1#ifndef GPG_INTERFACE_H 2#define GPG_INTERFACE_H 3 4struct strbuf; 5 6#define GPG_VERIFY_VERBOSE 1 7#define GPG_VERIFY_RAW 2 8#define GPG_VERIFY_OMIT_STATUS 4 9 10struct signature_check { 11 char *payload; 12 char *gpg_output; 13 char *gpg_status; 14 15 /* 16 * possible "result": 17 * 0 (not checked) 18 * N (checked but no further result) 19 * U (untrusted good) 20 * G (good) 21 * B (bad) 22 */ 23 char result; 24 char *signer; 25 char *key; 26}; 27 28void signature_check_clear(struct signature_check *sigc); 29 30/* 31 * Look at GPG signed content (e.g. a signed tag object), whose 32 * payload is followed by a detached signature on it. Return the 33 * offset where the embedded detached signature begins, or the end of 34 * the data when there is no such signature. 35 */ 36size_t parse_signature(const char *buf, size_t size); 37 38/* 39 * Create a detached signature for the contents of "buffer" and append 40 * it after "signature"; "buffer" and "signature" can be the same 41 * strbuf instance, which would cause the detached signature appended 42 * at the end. 43 */ 44int sign_buffer(struct strbuf *buffer, struct strbuf *signature, 45 const char *signing_key); 46 47/* 48 * Run "gpg" to see if the payload matches the detached signature. 49 * gpg_output, when set, receives the diagnostic output from GPG. 50 * gpg_status, when set, receives the status output from GPG. 51 */ 52int verify_signed_buffer(const char *payload, size_t payload_size, 53 const char *signature, size_t signature_size, 54 struct strbuf *gpg_output, struct strbuf *gpg_status); 55 56int git_gpg_config(const char *, const char *, void *); 57void set_signing_key(const char *); 58const char *get_signing_key(void); 59int check_signature(const char *payload, size_t plen, 60 const char *signature, size_t slen, 61 struct signature_check *sigc); 62void print_signature_buffer(const struct signature_check *sigc, 63 unsigned flags); 64 65#endif