diff options
author | Junio C Hamano <gitster@pobox.com> | 2011-09-07 21:19:47 -0700 |
---|---|---|
committer | Junio C Hamano <gitster@pobox.com> | 2011-11-04 21:40:25 -0700 |
commit | 2f47eae2a1337bd0cb50dbc936df6433f460bb4a (patch) | |
tree | 6433828b342b5bc1bb5d1d133f9052fd143b82ab /gpg-interface.h | |
parent | 3dfbe68fc29248feea3a384e156497ca2463f932 (diff) | |
download | git-2f47eae2a1337bd0cb50dbc936df6433f460bb4a.tar.gz |
Split GPG interface into its own helper library
This mostly moves existing code from builtin/tag.c (for signing)
and builtin/verify-tag.c (for verifying) to a new gpg-interface.c
file to provide a more generic library interface.
- sign_buffer() takes a payload strbuf, a signature strbuf, and a signing
key, runs "gpg" to produce a detached signature for the payload, and
appends it to the signature strbuf. The contents of a signed tag that
concatenates the payload and the detached signature can be produced by
giving the same strbuf as payload and signature strbuf.
- verify_signed_buffer() takes a payload and a detached signature as
<ptr, len> pairs, and runs "gpg --verify" to see if the payload matches
the signature. It can optionally capture the output from GPG to allow
the callers to pretty-print it in a way more suitable for their
contexts.
"verify-tag" (aka "tag -v") used to save the whole tag contents as if it
is a detached signature, and fed gpg the payload part of the tag. It
relied on gpg to fail when the given tag is not signed but just is
annotated. The updated run_gpg_verify() function detects the lack of
detached signature in the input, and errors out without bothering "gpg".
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 'gpg-interface.h')
-rw-r--r-- | gpg-interface.h | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/gpg-interface.h b/gpg-interface.h new file mode 100644 index 0000000000..b9c36088ce --- /dev/null +++ b/gpg-interface.h @@ -0,0 +1,10 @@ +#ifndef GPG_INTERFACE_H +#define GPG_INTERFACE_H + +extern int sign_buffer(struct strbuf *buffer, struct strbuf *signature, const char *signing_key); +extern int verify_signed_buffer(const char *payload, size_t payload_size, const char *signature, size_t signature_size, struct strbuf *gpg_output); +extern int git_gpg_config(const char *, const char *, void *); +extern void set_signing_key(const char *); +extern const char *get_signing_key(void); + +#endif |