Gpg key handling. More...

#include <KeyRing.h>

Inheritance diagram for zypp::KeyRing:

Classes
struct	Impl
	KeyRing implementation. More...

Friends
std::ostream &	operator<< (std::ostream &str, const KeyRing &obj)

Related Functions
(Note that these are not member functions.)
std::ostream &	operator<< (std::ostream &str, const KeyRing &)
	Stream output. More...

Related Functions inherited from zypp::base::ReferenceCounted
void	intrusive_ptr_add_ref (const ReferenceCounted *ptr_r)
	intrusive_ptr hook to add_ref. More...

void	intrusive_ptr_release (const ReferenceCounted *ptr_r)
	intrusive_ptr hook to release. More...

std::ostream &	operator<< (std::ostream &str, const ReferenceCounted &obj)
	Stream output. More...

Default answers in verification workflow.
Per default all answers are `false`.
enum	DefaultAcceptBits { ACCEPT_NOTHING = 0x0000 , ACCEPT_UNSIGNED_FILE = 0x0001 , ACCEPT_UNKNOWNKEY = 0x0002 , TRUST_KEY_TEMPORARILY = 0x0004 , TRUST_AND_IMPORT_KEY = 0x0008 , ACCEPT_VERIFICATION_FAILED = 0x0010 }
	DefaultAccept flags ( More...

RW_pointer< Impl >	_pimpl
	Pointer to implementation. More...

	ZYPP_DECLARE_FLAGS (DefaultAccept, DefaultAcceptBits)

	KeyRing (const Pathname &baseTmpDir)
	Default ctor. More...

void	importKey (const PublicKey &key, bool trusted=false)
	imports a key from a file. More...

void	multiKeyImport (const Pathname &keyfile_r, bool trusted_r=false)
	Initial import from RpmDb. More...

void	dumpTrustedPublicKey (const std::string &id, std::ostream &stream)

void	dumpUntrustedPublicKey (const std::string &id, std::ostream &stream)

void	dumpPublicKey (const std::string &id, bool trusted, std::ostream &stream)

PublicKey	exportPublicKey (const PublicKeyData &keyData)
	Export a public key identified by its key data. More...

PublicKey	exportTrustedPublicKey (const PublicKeyData &keyData)
	Export a trusted public key identified by its key data. More...

std::string	readSignatureKeyId (const Pathname &signature)
	reads the public key id from a signature More...

bool	isKeyTrusted (const std::string &id)
	true if the key id is trusted More...

bool	isKeyKnown (const std::string &id)
	true if the key id is knows, that means at least exist on the untrusted keyring More...

void	deleteKey (const std::string &id, bool trusted=false)
	removes a key from the keyring. More...

std::list< PublicKey >	publicKeys ()
	Get a list of public keys in the keyring (incl. More...

std::list< PublicKey >	trustedPublicKeys ()
	Get a list of trusted public keys in the keyring (incl. More...

std::list< PublicKeyData >	publicKeyData ()
	Get a list of public key data in the keyring (key data only) More...

std::list< PublicKeyData >	trustedPublicKeyData ()
	Get a list of trusted public key data in the keyring (key data only) More...

PublicKeyData	publicKeyData (const std::string &id)
	Get a public key's data in the keyring (key data only) More...

PublicKeyData	trustedPublicKeyData (const std::string &id)
	Get a trusted public key's data in the keyring (key data only) More...

bool	verifyFileSignatureWorkflow (const Pathname &file, const std::string &filedesc, const Pathname &signature, bool &sigValid_r, const KeyContext &keycontext=KeyContext())
	Follows a signature verification interacting with the user. More...

bool	verifyFileSignatureWorkflow (const Pathname &file, const std::string filedesc, const Pathname &signature, const KeyContext &keycontext=KeyContext())

bool	verifyFileSignatureWorkflow (keyring::VerifyFileContext &context_r)

bool	verifyFileSignature (const Pathname &file, const Pathname &signature)
	Verifies a file against a signature, with no user interaction. More...

bool	verifyFileTrustedSignature (const Pathname &file, const Pathname &signature)

bool	provideAndImportKeyFromRepositoryWorkflow (const std::string &id, const RepoInfo &info)
	Try to find the id in key cache or repository specified in info. More...

	~KeyRing ()
	Dtor. More...

void	allowPreload (bool yesno_r)
	The general keyring may be populated with known keys stored on the system. More...

static DefaultAccept	defaultAccept ()
	Get the active accept bits. More...

static void	setDefaultAccept (DefaultAccept value_r)
	Set the active accept bits. More...

Additional Inherited Members
Public Member Functions inherited from zypp::base::ReferenceCounted
	ReferenceCounted ()
	Default ctor. More...

	ReferenceCounted (const ReferenceCounted &rhs)
	Copy ctor. More...

virtual	~ReferenceCounted ()
	Dtor. More...

ReferenceCounted &	operator= (const ReferenceCounted &)
	Assignment. More...

unsigned	refCount () const
	Return reference counter value. More...

void	ref () const
	Add a reference. More...

void	unref () const
	Release a reference. More...

Static Public Member Functions inherited from zypp::base::ReferenceCounted
static void	add_ref (const ReferenceCounted *ptr_r)
	Called by zypp::intrusive_ptr to add a reference. More...

static void	release (const ReferenceCounted *ptr_r)
	Called by zypp::intrusive_ptr to add a reference. More...

Protected Member Functions inherited from zypp::base::ReferenceCounted
virtual std::ostream &	dumpOn (std::ostream &str) const
	Overload to realize std::ostream & operator<<. More...

virtual void	ref_to (unsigned) const
	Trigger derived classes after refCount was increased. More...

virtual void	unref_to (unsigned) const
	Trigger derived classes after refCount was decreased. More...

Detailed Description

Gpg key handling.

Definition at line 186 of file KeyRing.h.

Member Enumeration Documentation

◆ DefaultAcceptBits

enum zypp::KeyRing::DefaultAcceptBits

DefaultAccept flags (

See also: base::Flags) are used to define the default callback answers during signature verification.
KeyRing::setDefaultAccept( KeyRing::ACCEPT_UNSIGNED_FILE | ACCEPT_VERIFICATION_FAILED );

zypp::KeyRing::setDefaultAccept
static void setDefaultAccept(DefaultAccept value_r)
Set the active accept bits.
Definition: KeyRing.cc:55

zypp::KeyRing::ACCEPT_VERIFICATION_FAILED
@ ACCEPT_VERIFICATION_FAILED
Definition: KeyRing.h:209

zypp::KeyRing::ACCEPT_UNSIGNED_FILE
@ ACCEPT_UNSIGNED_FILE
Definition: KeyRing.h:205; KeyRingReport.

Enumerator
ACCEPT_NOTHING
ACCEPT_UNSIGNED_FILE
ACCEPT_UNKNOWNKEY
TRUST_KEY_TEMPORARILY
TRUST_AND_IMPORT_KEY
ACCEPT_VERIFICATION_FAILED

Definition at line 202 of file KeyRing.h.

Constructor & Destructor Documentation

◆ KeyRing()

zypp::KeyRing::KeyRing ( const Pathname & baseTmpDir )

Default ctor.

Definition at line 798 of file KeyRing.cc.

◆ ~KeyRing()

zypp::KeyRing::~KeyRing ( )

Dtor.

Definition at line 802 of file KeyRing.cc.

Member Function Documentation

◆ ZYPP_DECLARE_FLAGS()

zypp::KeyRing::ZYPP_DECLARE_FLAGS	(	DefaultAccept	,
		DefaultAcceptBits
	)

◆ defaultAccept()

KeyRing::DefaultAccept zypp::KeyRing::defaultAccept ( )

static

Get the active accept bits.

Definition at line 52 of file KeyRing.cc.

◆ setDefaultAccept()

void zypp::KeyRing::setDefaultAccept ( DefaultAccept value_r )

static

Set the active accept bits.

Definition at line 55 of file KeyRing.cc.

◆ importKey()

void zypp::KeyRing::importKey	(	const PublicKey &	key,
		bool	trusted = `false`
	)

imports a key from a file.

throw if key was not imported

Definition at line 809 of file KeyRing.cc.

◆ multiKeyImport()

void zypp::KeyRing::multiKeyImport	(	const Pathname &	keyfile_r,
		bool	trusted_r = `false`
	)

Initial import from RpmDb.

Definition at line 812 of file KeyRing.cc.

◆ dumpTrustedPublicKey()

void zypp::KeyRing::dumpTrustedPublicKey	(	const std::string &	id,
		std::ostream &	stream
	)

inline

Definition at line 237 of file KeyRing.h.

◆ dumpUntrustedPublicKey()

void zypp::KeyRing::dumpUntrustedPublicKey	(	const std::string &	id,
		std::ostream &	stream
	)

inline

Definition at line 240 of file KeyRing.h.

◆ dumpPublicKey()

void zypp::KeyRing::dumpPublicKey	(	const std::string &	id,
		bool	trusted,
		std::ostream &	stream
	)

Definition at line 873 of file KeyRing.cc.

◆ exportPublicKey()

PublicKey zypp::KeyRing::exportPublicKey ( const PublicKeyData & keyData )

Export a public key identified by its key data.

Definition at line 876 of file KeyRing.cc.

◆ exportTrustedPublicKey()

PublicKey zypp::KeyRing::exportTrustedPublicKey ( const PublicKeyData & keyData )

Export a trusted public key identified by its key data.

Definition at line 879 of file KeyRing.cc.

◆ readSignatureKeyId()

std::string zypp::KeyRing::readSignatureKeyId ( const Pathname & signature )

reads the public key id from a signature

Definition at line 815 of file KeyRing.cc.

◆ isKeyTrusted()

bool zypp::KeyRing::isKeyTrusted ( const std::string & id )

true if the key id is trusted

Definition at line 882 of file KeyRing.cc.

◆ isKeyKnown()

bool zypp::KeyRing::isKeyKnown ( const std::string & id )

true if the key id is knows, that means at least exist on the untrusted keyring

Definition at line 885 of file KeyRing.cc.

◆ deleteKey()

void zypp::KeyRing::deleteKey	(	const std::string &	id,
		bool	trusted = `false`
	)

removes a key from the keyring.

If trusted is true, Remove it from trusted keyring too.

Definition at line 818 of file KeyRing.cc.

◆ publicKeys()

std::list< PublicKey > zypp::KeyRing::publicKeys ( )

Get a list of public keys in the keyring (incl.

ASCII armored keys in tmpfiles)

Definition at line 821 of file KeyRing.cc.

◆ trustedPublicKeys()

std::list< PublicKey > zypp::KeyRing::trustedPublicKeys ( )

Get a list of trusted public keys in the keyring (incl.

ASCII armored keys in tmpfiles)

Definition at line 824 of file KeyRing.cc.

◆ publicKeyData() [1/2]

std::list< PublicKeyData > zypp::KeyRing::publicKeyData ( )

Get a list of public key data in the keyring (key data only)

Definition at line 827 of file KeyRing.cc.

◆ trustedPublicKeyData() [1/2]

std::list< PublicKeyData > zypp::KeyRing::trustedPublicKeyData ( )

Get a list of trusted public key data in the keyring (key data only)

Definition at line 830 of file KeyRing.cc.

◆ publicKeyData() [2/2]

PublicKeyData zypp::KeyRing::publicKeyData ( const std::string & id )

Get a public key's data in the keyring (key data only)

Definition at line 833 of file KeyRing.cc.

◆ trustedPublicKeyData() [2/2]

PublicKeyData zypp::KeyRing::trustedPublicKeyData ( const std::string & id )

Get a trusted public key's data in the keyring (key data only)

Definition at line 836 of file KeyRing.cc.

◆ verifyFileSignatureWorkflow() [1/3]

bool zypp::KeyRing::verifyFileSignatureWorkflow	(	const Pathname &	file,
		const std::string &	filedesc,
		const Pathname &	signature,
		bool &	sigValid_r,
		const KeyContext &	keycontext = `KeyContext()`
	)

Follows a signature verification interacting with the user.

The bool returned depends on user decision to trust or not.

To propagate user decisions, either connect to the KeyRingReport or use its static methods to set the desired defaults.

A second bool passed as reference arg sigValid_r tells whether the signature was actually successfully verified. If sigValid_r returns false, but the method true, you know it's due to user callback or defaults.

struct KeyRingReportReceive : public callback::ReceiveReport<KeyRingReport>
{
  KeyRingReportReceive() { connect(); }
 
  // Overload the virtual methods to return the appropriate values.
  virtual bool askUserToAcceptUnsignedFile( const std::string &file );
  ...
};

Parameters

file	Path of the file to be verified
filedesc	Description of the file (to give the user some context)
signature	Signature to verify the file against
sigValid_r	Returns whether signature was successfully verified

See also: KeyRingReport

Definition at line 839 of file KeyRing.cc.

◆ verifyFileSignatureWorkflow() [2/3]

bool zypp::KeyRing::verifyFileSignatureWorkflow	(	const Pathname &	file,
		const std::string	filedesc,
		const Pathname &	signature,
		const KeyContext &	keycontext = `KeyContext()`
	)

Definition at line 850 of file KeyRing.cc.

◆ verifyFileSignatureWorkflow() [3/3]

bool zypp::KeyRing::verifyFileSignatureWorkflow ( keyring::VerifyFileContext & context_r )

Definition at line 859 of file KeyRing.cc.

◆ verifyFileSignature()

bool zypp::KeyRing::verifyFileSignature	(	const Pathname &	file,
		const Pathname &	signature
	)

Verifies a file against a signature, with no user interaction.

Parameters

file	Path of the file to be verified
signature	Signature to verify the file against

Definition at line 862 of file KeyRing.cc.

◆ verifyFileTrustedSignature()

bool zypp::KeyRing::verifyFileTrustedSignature	(	const Pathname &	file,
		const Pathname &	signature
	)

Definition at line 865 of file KeyRing.cc.

◆ provideAndImportKeyFromRepositoryWorkflow()

bool zypp::KeyRing::provideAndImportKeyFromRepositoryWorkflow	(	const std::string &	id,
		const RepoInfo &	info
	)

Try to find the id in key cache or repository specified in info.

Ask the user to trust the key if it was found

Definition at line 868 of file KeyRing.cc.

◆ allowPreload()

void zypp::KeyRing::allowPreload ( bool yesno_r )

The general keyring may be populated with known keys stored on the system.

Definition at line 805 of file KeyRing.cc.

Friends And Related Function Documentation

◆ operator<< [1/2]

std::ostream& operator<<	(	std::ostream &	str,
		const KeyRing &	obj
	)

friend

◆ operator<<() [2/2]

std::ostream & operator<<	(	std::ostream &	str,
		const KeyRing &
	)

Definition at line 371 of file KeyRing.h.

Member Data Documentation

◆ _pimpl

RW_pointer<Impl> zypp::KeyRing::_pimpl

private

Pointer to implementation.

Definition at line 366 of file KeyRing.h.

The documentation for this class was generated from the following files:

zypp/KeyRing.h
zypp/KeyRing.cc

Classes

Friends

Related Functions

Default answers in verification workflow.

Additional Inherited Members