libzypp  13.10.6
KeyRing.h
Go to the documentation of this file.
1 /*---------------------------------------------------------------------\
2 | ____ _ __ __ ___ |
3 | |__ / \ / / . \ . \ |
4 | / / \ V /| _/ _/ |
5 | / /__ | | | | | | |
6 | /_____||_| |_| |_| |
7 | |
8 \---------------------------------------------------------------------*/
12 #ifndef ZYPP_KEYRING_H
13 #define ZYPP_KEYRING_H
14 
15 #include <iosfwd>
16 #include <map>
17 #include <list>
18 #include <set>
19 #include <string>
20 
21 #include "zypp/base/ReferenceCounted.h"
22 #include "zypp/base/Flags.h"
23 #include "zypp/Callback.h"
24 #include "zypp/base/PtrTypes.h"
25 #include "zypp/Locale.h"
26 #include "zypp/PublicKey.h"
27 #include "zypp/KeyContext.h"
28 
30 namespace zypp
31 {
32 
33  DEFINE_PTR_TYPE(KeyRing);
34 
44  struct KeyRingReport : public callback::ReportBase
45  {
51  enum KeyTrust
52  {
56  KEY_DONT_TRUST = 0,
61  KEY_TRUST_TEMPORARILY,
70  KEY_TRUST_AND_IMPORT
71  };
72 
77  virtual KeyTrust askUserToAcceptKey( const PublicKey &key, const KeyContext &keycontext = KeyContext() );
78 
79  virtual bool askUserToAcceptUnsignedFile( const std::string &file, const KeyContext &keycontext = KeyContext() );
80 
87  virtual bool askUserToAcceptUnknownKey( const std::string &file, const std::string &id, const KeyContext &keycontext = KeyContext() );
88 
94  virtual bool askUserToAcceptVerificationFailed( const std::string &file, const PublicKey &key, const KeyContext &keycontext = KeyContext() );
95 
96  };
97 
98  struct KeyRingSignals : public callback::ReportBase
99  {
100  virtual void trustedKeyAdded( const PublicKey &/*key*/ )
101  {}
102  virtual void trustedKeyRemoved( const PublicKey &/*key*/ )
103  {}
104  };
105 
106  class KeyRingException : public Exception
107  {
108  public:
112  KeyRingException()
113  : Exception( "Bad Key Exception" )
114  {}
118  KeyRingException( const std::string & msg_r )
119  : Exception( msg_r )
120  {}
122  virtual ~KeyRingException() throw() {};
123  };
124 
126  //
127  // CLASS NAME : KeyRing
128  //
132  class KeyRing : public base::ReferenceCounted, private base::NonCopyable
133  {
134  friend std::ostream & operator<<( std::ostream & str, const KeyRing & obj );
135 
136  public:
148  enum DefaultAcceptBits
149  {
150  ACCEPT_NOTHING = 0x0000,
151  ACCEPT_UNSIGNED_FILE = 0x0001,
152  ACCEPT_UNKNOWNKEY = 0x0002,
153  TRUST_KEY_TEMPORARILY = 0x0004,
154  TRUST_AND_IMPORT_KEY = 0x0008,
155  ACCEPT_VERIFICATION_FAILED = 0x0010,
156  };
157  ZYPP_DECLARE_FLAGS( DefaultAccept, DefaultAcceptBits );
158 
160  static DefaultAccept defaultAccept();
161 
163  static void setDefaultAccept( DefaultAccept value_r );
165 
166  public:
168  class Impl;
169 
170  public:
172  KeyRing(const Pathname &baseTmpDir);
173 
178  void importKey( const PublicKey &key, bool trusted = false);
179 
181  void multiKeyImport( const Pathname & keyfile_r, bool trusted_r = false );
182 
183  void dumpTrustedPublicKey( const std::string &id, std::ostream &stream )
184  { dumpPublicKey(id, true, stream); }
185 
186  void dumpUntrustedPublicKey( const std::string &id, std::ostream &stream )
187  { dumpPublicKey(id, false, stream); }
188 
189  void dumpPublicKey( const std::string &id, bool trusted, std::ostream &stream );
190 
192  PublicKey exportPublicKey( const PublicKeyData & keyData );
193 
195  PublicKey exportTrustedPublicKey( const PublicKeyData & keyData );
196 
200  std::string readSignatureKeyId( const Pathname &signature );
201 
205  bool isKeyTrusted( const std::string &id );
206 
211  bool isKeyKnown( const std::string &id );
212 
217  void deleteKey( const std::string &id, bool trusted = false );
218 
222  std::list<PublicKey> publicKeys();
223 
227  std::list<PublicKey> trustedPublicKeys();
228 
232  std::list<PublicKeyData> publicKeyData();
233 
237  std::list<PublicKeyData> trustedPublicKeyData();
238 
263  bool verifyFileSignatureWorkflow(
264  const Pathname &file,
265  const std::string filedesc,
266  const Pathname &signature,
267  const KeyContext &keycontext = KeyContext());
268 
269 
276  bool verifyFileSignature( const Pathname &file, const Pathname &signature );
277 
278  bool verifyFileTrustedSignature( const Pathname &file, const Pathname &signature );
279 
281  ~KeyRing();
282 
283  private:
285  RW_pointer<Impl> _pimpl;
286  };
288 
290  inline std::ostream & operator<<( std::ostream & str, const KeyRing & /*obj*/ )
291  {
292  //return str << obj.asString();
293  return str;
294  }
295 
297  ZYPP_DECLARE_OPERATORS_FOR_FLAGS( KeyRing::DefaultAccept );
298 
300 
301  namespace target
302  {
303  namespace rpm
304  {
306  struct KeyRingSignals : public ::zypp::KeyRingSignals
307  {};
308  }
309  }
310 
312 } // namespace zypp
314 #endif // ZYPP_KEYRING_H
zypp::KeyRing::importKey
void importKey(const PublicKey &key, bool trusted=false)
imports a key from a file.
Definition: KeyRing.cc:661
zypp::KeyRing::exportTrustedPublicKey
PublicKey exportTrustedPublicKey(const PublicKeyData &keyData)
Export a trusted public key identified by its key data.
Definition: KeyRing.cc:704
zypp::KeyRing::verifyFileSignatureWorkflow
bool verifyFileSignatureWorkflow(const Pathname &file, const std::string filedesc, const Pathname &signature, const KeyContext &keycontext=KeyContext())
Follows a signature verification interacting with the user.
Definition: KeyRing.cc:685
zypp::KeyRing::dumpTrustedPublicKey
void dumpTrustedPublicKey(const std::string &id, std::ostream &stream)
Definition: KeyRing.h:183
zypp::KeyRing
Gpg key handling.
Definition: KeyRing.h:132
zypp::KeyRingReport::KEY_TRUST_TEMPORARILY
This basically means, we knew the key, but it was not trusted.
Definition: KeyRing.h:61
zypp::KeyRing::exportPublicKey
PublicKey exportPublicKey(const PublicKeyData &keyData)
Export a public key identified by its key data.
Definition: KeyRing.cc:701
zypp::KeyRingException::KeyRingException
KeyRingException(const std::string &msg_r)
Ctor taking message.
Definition: KeyRing.h:118
zypp::PublicKeyData
Class representing one GPG Public Keys data.
Definition: PublicKey.h:74
zypp::KeyRing::dumpPublicKey
void dumpPublicKey(const std::string &id, bool trusted, std::ostream &stream)
Definition: KeyRing.cc:698
zypp::KeyRing::trustedPublicKeys
std::list< PublicKey > trustedPublicKeys()
Get a list of trusted public keys in the keyring (incl.
Definition: KeyRing.cc:676
zypp::KeyRingReport::askUserToAcceptUnsignedFile
virtual bool askUserToAcceptUnsignedFile(const std::string &file, const KeyContext &keycontext=KeyContext())
Definition: KeyRing.cc:62
zypp::KeyRing::KeyRing
KeyRing(const Pathname &baseTmpDir)
Default ctor.
Definition: KeyRing.cc:653
zypp::KeyRing::trustedPublicKeyData
std::list< PublicKeyData > trustedPublicKeyData()
Get a list of trusted public key data in the keyring (key data only)
Definition: KeyRing.cc:682
zypp::KeyRingReport::askUserToAcceptUnknownKey
virtual bool askUserToAcceptUnknownKey(const std::string &file, const std::string &id, const KeyContext &keycontext=KeyContext())
we DONT know the key, only its id, but we have never seen it, the difference with trust key is that i...
Definition: KeyRing.cc:75
zypp::KeyRingException::KeyRingException
KeyRingException()
Ctor taking message.
Definition: KeyRing.h:112
zypp::target::rpm::KeyRingSignals
Internal connection to rpm database.
Definition: KeyRing.h:306
zypp::KeyRing::ZYPP_DECLARE_FLAGS
ZYPP_DECLARE_FLAGS(DefaultAccept, DefaultAcceptBits)
zypp::KeyRingReport::KeyTrust
KeyTrust
User reply options for the askUserToTrustKey callback.
Definition: KeyRing.h:51
zypp::KeyRing::~KeyRing
~KeyRing()
Dtor.
Definition: KeyRing.cc:657
zypp::base::NonCopyable
boost::noncopyable NonCopyable
Ensure derived classes cannot be copied.
Definition: NonCopyable.h:26
zypp::KeyRing::setDefaultAccept
static void setDefaultAccept(DefaultAccept value_r)
Set the active accept bits.
Definition: KeyRing.cc:56
zypp::DEFINE_PTR_TYPE
DEFINE_PTR_TYPE(KeyRing)
zypp::KeyRing::dumpUntrustedPublicKey
void dumpUntrustedPublicKey(const std::string &id, std::ostream &stream)
Definition: KeyRing.h:186
zypp::KeyRing::operator<<
std::ostream & operator<<(std::ostream &str, const KeyRing &)
Definition: KeyRing.h:290
zypp::KeyRingSignals::trustedKeyAdded
virtual void trustedKeyAdded(const PublicKey &)
Definition: KeyRing.h:100
zypp::base::ReferenceCounted
Base class for reference counted objects.
Definition: ReferenceCounted.h:33
zypp::KeyRing::isKeyKnown
bool isKeyKnown(const std::string &id)
true if the key id is knows, that means at least exist on the untrusted keyring
Definition: KeyRing.cc:710
zypp::KeyRing::multiKeyImport
void multiKeyImport(const Pathname &keyfile_r, bool trusted_r=false)
Initial import from RpmDb.
Definition: KeyRing.cc:664
zypp::KeyRingReport::KEY_DONT_TRUST
User has chosen not to trust the key.
Definition: KeyRing.h:56
zypp::KeyRing::DefaultAcceptBits
DefaultAcceptBits
DefaultAccept flags (
Definition: KeyRing.h:148
zypp::KeyRingReport::askUserToAcceptKey
virtual KeyTrust askUserToAcceptKey(const PublicKey &key, const KeyContext &keycontext=KeyContext())
Ask user to trust and/or import the key to trusted keyring.
Definition: KeyRing.cc:66
zypp::KeyRing::defaultAccept
static DefaultAccept defaultAccept()
Get the active accept bits.
Definition: KeyRing.cc:53
zypp::KeyRing::_pimpl
RW_pointer< Impl > _pimpl
Pointer to implementation.
Definition: KeyRing.h:285
zypp::PublicKey
Class representing one GPG Public Key (PublicKeyData + ASCII armored in a tempfile).
Definition: PublicKey.h:208
zypp::KeyRing::publicKeyData
std::list< PublicKeyData > publicKeyData()
Get a list of public key data in the keyring (key data only)
Definition: KeyRing.cc:679
zypp::Exception
Base class for Exception.
Definition: Exception.h:143
zypp::KeyRingReport
Callbacks from signature verification workflow.
Definition: KeyRing.h:44
zypp::RW_pointer
Wrapper for const correct access via Smart pointer types.
Definition: PtrTypes.h:265
zypp::KeyRing::deleteKey
void deleteKey(const std::string &id, bool trusted=false)
removes a key from the keyring.
Definition: KeyRing.cc:670
zypp::KeyRing::operator<<
friend std::ostream & operator<<(std::ostream &str, const KeyRing &obj)
zypp::KeyRing::verifyFileTrustedSignature
bool verifyFileTrustedSignature(const Pathname &file, const Pathname &signature)
Definition: KeyRing.cc:695
zypp::KeyRing::isKeyTrusted
bool isKeyTrusted(const std::string &id)
true if the key id is trusted
Definition: KeyRing.cc:707
zypp::KeyRingSignals::trustedKeyRemoved
virtual void trustedKeyRemoved(const PublicKey &)
Definition: KeyRing.h:102
zypp::ZYPP_DECLARE_OPERATORS_FOR_FLAGS
ZYPP_DECLARE_OPERATORS_FOR_FLAGS(FetcherJob::Flags)
zypp::KeyRing::readSignatureKeyId
std::string readSignatureKeyId(const Pathname &signature)
reads the public key id from a signature
Definition: KeyRing.cc:667
zypp::KeyRing::verifyFileSignature
bool verifyFileSignature(const Pathname &file, const Pathname &signature)
Verifies a file against a signature, with no user interaction.
Definition: KeyRing.cc:692
zypp::KeyRingException::~KeyRingException
virtual ~KeyRingException()
Dtor.
Definition: KeyRing.h:122
zypp::KeyRingReport::askUserToAcceptVerificationFailed
virtual bool askUserToAcceptVerificationFailed(const std::string &file, const PublicKey &key, const KeyContext &keycontext=KeyContext())
The file filedesc is signed but the verification failed.
Definition: KeyRing.cc:78
zypp::KeyRing::publicKeys
std::list< PublicKey > publicKeys()
Get a list of public keys in the keyring (incl.
Definition: KeyRing.cc:673