libzypp 17.31.6
KeyRing.h
Go to the documentation of this file.
1/*---------------------------------------------------------------------\
2| ____ _ __ __ ___ |
3| |__ / \ / / . \ . \ |
4| / / \ V /| _/ _/ |
5| / /__ | | | | | | |
6| /_____||_| |_| |_| |
7| |
8\---------------------------------------------------------------------*/
12#ifndef ZYPP_KEYRING_H
13#define ZYPP_KEYRING_H
14
15#include <iosfwd>
16#include <map>
17#include <list>
18#include <set>
19#include <string>
20
21#include <zypp/base/ReferenceCounted.h>
22#include <zypp/base/Flags.h>
23#include <zypp/Callback.h>
24#include <zypp/base/PtrTypes.h>
25#include <zypp/Locale.h>
26#include <zypp/PublicKey.h>
28
30namespace zypp
31{
32
34
45 {
52 {
71 };
72
77 virtual KeyTrust askUserToAcceptKey( const PublicKey &key, const KeyContext &keycontext = KeyContext() );
78
80 virtual void infoVerify( const std::string & file_r, const PublicKeyData & keyData_r, const KeyContext &keycontext = KeyContext() );
81
82 virtual bool askUserToAcceptUnsignedFile( const std::string &file, const KeyContext &keycontext = KeyContext() );
83
90 virtual bool askUserToAcceptUnknownKey( const std::string &file, const std::string &id, const KeyContext &keycontext = KeyContext() );
91
97 virtual bool askUserToAcceptVerificationFailed( const std::string &file, const PublicKey &key, const KeyContext &keycontext = KeyContext() );
98
115 bool askUserToAcceptPackageKey( const PublicKey &key_r, const KeyContext &keycontext_r = KeyContext() );
117 constexpr static const char * ACCEPT_PACKAGE_KEY_REQUEST = "KeyRingReport/AcceptPackageKey";
118
128 void reportNonImportedKeys( const std::set<Edition> &keys_r );
130 constexpr static const char *KEYS_NOT_IMPORTED_REPORT = "KeyRingReport/KeysNotImported";
131
132
145 void reportAutoImportKey( const std::list<PublicKeyData> & keyDataList_r,
146 const PublicKeyData & keySigning_r,
147 const KeyContext &keyContext_r );
149 constexpr static const char *REPORT_AUTO_IMPORT_KEY = "KeyRingReport/reportAutoImportKey";
150 };
151
153 {
154 virtual void trustedKeyAdded( const PublicKey &/*key*/ )
155 {}
156 virtual void trustedKeyRemoved( const PublicKey &/*key*/ )
157 {}
158 };
159
161 {
162 public:
167 : Exception( "Bad Key Exception" )
168 {}
172 KeyRingException( const std::string & msg_r )
173 : Exception( msg_r )
174 {}
176 virtual ~KeyRingException() throw() {};
177 };
178
180 //
181 // CLASS NAME : KeyRing
182 //
187 {
188 friend std::ostream & operator<<( std::ostream & str, const KeyRing & obj );
189
190 public:
203 {
210 };
212
214 static DefaultAccept defaultAccept();
215
217 static void setDefaultAccept( DefaultAccept value_r );
219
220 public:
222 struct Impl;
223
224 public:
226 KeyRing(const Pathname &baseTmpDir);
227
232 void importKey( const PublicKey &key, bool trusted = false);
233
235 void multiKeyImport( const Pathname & keyfile_r, bool trusted_r = false );
236
237 void dumpTrustedPublicKey( const std::string &id, std::ostream &stream )
238 { dumpPublicKey(id, true, stream); }
239
240 void dumpUntrustedPublicKey( const std::string &id, std::ostream &stream )
241 { dumpPublicKey(id, false, stream); }
242
243 void dumpPublicKey( const std::string &id, bool trusted, std::ostream &stream );
244
246 PublicKey exportPublicKey( const PublicKeyData & keyData );
247
250
254 std::string readSignatureKeyId( const Pathname &signature );
255
259 bool isKeyTrusted( const std::string &id );
260
265 bool isKeyKnown( const std::string &id );
266
271 void deleteKey( const std::string &id, bool trusted = false );
272
276 std::list<PublicKey> publicKeys();
277
281 std::list<PublicKey> trustedPublicKeys();
282
286 std::list<PublicKeyData> publicKeyData();
287
291 std::list<PublicKeyData> trustedPublicKeyData();
292
296 PublicKeyData publicKeyData( const std::string &id );
297
301 PublicKeyData trustedPublicKeyData( const std::string &id );
302
333 bool verifyFileSignatureWorkflow( const Pathname &file, const std::string &filedesc, const Pathname &signature, bool & sigValid_r, const KeyContext &keycontext = KeyContext());
335 bool verifyFileSignatureWorkflow( const Pathname &file, const std::string filedesc, const Pathname &signature, const KeyContext &keycontext = KeyContext());
340
347 bool verifyFileSignature( const Pathname &file, const Pathname &signature );
348
349 bool verifyFileTrustedSignature( const Pathname &file, const Pathname &signature );
350
355 bool provideAndImportKeyFromRepositoryWorkflow ( const std::string &id , const RepoInfo &info );
356
358 ~KeyRing();
359
360 public:
362 void allowPreload( bool yesno_r );
363
364 private:
367 };
369
371 inline std::ostream & operator<<( std::ostream & str, const KeyRing & /*obj*/ )
372 {
373 //return str << obj.asString();
374 return str;
375 }
376
378 ZYPP_DECLARE_OPERATORS_FOR_FLAGS( KeyRing::DefaultAccept );
379
381
382 namespace target
383 {
384 namespace rpm
385 {
388 {};
389 }
390 }
391
393} // namespace zypp
395#endif // ZYPP_KEYRING_H
Base class for Exception.
Definition: Exception.h:146
virtual ~KeyRingException()
Dtor.
Definition: KeyRing.h:176
KeyRingException()
Ctor taking message.
Definition: KeyRing.h:166
KeyRingException(const std::string &msg_r)
Ctor taking message.
Definition: KeyRing.h:172
Gpg key handling.
Definition: KeyRing.h:187
bool provideAndImportKeyFromRepositoryWorkflow(const std::string &id, const RepoInfo &info)
Try to find the id in key cache or repository specified in info.
Definition: KeyRing.cc:868
std::ostream & operator<<(std::ostream &str, const KeyRing &)
Stream output.
Definition: KeyRing.h:371
bool isKeyKnown(const std::string &id)
true if the key id is knows, that means at least exist on the untrusted keyring
Definition: KeyRing.cc:885
std::list< PublicKey > publicKeys()
Get a list of public keys in the keyring (incl.
Definition: KeyRing.cc:821
ZYPP_DECLARE_FLAGS(DefaultAccept, DefaultAcceptBits)
std::list< PublicKey > trustedPublicKeys()
Get a list of trusted public keys in the keyring (incl.
Definition: KeyRing.cc:824
static DefaultAccept defaultAccept()
Get the active accept bits.
Definition: KeyRing.cc:52
void dumpTrustedPublicKey(const std::string &id, std::ostream &stream)
Definition: KeyRing.h:237
void dumpPublicKey(const std::string &id, bool trusted, std::ostream &stream)
Definition: KeyRing.cc:873
bool verifyFileSignature(const Pathname &file, const Pathname &signature)
Verifies a file against a signature, with no user interaction.
Definition: KeyRing.cc:862
friend std::ostream & operator<<(std::ostream &str, const KeyRing &obj)
void multiKeyImport(const Pathname &keyfile_r, bool trusted_r=false)
Initial import from RpmDb.
Definition: KeyRing.cc:812
KeyRing(const Pathname &baseTmpDir)
Default ctor.
Definition: KeyRing.cc:798
~KeyRing()
Dtor.
Definition: KeyRing.cc:802
PublicKey exportPublicKey(const PublicKeyData &keyData)
Export a public key identified by its key data.
Definition: KeyRing.cc:876
std::string readSignatureKeyId(const Pathname &signature)
reads the public key id from a signature
Definition: KeyRing.cc:815
void allowPreload(bool yesno_r)
The general keyring may be populated with known keys stored on the system.
Definition: KeyRing.cc:805
void dumpUntrustedPublicKey(const std::string &id, std::ostream &stream)
Definition: KeyRing.h:240
bool verifyFileTrustedSignature(const Pathname &file, const Pathname &signature)
Definition: KeyRing.cc:865
void importKey(const PublicKey &key, bool trusted=false)
imports a key from a file.
Definition: KeyRing.cc:809
bool verifyFileSignatureWorkflow(const Pathname &file, const std::string &filedesc, const Pathname &signature, bool &sigValid_r, const KeyContext &keycontext=KeyContext())
Follows a signature verification interacting with the user.
Definition: KeyRing.cc:839
RW_pointer< Impl > _pimpl
Pointer to implementation.
Definition: KeyRing.h:366
void deleteKey(const std::string &id, bool trusted=false)
removes a key from the keyring.
Definition: KeyRing.cc:818
std::list< PublicKeyData > trustedPublicKeyData()
Get a list of trusted public key data in the keyring (key data only)
Definition: KeyRing.cc:830
static void setDefaultAccept(DefaultAccept value_r)
Set the active accept bits.
Definition: KeyRing.cc:55
std::list< PublicKeyData > publicKeyData()
Get a list of public key data in the keyring (key data only)
Definition: KeyRing.cc:827
DefaultAcceptBits
DefaultAccept flags (
Definition: KeyRing.h:203
@ TRUST_KEY_TEMPORARILY
Definition: KeyRing.h:207
@ ACCEPT_VERIFICATION_FAILED
Definition: KeyRing.h:209
@ ACCEPT_UNKNOWNKEY
Definition: KeyRing.h:206
@ ACCEPT_NOTHING
Definition: KeyRing.h:204
@ TRUST_AND_IMPORT_KEY
Definition: KeyRing.h:208
@ ACCEPT_UNSIGNED_FILE
Definition: KeyRing.h:205
PublicKey exportTrustedPublicKey(const PublicKeyData &keyData)
Export a trusted public key identified by its key data.
Definition: KeyRing.cc:879
bool isKeyTrusted(const std::string &id)
true if the key id is trusted
Definition: KeyRing.cc:882
Class representing one GPG Public Keys data.
Definition: PublicKey.h:207
Class representing one GPG Public Key (PublicKeyData + ASCII armored in a tempfile).
Definition: PublicKey.h:359
What is known about a repository.
Definition: RepoInfo.h:72
Base class for reference counted objects.
I/O context for KeyRing::verifyFileSignatureWorkflow.
String related utilities and Regular expression matching.
boost::noncopyable NonCopyable
Ensure derived classes cannot be copied.
Definition: NonCopyable.h:26
Easy-to use interface to the ZYPP dependency resolver.
Definition: CodePitfalls.doc:2
DEFINE_PTR_TYPE(Application)
ZYPP_DECLARE_OPERATORS_FOR_FLAGS(DiskUsageCounter::MountPoint::HintFlags)
Callbacks from signature verification workflow.
Definition: KeyRing.h:45
virtual void infoVerify(const std::string &file_r, const PublicKeyData &keyData_r, const KeyContext &keycontext=KeyContext())
Informal callback showing the trusted key that will be used for verification.
Definition: KeyRing.cc:61
void reportNonImportedKeys(const std::set< Edition > &keys_r)
Notify the user about keys that were not imported from the rpm key database into zypp keyring.
Definition: KeyRing.cc:95
KeyTrust
User reply options for the askUserToTrustKey callback.
Definition: KeyRing.h:52
@ KEY_TRUST_AND_IMPORT
Import the key.
Definition: KeyRing.h:70
@ KEY_DONT_TRUST
User has chosen not to trust the key.
Definition: KeyRing.h:56
@ KEY_TRUST_TEMPORARILY
This basically means, we knew the key, but it was not trusted.
Definition: KeyRing.h:61
static constexpr const char * REPORT_AUTO_IMPORT_KEY
generic reports UserData::type
Definition: KeyRing.h:149
virtual bool askUserToAcceptUnsignedFile(const std::string &file, const KeyContext &keycontext=KeyContext())
Definition: KeyRing.cc:64
bool askUserToAcceptPackageKey(const PublicKey &key_r, const KeyContext &keycontext_r=KeyContext())
Ask user to trust and/or import the package key to trusted keyring, using ReportBase::report.
Definition: KeyRing.cc:83
static constexpr const char * ACCEPT_PACKAGE_KEY_REQUEST
generic reports UserData::type
Definition: KeyRing.h:117
static constexpr const char * KEYS_NOT_IMPORTED_REPORT
generic reports UserData::type
Definition: KeyRing.h:130
void reportAutoImportKey(const std::list< PublicKeyData > &keyDataList_r, const PublicKeyData &keySigning_r, const KeyContext &keyContext_r)
Notify that a repository auto imported new package signing keys.
Definition: KeyRing.cc:102
virtual KeyTrust askUserToAcceptKey(const PublicKey &key, const KeyContext &keycontext=KeyContext())
Ask user to trust and/or import the key to trusted keyring.
Definition: KeyRing.cc:68
virtual bool askUserToAcceptUnknownKey(const std::string &file, const std::string &id, const KeyContext &keycontext=KeyContext())
we DONT know the key, only its id, but we have never seen it, the difference with trust key is that i...
Definition: KeyRing.cc:77
virtual bool askUserToAcceptVerificationFailed(const std::string &file, const PublicKey &key, const KeyContext &keycontext=KeyContext())
The file filedesc is signed but the verification failed.
Definition: KeyRing.cc:80
virtual void trustedKeyAdded(const PublicKey &)
Definition: KeyRing.h:154
virtual void trustedKeyRemoved(const PublicKey &)
Definition: KeyRing.h:156
KeyRing implementation.
Definition: KeyRing.cc:231
Wrapper for const correct access via Smart pointer types.
Definition: PtrTypes.h:286
Internal connection to rpm database.
Definition: KeyRing.h:388