- Generated by
1.7.5.1
|
libzypp
10.5.0
|
00001 /*---------------------------------------------------------------------\ 00002 | ____ _ __ __ ___ | 00003 | |__ / \ / / . \ . \ | 00004 | / / \ V /| _/ _/ | 00005 | / /__ | | | | | | | 00006 | /_____||_| |_| |_| | 00007 | | 00008 \---------------------------------------------------------------------*/ 00012 #include <iostream> 00013 #include <fstream> 00014 #include <sys/file.h> 00015 #include <cstdio> 00016 #include <unistd.h> 00017 00018 #include <boost/format.hpp> 00019 00020 #include "zypp/TmpPath.h" 00021 #include "zypp/ZYppFactory.h" 00022 #include "zypp/ZYpp.h" 00023 00024 #include "zypp/base/Logger.h" 00025 #include "zypp/base/IOStream.h" 00026 #include "zypp/base/String.h" 00027 #include "zypp/base/Regex.h" 00028 #include "zypp/base/Gettext.h" 00029 #include "zypp/PathInfo.h" 00030 #include "zypp/KeyRing.h" 00031 #include "zypp/ExternalProgram.h" 00032 #include "zypp/TmpPath.h" 00033 00034 using namespace std; 00035 using namespace zypp::filesystem; 00036 00037 #undef ZYPP_BASE_LOGGER_LOGGROUP 00038 #define ZYPP_BASE_LOGGER_LOGGROUP "zypp::KeyRing" 00039 00040 #define GPG_BINARY "/usr/bin/gpg2" 00041 00043 namespace zypp 00044 { 00045 00046 IMPL_PTR_TYPE(KeyRing); 00047 00048 namespace 00049 { 00050 KeyRing::DefaultAccept _keyRingDefaultAccept( KeyRing::ACCEPT_NOTHING ); 00051 } 00052 00053 KeyRing::DefaultAccept KeyRing::defaultAccept() 00054 { return _keyRingDefaultAccept; } 00055 00056 void KeyRing::setDefaultAccept( DefaultAccept value_r ) 00057 { 00058 MIL << "Set new KeyRing::DefaultAccept: " << value_r << endl; 00059 _keyRingDefaultAccept = value_r; 00060 } 00061 00062 bool KeyRingReport::askUserToAcceptUnsignedFile( const string &file, const KeyContext &keycontext ) 00063 { return _keyRingDefaultAccept.testFlag( KeyRing::ACCEPT_UNSIGNED_FILE ); } 00064 00065 KeyRingReport::KeyTrust 00066 KeyRingReport::askUserToAcceptKey( const PublicKey &key, const KeyContext &keycontext ) 00067 { 00068 if ( _keyRingDefaultAccept.testFlag( KeyRing::TRUST_KEY_TEMPORARILY ) ) 00069 return KEY_TRUST_TEMPORARILY; 00070 if ( _keyRingDefaultAccept.testFlag( KeyRing::TRUST_AND_IMPORT_KEY ) ) 00071 return KEY_TRUST_AND_IMPORT; 00072 return KEY_DONT_TRUST; 00073 } 00074 00075 bool KeyRingReport::askUserToAcceptUnknownKey( const string &file, const string &id, const KeyContext &keycontext ) 00076 { return _keyRingDefaultAccept.testFlag( KeyRing::ACCEPT_UNKNOWNKEY ); } 00077 00078 bool KeyRingReport::askUserToAcceptVerificationFailed( const string &file, const PublicKey &key, const KeyContext &keycontext ) 00079 { return _keyRingDefaultAccept.testFlag( KeyRing::ACCEPT_VERIFICATION_FAILED ); } 00080 00082 // 00083 // CLASS NAME : KeyRing::Impl 00084 // 00086 struct KeyRing::Impl 00087 { 00088 Impl( const Pathname & baseTmpDir ) 00089 : _trusted_tmp_dir( baseTmpDir, "zypp-trusted-kr" ) 00090 , _general_tmp_dir( baseTmpDir, "zypp-general-kr" ) 00091 , _base_dir( baseTmpDir ) 00092 { 00093 MIL << "Current KeyRing::DefaultAccept: " << _keyRingDefaultAccept << endl; 00094 } 00095 00096 void importKey( const PublicKey &key, bool trusted = false); 00097 void multiKeyImport( const Pathname & keyfile_r, bool trusted_r = false); 00098 void deleteKey( const string &id, bool trusted ); 00099 00100 string readSignatureKeyId( const Pathname &signature ); 00101 00102 bool isKeyTrusted( const string &id); 00103 bool isKeyKnown( const string &id ); 00104 00105 list<PublicKey> trustedPublicKeys(); 00106 list<PublicKey> publicKeys(); 00107 00108 list<string> trustedPublicKeyIds(); 00109 list<string> publicKeyIds(); 00110 00111 void dumpPublicKey( const string &id, bool trusted, ostream &stream ); 00112 00113 bool verifyFileSignatureWorkflow( 00114 const Pathname &file, 00115 const string filedesc, 00116 const Pathname &signature, 00117 const KeyContext &keycontext = KeyContext()); 00118 00119 bool verifyFileSignature( const Pathname &file, const Pathname &signature); 00120 bool verifyFileTrustedSignature( const Pathname &file, const Pathname &signature); 00121 private: 00122 //mutable map<Locale, string> translations; 00123 bool verifyFile( const Pathname &file, const Pathname &signature, const Pathname &keyring); 00124 void importKey( const Pathname &keyfile, const Pathname &keyring); 00125 PublicKey exportKey( string id, const Pathname &keyring); 00126 void dumpPublicKey( const string &id, const Pathname &keyring, ostream &stream ); 00127 void deleteKey( const string &id, const Pathname &keyring ); 00128 00129 list<PublicKey> publicKeys(const Pathname &keyring); 00130 list<string> publicKeyIds(const Pathname &keyring); 00131 00132 bool publicKeyExists( string id, const Pathname &keyring); 00133 00134 const Pathname generalKeyRing() const; 00135 const Pathname trustedKeyRing() const; 00136 00137 // Used for trusted and untrusted keyrings 00138 TmpDir _trusted_tmp_dir; 00139 TmpDir _general_tmp_dir; 00140 Pathname _base_dir; 00141 public: 00143 static shared_ptr<Impl> nullimpl() 00144 { 00145 static shared_ptr<Impl> _nullimpl( new Impl( TmpPath::defaultLocation() ) ); 00146 return _nullimpl; 00147 } 00148 00149 private: 00150 friend Impl * rwcowClone<Impl>( const Impl * rhs ); 00152 Impl * clone() const 00153 { return new Impl( *this ); } 00154 }; 00155 00156 00157 const Pathname KeyRing::Impl::generalKeyRing() const 00158 { 00159 return _general_tmp_dir.path(); 00160 } 00161 00162 const Pathname KeyRing::Impl::trustedKeyRing() const 00163 { 00164 return _trusted_tmp_dir.path(); 00165 } 00166 00167 void KeyRing::Impl::importKey( const PublicKey &key, bool trusted) 00168 { 00169 callback::SendReport<target::rpm::KeyRingSignals> rpmdbEmitSignal; 00170 callback::SendReport<KeyRingSignals> emitSignal; 00171 00172 importKey( key.path(), trusted ? trustedKeyRing() : generalKeyRing() ); 00173 00174 if ( trusted ) 00175 { 00176 rpmdbEmitSignal->trustedKeyAdded( key ); 00177 emitSignal->trustedKeyAdded( key ); 00178 } 00179 } 00180 00181 void KeyRing::Impl::multiKeyImport( const Pathname & keyfile_r, bool trusted_r ) 00182 { 00183 importKey( keyfile_r, trusted_r ? trustedKeyRing() : generalKeyRing() ); 00184 } 00185 00186 void KeyRing::Impl::deleteKey( const string &id, bool trusted) 00187 { 00188 PublicKey key; 00189 00190 if (trusted) 00191 { 00192 key = exportKey(id, trustedKeyRing()); 00193 } 00194 00195 deleteKey( id, trusted ? trustedKeyRing() : generalKeyRing() ); 00196 00197 if ( trusted ) 00198 { 00199 callback::SendReport<target::rpm::KeyRingSignals> rpmdbEmitSignal; 00200 callback::SendReport<KeyRingSignals> emitSignal; 00201 00202 rpmdbEmitSignal->trustedKeyRemoved( key ); 00203 emitSignal->trustedKeyRemoved( key ); 00204 } 00205 } 00206 00207 list<PublicKey> KeyRing::Impl::publicKeys() 00208 { 00209 return publicKeys( generalKeyRing() ); 00210 } 00211 00212 list<PublicKey> KeyRing::Impl::trustedPublicKeys() 00213 { 00214 return publicKeys( trustedKeyRing() ); 00215 } 00216 00217 list<string> KeyRing::Impl::publicKeyIds() 00218 { 00219 return publicKeyIds( generalKeyRing() ); 00220 } 00221 00222 list<string> KeyRing::Impl::trustedPublicKeyIds() 00223 { 00224 return publicKeyIds( trustedKeyRing() ); 00225 } 00226 00227 bool KeyRing::Impl::verifyFileTrustedSignature( const Pathname &file, const Pathname &signature) 00228 { 00229 return verifyFile( file, signature, trustedKeyRing() ); 00230 } 00231 00232 bool KeyRing::Impl::verifyFileSignature( const Pathname &file, const Pathname &signature) 00233 { 00234 return verifyFile( file, signature, generalKeyRing() ); 00235 } 00236 00237 bool KeyRing::Impl::isKeyTrusted( const string &id) 00238 { 00239 return publicKeyExists( id, trustedKeyRing() ); 00240 } 00241 00242 bool KeyRing::Impl::isKeyKnown( const string &id ) 00243 { 00244 MIL << endl; 00245 if ( publicKeyExists( id, trustedKeyRing() ) ) 00246 return true; 00247 else 00248 return publicKeyExists( id, generalKeyRing() ); 00249 } 00250 00251 bool KeyRing::Impl::publicKeyExists( string id, const Pathname &keyring) 00252 { 00253 MIL << "Searching key [" << id << "] in keyring " << keyring << endl; 00254 list<PublicKey> keys = publicKeys(keyring); 00255 for (list<PublicKey>::const_iterator it = keys.begin(); it != keys.end(); it++) 00256 { 00257 if ( id == (*it).id() ) 00258 00259 return true; 00260 } 00261 return false; 00262 } 00263 00264 PublicKey KeyRing::Impl::exportKey( string id, const Pathname &keyring) 00265 { 00266 TmpFile tmp_file( _base_dir, "pubkey-"+id+"-" ); 00267 MIL << "Going to export key " << id << " from " << keyring << " to " << tmp_file.path() << endl; 00268 00269 try { 00270 ofstream os(tmp_file.path().c_str()); 00271 dumpPublicKey( id, keyring, os ); 00272 os.close(); 00273 return PublicKey( tmp_file ); 00274 } 00275 catch (BadKeyException &e) 00276 { 00277 ERR << "Cannot create public key " << id << " from " << keyring << " keyring to file " << e.keyFile() << endl; 00278 // TranslatorExplanation first %s is key name, second is keyring name 00279 // and third is keyfile name 00280 ZYPP_THROW(Exception(boost::str(boost::format( 00281 _("Cannot create public key %s from %s keyring to file %s")) 00282 % id % keyring.asString() % e.keyFile().asString()))); 00283 } 00284 catch (exception &e) 00285 { 00286 ERR << "Cannot export key " << id << " from " << keyring << " keyring to file " << tmp_file.path() << endl; 00287 } 00288 return PublicKey(); 00289 } 00290 00291 void KeyRing::Impl::dumpPublicKey( const string &id, bool trusted, ostream &stream ) 00292 { 00293 dumpPublicKey( id, ( trusted ? trustedKeyRing() : generalKeyRing() ), stream ); 00294 } 00295 00296 void KeyRing::Impl::dumpPublicKey( const string &id, const Pathname &keyring, ostream &stream ) 00297 { 00298 const char* argv[] = 00299 { 00300 GPG_BINARY, 00301 "--no-default-keyring", 00302 "--quiet", 00303 "--no-tty", 00304 "--no-greeting", 00305 "--no-permission-warning", 00306 "--batch", 00307 "--homedir", 00308 keyring.asString().c_str(), 00309 "-a", 00310 "--export", 00311 id.c_str(), 00312 NULL 00313 }; 00314 ExternalProgram prog(argv,ExternalProgram::Discard_Stderr, false, -1, true); 00315 string line; 00316 int count; 00317 for(line = prog.receiveLine(), count=0; !line.empty(); line = prog.receiveLine(), count++ ) 00318 { 00319 stream << line; 00320 } 00321 prog.close(); 00322 } 00323 00324 00325 bool KeyRing::Impl::verifyFileSignatureWorkflow( 00326 const Pathname &file, 00327 const string filedesc, 00328 const Pathname &signature, 00329 const KeyContext &context) 00330 { 00331 callback::SendReport<KeyRingReport> report; 00332 //callback::SendReport<KeyRingSignals> emitSignal; 00333 MIL << "Going to verify signature for " << filedesc << " ( " << file << " ) with " << signature << endl; 00334 00335 // if signature does not exists, ask user if he wants to accept unsigned file. 00336 if( signature.empty() || (!PathInfo(signature).isExist()) ) 00337 { 00338 bool res = report->askUserToAcceptUnsignedFile( filedesc, context ); 00339 MIL << "User decision on unsigned file: " << res << endl; 00340 return res; 00341 } 00342 00343 // get the id of the signature 00344 string id = readSignatureKeyId(signature); 00345 00346 // doeskey exists in trusted keyring 00347 if ( publicKeyExists( id, trustedKeyRing() ) ) 00348 { 00349 PublicKey key = exportKey( id, trustedKeyRing() ); 00350 00351 // lets look if there is an updated key in the 00352 // general keyring 00353 if ( publicKeyExists( id, generalKeyRing() ) ) 00354 { 00355 // bnc #393160: Comment #30: Compare at least the fingerprint 00356 // in case an attacker created a key the the same id. 00357 PublicKey untkey = exportKey( id, generalKeyRing() ); 00358 if ( untkey.fingerprint() == key.fingerprint() 00359 && untkey.created() > key.created() ) 00360 { 00361 MIL << "Key " << key << " was updated. Saving new version into trusted keyring." << endl; 00362 importKey( untkey, true ); 00363 key = untkey; 00364 } 00365 } 00366 00367 MIL << "Key " << id << " " << key.name() << " is trusted" << endl; 00368 // it exists, is trusted, does it validates? 00369 if ( verifyFile( file, signature, trustedKeyRing() ) ) 00370 return true; 00371 else 00372 return report->askUserToAcceptVerificationFailed( filedesc, key, context ); 00373 } 00374 else 00375 { 00376 if ( publicKeyExists( id, generalKeyRing() ) ) 00377 { 00378 PublicKey key = exportKey( id, generalKeyRing()); 00379 MIL << "Exported key " << id << " to " << key.path() << endl; 00380 MIL << "Key " << id << " " << key.name() << " is not trusted" << endl; 00381 00382 // ok the key is not trusted, ask the user to trust it or not 00383 KeyRingReport::KeyTrust reply = report->askUserToAcceptKey(key, context); 00384 if (reply == KeyRingReport::KEY_TRUST_TEMPORARILY || 00385 reply == KeyRingReport::KEY_TRUST_AND_IMPORT) 00386 { 00387 MIL << "User wants to trust key " << id << " " << key.name() << endl; 00388 //dumpFile(unKey.path()); 00389 00390 Pathname which_keyring; 00391 if (reply == KeyRingReport::KEY_TRUST_AND_IMPORT) 00392 { 00393 MIL << "User wants to import key " << id << " " << key.name() << endl; 00394 importKey( key, true ); 00395 which_keyring = trustedKeyRing(); 00396 } 00397 else 00398 which_keyring = generalKeyRing(); 00399 00400 // emit key added 00401 if ( verifyFile( file, signature, which_keyring ) ) 00402 { 00403 MIL << "File signature is verified" << endl; 00404 return true; 00405 } 00406 else 00407 { 00408 MIL << "File signature check fails" << endl; 00409 if ( report->askUserToAcceptVerificationFailed( filedesc, key, context ) ) 00410 { 00411 MIL << "User continues anyway." << endl; 00412 return true; 00413 } 00414 else 00415 { 00416 MIL << "User does not want to continue" << endl; 00417 return false; 00418 } 00419 } 00420 } 00421 else 00422 { 00423 MIL << "User does not want to trust key " << id << " " << key.name() << endl; 00424 return false; 00425 } 00426 } 00427 else 00428 { 00429 // unknown key... 00430 MIL << "File [" << file << "] ( " << filedesc << " ) signed with unknown key [" << id << "]" << endl; 00431 if ( report->askUserToAcceptUnknownKey( filedesc, id, context ) ) 00432 { 00433 MIL << "User wants to accept unknown key " << id << endl; 00434 return true; 00435 } 00436 else 00437 { 00438 MIL << "User does not want to accept unknown key " << id << endl; 00439 return false; 00440 } 00441 } 00442 } 00443 return false; 00444 } 00445 00446 list<string> KeyRing::Impl::publicKeyIds(const Pathname &keyring) 00447 { 00448 static str::regex rxColons("^([^:]*):([^:]*):([^:]*):([^:]*):([^:]*):([^:]*):([^:]*):([^:]*):([^:]*):([^:]*):([^:]*):([^:]*):\n$"); 00449 static str::regex rxColonsFpr("^([^:]*):([^:]*):([^:]*):([^:]*):([^:]*):([^:]*):([^:]*):([^:]*):([^:]*):([^:]*):\n$"); 00450 00451 list<string> ids; 00452 00453 const char* argv[] = 00454 { 00455 GPG_BINARY, 00456 "--no-default-keyring", 00457 "--quiet", 00458 "--list-public-keys", 00459 "--with-colons", 00460 "--with-fingerprint", 00461 "--no-tty", 00462 "--no-greeting", 00463 "--batch", 00464 "--status-fd", 00465 "1", 00466 "--homedir", 00467 keyring.asString().c_str(), 00468 NULL 00469 }; 00470 00471 ExternalProgram prog(argv,ExternalProgram::Discard_Stderr, false, -1, true); 00472 string line; 00473 int count = 0; 00474 00475 for(line = prog.receiveLine(), count=0; !line.empty(); line = prog.receiveLine(), count++ ) 00476 { 00477 //MIL << line << endl; 00478 str::smatch what; 00479 if(str::regex_match(line, what, rxColons)) 00480 { 00481 string id; 00482 string fingerprint; 00483 if ( what[1] == "pub" ) 00484 { 00485 id = what[5]; 00486 00487 string line2; 00488 for(line2 = prog.receiveLine(); !line2.empty(); line2 = prog.receiveLine(), count++ ) 00489 { 00490 str::smatch what2; 00491 if (str::regex_match(line2, what2, rxColonsFpr)) 00492 { 00493 if ( (what2[1] == "fpr") && (what2[1] != "pub") && (what2[1] !="sub")) 00494 { 00495 fingerprint = what2[10]; 00496 break; 00497 } 00498 } 00499 } 00500 00501 ids.push_back(id); 00502 MIL << "Found key " << "[" << id << "]" << endl; 00503 } 00504 //dumpRegexpResults(what); 00505 } 00506 } 00507 prog.close(); 00508 return ids; 00509 } 00510 00511 list<PublicKey> KeyRing::Impl::publicKeys(const Pathname &keyring) 00512 { 00513 00514 list<PublicKey> keys; 00515 00516 list<string> ids = publicKeyIds(keyring); 00517 00518 for ( list<string>::const_iterator it = ids.begin(); it != ids.end(); ++it ) 00519 { 00520 PublicKey key(exportKey( *it, keyring )); 00521 keys.push_back(key); 00522 MIL << "Found key " << "[" << key.id() << "]" << " [" << key.name() << "]" << " [" << key.fingerprint() << "]" << endl; 00523 } 00524 return keys; 00525 } 00526 00527 void KeyRing::Impl::importKey( const Pathname &keyfile, const Pathname &keyring) 00528 { 00529 if ( ! PathInfo(keyfile).isExist() ) 00530 // TranslatorExplanation first %s is key name, second is keyring name 00531 ZYPP_THROW(KeyRingException(boost::str(boost::format( 00532 _("Tried to import not existant key %s into keyring %s")) 00533 % keyfile.asString() % keyring.asString()))); 00534 00535 const char* argv[] = 00536 { 00537 GPG_BINARY, 00538 "--no-default-keyring", 00539 "--quiet", 00540 "--no-tty", 00541 "--no-greeting", 00542 "--no-permission-warning", 00543 "--status-fd", 00544 "1", 00545 "--homedir", 00546 keyring.asString().c_str(), 00547 "--import", 00548 keyfile.asString().c_str(), 00549 NULL 00550 }; 00551 00552 ExternalProgram prog(argv,ExternalProgram::Discard_Stderr, false, -1, true); 00553 prog.close(); 00554 } 00555 00556 void KeyRing::Impl::deleteKey( const string &id, const Pathname &keyring ) 00557 { 00558 const char* argv[] = 00559 { 00560 GPG_BINARY, 00561 "--no-default-keyring", 00562 "--yes", 00563 "--quiet", 00564 "--no-tty", 00565 "--batch", 00566 "--status-fd", 00567 "1", 00568 "--homedir", 00569 keyring.asString().c_str(), 00570 "--delete-keys", 00571 id.c_str(), 00572 NULL 00573 }; 00574 00575 ExternalProgram prog(argv,ExternalProgram::Discard_Stderr, false, -1, true); 00576 00577 int code = prog.close(); 00578 if ( code ) 00579 ZYPP_THROW(Exception(_("Failed to delete key."))); 00580 else 00581 MIL << "Deleted key " << id << " from keyring " << keyring << endl; 00582 } 00583 00584 00585 string KeyRing::Impl::readSignatureKeyId(const Pathname &signature ) 00586 { 00587 if ( ! PathInfo(signature).isFile() ) 00588 ZYPP_THROW(Exception(boost::str(boost::format( 00589 _("Signature file %s not found"))% signature.asString()))); 00590 00591 MIL << "Determining key id if signature " << signature << endl; 00592 // HACK create a tmp keyring with no keys 00593 TmpDir dir(_base_dir, "fake-keyring"); 00594 00595 const char* argv[] = 00596 { 00597 GPG_BINARY, 00598 "--no-default-keyring", 00599 "--quiet", 00600 "--no-tty", 00601 "--no-greeting", 00602 "--batch", 00603 "--status-fd", 00604 "1", 00605 "--homedir", 00606 dir.path().asString().c_str(), 00607 signature.asString().c_str(), 00608 NULL 00609 }; 00610 00611 ExternalProgram prog(argv,ExternalProgram::Discard_Stderr, false, -1, true); 00612 00613 string line; 00614 int count = 0; 00615 00616 str::regex rxNoKey("^\\[GNUPG:\\] NO_PUBKEY (.+)\n$"); 00617 string id; 00618 for(line = prog.receiveLine(), count=0; !line.empty(); line = prog.receiveLine(), count++ ) 00619 { 00620 //MIL << "[" << line << "]" << endl; 00621 str::smatch what; 00622 if(str::regex_match(line, what, rxNoKey)) 00623 { 00624 if ( what.size() >= 1 ) 00625 { 00626 id = what[1]; 00627 break; 00628 } 00629 //dumpRegexpResults(what); 00630 } 00631 } 00632 00633 if ( count == 0 ) 00634 { 00635 MIL << "no output" << endl; 00636 } 00637 00638 MIL << "Determined key id [" << id << "] for signature " << signature << endl; 00639 prog.close(); 00640 return id; 00641 } 00642 00643 bool KeyRing::Impl::verifyFile( const Pathname &file, const Pathname &signature, const Pathname &keyring) 00644 { 00645 const char* argv[] = 00646 { 00647 GPG_BINARY, 00648 "--no-default-keyring", 00649 "--quiet", 00650 "--no-tty", 00651 "--batch", 00652 "--no-greeting", 00653 "--status-fd", 00654 "1", 00655 "--homedir", 00656 keyring.asString().c_str(), 00657 "--verify", 00658 signature.asString().c_str(), 00659 file.asString().c_str(), 00660 NULL 00661 }; 00662 00663 // no need to parse output for now 00664 // [GNUPG:] SIG_ID yCc4u223XRJnLnVAIllvYbUd8mQ 2006-03-29 1143618744 00665 // [GNUPG:] GOODSIG A84EDAE89C800ACA SuSE Package Signing Key <build@suse.de> 00666 // gpg: Good signature from "SuSE Package Signing Key <build@suse.de>" 00667 // [GNUPG:] VALIDSIG 79C179B2E1C820C1890F9994A84EDAE89C800ACA 2006-03-29 1143618744 0 3 0 17 2 00 79C179B2E1C820C1890F9994A84EDAE89C800ACA 00668 // [GNUPG:] TRUST_UNDEFINED 00669 00670 // [GNUPG:] ERRSIG A84EDAE89C800ACA 17 2 00 1143618744 9 00671 // [GNUPG:] NO_PUBKEY A84EDAE89C800ACA 00672 00673 ExternalProgram prog(argv,ExternalProgram::Discard_Stderr, false, -1, true); 00674 00675 return (prog.close() == 0) ? true : false; 00676 } 00677 00679 00681 // 00682 // CLASS NAME : KeyRing 00683 // 00685 00687 // 00688 // METHOD NAME : KeyRing::KeyRing 00689 // METHOD TYPE : Ctor 00690 // 00691 KeyRing::KeyRing(const Pathname &baseTmpDir) 00692 : _pimpl( new Impl(baseTmpDir) ) 00693 {} 00694 00696 // 00697 // METHOD NAME : KeyRing::KeyRing 00698 // METHOD TYPE : Ctor 00699 // 00700 //KeyRing::KeyRing( const Pathname &general_kr, const Pathname &trusted_kr ) 00701 //: _pimpl( new Impl(general_kr, trusted_kr) ) 00702 //{} 00703 00705 // 00706 // METHOD NAME : KeyRing::~KeyRing 00707 // METHOD TYPE : Dtor 00708 // 00709 KeyRing::~KeyRing() 00710 {} 00711 00713 // 00714 // Forward to implementation: 00715 // 00717 00718 00719 void KeyRing::importKey( const PublicKey &key, bool trusted ) 00720 { 00721 _pimpl->importKey( key, trusted ); 00722 } 00723 00724 void KeyRing::multiKeyImport( const Pathname & keyfile_r, bool trusted_r ) 00725 { 00726 _pimpl->multiKeyImport( keyfile_r, trusted_r ); 00727 } 00728 00729 string KeyRing::readSignatureKeyId( const Pathname &signature ) 00730 { 00731 return _pimpl->readSignatureKeyId(signature); 00732 } 00733 00734 void KeyRing::deleteKey( const string &id, bool trusted ) 00735 { 00736 _pimpl->deleteKey(id, trusted); 00737 } 00738 00739 list<PublicKey> KeyRing::publicKeys() 00740 { 00741 return _pimpl->publicKeys(); 00742 } 00743 00744 list<PublicKey> KeyRing::trustedPublicKeys() 00745 { 00746 return _pimpl->trustedPublicKeys(); 00747 } 00748 00749 list<string> KeyRing::publicKeyIds() 00750 { 00751 return _pimpl->publicKeyIds(); 00752 } 00753 00754 list<string> KeyRing::trustedPublicKeyIds() 00755 { 00756 return _pimpl->trustedPublicKeyIds(); 00757 } 00758 00759 bool KeyRing::verifyFileSignatureWorkflow( 00760 const Pathname &file, 00761 const string filedesc, 00762 const Pathname &signature, 00763 const KeyContext &keycontext) 00764 { 00765 return _pimpl->verifyFileSignatureWorkflow(file, filedesc, signature, keycontext); 00766 } 00767 00768 bool KeyRing::verifyFileSignature( const Pathname &file, const Pathname &signature) 00769 { 00770 return _pimpl->verifyFileSignature(file, signature); 00771 } 00772 00773 bool KeyRing::verifyFileTrustedSignature( const Pathname &file, const Pathname &signature) 00774 { 00775 return _pimpl->verifyFileTrustedSignature(file, signature); 00776 } 00777 00778 void KeyRing::dumpPublicKey( const string &id, bool trusted, ostream &stream ) 00779 { 00780 _pimpl->dumpPublicKey( id, trusted, stream); 00781 } 00782 00783 bool KeyRing::isKeyTrusted( const string &id ) 00784 { 00785 return _pimpl->isKeyTrusted(id); 00786 } 00787 00788 bool KeyRing::isKeyKnown( const string &id ) 00789 { 00790 return _pimpl->isKeyKnown(id); 00791 } 00792 00794 } // namespace zypp
1.7.5.1