libzypp  17.28.8
KeyRing.h
Go to the documentation of this file.
1 /*---------------------------------------------------------------------\
2 | ____ _ __ __ ___ |
3 | |__ / \ / / . \ . \ |
4 | / / \ V /| _/ _/ |
5 | / /__ | | | | | | |
6 | /_____||_| |_| |_| |
7 | |
8 \---------------------------------------------------------------------*/
12 #ifndef ZYPP_KEYRING_H
13 #define ZYPP_KEYRING_H
14 
15 #include <iosfwd>
16 #include <map>
17 #include <list>
18 #include <set>
19 #include <string>
20 
21 #include <zypp/base/ReferenceCounted.h>
22 #include <zypp/base/Flags.h>
23 #include <zypp/Callback.h>
24 #include <zypp/base/PtrTypes.h>
25 #include <zypp/Locale.h>
26 #include <zypp/PublicKey.h>
27 #include <zypp/KeyRingContexts.h>
28 
30 namespace zypp
31 {
32 
34 
45  {
51  enum KeyTrust
52  {
71  };
72 
77  virtual KeyTrust askUserToAcceptKey( const PublicKey &key, const KeyContext &keycontext = KeyContext() );
78 
80  virtual void infoVerify( const std::string & file_r, const PublicKeyData & keyData_r, const KeyContext &keycontext = KeyContext() );
81 
82  virtual bool askUserToAcceptUnsignedFile( const std::string &file, const KeyContext &keycontext = KeyContext() );
83 
90  virtual bool askUserToAcceptUnknownKey( const std::string &file, const std::string &id, const KeyContext &keycontext = KeyContext() );
91 
97  virtual bool askUserToAcceptVerificationFailed( const std::string &file, const PublicKey &key, const KeyContext &keycontext = KeyContext() );
98 
115  bool askUserToAcceptPackageKey( const PublicKey &key_r, const KeyContext &keycontext_r = KeyContext() );
117  constexpr static const char * ACCEPT_PACKAGE_KEY_REQUEST = "KeyRingReport/AcceptPackageKey";
118 
128  void reportNonImportedKeys( const std::set<Edition> &keys_r );
130  constexpr static const char *KEYS_NOT_IMPORTED_REPORT = "KeyRingReport/KeysNotImported";
131 
132 
145  void reportAutoImportKey( const std::list<PublicKeyData> & keyDataList_r,
146  const PublicKeyData & keySigning_r,
147  const KeyContext &keyContext_r );
149  constexpr static const char *REPORT_AUTO_IMPORT_KEY = "KeyRingReport/reportAutoImportKey";
150  };
151 
153  {
154  virtual void trustedKeyAdded( const PublicKey &/*key*/ )
155  {}
156  virtual void trustedKeyRemoved( const PublicKey &/*key*/ )
157  {}
158  };
159 
161  {
162  public:
167  : Exception( "Bad Key Exception" )
168  {}
172  KeyRingException( const std::string & msg_r )
173  : Exception( msg_r )
174  {}
176  virtual ~KeyRingException() throw() {};
177  };
178 
180  //
181  // CLASS NAME : KeyRing
182  //
187  {
188  friend std::ostream & operator<<( std::ostream & str, const KeyRing & obj );
189 
190  public:
203  {
204  ACCEPT_NOTHING = 0x0000,
210  };
212 
214  static DefaultAccept defaultAccept();
215 
217  static void setDefaultAccept( DefaultAccept value_r );
219 
220  public:
222  struct Impl;
223 
224  public:
226  KeyRing(const Pathname &baseTmpDir);
227 
232  void importKey( const PublicKey &key, bool trusted = false);
233 
235  void multiKeyImport( const Pathname & keyfile_r, bool trusted_r = false );
236 
237  void dumpTrustedPublicKey( const std::string &id, std::ostream &stream )
238  { dumpPublicKey(id, true, stream); }
239 
240  void dumpUntrustedPublicKey( const std::string &id, std::ostream &stream )
241  { dumpPublicKey(id, false, stream); }
242 
243  void dumpPublicKey( const std::string &id, bool trusted, std::ostream &stream );
244 
246  PublicKey exportPublicKey( const PublicKeyData & keyData );
247 
250 
254  std::string readSignatureKeyId( const Pathname &signature );
255 
259  bool isKeyTrusted( const std::string &id );
260 
265  bool isKeyKnown( const std::string &id );
266 
271  void deleteKey( const std::string &id, bool trusted = false );
272 
276  std::list<PublicKey> publicKeys();
277 
281  std::list<PublicKey> trustedPublicKeys();
282 
286  std::list<PublicKeyData> publicKeyData();
287 
291  std::list<PublicKeyData> trustedPublicKeyData();
292 
296  PublicKeyData publicKeyData( const std::string &id );
297 
301  PublicKeyData trustedPublicKeyData( const std::string &id );
302 
333  bool verifyFileSignatureWorkflow( const Pathname &file, const std::string &filedesc, const Pathname &signature, bool & sigValid_r, const KeyContext &keycontext = KeyContext());
335  bool verifyFileSignatureWorkflow( const Pathname &file, const std::string filedesc, const Pathname &signature, const KeyContext &keycontext = KeyContext());
340 
347  bool verifyFileSignature( const Pathname &file, const Pathname &signature );
348 
349  bool verifyFileTrustedSignature( const Pathname &file, const Pathname &signature );
350 
355  bool provideAndImportKeyFromRepositoryWorkflow ( const std::string &id , const RepoInfo &info );
356 
358  ~KeyRing();
359 
360  public:
362  void allowPreload( bool yesno_r );
363 
364  private:
367  };
369 
371  inline std::ostream & operator<<( std::ostream & str, const KeyRing & /*obj*/ )
372  {
373  //return str << obj.asString();
374  return str;
375  }
376 
378  ZYPP_DECLARE_OPERATORS_FOR_FLAGS( KeyRing::DefaultAccept );
379 
381 
382  namespace target
383  {
384  namespace rpm
385  {
388  {};
389  }
390  }
391 
393 } // namespace zypp
395 #endif // ZYPP_KEYRING_H
Base class for Exception.
Definition: Exception.h:146
virtual ~KeyRingException()
Dtor.
Definition: KeyRing.h:176
KeyRingException()
Ctor taking message.
Definition: KeyRing.h:166
KeyRingException(const std::string &msg_r)
Ctor taking message.
Definition: KeyRing.h:172
Gpg key handling.
Definition: KeyRing.h:187
bool provideAndImportKeyFromRepositoryWorkflow(const std::string &id, const RepoInfo &info)
Try to find the id in key cache or repository specified in info.
Definition: KeyRing.cc:868
std::ostream & operator<<(std::ostream &str, const KeyRing &)
Stream output.
Definition: KeyRing.h:371
friend std::ostream & operator<<(std::ostream &str, const KeyRing &obj)
bool isKeyKnown(const std::string &id)
true if the key id is knows, that means at least exist on the untrusted keyring
Definition: KeyRing.cc:885
std::list< PublicKey > publicKeys()
Get a list of public keys in the keyring (incl.
Definition: KeyRing.cc:821
ZYPP_DECLARE_FLAGS(DefaultAccept, DefaultAcceptBits)
std::list< PublicKey > trustedPublicKeys()
Get a list of trusted public keys in the keyring (incl.
Definition: KeyRing.cc:824
static DefaultAccept defaultAccept()
Get the active accept bits.
Definition: KeyRing.cc:52
void dumpTrustedPublicKey(const std::string &id, std::ostream &stream)
Definition: KeyRing.h:237
void dumpPublicKey(const std::string &id, bool trusted, std::ostream &stream)
Definition: KeyRing.cc:873
bool verifyFileSignature(const Pathname &file, const Pathname &signature)
Verifies a file against a signature, with no user interaction.
Definition: KeyRing.cc:862
void multiKeyImport(const Pathname &keyfile_r, bool trusted_r=false)
Initial import from RpmDb.
Definition: KeyRing.cc:812
KeyRing(const Pathname &baseTmpDir)
Default ctor.
Definition: KeyRing.cc:798
~KeyRing()
Dtor.
Definition: KeyRing.cc:802
PublicKey exportPublicKey(const PublicKeyData &keyData)
Export a public key identified by its key data.
Definition: KeyRing.cc:876
std::string readSignatureKeyId(const Pathname &signature)
reads the public key id from a signature
Definition: KeyRing.cc:815
void allowPreload(bool yesno_r)
The general keyring may be populated with known keys stored on the system.
Definition: KeyRing.cc:805
void dumpUntrustedPublicKey(const std::string &id, std::ostream &stream)
Definition: KeyRing.h:240
bool verifyFileTrustedSignature(const Pathname &file, const Pathname &signature)
Definition: KeyRing.cc:865
void importKey(const PublicKey &key, bool trusted=false)
imports a key from a file.
Definition: KeyRing.cc:809
bool verifyFileSignatureWorkflow(const Pathname &file, const std::string &filedesc, const Pathname &signature, bool &sigValid_r, const KeyContext &keycontext=KeyContext())
Follows a signature verification interacting with the user.
Definition: KeyRing.cc:839
RW_pointer< Impl > _pimpl
Pointer to implementation.
Definition: KeyRing.h:366
void deleteKey(const std::string &id, bool trusted=false)
removes a key from the keyring.
Definition: KeyRing.cc:818
std::list< PublicKeyData > trustedPublicKeyData()
Get a list of trusted public key data in the keyring (key data only)
Definition: KeyRing.cc:830
static void setDefaultAccept(DefaultAccept value_r)
Set the active accept bits.
Definition: KeyRing.cc:55
std::list< PublicKeyData > publicKeyData()
Get a list of public key data in the keyring (key data only)
Definition: KeyRing.cc:827
DefaultAcceptBits
DefaultAccept flags (
Definition: KeyRing.h:203
@ TRUST_KEY_TEMPORARILY
Definition: KeyRing.h:207
@ ACCEPT_VERIFICATION_FAILED
Definition: KeyRing.h:209
@ ACCEPT_UNKNOWNKEY
Definition: KeyRing.h:206
@ ACCEPT_NOTHING
Definition: KeyRing.h:204
@ TRUST_AND_IMPORT_KEY
Definition: KeyRing.h:208
@ ACCEPT_UNSIGNED_FILE
Definition: KeyRing.h:205
PublicKey exportTrustedPublicKey(const PublicKeyData &keyData)
Export a trusted public key identified by its key data.
Definition: KeyRing.cc:879
bool isKeyTrusted(const std::string &id)
true if the key id is trusted
Definition: KeyRing.cc:882
Class representing one GPG Public Keys data.
Definition: PublicKey.h:207
Class representing one GPG Public Key (PublicKeyData + ASCII armored in a tempfile).
Definition: PublicKey.h:359
What is known about a repository.
Definition: RepoInfo.h:72
Base class for reference counted objects.
I/O context for KeyRing::verifyFileSignatureWorkflow.
String related utilities and Regular expression matching.
boost::noncopyable NonCopyable
Ensure derived classes cannot be copied.
Definition: NonCopyable.h:26
Easy-to use interface to the ZYPP dependency resolver.
Definition: CodePitfalls.doc:2
DEFINE_PTR_TYPE(Application)
ZYPP_DECLARE_OPERATORS_FOR_FLAGS(DiskUsageCounter::MountPoint::HintFlags)
Callbacks from signature verification workflow.
Definition: KeyRing.h:45
virtual void infoVerify(const std::string &file_r, const PublicKeyData &keyData_r, const KeyContext &keycontext=KeyContext())
Informal callback showing the trusted key that will be used for verification.
Definition: KeyRing.cc:61
void reportNonImportedKeys(const std::set< Edition > &keys_r)
Notify the user about keys that were not imported from the rpm key database into zypp keyring.
Definition: KeyRing.cc:95
constexpr static const char * KEYS_NOT_IMPORTED_REPORT
generic reports UserData::type
Definition: KeyRing.h:130
KeyTrust
User reply options for the askUserToTrustKey callback.
Definition: KeyRing.h:52
@ KEY_TRUST_AND_IMPORT
Import the key.
Definition: KeyRing.h:70
@ KEY_DONT_TRUST
User has chosen not to trust the key.
Definition: KeyRing.h:56
@ KEY_TRUST_TEMPORARILY
This basically means, we knew the key, but it was not trusted.
Definition: KeyRing.h:61
virtual bool askUserToAcceptUnsignedFile(const std::string &file, const KeyContext &keycontext=KeyContext())
Definition: KeyRing.cc:64
bool askUserToAcceptPackageKey(const PublicKey &key_r, const KeyContext &keycontext_r=KeyContext())
Ask user to trust and/or import the package key to trusted keyring, using ReportBase::report.
Definition: KeyRing.cc:83
void reportAutoImportKey(const std::list< PublicKeyData > &keyDataList_r, const PublicKeyData &keySigning_r, const KeyContext &keyContext_r)
Notify that a repository auto imported new package signing keys.
Definition: KeyRing.cc:102
virtual KeyTrust askUserToAcceptKey(const PublicKey &key, const KeyContext &keycontext=KeyContext())
Ask user to trust and/or import the key to trusted keyring.
Definition: KeyRing.cc:68
virtual bool askUserToAcceptUnknownKey(const std::string &file, const std::string &id, const KeyContext &keycontext=KeyContext())
we DONT know the key, only its id, but we have never seen it, the difference with trust key is that i...
Definition: KeyRing.cc:77
constexpr static const char * REPORT_AUTO_IMPORT_KEY
generic reports UserData::type
Definition: KeyRing.h:149
constexpr static const char * ACCEPT_PACKAGE_KEY_REQUEST
generic reports UserData::type
Definition: KeyRing.h:117
virtual bool askUserToAcceptVerificationFailed(const std::string &file, const PublicKey &key, const KeyContext &keycontext=KeyContext())
The file filedesc is signed but the verification failed.
Definition: KeyRing.cc:80
virtual void trustedKeyAdded(const PublicKey &)
Definition: KeyRing.h:154
virtual void trustedKeyRemoved(const PublicKey &)
Definition: KeyRing.h:156
KeyRing implementation.
Definition: KeyRing.cc:231
Internal connection to rpm database.
Definition: KeyRing.h:388