);3738/*39* Create a detached signature for the contents of "buffer" and append40* it after "signature"; "buffer" and "signature" can be the same41* strbuf instance, which would cause the detached signature appended42* at the end.43*/44int sign_buffer(struct strbuf *buffer, struct strbuf *signature,45const char *signing_key);4647/*48* Run "gpg" to see if the payload matches the detached signature.49* gpg_output, when set, receives the diagnostic output from GPG.50* gpg_status, when set, receives the status output from GPG.51*/52int verify_signed_buffer(const char *payload, size_t payload_size,53const char *signature, size_t signature_size,54struct strbuf *gpg_output, struct strbuf *gpg_status);5556int git_gpg_config(const char *, const char *, void *);57void set_signing_key(const char *);58const char *get_signing_key(void);59int check_signature(const char *payload, size_t plen,60const char *signature, size_t slen,61struct signature_check *sigc);62void print_signature_buffer(const struct signature_check *sigc,63unsigned flags);6465#endif