libzypp  15.28.6
KeyRing.h
Go to the documentation of this file.
1 /*---------------------------------------------------------------------\
2 | ____ _ __ __ ___ |
3 | |__ / \ / / . \ . \ |
4 | / / \ V /| _/ _/ |
5 | / /__ | | | | | | |
6 | /_____||_| |_| |_| |
7 | |
8 \---------------------------------------------------------------------*/
12 #ifndef ZYPP_KEYRING_H
13 #define ZYPP_KEYRING_H
14 
15 #include <iosfwd>
16 #include <map>
17 #include <list>
18 #include <set>
19 #include <string>
20 
21 #include "zypp/base/ReferenceCounted.h"
22 #include "zypp/base/Flags.h"
23 #include "zypp/Callback.h"
24 #include "zypp/base/PtrTypes.h"
25 #include "zypp/Locale.h"
26 #include "zypp/PublicKey.h"
27 #include "zypp/KeyContext.h"
28 
30 namespace zypp
31 {
32 
33  DEFINE_PTR_TYPE(KeyRing);
34 
44  struct KeyRingReport : public callback::ReportBase
45  {
51  enum KeyTrust
52  {
56  KEY_DONT_TRUST = 0,
61  KEY_TRUST_TEMPORARILY,
70  KEY_TRUST_AND_IMPORT
71  };
72 
77  virtual KeyTrust askUserToAcceptKey( const PublicKey &key, const KeyContext &keycontext = KeyContext() );
78 
80  virtual void infoVerify( const std::string & file_r, const PublicKeyData & keyData_r, const KeyContext &keycontext = KeyContext() );
81 
82  virtual bool askUserToAcceptUnsignedFile( const std::string &file, const KeyContext &keycontext = KeyContext() );
83 
90  virtual bool askUserToAcceptUnknownKey( const std::string &file, const std::string &id, const KeyContext &keycontext = KeyContext() );
91 
97  virtual bool askUserToAcceptVerificationFailed( const std::string &file, const PublicKey &key, const KeyContext &keycontext = KeyContext() );
98 
99  };
100 
101  struct KeyRingSignals : public callback::ReportBase
102  {
103  virtual void trustedKeyAdded( const PublicKey &/*key*/ )
104  {}
105  virtual void trustedKeyRemoved( const PublicKey &/*key*/ )
106  {}
107  };
108 
109  class KeyRingException : public Exception
110  {
111  public:
115  KeyRingException()
116  : Exception( "Bad Key Exception" )
117  {}
121  KeyRingException( const std::string & msg_r )
122  : Exception( msg_r )
123  {}
125  virtual ~KeyRingException() throw() {};
126  };
127 
129  //
130  // CLASS NAME : KeyRing
131  //
135  class KeyRing : public base::ReferenceCounted, private base::NonCopyable
136  {
137  friend std::ostream & operator<<( std::ostream & str, const KeyRing & obj );
138 
139  public:
151  enum DefaultAcceptBits
152  {
153  ACCEPT_NOTHING = 0x0000,
154  ACCEPT_UNSIGNED_FILE = 0x0001,
155  ACCEPT_UNKNOWNKEY = 0x0002,
156  TRUST_KEY_TEMPORARILY = 0x0004,
157  TRUST_AND_IMPORT_KEY = 0x0008,
158  ACCEPT_VERIFICATION_FAILED = 0x0010,
159  };
160  ZYPP_DECLARE_FLAGS( DefaultAccept, DefaultAcceptBits );
161 
163  static DefaultAccept defaultAccept();
164 
166  static void setDefaultAccept( DefaultAccept value_r );
168 
169  public:
171  class Impl;
172 
173  public:
175  KeyRing(const Pathname &baseTmpDir);
176 
181  void importKey( const PublicKey &key, bool trusted = false);
182 
184  void multiKeyImport( const Pathname & keyfile_r, bool trusted_r = false );
185 
186  void dumpTrustedPublicKey( const std::string &id, std::ostream &stream )
187  { dumpPublicKey(id, true, stream); }
188 
189  void dumpUntrustedPublicKey( const std::string &id, std::ostream &stream )
190  { dumpPublicKey(id, false, stream); }
191 
192  void dumpPublicKey( const std::string &id, bool trusted, std::ostream &stream );
193 
195  PublicKey exportPublicKey( const PublicKeyData & keyData );
196 
198  PublicKey exportTrustedPublicKey( const PublicKeyData & keyData );
199 
203  std::string readSignatureKeyId( const Pathname &signature );
204 
208  bool isKeyTrusted( const std::string &id );
209 
214  bool isKeyKnown( const std::string &id );
215 
220  void deleteKey( const std::string &id, bool trusted = false );
221 
225  std::list<PublicKey> publicKeys();
226 
230  std::list<PublicKey> trustedPublicKeys();
231 
235  std::list<PublicKeyData> publicKeyData();
236 
240  std::list<PublicKeyData> trustedPublicKeyData();
241 
272  bool verifyFileSignatureWorkflow( const Pathname &file, const std::string &filedesc, const Pathname &signature, bool & sigValid_r, const KeyContext &keycontext = KeyContext());
274  bool verifyFileSignatureWorkflow( const Pathname &file, const std::string filedesc, const Pathname &signature, const KeyContext &keycontext = KeyContext());
275 
282  bool verifyFileSignature( const Pathname &file, const Pathname &signature );
283 
284  bool verifyFileTrustedSignature( const Pathname &file, const Pathname &signature );
285 
287  ~KeyRing();
288 
289  private:
291  RW_pointer<Impl> _pimpl;
292  };
294 
296  inline std::ostream & operator<<( std::ostream & str, const KeyRing & /*obj*/ )
297  {
298  //return str << obj.asString();
299  return str;
300  }
301 
303  ZYPP_DECLARE_OPERATORS_FOR_FLAGS( KeyRing::DefaultAccept );
304 
306 
307  namespace target
308  {
309  namespace rpm
310  {
312  struct KeyRingSignals : public ::zypp::KeyRingSignals
313  {};
314  }
315  }
316 
318 } // namespace zypp
320 #endif // ZYPP_KEYRING_H
zypp::KeyRing::importKey
void importKey(const PublicKey &key, bool trusted=false)
imports a key from a file.
Definition: KeyRing.cc:648
zypp::KeyRing::exportTrustedPublicKey
PublicKey exportTrustedPublicKey(const PublicKeyData &keyData)
Export a trusted public key identified by its key data.
Definition: KeyRing.cc:690
zypp::KeyRing::dumpTrustedPublicKey
void dumpTrustedPublicKey(const std::string &id, std::ostream &stream)
Definition: KeyRing.h:186
zypp::KeyRing
Gpg key handling.
Definition: KeyRing.h:135
Impl
Helper filtering the files offered by a RepomdFileReader.
zypp::KeyRingReport::KEY_TRUST_TEMPORARILY
This basically means, we knew the key, but it was not trusted.
Definition: KeyRing.h:61
zypp::KeyRing::exportPublicKey
PublicKey exportPublicKey(const PublicKeyData &keyData)
Export a public key identified by its key data.
Definition: KeyRing.cc:687
zypp::KeyRingException::KeyRingException
KeyRingException(const std::string &msg_r)
Ctor taking message.
Definition: KeyRing.h:121
zypp::PublicKeyData
Class representing one GPG Public Keys data.
Definition: PublicKey.h:132
zypp::KeyRing::dumpPublicKey
void dumpPublicKey(const std::string &id, bool trusted, std::ostream &stream)
Definition: KeyRing.cc:684
zypp::KeyRing::trustedPublicKeys
std::list< PublicKey > trustedPublicKeys()
Get a list of trusted public keys in the keyring (incl.
Definition: KeyRing.cc:663
zypp::ZYPP_DECLARE_OPERATORS_FOR_FLAGS
ZYPP_DECLARE_OPERATORS_FOR_FLAGS(DiskUsageCounter::MountPoint::HintFlags)
zypp::KeyRingReport::askUserToAcceptUnsignedFile
virtual bool askUserToAcceptUnsignedFile(const std::string &file, const KeyContext &keycontext=KeyContext())
Definition: KeyRing.cc:64
zypp::KeyRing::KeyRing
KeyRing(const Pathname &baseTmpDir)
Default ctor.
Definition: KeyRing.cc:640
zypp::KeyRing::trustedPublicKeyData
std::list< PublicKeyData > trustedPublicKeyData()
Get a list of trusted public key data in the keyring (key data only)
Definition: KeyRing.cc:669
zypp::KeyRing::verifyFileSignatureWorkflow
bool verifyFileSignatureWorkflow(const Pathname &file, const std::string &filedesc, const Pathname &signature, bool &sigValid_r, const KeyContext &keycontext=KeyContext())
Follows a signature verification interacting with the user.
Definition: KeyRing.cc:672
zypp::KeyRingReport::askUserToAcceptUnknownKey
virtual bool askUserToAcceptUnknownKey(const std::string &file, const std::string &id, const KeyContext &keycontext=KeyContext())
we DONT know the key, only its id, but we have never seen it, the difference with trust key is that i...
Definition: KeyRing.cc:77
zypp::KeyRingException::KeyRingException
KeyRingException()
Ctor taking message.
Definition: KeyRing.h:115
zypp::target::rpm::KeyRingSignals
Internal connection to rpm database.
Definition: KeyRing.h:312
zypp::KeyRingReport::infoVerify
virtual void infoVerify(const std::string &file_r, const PublicKeyData &keyData_r, const KeyContext &keycontext=KeyContext())
Informal callback showing the trusted key that will be used for verification.
Definition: KeyRing.cc:61
zypp::KeyRing::ZYPP_DECLARE_FLAGS
ZYPP_DECLARE_FLAGS(DefaultAccept, DefaultAcceptBits)
zypp::KeyRingReport::KeyTrust
KeyTrust
User reply options for the askUserToTrustKey callback.
Definition: KeyRing.h:51
zypp::KeyRing::~KeyRing
~KeyRing()
Dtor.
Definition: KeyRing.cc:644
zypp::base::NonCopyable
boost::noncopyable NonCopyable
Ensure derived classes cannot be copied.
Definition: NonCopyable.h:26
zypp::KeyRing::setDefaultAccept
static void setDefaultAccept(DefaultAccept value_r)
Set the active accept bits.
Definition: KeyRing.cc:55
zypp::KeyRing::dumpUntrustedPublicKey
void dumpUntrustedPublicKey(const std::string &id, std::ostream &stream)
Definition: KeyRing.h:189
zypp::DEFINE_PTR_TYPE
DEFINE_PTR_TYPE(Application)
zypp::KeyRing::operator<<
std::ostream & operator<<(std::ostream &str, const KeyRing &)
Definition: KeyRing.h:296
zypp::KeyRingSignals::trustedKeyAdded
virtual void trustedKeyAdded(const PublicKey &)
Definition: KeyRing.h:103
zypp::base::ReferenceCounted
Base class for reference counted objects.
Definition: ReferenceCounted.h:33
zypp::KeyRing::isKeyKnown
bool isKeyKnown(const std::string &id)
true if the key id is knows, that means at least exist on the untrusted keyring
Definition: KeyRing.cc:696
zypp::KeyRing::multiKeyImport
void multiKeyImport(const Pathname &keyfile_r, bool trusted_r=false)
Initial import from RpmDb.
Definition: KeyRing.cc:651
zypp::KeyRingReport::KEY_DONT_TRUST
User has chosen not to trust the key.
Definition: KeyRing.h:56
zypp::KeyRing::DefaultAcceptBits
DefaultAcceptBits
DefaultAccept flags (
Definition: KeyRing.h:151
zypp::KeyRingReport::askUserToAcceptKey
virtual KeyTrust askUserToAcceptKey(const PublicKey &key, const KeyContext &keycontext=KeyContext())
Ask user to trust and/or import the key to trusted keyring.
Definition: KeyRing.cc:68
zypp::KeyRing::defaultAccept
static DefaultAccept defaultAccept()
Get the active accept bits.
Definition: KeyRing.cc:52
zypp::KeyRing::_pimpl
RW_pointer< Impl > _pimpl
Pointer to implementation.
Definition: KeyRing.h:291
zypp::PublicKey
Class representing one GPG Public Key (PublicKeyData + ASCII armored in a tempfile).
Definition: PublicKey.h:277
zypp::KeyRing::publicKeyData
std::list< PublicKeyData > publicKeyData()
Get a list of public key data in the keyring (key data only)
Definition: KeyRing.cc:666
zypp::Exception
Base class for Exception.
Definition: Exception.h:143
zypp::KeyRingReport
Callbacks from signature verification workflow.
Definition: KeyRing.h:44
zypp::RW_pointer< Impl >
zypp::KeyRing::deleteKey
void deleteKey(const std::string &id, bool trusted=false)
removes a key from the keyring.
Definition: KeyRing.cc:657
zypp::KeyRing::operator<<
friend std::ostream & operator<<(std::ostream &str, const KeyRing &obj)
zypp::KeyRing::verifyFileTrustedSignature
bool verifyFileTrustedSignature(const Pathname &file, const Pathname &signature)
Definition: KeyRing.cc:681
zypp::KeyRing::isKeyTrusted
bool isKeyTrusted(const std::string &id)
true if the key id is trusted
Definition: KeyRing.cc:693
zypp::KeyRingSignals::trustedKeyRemoved
virtual void trustedKeyRemoved(const PublicKey &)
Definition: KeyRing.h:105
zypp::KeyRing::readSignatureKeyId
std::string readSignatureKeyId(const Pathname &signature)
reads the public key id from a signature
Definition: KeyRing.cc:654
zypp::KeyRing::verifyFileSignature
bool verifyFileSignature(const Pathname &file, const Pathname &signature)
Verifies a file against a signature, with no user interaction.
Definition: KeyRing.cc:678
zypp::KeyRingException::~KeyRingException
virtual ~KeyRingException()
Dtor.
Definition: KeyRing.h:125
zypp::KeyRingReport::askUserToAcceptVerificationFailed
virtual bool askUserToAcceptVerificationFailed(const std::string &file, const PublicKey &key, const KeyContext &keycontext=KeyContext())
The file filedesc is signed but the verification failed.
Definition: KeyRing.cc:80
zypp::KeyRing::publicKeys
std::list< PublicKey > publicKeys()
Get a list of public keys in the keyring (incl.
Definition: KeyRing.cc:660