| #ifndef GPG_INTERFACE_H |
| #define GPG_INTERFACE_H |
| |
| struct strbuf; |
| |
| #define GPG_VERIFY_VERBOSE 1 |
| #define GPG_VERIFY_RAW 2 |
| #define GPG_VERIFY_OMIT_STATUS 4 |
| |
| enum signature_trust_level { |
| TRUST_UNDEFINED, |
| TRUST_NEVER, |
| TRUST_MARGINAL, |
| TRUST_FULLY, |
| TRUST_ULTIMATE, |
| }; |
| |
| enum payload_type { |
| SIGNATURE_PAYLOAD_UNDEFINED, |
| SIGNATURE_PAYLOAD_COMMIT, |
| SIGNATURE_PAYLOAD_TAG, |
| SIGNATURE_PAYLOAD_PUSH_CERT, |
| }; |
| |
| struct signature_check { |
| char *payload; |
| size_t payload_len; |
| enum payload_type payload_type; |
| timestamp_t payload_timestamp; |
| char *output; |
| char *gpg_status; |
| |
| /* |
| * possible "result": |
| * 0 (not checked) |
| * N (checked but no further result) |
| * G (good) |
| * B (bad) |
| */ |
| char result; |
| char *signer; |
| char *key; |
| char *fingerprint; |
| char *primary_key_fingerprint; |
| enum signature_trust_level trust_level; |
| }; |
| |
| void signature_check_clear(struct signature_check *sigc); |
| |
| /* |
| * Look at a GPG signed tag object. If such a signature exists, store it in |
| * signature and the signed content in payload. Return 1 if a signature was |
| * found, and 0 otherwise. |
| */ |
| int parse_signature(const char *buf, size_t size, struct strbuf *payload, struct strbuf *signature); |
| |
| /* |
| * Look at GPG signed content (e.g. a signed tag object), whose |
| * payload is followed by a detached signature on it. Return the |
| * offset where the embedded detached signature begins, or the end of |
| * the data when there is no such signature. |
| */ |
| size_t parse_signed_buffer(const char *buf, size_t size); |
| |
| /* |
| * Create a detached signature for the contents of "buffer" and append |
| * it after "signature"; "buffer" and "signature" can be the same |
| * strbuf instance, which would cause the detached signature appended |
| * at the end. Returns 0 on success, non-zero on failure. |
| */ |
| int sign_buffer(struct strbuf *buffer, struct strbuf *signature, |
| const char *signing_key); |
| |
| |
| /* |
| * Returns corresponding string in lowercase for a given member of |
| * enum signature_trust_level. For example, `TRUST_ULTIMATE` will |
| * return "ultimate". |
| */ |
| const char *gpg_trust_level_to_str(enum signature_trust_level level); |
| |
| void set_signing_key(const char *); |
| char *get_signing_key(void); |
| |
| /* |
| * Returns a textual unique representation of the signing key in use |
| * Either a GPG KeyID or a SSH Key Fingerprint |
| */ |
| char *get_signing_key_id(void); |
| int check_signature(struct signature_check *sigc, |
| const char *signature, size_t slen); |
| void print_signature_buffer(const struct signature_check *sigc, |
| unsigned flags); |
| |
| #endif |