1#ifndef GPG_INTERFACE_H 2#define GPG_INTERFACE_H 3 4#define GPG_VERIFY_VERBOSE 1 5#define GPG_VERIFY_RAW 2 6#define GPG_VERIFY_OMIT_STATUS 4 7 8struct signature_check { 9 char *payload; 10 char *gpg_output; 11 char *gpg_status; 12 13 /* 14 * possible "result": 15 * 0 (not checked) 16 * N (checked but no further result) 17 * U (untrusted good) 18 * G (good) 19 * B (bad) 20 */ 21 char result; 22 char *signer; 23 char *key; 24}; 25 26void signature_check_clear(struct signature_check *sigc); 27 28/* 29 * Look at GPG signed content (e.g. a signed tag object), whose 30 * payload is followed by a detached signature on it. Return the 31 * offset where the embedded detached signature begins, or the end of 32 * the data when there is no such signature. 33 */ 34size_t parse_signature(const char *buf, size_t size); 35 36/* 37 * Create a detached signature for the contents of "buffer" and append 38 * it after "signature"; "buffer" and "signature" can be the same 39 * strbuf instance, which would cause the detached signature appended 40 * at the end. 41 */ 42int sign_buffer(struct strbuf *buffer, struct strbuf *signature, 43 const char *signing_key); 44 45/* 46 * Run "gpg" to see if the payload matches the detached signature. 47 * gpg_output, when set, receives the diagnostic output from GPG. 48 * gpg_status, when set, receives the status output from GPG. 49 */ 50int verify_signed_buffer(const char *payload, size_t payload_size, 51 const char *signature, size_t signature_size, 52 struct strbuf *gpg_output, struct strbuf *gpg_status); 53 54int git_gpg_config(const char *, const char *, void *); 55void set_signing_key(const char *); 56const char *get_signing_key(void); 57int check_signature(const char *payload, size_t plen, 58 const char *signature, size_t slen, 59 struct signature_check *sigc); 60void print_signature_buffer(const struct signature_check *sigc, 61 unsigned flags); 62 63#endif