Andrew's git / gitweb.git /
8ce614fc95c354149d2b872668f1e94d2e87e9ea
   1#ifndef GPG_INTERFACE_H
   2#define GPG_INTERFACE_H
   3
   4struct strbuf;
   5
   6#define GPG_VERIFY_VERBOSE              1
   7#define GPG_VERIFY_RAW                  2
   8#define GPG_VERIFY_OMIT_STATUS  4
   9
  10struct signature_check {
  11        char *payload;
  12        char *gpg_output;
  13        char *gpg_status;
  14
  15        /*
  16         * possible "result":
  17         * 0 (not checked)
  18         * N (checked but no further result)
  19         * U (untrusted good)
  20         * G (good)
  21         * B (bad)
  22         */
  23        char result;
  24        char *signer;
  25        char *key;
  26        char *fingerprint;
  27};
  28
  29void signature_check_clear(struct signature_check *sigc);
  30
  31/*
  32 * Look at GPG signed content (e.g. a signed tag object), whose
  33 * payload is followed by a detached signature on it.  Return the
  34 * offset where the embedded detached signature begins, or the end of
  35 * the data when there is no such signature.
  36 */
  37size_t parse_signature(const char *buf, size_t size);
  38
  39/*
  40 * Create a detached signature for the contents of "buffer" and append
  41 * it after "signature"; "buffer" and "signature" can be the same
  42 * strbuf instance, which would cause the detached signature appended
  43 * at the end.
  44 */
  45int sign_buffer(struct strbuf *buffer, struct strbuf *signature,
  46                const char *signing_key);
  47
  48/*
  49 * Run "gpg" to see if the payload matches the detached signature.
  50 * gpg_output, when set, receives the diagnostic output from GPG.
  51 * gpg_status, when set, receives the status output from GPG.
  52 */
  53int verify_signed_buffer(const char *payload, size_t payload_size,
  54                         const char *signature, size_t signature_size,
  55                         struct strbuf *gpg_output, struct strbuf *gpg_status);
  56
  57int git_gpg_config(const char *, const char *, void *);
  58void set_signing_key(const char *);
  59const char *get_signing_key(void);
  60int check_signature(const char *payload, size_t plen,
  61                    const char *signature, size_t slen,
  62                    struct signature_check *sigc);
  63void print_signature_buffer(const struct signature_check *sigc,
  64                            unsigned flags);
  65
  66#endif