blob: 3e624ec289ab5f46b686f9eb2489c997bca23232 [file] [log] [blame]
struct strbuf;
#define GPG_VERIFY_RAW 2
struct signature_check {
char *payload;
char *gpg_output;
char *gpg_status;
* possible "result":
* 0 (not checked)
* N (checked but no further result)
* U (untrusted good)
* G (good)
* B (bad)
char result;
char *signer;
char *key;
char *fingerprint;
char *primary_key_fingerprint;
void signature_check_clear(struct signature_check *sigc);
* Look at GPG signed content (e.g. a signed tag object), whose
* payload is followed by a detached signature on it. Return the
* offset where the embedded detached signature begins, or the end of
* the data when there is no such signature.
size_t parse_signature(const char *buf, size_t size);
* Create a detached signature for the contents of "buffer" and append
* it after "signature"; "buffer" and "signature" can be the same
* strbuf instance, which would cause the detached signature appended
* at the end.
int sign_buffer(struct strbuf *buffer, struct strbuf *signature,
const char *signing_key);
* Run "gpg" to see if the payload matches the detached signature.
* gpg_output, when set, receives the diagnostic output from GPG.
* gpg_status, when set, receives the status output from GPG.
int verify_signed_buffer(const char *payload, size_t payload_size,
const char *signature, size_t signature_size,
struct strbuf *gpg_output, struct strbuf *gpg_status);
int git_gpg_config(const char *, const char *, void *);
void set_signing_key(const char *);
const char *get_signing_key(void);
int check_signature(const char *payload, size_t plen,
const char *signature, size_t slen,
struct signature_check *sigc);
void print_signature_buffer(const struct signature_check *sigc,
unsigned flags);