diff options
author | Colin Walters <walters@verbum.org> | 2021-04-12 18:42:05 -0400 |
---|---|---|
committer | Colin Walters <walters@verbum.org> | 2021-08-30 13:27:38 -0400 |
commit | 359435de843ce2a1e94941c24ec4ddd7d5a7bccb (patch) | |
tree | e1d745d1575c30526c7d5074a285703fe720bc45 /src/libostree/ostree-repo.h | |
parent | 30909a28f2aff54b615837a184f53509cbccc381 (diff) | |
download | ostree-359435de843ce2a1e94941c24ec4ddd7d5a7bccb.tar.gz |
Add an API to verify a commit signature explicitly
We have a bunch of APIs to do GPG verification of a commit,
but that doesn't generalize to signapi. Further, they
require the caller to check the signature status explicitly
which seems like a trap.
This much higher level API works with both GPG and signapi.
The intention is to use this in things that are doing "external
pulls" like the ostree-ext tar import support. There we will
get the commitmeta from the tarball and we want to verify it
at the same time we import the commit.
Diffstat (limited to 'src/libostree/ostree-repo.h')
-rw-r--r-- | src/libostree/ostree-repo.h | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/src/libostree/ostree-repo.h b/src/libostree/ostree-repo.h index 962fa8cc..522cb034 100644 --- a/src/libostree/ostree-repo.h +++ b/src/libostree/ostree-repo.h @@ -1538,6 +1538,29 @@ OstreeGpgVerifyResult * ostree_repo_verify_summary (OstreeRepo *self, GCancellable *cancellable, GError **error); +/** + * OstreeRepoVerifyFlags: + * @OSTREE_REPO_VERIFY_FLAGS_NONE: No flags + * @OSTREE_REPO_VERIFY_FLAGS_NO_GPG: Skip GPG verification + * @OSTREE_REPO_VERIFY_FLAGS_NO_SIGNAPI: Skip all other signature verification methods + * + * Since: 2021.4 + */ +typedef enum { + OSTREE_REPO_VERIFY_FLAGS_NONE = 0, + OSTREE_REPO_VERIFY_FLAGS_NO_GPG = (1 << 0), + OSTREE_REPO_VERIFY_FLAGS_NO_SIGNAPI = (1 << 1), +} OstreeRepoVerifyFlags; + +_OSTREE_PUBLIC +gboolean ostree_repo_signature_verify_commit_data (OstreeRepo *self, + const char *remote_name, + GBytes *commit_data, + GBytes *commit_metadata, + OstreeRepoVerifyFlags flags, + char **out_results, + GError **error); + _OSTREE_PUBLIC gboolean ostree_repo_regenerate_summary (OstreeRepo *self, GVariant *additional_metadata, |