libzypp  17.23.8
KeyRing.h
Go to the documentation of this file.
1 /*---------------------------------------------------------------------\
2 | ____ _ __ __ ___ |
3 | |__ / \ / / . \ . \ |
4 | / / \ V /| _/ _/ |
5 | / /__ | | | | | | |
6 | /_____||_| |_| |_| |
7 | |
8 \---------------------------------------------------------------------*/
12 #ifndef ZYPP_KEYRING_H
13 #define ZYPP_KEYRING_H
14 
15 #include <iosfwd>
16 #include <map>
17 #include <list>
18 #include <set>
19 #include <string>
20 
22 #include <zypp/base/Flags.h>
23 #include <zypp/Callback.h>
24 #include <zypp/base/PtrTypes.h>
25 #include <zypp/Locale.h>
26 #include <zypp/PublicKey.h>
27 #include <zypp/KeyContext.h>
28 
30 namespace zypp
31 {
32 
33  DEFINE_PTR_TYPE(KeyRing);
34 
45  {
51  enum KeyTrust
52  {
71  };
72 
77  virtual KeyTrust askUserToAcceptKey( const PublicKey &key, const KeyContext &keycontext = KeyContext() );
78 
80  virtual void infoVerify( const std::string & file_r, const PublicKeyData & keyData_r, const KeyContext &keycontext = KeyContext() );
81 
82  virtual bool askUserToAcceptUnsignedFile( const std::string &file, const KeyContext &keycontext = KeyContext() );
83 
90  virtual bool askUserToAcceptUnknownKey( const std::string &file, const std::string &id, const KeyContext &keycontext = KeyContext() );
91 
97  virtual bool askUserToAcceptVerificationFailed( const std::string &file, const PublicKey &key, const KeyContext &keycontext = KeyContext() );
98 
115  bool askUserToAcceptPackageKey( const PublicKey &key_r, const KeyContext &keycontext_r = KeyContext() );
117  constexpr static const char * ACCEPT_PACKAGE_KEY_REQUEST = "KeyRingReport/AcceptPackageKey";
118 
128  void reportNonImportedKeys( const std::set<Edition> &keys_r );
130  constexpr static const char *KEYS_NOT_IMPORTED_REPORT = "KeyRingReport/KeysNotImported";
131 
132  };
133 
135  {
136  virtual void trustedKeyAdded( const PublicKey &/*key*/ )
137  {}
138  virtual void trustedKeyRemoved( const PublicKey &/*key*/ )
139  {}
140  };
141 
143  {
144  public:
149  : Exception( "Bad Key Exception" )
150  {}
154  KeyRingException( const std::string & msg_r )
155  : Exception( msg_r )
156  {}
158  virtual ~KeyRingException() throw() {};
159  };
160 
162  //
163  // CLASS NAME : KeyRing
164  //
169  {
170  friend std::ostream & operator<<( std::ostream & str, const KeyRing & obj );
171 
172  public:
185  {
186  ACCEPT_NOTHING = 0x0000,
192  };
193  ZYPP_DECLARE_FLAGS( DefaultAccept, DefaultAcceptBits );
194 
196  static DefaultAccept defaultAccept();
197 
199  static void setDefaultAccept( DefaultAccept value_r );
201 
202  public:
204  struct Impl;
205 
206  public:
208  KeyRing(const Pathname &baseTmpDir);
209 
214  void importKey( const PublicKey &key, bool trusted = false);
215 
217  void multiKeyImport( const Pathname & keyfile_r, bool trusted_r = false );
218 
219  void dumpTrustedPublicKey( const std::string &id, std::ostream &stream )
220  { dumpPublicKey(id, true, stream); }
221 
222  void dumpUntrustedPublicKey( const std::string &id, std::ostream &stream )
223  { dumpPublicKey(id, false, stream); }
224 
225  void dumpPublicKey( const std::string &id, bool trusted, std::ostream &stream );
226 
228  PublicKey exportPublicKey( const PublicKeyData & keyData );
229 
232 
236  std::string readSignatureKeyId( const Pathname &signature );
237 
241  bool isKeyTrusted( const std::string &id );
242 
247  bool isKeyKnown( const std::string &id );
248 
253  void deleteKey( const std::string &id, bool trusted = false );
254 
258  std::list<PublicKey> publicKeys();
259 
263  std::list<PublicKey> trustedPublicKeys();
264 
268  std::list<PublicKeyData> publicKeyData();
269 
273  std::list<PublicKeyData> trustedPublicKeyData();
274 
278  PublicKeyData trustedPublicKeyData( const std::string &id );
279 
310  bool verifyFileSignatureWorkflow( const Pathname &file, const std::string &filedesc, const Pathname &signature, bool & sigValid_r, const KeyContext &keycontext = KeyContext());
312  bool verifyFileSignatureWorkflow( const Pathname &file, const std::string filedesc, const Pathname &signature, const KeyContext &keycontext = KeyContext());
313 
320  bool verifyFileSignature( const Pathname &file, const Pathname &signature );
321 
322  bool verifyFileTrustedSignature( const Pathname &file, const Pathname &signature );
323 
328  bool provideAndImportKeyFromRepositoryWorkflow ( const std::string &id , const RepoInfo &info );
329 
331  ~KeyRing();
332 
333  private:
336  };
338 
340  inline std::ostream & operator<<( std::ostream & str, const KeyRing & /*obj*/ )
341  {
342  //return str << obj.asString();
343  return str;
344  }
345 
347  ZYPP_DECLARE_OPERATORS_FOR_FLAGS( KeyRing::DefaultAccept );
348 
350 
351  namespace target
352  {
353  namespace rpm
354  {
357  {};
358  }
359  }
360 
362 } // namespace zypp
364 #endif // ZYPP_KEYRING_H
zypp::KeyRing::deleteKey
void deleteKey(const std::string &id, bool trusted=false)
removes a key from the keyring.
Definition: KeyRing.cc:652
zypp::KeyRing::exportPublicKey
PublicKey exportPublicKey(const PublicKeyData &keyData)
Export a public key identified by its key data.
Definition: KeyRing.cc:690
zypp::DEFINE_PTR_TYPE
DEFINE_PTR_TYPE(Application)
KeyContext.h
zypp::KeyRing::operator<<
friend std::ostream & operator<<(std::ostream &str, const KeyRing &obj)
zypp::Exception
Base class for Exception.
Definition: Exception.h:145
zypp::RepoInfo
What is known about a repository.
Definition: RepoInfo.h:71
zypp::KeyRing::_pimpl
RW_pointer< Impl > _pimpl
Pointer to implementation.
Definition: KeyRing.h:335
zypp::KeyRing::multiKeyImport
void multiKeyImport(const Pathname &keyfile_r, bool trusted_r=false)
Initial import from RpmDb.
Definition: KeyRing.cc:646
zypp::KeyRing
Gpg key handling.
Definition: KeyRing.h:168
zypp::KeyRingReport::KEY_TRUST_TEMPORARILY
This basically means, we knew the key, but it was not trusted.
Definition: KeyRing.h:61
zypp::PublicKeyData
Class representing one GPG Public Keys data. PublicKeyData are provided e.g. by a PublicKey or a KeyR...
Definition: PublicKey.h:139
zypp::KeyRing::KeyRing
KeyRing(const Pathname &baseTmpDir)
Default ctor.
Definition: KeyRing.cc:635
zypp::KeyRing::trustedPublicKeys
std::list< PublicKey > trustedPublicKeys()
Get a list of trusted public keys in the keyring (incl.
Definition: KeyRing.cc:658
zypp::KeyRingReport::KEY_TRUST_AND_IMPORT
Import the key.
Definition: KeyRing.h:70
zypp::callback::ReportBase
Definition: Callback.h:149
zypp::base::ReferenceCounted
Base class for reference counted objects.
Definition: ReferenceCounted.h:33
zypp::KeyRing::operator<<
std::ostream & operator<<(std::ostream &str, const KeyRing &)
Definition: KeyRing.h:340
zypp::KeyRingReport::reportNonImportedKeys
void reportNonImportedKeys(const std::set< Edition > &keys_r)
Notify the user about keys that were not imported from the rpm key database into zypp keyring.
Definition: KeyRing.cc:94
PtrTypes.h
zypp::KeyRing::isKeyKnown
bool isKeyKnown(const std::string &id)
true if the key id is knows, that means at least exist on the untrusted keyring
Definition: KeyRing.cc:699
zypp::KeyRing::ACCEPT_UNSIGNED_FILE
Definition: KeyRing.h:187
zypp::KeyRing::exportTrustedPublicKey
PublicKey exportTrustedPublicKey(const PublicKeyData &keyData)
Export a trusted public key identified by its key data.
Definition: KeyRing.cc:693
zypp::KeyRingReport::infoVerify
virtual void infoVerify(const std::string &file_r, const PublicKeyData &keyData_r, const KeyContext &keycontext=KeyContext())
Informal callback showing the trusted key that will be used for verification.
Definition: KeyRing.cc:60
zypp::KeyRing::verifyFileTrustedSignature
bool verifyFileTrustedSignature(const Pathname &file, const Pathname &signature)
Definition: KeyRing.cc:679
zypp::KeyContext
Definition: KeyContext.h:8
PublicKey.h
zypp::KeyRing::defaultAccept
static DefaultAccept defaultAccept()
Get the active accept bits.
Definition: KeyRing.cc:51
zypp::KeyRingReport::askUserToAcceptKey
virtual KeyTrust askUserToAcceptKey(const PublicKey &key, const KeyContext &keycontext=KeyContext())
Ask user to trust and/or import the key to trusted keyring.
Definition: KeyRing.cc:67
Callback.h
zypp::KeyRing::readSignatureKeyId
std::string readSignatureKeyId(const Pathname &signature)
reads the public key id from a signature
Definition: KeyRing.cc:649
zypp::KeyRingException
Definition: KeyRing.h:142
zypp::RW_pointer< Impl >
zypp::KeyRing::TRUST_KEY_TEMPORARILY
Definition: KeyRing.h:189
zypp::KeyRingReport::askUserToAcceptUnknownKey
virtual bool askUserToAcceptUnknownKey(const std::string &file, const std::string &id, const KeyContext &keycontext=KeyContext())
we DONT know the key, only its id, but we have never seen it, the difference with trust key is that i...
Definition: KeyRing.cc:76
zypp::KeyRing::ZYPP_DECLARE_FLAGS
ZYPP_DECLARE_FLAGS(DefaultAccept, DefaultAcceptBits)
zypp::KeyRingReport::askUserToAcceptUnsignedFile
virtual bool askUserToAcceptUnsignedFile(const std::string &file, const KeyContext &keycontext=KeyContext())
Definition: KeyRing.cc:63
zypp::KeyRing::TRUST_AND_IMPORT_KEY
Definition: KeyRing.h:190
zypp::KeyRingSignals
Definition: KeyRing.h:134
zypp::base::NonCopyable
boost::noncopyable NonCopyable
Ensure derived classes cannot be copied.
Definition: NonCopyable.h:26
zypp::KeyRing::importKey
void importKey(const PublicKey &key, bool trusted=false)
imports a key from a file.
Definition: KeyRing.cc:643
zypp::KeyRing::~KeyRing
~KeyRing()
Dtor.
Definition: KeyRing.cc:639
zypp::ZYPP_DECLARE_OPERATORS_FOR_FLAGS
ZYPP_DECLARE_OPERATORS_FOR_FLAGS(DiskUsageCounter::MountPoint::HintFlags)
zypp::KeyRingReport::ACCEPT_PACKAGE_KEY_REQUEST
constexpr static const char * ACCEPT_PACKAGE_KEY_REQUEST
Definition: KeyRing.h:117
zypp::KeyRing::setDefaultAccept
static void setDefaultAccept(DefaultAccept value_r)
Set the active accept bits.
Definition: KeyRing.cc:54
zypp::KeyRing::verifyFileSignatureWorkflow
bool verifyFileSignatureWorkflow(const Pathname &file, const std::string &filedesc, const Pathname &signature, bool &sigValid_r, const KeyContext &keycontext=KeyContext())
Follows a signature verification interacting with the user.
Definition: KeyRing.cc:670
zypp
Easy-to use interface to the ZYPP dependency resolver.
Definition: CodePitfalls.doc:1
zypp::KeyRing::dumpUntrustedPublicKey
void dumpUntrustedPublicKey(const std::string &id, std::ostream &stream)
Definition: KeyRing.h:222
zypp::target::rpm::KeyRingSignals
Internal connection to rpm database.
Definition: KeyRing.h:356
zypp::KeyRingSignals::trustedKeyAdded
virtual void trustedKeyAdded(const PublicKey &)
Definition: KeyRing.h:136
zypp::KeyRing::dumpPublicKey
void dumpPublicKey(const std::string &id, bool trusted, std::ostream &stream)
Definition: KeyRing.cc:687
zypp::KeyRing::verifyFileSignature
bool verifyFileSignature(const Pathname &file, const Pathname &signature)
Verifies a file against a signature, with no user interaction.
Definition: KeyRing.cc:676
Impl
zypp::KeyRing::ACCEPT_UNKNOWNKEY
Definition: KeyRing.h:188
zypp::KeyRing::publicKeys
std::list< PublicKey > publicKeys()
Get a list of public keys in the keyring (incl.
Definition: KeyRing.cc:655
zypp::KeyRingException::KeyRingException
KeyRingException(const std::string &msg_r)
Ctor taking message.
Definition: KeyRing.h:154
zypp::KeyRingException::KeyRingException
KeyRingException()
Ctor taking message.
Definition: KeyRing.h:148
ReferenceCounted.h
zypp::PublicKey
Class representing one GPG Public Key (PublicKeyData + ASCII armored in a tempfile).
Definition: PublicKey.h:275
zypp::KeyRingReport::KeyTrust
KeyTrust
User reply options for the askUserToTrustKey callback.
Definition: KeyRing.h:51
zypp::KeyRingSignals::trustedKeyRemoved
virtual void trustedKeyRemoved(const PublicKey &)
Definition: KeyRing.h:138
zypp::KeyRingReport
Callbacks from signature verification workflow.
Definition: KeyRing.h:44
zypp::KeyRing::trustedPublicKeyData
std::list< PublicKeyData > trustedPublicKeyData()
Get a list of trusted public key data in the keyring (key data only)
Definition: KeyRing.cc:664
Locale.h
zypp::filesystem::Pathname
Pathname.
Definition: Pathname.h:44
zypp::KeyRing::provideAndImportKeyFromRepositoryWorkflow
bool provideAndImportKeyFromRepositoryWorkflow(const std::string &id, const RepoInfo &info)
Try to find the id in key cache or repository specified in info.
Definition: KeyRing.cc:682
zypp::KeyRing::ACCEPT_VERIFICATION_FAILED
Definition: KeyRing.h:191
zypp::KeyRing::ACCEPT_NOTHING
Definition: KeyRing.h:186
zypp::KeyRingReport::KEY_DONT_TRUST
User has chosen not to trust the key.
Definition: KeyRing.h:56
Flags.h
str
String related utilities and Regular expression matching.
zypp::KeyRing::isKeyTrusted
bool isKeyTrusted(const std::string &id)
true if the key id is trusted
Definition: KeyRing.cc:696
zypp::KeyRingReport::askUserToAcceptPackageKey
bool askUserToAcceptPackageKey(const PublicKey &key_r, const KeyContext &keycontext_r=KeyContext())
Ask user to trust and/or import the package key to trusted keyring, using ReportBase::report.
Definition: KeyRing.cc:82
zypp::KeyRingReport::askUserToAcceptVerificationFailed
virtual bool askUserToAcceptVerificationFailed(const std::string &file, const PublicKey &key, const KeyContext &keycontext=KeyContext())
The file filedesc is signed but the verification failed.
Definition: KeyRing.cc:79
zypp::KeyRing::DefaultAcceptBits
DefaultAcceptBits
DefaultAccept flags (
Definition: KeyRing.h:184
zypp::KeyRing::dumpTrustedPublicKey
void dumpTrustedPublicKey(const std::string &id, std::ostream &stream)
Definition: KeyRing.h:219
zypp::KeyRingException::~KeyRingException
virtual ~KeyRingException()
Dtor.
Definition: KeyRing.h:158
zypp::KeyRing::publicKeyData
std::list< PublicKeyData > publicKeyData()
Get a list of public key data in the keyring (key data only)
Definition: KeyRing.cc:661
zypp::KeyRingReport::KEYS_NOT_IMPORTED_REPORT
constexpr static const char * KEYS_NOT_IMPORTED_REPORT
Definition: KeyRing.h:130