libzypp  17.6.1
KeyRing.h
Go to the documentation of this file.
1 /*---------------------------------------------------------------------\
2 | ____ _ __ __ ___ |
3 | |__ / \ / / . \ . \ |
4 | / / \ V /| _/ _/ |
5 | / /__ | | | | | | |
6 | /_____||_| |_| |_| |
7 | |
8 \---------------------------------------------------------------------*/
12 #ifndef ZYPP_KEYRING_H
13 #define ZYPP_KEYRING_H
14 
15 #include <iosfwd>
16 #include <map>
17 #include <list>
18 #include <set>
19 #include <string>
20 
21 #include "zypp/base/ReferenceCounted.h"
22 #include "zypp/base/Flags.h"
23 #include "zypp/Callback.h"
24 #include "zypp/base/PtrTypes.h"
25 #include "zypp/Locale.h"
26 #include "zypp/PublicKey.h"
27 #include "zypp/KeyContext.h"
28 
30 namespace zypp
31 {
32 
33  DEFINE_PTR_TYPE(KeyRing);
34 
44  struct KeyRingReport : public callback::ReportBase
45  {
51  enum KeyTrust
52  {
56  KEY_DONT_TRUST = 0,
61  KEY_TRUST_TEMPORARILY,
70  KEY_TRUST_AND_IMPORT
71  };
72 
73  constexpr static const char * ACCEPT_PACKAGE_KEY_REQUEST = "KeyRingReport/AcceptPackageKey";
74 
79  virtual KeyTrust askUserToAcceptKey( const PublicKey &key, const KeyContext &keycontext = KeyContext() );
80 
82  virtual void infoVerify( const std::string & file_r, const PublicKeyData & keyData_r, const KeyContext &keycontext = KeyContext() );
83 
84  virtual bool askUserToAcceptUnsignedFile( const std::string &file, const KeyContext &keycontext = KeyContext() );
85 
92  virtual bool askUserToAcceptUnknownKey( const std::string &file, const std::string &id, const KeyContext &keycontext = KeyContext() );
93 
99  virtual bool askUserToAcceptVerificationFailed( const std::string &file, const PublicKey &key, const KeyContext &keycontext = KeyContext() );
100 
116  bool askUserToAcceptPackageKey( const PublicKey &key_r, const KeyContext &keycontext_r = KeyContext() );
117 
118  };
119 
120  struct KeyRingSignals : public callback::ReportBase
121  {
122  virtual void trustedKeyAdded( const PublicKey &/*key*/ )
123  {}
124  virtual void trustedKeyRemoved( const PublicKey &/*key*/ )
125  {}
126  };
127 
128  class KeyRingException : public Exception
129  {
130  public:
134  KeyRingException()
135  : Exception( "Bad Key Exception" )
136  {}
140  KeyRingException( const std::string & msg_r )
141  : Exception( msg_r )
142  {}
144  virtual ~KeyRingException() throw() {};
145  };
146 
148  //
149  // CLASS NAME : KeyRing
150  //
154  class KeyRing : public base::ReferenceCounted, private base::NonCopyable
155  {
156  friend std::ostream & operator<<( std::ostream & str, const KeyRing & obj );
157 
158  public:
170  enum DefaultAcceptBits
171  {
172  ACCEPT_NOTHING = 0x0000,
173  ACCEPT_UNSIGNED_FILE = 0x0001,
174  ACCEPT_UNKNOWNKEY = 0x0002,
175  TRUST_KEY_TEMPORARILY = 0x0004,
176  TRUST_AND_IMPORT_KEY = 0x0008,
177  ACCEPT_VERIFICATION_FAILED = 0x0010,
178  };
179  ZYPP_DECLARE_FLAGS( DefaultAccept, DefaultAcceptBits );
180 
182  static DefaultAccept defaultAccept();
183 
185  static void setDefaultAccept( DefaultAccept value_r );
187 
188  public:
190  class Impl;
191 
192  public:
194  KeyRing(const Pathname &baseTmpDir);
195 
200  void importKey( const PublicKey &key, bool trusted = false);
201 
203  void multiKeyImport( const Pathname & keyfile_r, bool trusted_r = false );
204 
205  void dumpTrustedPublicKey( const std::string &id, std::ostream &stream )
206  { dumpPublicKey(id, true, stream); }
207 
208  void dumpUntrustedPublicKey( const std::string &id, std::ostream &stream )
209  { dumpPublicKey(id, false, stream); }
210 
211  void dumpPublicKey( const std::string &id, bool trusted, std::ostream &stream );
212 
214  PublicKey exportPublicKey( const PublicKeyData & keyData );
215 
217  PublicKey exportTrustedPublicKey( const PublicKeyData & keyData );
218 
222  std::string readSignatureKeyId( const Pathname &signature );
223 
227  bool isKeyTrusted( const std::string &id );
228 
233  bool isKeyKnown( const std::string &id );
234 
239  void deleteKey( const std::string &id, bool trusted = false );
240 
244  std::list<PublicKey> publicKeys();
245 
249  std::list<PublicKey> trustedPublicKeys();
250 
254  std::list<PublicKeyData> publicKeyData();
255 
259  std::list<PublicKeyData> trustedPublicKeyData();
260 
264  PublicKeyData trustedPublicKeyData( const std::string &id );
265 
296  bool verifyFileSignatureWorkflow( const Pathname &file, const std::string &filedesc, const Pathname &signature, bool & sigValid_r, const KeyContext &keycontext = KeyContext());
298  bool verifyFileSignatureWorkflow( const Pathname &file, const std::string filedesc, const Pathname &signature, const KeyContext &keycontext = KeyContext());
299 
306  bool verifyFileSignature( const Pathname &file, const Pathname &signature );
307 
308  bool verifyFileTrustedSignature( const Pathname &file, const Pathname &signature );
309 
311  ~KeyRing();
312 
313  private:
315  RW_pointer<Impl> _pimpl;
316  };
318 
320  inline std::ostream & operator<<( std::ostream & str, const KeyRing & /*obj*/ )
321  {
322  //return str << obj.asString();
323  return str;
324  }
325 
327  ZYPP_DECLARE_OPERATORS_FOR_FLAGS( KeyRing::DefaultAccept );
328 
330 
331  namespace target
332  {
333  namespace rpm
334  {
336  struct KeyRingSignals : public ::zypp::KeyRingSignals
337  {};
338  }
339  }
340 
342 } // namespace zypp
344 #endif // ZYPP_KEYRING_H
zypp::ZYPP_DECLARE_FLAGS
ZYPP_DECLARE_FLAGS(VendorSupportOptions, VendorSupportOption)
zypp::KeyRing::dumpTrustedPublicKey
void dumpTrustedPublicKey(const std::string &id, std::ostream &stream)
Definition: KeyRing.h:205
zypp::KeyRing
Gpg key handling.
Definition: KeyRing.h:154
zypp::KeyRingReport::KEY_TRUST_TEMPORARILY
This basically means, we knew the key, but it was not trusted.
Definition: KeyRing.h:61
zypp::KeyRingException::KeyRingException
KeyRingException(const std::string &msg_r)
Ctor taking message.
Definition: KeyRing.h:140
zypp::PublicKeyData
Class representing one GPG Public Keys data.
Definition: PublicKey.h:139
zypp::ZYPP_DECLARE_OPERATORS_FOR_FLAGS
ZYPP_DECLARE_OPERATORS_FOR_FLAGS(DiskUsageCounter::MountPoint::HintFlags)
zypp::KeyRingReport::askUserToAcceptUnsignedFile
virtual bool askUserToAcceptUnsignedFile(const std::string &file, const KeyContext &keycontext=KeyContext())
Definition: KeyRing.cc:63
str
String related utilities and Regular expression matching.
zypp::KeyRingReport::askUserToAcceptPackageKey
bool askUserToAcceptPackageKey(const PublicKey &key_r, const KeyContext &keycontext_r=KeyContext())
Ask user to trust and/or import the package key to trusted keyring, using ReportBase::report.
Definition: KeyRing.cc:82
zypp::KeyRingReport::askUserToAcceptUnknownKey
virtual bool askUserToAcceptUnknownKey(const std::string &file, const std::string &id, const KeyContext &keycontext=KeyContext())
we DONT know the key, only its id, but we have never seen it, the difference with trust key is that i...
Definition: KeyRing.cc:76
zypp::KeyRingException::KeyRingException
KeyRingException()
Ctor taking message.
Definition: KeyRing.h:134
zypp::target::rpm::KeyRingSignals
Internal connection to rpm database.
Definition: KeyRing.h:336
zypp::KeyRingReport::infoVerify
virtual void infoVerify(const std::string &file_r, const PublicKeyData &keyData_r, const KeyContext &keycontext=KeyContext())
Informal callback showing the trusted key that will be used for verification.
Definition: KeyRing.cc:60
zypp::KeyRingReport::KeyTrust
KeyTrust
User reply options for the askUserToTrustKey callback.
Definition: KeyRing.h:51
zypp::base::NonCopyable
boost::noncopyable NonCopyable
Ensure derived classes cannot be copied.
Definition: NonCopyable.h:26
zypp::KeyRing::dumpUntrustedPublicKey
void dumpUntrustedPublicKey(const std::string &id, std::ostream &stream)
Definition: KeyRing.h:208
zypp::operator<<
std::ostream & operator<<(std::ostream &str, const Exception &obj)
Definition: Exception.cc:147
zypp::DEFINE_PTR_TYPE
DEFINE_PTR_TYPE(Application)
zypp::KeyRing::Impl
KeyRing implementation.
Definition: KeyRing.cc:180
zypp::KeyRing::operator<<
std::ostream & operator<<(std::ostream &str, const KeyRing &)
Definition: KeyRing.h:320
zypp::KeyRingSignals::trustedKeyAdded
virtual void trustedKeyAdded(const PublicKey &)
Definition: KeyRing.h:122
zypp::base::ReferenceCounted
Base class for reference counted objects.
Definition: ReferenceCounted.h:33
zypp::KeyRingReport::ACCEPT_PACKAGE_KEY_REQUEST
static constexpr const char * ACCEPT_PACKAGE_KEY_REQUEST
Definition: KeyRing.h:73
zypp::KeyRingReport::KEY_DONT_TRUST
User has chosen not to trust the key.
Definition: KeyRing.h:56
zypp::KeyRing::DefaultAcceptBits
DefaultAcceptBits
DefaultAccept flags (
Definition: KeyRing.h:170
zypp::KeyRingReport::askUserToAcceptKey
virtual KeyTrust askUserToAcceptKey(const PublicKey &key, const KeyContext &keycontext=KeyContext())
Ask user to trust and/or import the key to trusted keyring.
Definition: KeyRing.cc:67
zypp::KeyRing::_pimpl
RW_pointer< Impl > _pimpl
Pointer to implementation.
Definition: KeyRing.h:315
zypp::PublicKey
Class representing one GPG Public Key (PublicKeyData + ASCII armored in a tempfile).
Definition: PublicKey.h:272
zypp::Exception
Base class for Exception.
Definition: Exception.h:145
zypp::KeyRingReport
Callbacks from signature verification workflow.
Definition: KeyRing.h:44
zypp::RW_pointer< Impl >
zypp
Easy-to use interface to the ZYPP dependency resolver.
Definition: CodePitfalls.doc:1
zypp::KeyRingSignals::trustedKeyRemoved
virtual void trustedKeyRemoved(const PublicKey &)
Definition: KeyRing.h:124
zypp::KeyRingException::~KeyRingException
virtual ~KeyRingException()
Dtor.
Definition: KeyRing.h:144
zypp::KeyRingReport::askUserToAcceptVerificationFailed
virtual bool askUserToAcceptVerificationFailed(const std::string &file, const PublicKey &key, const KeyContext &keycontext=KeyContext())
The file filedesc is signed but the verification failed.
Definition: KeyRing.cc:79