Function: package--check-signature

package--check-signature is a byte-compiled function defined in package.el.gz.

Signature

(package--check-signature LOCATION FILE &optional STRING ASYNC CALLBACK UNWIND)

Documentation

Check signature of the current buffer.

Download the signature file from LOCATION by appending ".sig" to FILE. GnuPG keyring location depends on package-gnupghome-dir. STRING is the string to verify, it defaults to buffer-string. If ASYNC is non-nil, the download of the signature file is done asynchronously.

If the signature does not verify, signal an error. If the signature is verified and CALLBACK was provided, funcall CALLBACK with the list of good signatures as argument (the list can be empty). If no signatures file is found, and package-check-signature(var)/package-check-signature(fun) is allow-unsigned, call CALLBACK with a nil argument. Otherwise, an error is signaled.

UNWIND, if provided, is a function to be called after everything else, even if an error is signaled.

Source Code

;; Defined in /usr/src/emacs/lisp/emacs-lisp/package.el.gz
(defun package--check-signature (location file &optional string async callback unwind)
  "Check signature of the current buffer.
Download the signature file from LOCATION by appending \".sig\"
to FILE.
GnuPG keyring location depends on `package-gnupghome-dir'.
STRING is the string to verify, it defaults to `buffer-string'.
If ASYNC is non-nil, the download of the signature file is
done asynchronously.

If the signature does not verify, signal an error.
If the signature is verified and CALLBACK was provided, `funcall'
CALLBACK with the list of good signatures as argument (the list
can be empty).
If no signatures file is found, and `package-check-signature' is
`allow-unsigned', call CALLBACK with a nil argument.
Otherwise, an error is signaled.

UNWIND, if provided, is a function to be called after everything
else, even if an error is signaled."
  (let ((sig-file (concat file ".sig"))
        (string (or string (buffer-string))))
    (package--with-response-buffer location :file sig-file
      :async async :noerror t
      ;; Connection error is assumed to mean "no sig-file".
      :error-form (let ((allow-unsigned
                         (eq (package-check-signature) 'allow-unsigned)))
                    (when (and callback allow-unsigned)
                      (funcall callback nil))
                    (when unwind (funcall unwind))
                    (unless allow-unsigned
                      (error "Unsigned file `%s' at %s" file location)))
      ;; OTOH, an error here means "bad signature", which we never
      ;; suppress.  (Bug#22089)
      (unwind-protect
          (let ((sig (package--check-signature-content
                      (buffer-substring (point) (point-max))
                      string sig-file)))
            (when callback (funcall callback sig))
            sig)
        (when unwind (funcall unwind))))))