libzypp  17.14.0
KeyRing.h
Go to the documentation of this file.
1 /*---------------------------------------------------------------------\
2 | ____ _ __ __ ___ |
3 | |__ / \ / / . \ . \ |
4 | / / \ V /| _/ _/ |
5 | / /__ | | | | | | |
6 | /_____||_| |_| |_| |
7 | |
8 \---------------------------------------------------------------------*/
12 #ifndef ZYPP_KEYRING_H
13 #define ZYPP_KEYRING_H
14 
15 #include <iosfwd>
16 #include <map>
17 #include <list>
18 #include <set>
19 #include <string>
20 
22 #include "zypp/base/Flags.h"
23 #include "zypp/Callback.h"
24 #include "zypp/base/PtrTypes.h"
25 #include "zypp/Locale.h"
26 #include "zypp/PublicKey.h"
27 #include "zypp/KeyContext.h"
28 
30 namespace zypp
31 {
32 
33  DEFINE_PTR_TYPE(KeyRing);
34 
45  {
51  enum KeyTrust
52  {
71  };
72 
77  virtual KeyTrust askUserToAcceptKey( const PublicKey &key, const KeyContext &keycontext = KeyContext() );
78 
80  virtual void infoVerify( const std::string & file_r, const PublicKeyData & keyData_r, const KeyContext &keycontext = KeyContext() );
81 
82  virtual bool askUserToAcceptUnsignedFile( const std::string &file, const KeyContext &keycontext = KeyContext() );
83 
90  virtual bool askUserToAcceptUnknownKey( const std::string &file, const std::string &id, const KeyContext &keycontext = KeyContext() );
91 
97  virtual bool askUserToAcceptVerificationFailed( const std::string &file, const PublicKey &key, const KeyContext &keycontext = KeyContext() );
98 
115  bool askUserToAcceptPackageKey( const PublicKey &key_r, const KeyContext &keycontext_r = KeyContext() );
117  constexpr static const char * ACCEPT_PACKAGE_KEY_REQUEST = "KeyRingReport/AcceptPackageKey";
118 
128  void reportNonImportedKeys( const std::set<Edition> &keys_r );
130  constexpr static const char *KEYS_NOT_IMPORTED_REPORT = "KeyRingReport/KeysNotImported";
131 
132  };
133 
135  {
136  virtual void trustedKeyAdded( const PublicKey &/*key*/ )
137  {}
138  virtual void trustedKeyRemoved( const PublicKey &/*key*/ )
139  {}
140  };
141 
143  {
144  public:
149  : Exception( "Bad Key Exception" )
150  {}
154  KeyRingException( const std::string & msg_r )
155  : Exception( msg_r )
156  {}
158  virtual ~KeyRingException() throw() {};
159  };
160 
162  //
163  // CLASS NAME : KeyRing
164  //
169  {
170  friend std::ostream & operator<<( std::ostream & str, const KeyRing & obj );
171 
172  public:
185  {
186  ACCEPT_NOTHING = 0x0000,
192  };
193  ZYPP_DECLARE_FLAGS( DefaultAccept, DefaultAcceptBits );
194 
196  static DefaultAccept defaultAccept();
197 
199  static void setDefaultAccept( DefaultAccept value_r );
201 
202  public:
204  struct Impl;
205 
206  public:
208  KeyRing(const Pathname &baseTmpDir);
209 
214  void importKey( const PublicKey &key, bool trusted = false);
215 
217  void multiKeyImport( const Pathname & keyfile_r, bool trusted_r = false );
218 
219  void dumpTrustedPublicKey( const std::string &id, std::ostream &stream )
220  { dumpPublicKey(id, true, stream); }
221 
222  void dumpUntrustedPublicKey( const std::string &id, std::ostream &stream )
223  { dumpPublicKey(id, false, stream); }
224 
225  void dumpPublicKey( const std::string &id, bool trusted, std::ostream &stream );
226 
228  PublicKey exportPublicKey( const PublicKeyData & keyData );
229 
232 
236  std::string readSignatureKeyId( const Pathname &signature );
237 
241  bool isKeyTrusted( const std::string &id );
242 
247  bool isKeyKnown( const std::string &id );
248 
253  void deleteKey( const std::string &id, bool trusted = false );
254 
258  std::list<PublicKey> publicKeys();
259 
263  std::list<PublicKey> trustedPublicKeys();
264 
268  std::list<PublicKeyData> publicKeyData();
269 
273  std::list<PublicKeyData> trustedPublicKeyData();
274 
278  PublicKeyData trustedPublicKeyData( const std::string &id );
279 
310  bool verifyFileSignatureWorkflow( const Pathname &file, const std::string &filedesc, const Pathname &signature, bool & sigValid_r, const KeyContext &keycontext = KeyContext());
312  bool verifyFileSignatureWorkflow( const Pathname &file, const std::string filedesc, const Pathname &signature, const KeyContext &keycontext = KeyContext());
313 
320  bool verifyFileSignature( const Pathname &file, const Pathname &signature );
321 
322  bool verifyFileTrustedSignature( const Pathname &file, const Pathname &signature );
323 
328  bool provideAndImportKeyFromRepositoryWorkflow ( const std::string &id , const RepoInfo &info );
329 
331  ~KeyRing();
332 
333  private:
336  };
338 
340  inline std::ostream & operator<<( std::ostream & str, const KeyRing & /*obj*/ )
341  {
342  //return str << obj.asString();
343  return str;
344  }
345 
347  ZYPP_DECLARE_OPERATORS_FOR_FLAGS( KeyRing::DefaultAccept );
348 
350 
351  namespace target
352  {
353  namespace rpm
354  {
357  {};
358  }
359  }
360 
362 } // namespace zypp
364 #endif // ZYPP_KEYRING_H
void importKey(const PublicKey &key, bool trusted=false)
imports a key from a file.
Definition: KeyRing.cc:643
PublicKey exportTrustedPublicKey(const PublicKeyData &keyData)
Export a trusted public key identified by its key data.
Definition: KeyRing.cc:693
void dumpTrustedPublicKey(const std::string &id, std::ostream &stream)
Definition: KeyRing.h:219
Gpg key handling.
Definition: KeyRing.h:168
Helper filtering the files offered by a RepomdFileReader.
This basically means, we knew the key, but it was not trusted.
Definition: KeyRing.h:61
PublicKey exportPublicKey(const PublicKeyData &keyData)
Export a public key identified by its key data.
Definition: KeyRing.cc:690
KeyRingException(const std::string &msg_r)
Ctor taking message.
Definition: KeyRing.h:154
Class representing one GPG Public Keys data.
Definition: PublicKey.h:139
void reportNonImportedKeys(const std::set< Edition > &keys_r)
Notify the user about keys that were not imported from the rpm key database into zypp keyring.
Definition: KeyRing.cc:94
void dumpPublicKey(const std::string &id, bool trusted, std::ostream &stream)
Definition: KeyRing.cc:687
std::list< PublicKey > trustedPublicKeys()
Get a list of trusted public keys in the keyring (incl.
Definition: KeyRing.cc:658
ZYPP_DECLARE_OPERATORS_FOR_FLAGS(DiskUsageCounter::MountPoint::HintFlags)
virtual bool askUserToAcceptUnsignedFile(const std::string &file, const KeyContext &keycontext=KeyContext())
Definition: KeyRing.cc:63
String related utilities and Regular expression matching.
KeyRing(const Pathname &baseTmpDir)
Default ctor.
Definition: KeyRing.cc:635
What is known about a repository.
Definition: RepoInfo.h:71
std::list< PublicKeyData > trustedPublicKeyData()
Get a list of trusted public key data in the keyring (key data only)
Definition: KeyRing.cc:664
bool verifyFileSignatureWorkflow(const Pathname &file, const std::string &filedesc, const Pathname &signature, bool &sigValid_r, const KeyContext &keycontext=KeyContext())
Follows a signature verification interacting with the user.
Definition: KeyRing.cc:670
bool askUserToAcceptPackageKey(const PublicKey &key_r, const KeyContext &keycontext_r=KeyContext())
Ask user to trust and/or import the package key to trusted keyring, using ReportBase::report.
Definition: KeyRing.cc:82
virtual bool askUserToAcceptUnknownKey(const std::string &file, const std::string &id, const KeyContext &keycontext=KeyContext())
we DONT know the key, only its id, but we have never seen it, the difference with trust key is that i...
Definition: KeyRing.cc:76
KeyRingException()
Ctor taking message.
Definition: KeyRing.h:148
Internal connection to rpm database.
Definition: KeyRing.h:356
virtual void infoVerify(const std::string &file_r, const PublicKeyData &keyData_r, const KeyContext &keycontext=KeyContext())
Informal callback showing the trusted key that will be used for verification.
Definition: KeyRing.cc:60
ZYPP_DECLARE_FLAGS(DefaultAccept, DefaultAcceptBits)
KeyTrust
User reply options for the askUserToTrustKey callback.
Definition: KeyRing.h:51
~KeyRing()
Dtor.
Definition: KeyRing.cc:639
boost::noncopyable NonCopyable
Ensure derived classes cannot be copied.
Definition: NonCopyable.h:26
static void setDefaultAccept(DefaultAccept value_r)
Set the active accept bits.
Definition: KeyRing.cc:54
void dumpUntrustedPublicKey(const std::string &id, std::ostream &stream)
Definition: KeyRing.h:222
DEFINE_PTR_TYPE(Application)
std::ostream & operator<<(std::ostream &str, const KeyRing &)
Definition: KeyRing.h:340
bool provideAndImportKeyFromRepositoryWorkflow(const std::string &id, const RepoInfo &info)
Try to find the id in key cache or repository specified in info.
Definition: KeyRing.cc:682
virtual void trustedKeyAdded(const PublicKey &)
Definition: KeyRing.h:136
Base class for reference counted objects.
bool isKeyKnown(const std::string &id)
true if the key id is knows, that means at least exist on the untrusted keyring
Definition: KeyRing.cc:699
void multiKeyImport(const Pathname &keyfile_r, bool trusted_r=false)
Initial import from RpmDb.
Definition: KeyRing.cc:646
User has chosen not to trust the key.
Definition: KeyRing.h:56
DefaultAcceptBits
DefaultAccept flags (
Definition: KeyRing.h:184
virtual KeyTrust askUserToAcceptKey(const PublicKey &key, const KeyContext &keycontext=KeyContext())
Ask user to trust and/or import the key to trusted keyring.
Definition: KeyRing.cc:67
static DefaultAccept defaultAccept()
Get the active accept bits.
Definition: KeyRing.cc:51
RW_pointer< Impl > _pimpl
Pointer to implementation.
Definition: KeyRing.h:335
Class representing one GPG Public Key (PublicKeyData + ASCII armored in a tempfile).
Definition: PublicKey.h:275
std::list< PublicKeyData > publicKeyData()
Get a list of public key data in the keyring (key data only)
Definition: KeyRing.cc:661
Base class for Exception.
Definition: Exception.h:145
Callbacks from signature verification workflow.
Definition: KeyRing.h:44
void deleteKey(const std::string &id, bool trusted=false)
removes a key from the keyring.
Definition: KeyRing.cc:652
friend std::ostream & operator<<(std::ostream &str, const KeyRing &obj)
static constexpr const char * KEYS_NOT_IMPORTED_REPORT
Definition: KeyRing.h:130
bool verifyFileTrustedSignature(const Pathname &file, const Pathname &signature)
Definition: KeyRing.cc:679
bool isKeyTrusted(const std::string &id)
true if the key id is trusted
Definition: KeyRing.cc:696
Easy-to use interface to the ZYPP dependency resolver.
Definition: CodePitfalls.doc:1
virtual void trustedKeyRemoved(const PublicKey &)
Definition: KeyRing.h:138
std::string readSignatureKeyId(const Pathname &signature)
reads the public key id from a signature
Definition: KeyRing.cc:649
bool verifyFileSignature(const Pathname &file, const Pathname &signature)
Verifies a file against a signature, with no user interaction.
Definition: KeyRing.cc:676
static constexpr const char * ACCEPT_PACKAGE_KEY_REQUEST
Definition: KeyRing.h:117
virtual ~KeyRingException()
Dtor.
Definition: KeyRing.h:158
virtual bool askUserToAcceptVerificationFailed(const std::string &file, const PublicKey &key, const KeyContext &keycontext=KeyContext())
The file filedesc is signed but the verification failed.
Definition: KeyRing.cc:79
std::list< PublicKey > publicKeys()
Get a list of public keys in the keyring (incl.
Definition: KeyRing.cc:655