libalpm_sig - Man Page
Name
libalpm_sig — Signature checking
— Functions to check signatures
Synopsis
Data Structures
struct alpm_pgpkey_t
A PGP key.
struct alpm_sigresult_t
Signature result.
struct alpm_siglist_t
Signature list.
Enumerations
enum alpm_siglevel_t { ALPM_SIG_PACKAGE = (1 << 0), ALPM_SIG_PACKAGE_OPTIONAL = (1 << 1), ALPM_SIG_PACKAGE_MARGINAL_OK = (1 << 2), ALPM_SIG_PACKAGE_UNKNOWN_OK = (1 << 3), ALPM_SIG_DATABASE = (1 << 10), ALPM_SIG_DATABASE_OPTIONAL = (1 << 11), ALPM_SIG_DATABASE_MARGINAL_OK = (1 << 12), ALPM_SIG_DATABASE_UNKNOWN_OK = (1 << 13), ALPM_SIG_USE_DEFAULT = (1 << 30) }
PGP signature verification options.
enum alpm_sigstatus_t { ALPM_SIGSTATUS_VALID, ALPM_SIGSTATUS_KEY_EXPIRED, ALPM_SIGSTATUS_SIG_EXPIRED, ALPM_SIGSTATUS_KEY_UNKNOWN, ALPM_SIGSTATUS_KEY_DISABLED, ALPM_SIGSTATUS_INVALID }
PGP signature verification status return codes.
enum alpm_sigvalidity_t { ALPM_SIGVALIDITY_FULL, ALPM_SIGVALIDITY_MARGINAL, ALPM_SIGVALIDITY_NEVER, ALPM_SIGVALIDITY_UNKNOWN }
The trust level of a PGP key.
Functions
int alpm_pkg_check_pgp_signature (alpm_pkg_t *pkg, alpm_siglist_t *siglist)
Check the PGP signature for the given package file.
int alpm_db_check_pgp_signature (alpm_db_t *db, alpm_siglist_t *siglist)
Check the PGP signature for the given database.
int alpm_siglist_cleanup (alpm_siglist_t *siglist)
Clean up and free a signature result list.
int alpm_decode_signature (const char *base64_data, unsigned char **data, size_t *data_len)
Decode a loaded signature in base64 form.
int alpm_extract_keyid (alpm_handle_t *handle, const char *identifier, const unsigned char *sig, const size_t len, alpm_list_t **keys)
Extract the Issuer Key ID from a signature.
Detailed Description
Functions to check signatures
Data Structure Documentation
struct alpm_pgpkey_t
A PGP key.
Data Fields:
alpm_time_t created When the key was created.
void * data The actual key data.
char * email Email of the key's owner.
alpm_time_t expires When the key expires.
char * fingerprint The key's fingerprint.
unsigned int length The length of the key.
char * name Name of the key's owner.
char pubkey_algo A character representing the encryption algorithm used by the public key.
? = unknown R = RSA D = DSA E = EDDSA
unsigned int revoked has the key been revoked
char * uid UID of the key.
struct alpm_sigresult_t
Signature result.
Contains the key, status, and validity of a given signature.
Data Fields:
alpm_pgpkey_t key The key of the signature.
alpm_sigstatus_t status The status of the signature.
alpm_sigvalidity_t validity The validity of the signature.
struct alpm_siglist_t
Signature list.
Contains the number of signatures found and a pointer to an array of results. The array is of size count.
Data Fields:
size_t count The amount of results in the array.
alpm_sigresult_t * results An array of sigresults.
Enumeration Type Documentation
enum alpm_siglevel_t
PGP signature verification options.
Enumerator
- ALPM_SIG_PACKAGE
Packages require a signature.
- ALPM_SIG_PACKAGE_OPTIONAL
Packages do not require a signature, but check packages that do have signatures.
- ALPM_SIG_PACKAGE_UNKNOWN_OK
Allow packages with signatures that are unknown trust.
- ALPM_SIG_DATABASE
Databases require a signature.
- ALPM_SIG_DATABASE_OPTIONAL
Databases do not require a signature, but check databases that do have signatures.
- ALPM_SIG_DATABASE_MARGINAL_OK
Allow databases with signatures that are marginal trust.
- ALPM_SIG_DATABASE_UNKNOWN_OK
Allow databases with signatures that are unknown trust.
- ALPM_SIG_USE_DEFAULT
The Default siglevel.
enum alpm_sigstatus_t
PGP signature verification status return codes.
Enumerator
- ALPM_SIGSTATUS_VALID
Signature is valid.
- ALPM_SIGSTATUS_KEY_EXPIRED
The key has expired.
- ALPM_SIGSTATUS_SIG_EXPIRED
The signature has expired.
- ALPM_SIGSTATUS_KEY_UNKNOWN
The key is not in the keyring.
- ALPM_SIGSTATUS_KEY_DISABLED
The key has been disabled.
- ALPM_SIGSTATUS_INVALID
The signature is invalid.
enum alpm_sigvalidity_t
The trust level of a PGP key.
Enumerator
- ALPM_SIGVALIDITY_FULL
The signature is fully trusted.
- ALPM_SIGVALIDITY_MARGINAL
The signature is marginally trusted.
- ALPM_SIGVALIDITY_NEVER
The signature is never trusted.
- ALPM_SIGVALIDITY_UNKNOWN
The signature has unknown trust.
Function Documentation
int alpm_db_check_pgp_signature (alpm_db_t * db, alpm_siglist_t * siglist)
Check the PGP signature for the given database.
- Parameters
db the database to check
siglist a pointer to storage for signature results
Returns
0 if valid, -1 if an error occurred or signature is invalid
int alpm_decode_signature (const char * base64_data, unsigned char ** data, size_t * data_len)
Decode a loaded signature in base64 form.
- Parameters
base64_data the signature to attempt to decode
data the decoded data; must be freed by the caller
data_len the length of the returned data
Returns
0 on success, -1 on failure to properly decode
int alpm_extract_keyid (alpm_handle_t * handle, const char * identifier, const unsigned char * sig, const size_t len, alpm_list_t ** keys)
Extract the Issuer Key ID from a signature.
- Parameters
handle the context handle
identifier the identifier of the key. This may be the name of the package or the path to the package.
sig PGP signature
len length of signature
keys a pointer to storage for key IDs
Returns
0 on success, -1 on error
int alpm_pkg_check_pgp_signature (alpm_pkg_t * pkg, alpm_siglist_t * siglist)
Check the PGP signature for the given package file.
- Parameters
pkg the package to check
siglist a pointer to storage for signature results
Returns
0 if valid, -1 if an error occurred or signature is invalid
int alpm_siglist_cleanup (alpm_siglist_t * siglist)
Clean up and free a signature result list. Note that this does not free the siglist object itself in case that was allocated on the stack; this is the responsibility of the caller.
- Parameters
siglist a pointer to storage for signature results
Returns
0 on success, -1 on error
Author
Generated automatically by Doxygen for libalpm from the source code.