libalpm_sig(3) | Library Functions Manual | libalpm_sig(3) |
NAME
libalpm_sig - Signature checking
- Functions to check signatures
SYNOPSIS
Data Structures
struct alpm_pgpkey_t
A PGP key. struct alpm_sigresult_t
Signature result. struct alpm_siglist_t
Signature list.
Enumerations
enum alpm_siglevel_t { ALPM_SIG_PACKAGE = (1
<< 0), ALPM_SIG_PACKAGE_OPTIONAL = (1 << 1),
ALPM_SIG_PACKAGE_MARGINAL_OK = (1 << 2),
ALPM_SIG_PACKAGE_UNKNOWN_OK = (1 << 3),
ALPM_SIG_DATABASE = (1 << 10),
ALPM_SIG_DATABASE_OPTIONAL = (1 << 11),
ALPM_SIG_DATABASE_MARGINAL_OK = (1 << 12),
ALPM_SIG_DATABASE_UNKNOWN_OK = (1 << 13),
ALPM_SIG_USE_DEFAULT = (1 << 30) }
PGP signature verification options. enum alpm_sigstatus_t {
ALPM_SIGSTATUS_VALID, ALPM_SIGSTATUS_KEY_EXPIRED,
ALPM_SIGSTATUS_SIG_EXPIRED, ALPM_SIGSTATUS_KEY_UNKNOWN,
ALPM_SIGSTATUS_KEY_DISABLED, ALPM_SIGSTATUS_INVALID }
PGP signature verification status return codes. enum alpm_sigvalidity_t
{ ALPM_SIGVALIDITY_FULL, ALPM_SIGVALIDITY_MARGINAL,
ALPM_SIGVALIDITY_NEVER, ALPM_SIGVALIDITY_UNKNOWN }
The trust level of a PGP key.
Functions
int alpm_pkg_check_pgp_signature (alpm_pkg_t *pkg,
alpm_siglist_t *siglist)
Check the PGP signature for the given package file. int
alpm_db_check_pgp_signature (alpm_db_t *db,
alpm_siglist_t *siglist)
Check the PGP signature for the given database. int
alpm_siglist_cleanup (alpm_siglist_t *siglist)
Clean up and free a signature result list. int alpm_decode_signature
(const char *base64_data, unsigned char **data, size_t *data_len)
Decode a loaded signature in base64 form. int alpm_extract_keyid
(alpm_handle_t *handle, const char *identifier, const unsigned char
*sig, const size_t len, alpm_list_t **keys)
Extract the Issuer Key ID from a signature.
Detailed Description
Functions to check signatures
Data Structure Documentation
struct alpm_pgpkey_t
A PGP key.
Data Fields:
void * data The actual key data.
char * email Email of the key's owner.
alpm_time_t expires When the key expires.
char * fingerprint The key's fingerprint.
unsigned int length The length of the key.
char * name Name of the key's owner.
char pubkey_algo A character representing the encryption
algorithm used by the public key.
? = unknown R = RSA D = DSA E = EDDSA
unsigned int revoked has the key been revoked
char * uid UID of the key.
struct alpm_sigresult_t
Signature result.
Contains the key, status, and validity of a given signature.
Data Fields:
alpm_sigstatus_t status The status of the signature.
alpm_sigvalidity_t validity The validity of the
signature.
struct alpm_siglist_t
Signature list.
Contains the number of signatures found and a pointer to an array of results. The array is of size count.
Data Fields:
alpm_sigresult_t * results An array of sigresults.
Enumeration Type Documentation
enum alpm_siglevel_t
PGP signature verification options.
Enumerator
- ALPM_SIG_PACKAGE
- Packages require a signature.
- ALPM_SIG_PACKAGE_OPTIONAL
- Packages do not require a signature, but check packages that do have signatures.
- ALPM_SIG_PACKAGE_UNKNOWN_OK
- Allow packages with signatures that are unknown trust.
- ALPM_SIG_DATABASE
- Databases require a signature.
- ALPM_SIG_DATABASE_OPTIONAL
- Databases do not require a signature, but check databases that do have signatures.
- ALPM_SIG_DATABASE_MARGINAL_OK
- Allow databases with signatures that are marginal trust.
- ALPM_SIG_DATABASE_UNKNOWN_OK
- Allow databases with signatures that are unknown trust.
- ALPM_SIG_USE_DEFAULT
- The Default siglevel.
enum alpm_sigstatus_t
PGP signature verification status return codes.
Enumerator
- ALPM_SIGSTATUS_VALID
- Signature is valid.
- ALPM_SIGSTATUS_KEY_EXPIRED
- The key has expired.
- ALPM_SIGSTATUS_SIG_EXPIRED
- The signature has expired.
- ALPM_SIGSTATUS_KEY_UNKNOWN
- The key is not in the keyring.
- ALPM_SIGSTATUS_KEY_DISABLED
- The key has been disabled.
- ALPM_SIGSTATUS_INVALID
- The signature is invalid.
enum alpm_sigvalidity_t
The trust level of a PGP key.
Enumerator
- ALPM_SIGVALIDITY_FULL
- The signature is fully trusted.
- ALPM_SIGVALIDITY_MARGINAL
- The signature is marginally trusted.
- ALPM_SIGVALIDITY_NEVER
- The signature is never trusted.
- ALPM_SIGVALIDITY_UNKNOWN
- The signature has unknown trust.
Function Documentation
int alpm_db_check_pgp_signature (alpm_db_t * db, alpm_siglist_t * siglist)
Check the PGP signature for the given database.
Parameters
siglist a pointer to storage for signature results
Returns
int alpm_decode_signature (const char * base64_data, unsigned char ** data, size_t * data_len)
Decode a loaded signature in base64 form.
Parameters
data the decoded data; must be freed by the caller
data_len the length of the returned data
Returns
int alpm_extract_keyid (alpm_handle_t * handle, const char * identifier, const unsigned char * sig, const size_t len, alpm_list_t ** keys)
Extract the Issuer Key ID from a signature.
Parameters
identifier the identifier of the key. This may be the name of the package or the path to the package.
sig PGP signature
len length of signature
keys a pointer to storage for key IDs
Returns
int alpm_pkg_check_pgp_signature (alpm_pkg_t * pkg, alpm_siglist_t * siglist)
Check the PGP signature for the given package file.
Parameters
siglist a pointer to storage for signature results
Returns
int alpm_siglist_cleanup (alpm_siglist_t * siglist)
Clean up and free a signature result list. Note that this does not free the siglist object itself in case that was allocated on the stack; this is the responsibility of the caller.
Parameters
Returns
Author
Generated automatically by Doxygen for libalpm from the source code.
libalpm |