libalpm_sig(3) Library Functions Manual libalpm_sig(3) NAME libalpm_sig - Signature checking SYNOPSIS Data Structures struct alpm_pgpkey_t A PGP key. struct alpm_sigresult_t Signature result. struct alpm_siglist_t Signature list. Enumerations enum alpm_siglevel_t { ALPM_SIG_PACKAGE = (1 << 0), ALPM_SIG_PACKAGE_OPTIONAL = (1 << 1), ALPM_SIG_PACKAGE_MARGINAL_OK = (1 << 2), ALPM_SIG_PACKAGE_UNKNOWN_OK = (1 << 3), ALPM_SIG_DATABASE = (1 << 10), ALPM_SIG_DATABASE_OPTIONAL = (1 << 11), ALPM_SIG_DATABASE_MARGINAL_OK = (1 << 12), ALPM_SIG_DATABASE_UNKNOWN_OK = (1 << 13), ALPM_SIG_USE_DEFAULT = (1 << 30) } PGP signature verification options. enum alpm_sigstatus_t { ALPM_SIGSTATUS_VALID, ALPM_SIGSTATUS_KEY_EXPIRED, ALPM_SIGSTATUS_SIG_EXPIRED, ALPM_SIGSTATUS_KEY_UNKNOWN, ALPM_SIGSTATUS_KEY_DISABLED, ALPM_SIGSTATUS_INVALID } PGP signature verification status return codes. enum alpm_sigvalidity_t { ALPM_SIGVALIDITY_FULL, ALPM_SIGVALIDITY_MARGINAL, ALPM_SIGVALIDITY_NEVER, ALPM_SIGVALIDITY_UNKNOWN } The trust level of a PGP key. Functions int alpm_pkg_check_pgp_signature (alpm_pkg_t *pkg, alpm_siglist_t *siglist) Check the PGP signature for the given package file. int alpm_db_check_pgp_signature (alpm_db_t *db, alpm_siglist_t *siglist) Check the PGP signature for the given database. int alpm_siglist_cleanup (alpm_siglist_t *siglist) Clean up and free a signature result list. int alpm_decode_signature (const char *base64_data, unsigned char **data, size_t *data_len) Decode a loaded signature in base64 form. int alpm_extract_keyid (alpm_handle_t *handle, const char *identifier, const unsigned char *sig, const size_t len, alpm_list_t **keys) Extract the Issuer Key ID from a signature. Detailed Description Functions to check signatures Data Structure Documentation struct alpm_pgpkey_t A PGP key. Data Fields: alpm_time_t created When the key was created. void * data The actual key data. char * email Email of the key's owner. alpm_time_t expires When the key expires. char * fingerprint The key's fingerprint. unsigned int length The length of the key. char * name Name of the key's owner. char pubkey_algo A character representing the encryption algorithm used by the public key. ? = unknown R = RSA D = DSA E = EDDSA unsigned int revoked has the key been revoked char * uid UID of the key. struct alpm_sigresult_t Signature result. Contains the key, status, and validity of a given signature. Data Fields: alpm_pgpkey_t key The key of the signature. alpm_sigstatus_t status The status of the signature. alpm_sigvalidity_t validity The validity of the signature. struct alpm_siglist_t Signature list. Contains the number of signatures found and a pointer to an array of results. The array is of size count. Data Fields: size_t count The amount of results in the array. alpm_sigresult_t * results An array of sigresults. Enumeration Type Documentation enum alpm_siglevel_t PGP signature verification options. Enumerator ALPM_SIG_PACKAGE Packages require a signature. ALPM_SIG_PACKAGE_OPTIONAL Packages do not require a signature, but check packages that do have signatures. ALPM_SIG_PACKAGE_UNKNOWN_OK Allow packages with signatures that are unknown trust. ALPM_SIG_DATABASE Databases require a signature. ALPM_SIG_DATABASE_OPTIONAL Databases do not require a signature, but check databases that do have signatures. ALPM_SIG_DATABASE_MARGINAL_OK Allow databases with signatures that are marginal trust. ALPM_SIG_DATABASE_UNKNOWN_OK Allow databases with signatures that are unknown trust. ALPM_SIG_USE_DEFAULT The Default siglevel. enum alpm_sigstatus_t PGP signature verification status return codes. Enumerator ALPM_SIGSTATUS_VALID Signature is valid. ALPM_SIGSTATUS_KEY_EXPIRED The key has expired. ALPM_SIGSTATUS_SIG_EXPIRED The signature has expired. ALPM_SIGSTATUS_KEY_UNKNOWN The key is not in the keyring. ALPM_SIGSTATUS_KEY_DISABLED The key has been disabled. ALPM_SIGSTATUS_INVALID The signature is invalid. enum alpm_sigvalidity_t The trust level of a PGP key. Enumerator ALPM_SIGVALIDITY_FULL The signature is fully trusted. ALPM_SIGVALIDITY_MARGINAL The signature is marginally trusted. ALPM_SIGVALIDITY_NEVER The signature is never trusted. ALPM_SIGVALIDITY_UNKNOWN The signature has unknown trust. Function Documentation int alpm_db_check_pgp_signature (alpm_db_t * db, alpm_siglist_t * siglist) Check the PGP signature for the given database. Parameters db the database to check siglist a pointer to storage for signature results Returns 0 if valid, -1 if an error occurred or signature is invalid int alpm_decode_signature (const char * base64_data, unsigned char ** data, size_t * data_len) Decode a loaded signature in base64 form. Parameters base64_data the signature to attempt to decode data the decoded data; must be freed by the caller data_len the length of the returned data Returns 0 on success, -1 on failure to properly decode int alpm_extract_keyid (alpm_handle_t * handle, const char * identifier, const unsigned char * sig, const size_t len, alpm_list_t ** keys) Extract the Issuer Key ID from a signature. Parameters handle the context handle identifier the identifier of the key. This may be the name of the package or the path to the package. sig PGP signature len length of signature keys a pointer to storage for key IDs Returns 0 on success, -1 on error int alpm_pkg_check_pgp_signature (alpm_pkg_t * pkg, alpm_siglist_t * siglist) Check the PGP signature for the given package file. Parameters pkg the package to check siglist a pointer to storage for signature results Returns 0 if valid, -1 if an error occurred or signature is invalid int alpm_siglist_cleanup (alpm_siglist_t * siglist) Clean up and free a signature result list. Note that this does not free the siglist object itself in case that was allocated on the stack; this is the responsibility of the caller. Parameters siglist a pointer to storage for signature results Returns 0 on success, -1 on error Author Generated automatically by Doxygen for libalpm from the source code. libalpm libalpm_sig(3)