KeyRing.cc

Go to the documentation of this file.
00001 /*---------------------------------------------------------------------\
00002 |                          ____ _   __ __ ___                          |
00003 |                         |__  / \ / / . \ . \                         |
00004 |                           / / \ V /|  _/  _/                         |
00005 |                          / /__ | | | | | |                           |
00006 |                         /_____||_| |_| |_|                           |
00007 |                                                                      |
00008 \---------------------------------------------------------------------*/
00012 #include <iostream>
00013 #include <fstream>
00014 #include <sys/file.h>
00015 #include <cstdio>
00016 #include <unistd.h>
00017 
00018 #include <boost/format.hpp>
00019 
00020 #include "zypp/TmpPath.h"
00021 #include "zypp/ZYppFactory.h"
00022 #include "zypp/ZYpp.h"
00023 
00024 #include "zypp/base/LogTools.h"
00025 #include "zypp/base/IOStream.h"
00026 #include "zypp/base/String.h"
00027 #include "zypp/base/Regex.h"
00028 #include "zypp/base/Gettext.h"
00029 #include "zypp/base/WatchFile.h"
00030 #include "zypp/PathInfo.h"
00031 #include "zypp/KeyRing.h"
00032 #include "zypp/ExternalProgram.h"
00033 #include "zypp/TmpPath.h"
00034 
00035 using std::endl;
00036 
00037 #undef  ZYPP_BASE_LOGGER_LOGGROUP
00038 #define ZYPP_BASE_LOGGER_LOGGROUP "zypp::KeyRing"
00039 
00040 #define GPG_BINARY "/usr/bin/gpg2"
00041 
00043 namespace zypp
00044 { 
00045 
00046   IMPL_PTR_TYPE(KeyRing);
00047 
00048   namespace
00049   {
00050     KeyRing::DefaultAccept _keyRingDefaultAccept( KeyRing::ACCEPT_NOTHING );
00051   }
00052 
00053   KeyRing::DefaultAccept KeyRing::defaultAccept()
00054   { return _keyRingDefaultAccept; }
00055 
00056   void KeyRing::setDefaultAccept( DefaultAccept value_r )
00057   {
00058     MIL << "Set new KeyRing::DefaultAccept: " << value_r << endl;
00059     _keyRingDefaultAccept = value_r;
00060   }
00061 
00062   bool KeyRingReport::askUserToAcceptUnsignedFile( const std::string & file, const KeyContext & keycontext )
00063   { return _keyRingDefaultAccept.testFlag( KeyRing::ACCEPT_UNSIGNED_FILE ); }
00064 
00065   KeyRingReport::KeyTrust
00066   KeyRingReport::askUserToAcceptKey( const PublicKey & key, const KeyContext & keycontext )
00067   {
00068     if ( _keyRingDefaultAccept.testFlag( KeyRing::TRUST_KEY_TEMPORARILY ) )
00069       return KEY_TRUST_TEMPORARILY;
00070     if ( _keyRingDefaultAccept.testFlag( KeyRing::TRUST_AND_IMPORT_KEY ) )
00071       return KEY_TRUST_AND_IMPORT;
00072     return KEY_DONT_TRUST;
00073   }
00074 
00075   bool KeyRingReport::askUserToAcceptUnknownKey( const std::string & file, const std::string & id, const KeyContext & keycontext )
00076   { return _keyRingDefaultAccept.testFlag( KeyRing::ACCEPT_UNKNOWNKEY ); }
00077 
00078   bool KeyRingReport::askUserToAcceptVerificationFailed( const std::string & file, const PublicKey & key, const KeyContext & keycontext )
00079   { return _keyRingDefaultAccept.testFlag( KeyRing::ACCEPT_VERIFICATION_FAILED ); }
00080 
00081   namespace
00082   {
00090     struct CachedPublicKeyData // : private base::NonCopyable - but KeyRing uses RWCOW though also NonCopyable :(
00091     {
00092       const std::list<PublicKeyData> & operator()( const Pathname & keyring_r ) const
00093       { return getData( keyring_r ); }
00094 
00095     private:
00096       struct Cache
00097       {
00098         scoped_ptr<WatchFile> _keyringP;
00099         std::list<PublicKeyData> _data;
00100 
00101         // Empty copy ctor to allow insert into std::map as
00102         // scoped_ptr is noncopyable.
00103         Cache() {}
00104         Cache( const Cache & rhs ) {}
00105       };
00106 
00107       typedef std::map<Pathname,Cache> CacheMap;
00108 
00109       const std::list<PublicKeyData> & getData( const Pathname & keyring_r ) const
00110       {
00111         Cache & cache( _cacheMap[keyring_r] );
00112         if ( ! cache._keyringP )
00113         {
00114           // init new cache entry
00115           cache._keyringP.reset( new WatchFile( keyring_r/"pubring.gpg", WatchFile::NO_INIT ) );
00116         }
00117         return getData( keyring_r, cache );
00118       }
00119 
00120       const std::list<PublicKeyData> & getData( const Pathname & keyring_r, Cache & cache_r ) const
00121       {
00122         if ( cache_r._keyringP->hasChanged() )
00123         {
00124           const char* argv[] =
00125           {
00126             GPG_BINARY,
00127             "--list-sigs",
00128             "--homedir", keyring_r.c_str(),
00129             "--no-default-keyring",
00130             "--quiet",
00131             "--with-colons",
00132             "--fixed-list-mode",
00133             "--with-fingerprint",
00134             "--no-tty",
00135             "--no-greeting",
00136             "--batch",
00137             "--status-fd", "1",
00138             NULL
00139           };
00140 
00141           PublicKeyScanner scanner;
00142           ExternalProgram prog( argv ,ExternalProgram::Discard_Stderr, false, -1, true );
00143           for( std::string line = prog.receiveLine(); !line.empty(); line = prog.receiveLine() )
00144           {
00145             scanner.scan( line );
00146           }
00147           prog.close();
00148 
00149           cache_r._data.swap( scanner._keys );
00150           MIL << "Found keys: " << cache_r._data  << endl;
00151         }
00152         return cache_r._data;
00153       }
00154 
00155       mutable CacheMap _cacheMap;
00156     };
00158   }
00159 
00161   //
00162   //    CLASS NAME : KeyRing::Impl
00163   //
00165   struct KeyRing::Impl
00166   {
00167     Impl( const Pathname & baseTmpDir )
00168     : _trusted_tmp_dir( baseTmpDir, "zypp-trusted-kr" )
00169     , _general_tmp_dir( baseTmpDir, "zypp-general-kr" )
00170     , _base_dir( baseTmpDir )
00171     {
00172       MIL << "Current KeyRing::DefaultAccept: " << _keyRingDefaultAccept << endl;
00173     }
00174 
00175     void importKey( const PublicKey & key, bool trusted = false );
00176     void multiKeyImport( const Pathname & keyfile_r, bool trusted_r = false );
00177     void deleteKey( const std::string & id, bool trusted );
00178 
00179     std::string readSignatureKeyId( const Pathname & signature );
00180 
00181     bool isKeyTrusted( const std::string & id )
00182     { return bool(publicKeyExists( id, trustedKeyRing() )); }
00183     bool isKeyKnown( const std::string & id )
00184     { return publicKeyExists( id, trustedKeyRing() ) || publicKeyExists( id, generalKeyRing() ); }
00185 
00186     std::list<PublicKey> trustedPublicKeys()
00187     { return publicKeys( trustedKeyRing() ); }
00188     std::list<PublicKey> publicKeys()
00189     { return publicKeys( generalKeyRing() ); }
00190 
00191     const std::list<PublicKeyData> & trustedPublicKeyData()
00192     { return publicKeyData( trustedKeyRing() ); }
00193     const std::list<PublicKeyData> & publicKeyData()
00194     { return publicKeyData( generalKeyRing() ); }
00195 
00196     void dumpPublicKey( const std::string & id, bool trusted, std::ostream & stream )
00197     { dumpPublicKey( id, ( trusted ? trustedKeyRing() : generalKeyRing() ), stream ); }
00198 
00199     PublicKey exportPublicKey( const PublicKeyData & keyData )
00200     { return exportKey( keyData, generalKeyRing() ); }
00201     PublicKey exportTrustedPublicKey( const PublicKeyData & keyData )
00202     { return exportKey( keyData, trustedKeyRing() ); }
00203 
00204     bool verifyFileSignatureWorkflow(
00205         const Pathname & file,
00206         const std::string & filedesc,
00207         const Pathname & signature,
00208         const KeyContext & keycontext = KeyContext());
00209 
00210     bool verifyFileSignature( const Pathname & file, const Pathname & signature )
00211     { return verifyFile( file, signature, generalKeyRing() ); }
00212     bool verifyFileTrustedSignature( const Pathname & file, const Pathname & signature )
00213     { return verifyFile( file, signature, trustedKeyRing() ); }
00214 
00215   private:
00216     bool verifyFile( const Pathname & file, const Pathname & signature, const Pathname & keyring );
00217     void importKey( const Pathname & keyfile, const Pathname & keyring );
00218 
00219     PublicKey exportKey( const std::string & id, const Pathname & keyring );
00220     PublicKey exportKey( const PublicKeyData & keyData, const Pathname & keyring );
00221 
00222     void dumpPublicKey( const std::string & id, const Pathname & keyring, std::ostream & stream );
00223     filesystem::TmpFile dumpPublicKeyToTmp( const std::string & id, const Pathname & keyring );
00224 
00225     void deleteKey( const std::string & id, const Pathname & keyring );
00226 
00227     std::list<PublicKey> publicKeys( const Pathname & keyring);
00228     const std::list<PublicKeyData> & publicKeyData( const Pathname & keyring )
00229     { return cachedPublicKeyData( keyring ); }
00230 
00232     PublicKeyData publicKeyExists( const std::string & id, const Pathname & keyring );
00233 
00234     const Pathname generalKeyRing() const
00235     { return _general_tmp_dir.path(); }
00236     const Pathname trustedKeyRing() const
00237     { return _trusted_tmp_dir.path(); }
00238 
00239     // Used for trusted and untrusted keyrings
00240     filesystem::TmpDir _trusted_tmp_dir;
00241     filesystem::TmpDir _general_tmp_dir;
00242     Pathname _base_dir;
00243 
00244   private:
00250     CachedPublicKeyData cachedPublicKeyData;
00251 
00252   public:
00254     static shared_ptr<Impl> nullimpl()
00255     {
00256       static shared_ptr<Impl> _nullimpl( new Impl( filesystem::TmpPath::defaultLocation() ) );
00257       return _nullimpl;
00258     }
00259 
00260   private:
00261     friend Impl * rwcowClone<Impl>( const Impl * rhs );
00263     Impl * clone() const
00264     { return new Impl( *this ); }
00265   };
00267 
00268 
00269   void KeyRing::Impl::importKey( const PublicKey & key, bool trusted )
00270   {
00271     importKey( key.path(), trusted ? trustedKeyRing() : generalKeyRing() );
00272 
00273     if ( trusted )
00274     {
00275       callback::SendReport<target::rpm::KeyRingSignals> rpmdbEmitSignal;
00276       callback::SendReport<KeyRingSignals> emitSignal;
00277 
00278       rpmdbEmitSignal->trustedKeyAdded( key );
00279       emitSignal->trustedKeyAdded( key );
00280     }
00281   }
00282 
00283   void KeyRing::Impl::multiKeyImport( const Pathname & keyfile_r, bool trusted_r )
00284   {
00285     importKey( keyfile_r, trusted_r ? trustedKeyRing() : generalKeyRing() );
00286   }
00287 
00288   void KeyRing::Impl::deleteKey( const std::string & id, bool trusted )
00289   {
00290     PublicKey key;
00291 
00292     if ( trusted )
00293     {
00294         key = exportKey( id, trustedKeyRing() );
00295     }
00296 
00297     deleteKey( id, trusted ? trustedKeyRing() : generalKeyRing() );
00298 
00299     if ( trusted )
00300     {
00301       callback::SendReport<target::rpm::KeyRingSignals> rpmdbEmitSignal;
00302       callback::SendReport<KeyRingSignals> emitSignal;
00303 
00304       rpmdbEmitSignal->trustedKeyRemoved( key );
00305       emitSignal->trustedKeyRemoved( key );
00306     }
00307   }
00308 
00309   PublicKeyData KeyRing::Impl::publicKeyExists( const std::string & id, const Pathname & keyring )
00310   {
00311     MIL << "Searching key [" << id << "] in keyring " << keyring << endl;
00312     const std::list<PublicKeyData> & keys( publicKeyData( keyring ) );
00313     for_( it, keys.begin(), keys.end() )
00314     {
00315       if ( id == (*it).id() )
00316       {
00317         return *it;
00318       }
00319     }
00320     return PublicKeyData();
00321   }
00322 
00323   PublicKey KeyRing::Impl::exportKey( const PublicKeyData & keyData, const Pathname & keyring )
00324   {
00325     return PublicKey( dumpPublicKeyToTmp( keyData.id(), keyring ), keyData );
00326   }
00327 
00328   PublicKey KeyRing::Impl::exportKey( const std::string & id, const Pathname & keyring )
00329   {
00330     PublicKeyData keyData( publicKeyExists( id, keyring ) );
00331     if ( keyData )
00332       return PublicKey( dumpPublicKeyToTmp( keyData.id(), keyring ), keyData );
00333 
00334     // Here: key not found
00335     WAR << "No key " << id << " to export from " << keyring << endl;
00336     return PublicKey();
00337   }
00338 
00339 
00340   void KeyRing::Impl::dumpPublicKey( const std::string & id, const Pathname & keyring, std::ostream & stream )
00341   {
00342     const char* argv[] =
00343     {
00344       GPG_BINARY,
00345       "-a",
00346       "--export",
00347       "--homedir", keyring.asString().c_str(),
00348       "--no-default-keyring",
00349       "--quiet",
00350       "--no-tty",
00351       "--no-greeting",
00352       "--no-permission-warning",
00353       "--batch",
00354       id.c_str(),
00355       NULL
00356     };
00357     ExternalProgram prog( argv,ExternalProgram::Discard_Stderr, false, -1, true );
00358     for ( std::string line = prog.receiveLine(); !line.empty(); line = prog.receiveLine() )
00359     {
00360       stream << line;
00361     }
00362     prog.close();
00363   }
00364 
00365   filesystem::TmpFile KeyRing::Impl::dumpPublicKeyToTmp( const std::string & id, const Pathname & keyring )
00366   {
00367     filesystem::TmpFile tmpFile( _base_dir, "pubkey-"+id+"-" );
00368     MIL << "Going to export key " << id << " from " << keyring << " to " << tmpFile.path() << endl;
00369 
00370     std::ofstream os( tmpFile.path().c_str() );
00371     dumpPublicKey( id, keyring, os );
00372     os.close();
00373     return tmpFile;
00374   }
00375 
00376   bool KeyRing::Impl::verifyFileSignatureWorkflow(
00377       const Pathname & file,
00378       const std::string & filedesc,
00379       const Pathname & signature,
00380       const KeyContext & context )
00381   {
00382     callback::SendReport<KeyRingReport> report;
00383     MIL << "Going to verify signature for " << filedesc << " ( " << file << " ) with " << signature << endl;
00384 
00385     // if signature does not exists, ask user if he wants to accept unsigned file.
00386     if( signature.empty() || (!PathInfo( signature ).isExist()) )
00387     {
00388       bool res = report->askUserToAcceptUnsignedFile( filedesc, context );
00389       MIL << "User decision on unsigned file: " << res << endl;
00390       return res;
00391     }
00392 
00393     // get the id of the signature
00394     std::string id = readSignatureKeyId( signature );
00395 
00396     // doeskey exists in trusted keyring
00397     PublicKeyData trustedKeyData( publicKeyExists( id, trustedKeyRing() ) );
00398     if ( trustedKeyData )
00399     {
00400       MIL << "Key is trusted: " << trustedKeyData << endl;
00401 
00402       // lets look if there is an updated key in the
00403       // general keyring
00404       PublicKeyData generalKeyData( publicKeyExists( id, generalKeyRing() ) );
00405       if ( generalKeyData )
00406       {
00407         // bnc #393160: Comment #30: Compare at least the fingerprint
00408         // in case an attacker created a key the the same id.
00409         if ( trustedKeyData.fingerprint() == generalKeyData.fingerprint()
00410            && trustedKeyData.created() < generalKeyData.created() )
00411         {
00412           MIL << "Key was updated. Saving new version into trusted keyring: " << generalKeyData << endl;
00413           importKey( exportKey( generalKeyData, generalKeyRing() ), true );
00414           trustedKeyData = generalKeyData = PublicKeyData(); // invalidated by import.
00415         }
00416       }
00417 
00418       // it exists, is trusted, does it validates?
00419       if ( verifyFile( file, signature, trustedKeyRing() ) )
00420         return true;
00421       else
00422       {
00423         if ( ! trustedKeyData ) // invalidated by previous import
00424           trustedKeyData = publicKeyExists( id, trustedKeyRing() );
00425         return report->askUserToAcceptVerificationFailed( filedesc, exportKey( trustedKeyData, trustedKeyRing() ), context );
00426       }
00427     }
00428     else
00429     {
00430       PublicKeyData generalKeyData( publicKeyExists( id, generalKeyRing() ) );
00431       if ( generalKeyData )
00432       {
00433         PublicKey key( exportKey( generalKeyData, generalKeyRing() ) );
00434         MIL << "Exported key " << id << " to " << key.path() << endl;
00435         MIL << "Key " << id << " " << key.name() << " is not trusted" << endl;
00436 
00437         // ok the key is not trusted, ask the user to trust it or not
00438         KeyRingReport::KeyTrust reply = report->askUserToAcceptKey( key, context );
00439         if ( reply == KeyRingReport::KEY_TRUST_TEMPORARILY ||
00440             reply == KeyRingReport::KEY_TRUST_AND_IMPORT )
00441         {
00442           MIL << "User wants to trust key " << id << " " << key.name() << endl;
00443           //dumpFile( unKey.path() );
00444 
00445           Pathname whichKeyring;
00446           if ( reply == KeyRingReport::KEY_TRUST_AND_IMPORT )
00447           {
00448             MIL << "User wants to import key " << id << " " << key.name() << endl;
00449             importKey( key, true );
00450             whichKeyring = trustedKeyRing();
00451           }
00452           else
00453             whichKeyring = generalKeyRing();
00454 
00455           // emit key added
00456           if ( verifyFile( file, signature, whichKeyring ) )
00457           {
00458             MIL << "File signature is verified" << endl;
00459             return true;
00460           }
00461           else
00462           {
00463             MIL << "File signature check fails" << endl;
00464             if ( report->askUserToAcceptVerificationFailed( filedesc, key, context ) )
00465             {
00466               MIL << "User continues anyway." << endl;
00467               return true;
00468             }
00469             else
00470             {
00471               MIL << "User does not want to continue" << endl;
00472               return false;
00473             }
00474           }
00475         }
00476         else
00477         {
00478           MIL << "User does not want to trust key " << id << " " << key.name() << endl;
00479           return false;
00480         }
00481       }
00482       else
00483       {
00484         // unknown key...
00485         MIL << "File [" << file << "] ( " << filedesc << " ) signed with unknown key [" << id << "]" << endl;
00486         if ( report->askUserToAcceptUnknownKey( filedesc, id, context ) )
00487         {
00488           MIL << "User wants to accept unknown key " << id << endl;
00489           return true;
00490         }
00491         else
00492         {
00493           MIL << "User does not want to accept unknown key " << id << endl;
00494           return false;
00495         }
00496       }
00497     }
00498     return false;
00499   }
00500 
00501   std::list<PublicKey> KeyRing::Impl::publicKeys( const Pathname & keyring )
00502   {
00503     const std::list<PublicKeyData> & keys( publicKeyData( keyring ) );
00504     std::list<PublicKey> ret;
00505 
00506     for_( it, keys.begin(), keys.end() )
00507     {
00508       PublicKey key( exportKey( *it, keyring ) );
00509       ret.push_back( key );
00510       MIL << "Found key " << key << endl;
00511     }
00512     return ret;
00513   }
00514 
00515   void KeyRing::Impl::importKey( const Pathname & keyfile, const Pathname & keyring )
00516   {
00517     if ( ! PathInfo( keyfile ).isExist() )
00518       // TranslatorExplanation first %s is key name, second is keyring name
00519       ZYPP_THROW(KeyRingException(boost::str(boost::format(
00520           _("Tried to import not existent key %s into keyring %s"))
00521           % keyfile.asString() % keyring.asString())));
00522 
00523     const char* argv[] =
00524     {
00525       GPG_BINARY,
00526       "--import",
00527       "--homedir", keyring.asString().c_str(),
00528       "--no-default-keyring",
00529       "--quiet",
00530       "--no-tty",
00531       "--no-greeting",
00532       "--no-permission-warning",
00533       "--status-fd", "1",
00534       keyfile.asString().c_str(),
00535       NULL
00536     };
00537 
00538     ExternalProgram prog( argv,ExternalProgram::Discard_Stderr, false, -1, true );
00539     prog.close();
00540   }
00541 
00542   void KeyRing::Impl::deleteKey( const std::string & id, const Pathname & keyring )
00543   {
00544     const char* argv[] =
00545     {
00546       GPG_BINARY,
00547       "--delete-keys",
00548       "--homedir", keyring.asString().c_str(),
00549       "--no-default-keyring",
00550       "--yes",
00551       "--quiet",
00552       "--no-tty",
00553       "--batch",
00554       "--status-fd", "1",
00555       id.c_str(),
00556       NULL
00557     };
00558 
00559     ExternalProgram prog( argv,ExternalProgram::Discard_Stderr, false, -1, true );
00560 
00561     int code = prog.close();
00562     if ( code )
00563       ZYPP_THROW(Exception(_("Failed to delete key.")));
00564     else
00565       MIL << "Deleted key " << id << " from keyring " << keyring << endl;
00566   }
00567 
00568 
00569   std::string KeyRing::Impl::readSignatureKeyId( const Pathname & signature )
00570   {
00571     if ( ! PathInfo( signature ).isFile() )
00572       ZYPP_THROW(Exception(boost::str(boost::format(
00573           _("Signature file %s not found"))% signature.asString())));
00574 
00575     MIL << "Determining key id if signature " << signature << endl;
00576     // HACK create a tmp keyring with no keys
00577     filesystem::TmpDir dir( _base_dir, "fake-keyring" );
00578 
00579     const char* argv[] =
00580     {
00581       GPG_BINARY,
00582       "--homedir", dir.path().asString().c_str(),
00583       "--no-default-keyring",
00584       "--quiet",
00585       "--no-tty",
00586       "--no-greeting",
00587       "--batch",
00588       "--status-fd", "1",
00589       signature.asString().c_str(),
00590       NULL
00591     };
00592 
00593     ExternalProgram prog( argv,ExternalProgram::Discard_Stderr, false, -1, true );
00594 
00595     std::string line;
00596     int count = 0;
00597 
00598     str::regex rxNoKey( "^\\[GNUPG:\\] NO_PUBKEY (.+)\n$" );
00599     std::string id;
00600     for( line = prog.receiveLine(), count=0; !line.empty(); line = prog.receiveLine(), count++ )
00601     {
00602       //MIL << "[" << line << "]" << endl;
00603       str::smatch what;
00604       if( str::regex_match( line, what, rxNoKey ) )
00605       {
00606         if ( what.size() >= 1 )
00607         {
00608           id = what[1];
00609           break;
00610         }
00611         //dumpRegexpResults( what );
00612       }
00613     }
00614 
00615     if ( count == 0 )
00616     {
00617       MIL << "no output" << endl;
00618     }
00619 
00620     MIL << "Determined key id [" << id << "] for signature " << signature << endl;
00621     prog.close();
00622     return id;
00623   }
00624 
00625   bool KeyRing::Impl::verifyFile( const Pathname & file, const Pathname & signature, const Pathname & keyring )
00626   {
00627     const char* argv[] =
00628     {
00629       GPG_BINARY,
00630       "--verify",
00631       "--homedir", keyring.asString().c_str(),
00632       "--no-default-keyring",
00633       "--quiet",
00634       "--no-tty",
00635       "--batch",
00636       "--no-greeting",
00637       "--status-fd", "1",
00638       signature.asString().c_str(),
00639       file.asString().c_str(),
00640       NULL
00641     };
00642 
00643     // no need to parse output for now
00644     //     [GNUPG:] SIG_ID yCc4u223XRJnLnVAIllvYbUd8mQ 2006-03-29 1143618744
00645     //     [GNUPG:] GOODSIG A84EDAE89C800ACA SuSE Package Signing Key <build@suse.de>
00646     //     gpg: Good signature from "SuSE Package Signing Key <build@suse.de>"
00647     //     [GNUPG:] VALIDSIG 79C179B2E1C820C1890F9994A84EDAE89C800ACA 2006-03-29 1143618744 0 3 0 17 2 00 79C179B2E1C820C1890F9994A84EDAE89C800ACA
00648     //     [GNUPG:] TRUST_UNDEFINED
00649 
00650     //     [GNUPG:] ERRSIG A84EDAE89C800ACA 17 2 00 1143618744 9
00651     //     [GNUPG:] NO_PUBKEY A84EDAE89C800ACA
00652 
00653     ExternalProgram prog( argv,ExternalProgram::Discard_Stderr, false, -1, true );
00654 
00655     return ( prog.close() == 0 ) ? true : false;
00656   }
00657 
00659 
00661   //
00662   //    CLASS NAME : KeyRing
00663   //
00665 
00666   KeyRing::KeyRing( const Pathname & baseTmpDir )
00667   : _pimpl( new Impl( baseTmpDir ) )
00668   {}
00669 
00670   KeyRing::~KeyRing()
00671   {}
00672 
00673 
00674   void KeyRing::importKey( const PublicKey & key, bool trusted )
00675   { _pimpl->importKey( key, trusted ); }
00676 
00677   void KeyRing::multiKeyImport( const Pathname & keyfile_r, bool trusted_r )
00678   { _pimpl->multiKeyImport( keyfile_r, trusted_r ); }
00679 
00680   std::string KeyRing::readSignatureKeyId( const Pathname & signature )
00681   { return _pimpl->readSignatureKeyId( signature ); }
00682 
00683   void KeyRing::deleteKey( const std::string & id, bool trusted )
00684   { _pimpl->deleteKey( id, trusted ); }
00685 
00686   std::list<PublicKey> KeyRing::publicKeys()
00687   { return _pimpl->publicKeys(); }
00688 
00689   std:: list<PublicKey> KeyRing::trustedPublicKeys()
00690   { return _pimpl->trustedPublicKeys(); }
00691 
00692   std::list<PublicKeyData> KeyRing::publicKeyData()
00693   { return _pimpl->publicKeyData(); }
00694 
00695   std::list<PublicKeyData> KeyRing::trustedPublicKeyData()
00696   { return _pimpl->trustedPublicKeyData(); }
00697 
00698   std::list<std::string> KeyRing::publicKeyIds()        // deprecated: use publicKeyData
00699   {
00700     const std::list<PublicKeyData> & keys( publicKeyData() );
00701     std::list<std::string> ret;
00702     for_( it, keys.begin(), keys.end() )
00703     {
00704       ret.push_back( (*it).id() );
00705     }
00706     return ret;
00707   }
00708 
00709   std::list<std::string> KeyRing::trustedPublicKeyIds() // deprecated: use trustedPublicKeyData
00710   {
00711     const std::list<PublicKeyData> & keys( trustedPublicKeyData() );
00712     std::list<std::string> ret;
00713     for_( it, keys.begin(), keys.end() )
00714     {
00715       ret.push_back( (*it).id() );
00716     }
00717     return ret;
00718   }
00719 
00720   bool KeyRing::verifyFileSignatureWorkflow(
00721       const Pathname & file,
00722       const std::string filedesc,
00723       const Pathname & signature,
00724       const KeyContext & keycontext )
00725   { return _pimpl->verifyFileSignatureWorkflow( file, filedesc, signature, keycontext ); }
00726 
00727   bool KeyRing::verifyFileSignature( const Pathname & file, const Pathname & signature )
00728   { return _pimpl->verifyFileSignature( file, signature ); }
00729 
00730   bool KeyRing::verifyFileTrustedSignature( const Pathname & file, const Pathname & signature )
00731   { return _pimpl->verifyFileTrustedSignature( file, signature ); }
00732 
00733   void KeyRing::dumpPublicKey( const std::string & id, bool trusted, std::ostream & stream )
00734   { _pimpl->dumpPublicKey( id, trusted, stream ); }
00735 
00736   PublicKey KeyRing::exportPublicKey( const PublicKeyData & keyData )
00737   { return _pimpl->exportPublicKey( keyData ); }
00738 
00739   PublicKey KeyRing::exportTrustedPublicKey( const PublicKeyData & keyData )
00740   { return _pimpl->exportTrustedPublicKey( keyData ); }
00741 
00742   bool KeyRing::isKeyTrusted( const std::string & id )
00743   { return _pimpl->isKeyTrusted( id ); }
00744 
00745   bool KeyRing::isKeyKnown( const std::string & id )
00746   { return _pimpl->isKeyKnown( id ); }
00747 
00749 } // namespace zypp
Generated on Tue May 5 14:43:16 2015 for libzypp by  doxygen 1.5.6