1 /*---------------------------------------------------------------------\
3 | |__ / \ / / . \ . \ |
8 \---------------------------------------------------------------------*/
9 /** \file zypp/KeyRing.cc
18 #include <boost/format.hpp>
20 #include "zypp/TmpPath.h"
21 #include "zypp/ZYppFactory.h"
22 #include "zypp/ZYpp.h"
24 #include "zypp/base/LogTools.h"
25 #include "zypp/base/IOStream.h"
26 #include "zypp/base/String.h"
27 #include "zypp/base/Regex.h"
28 #include "zypp/base/Gettext.h"
29 #include "zypp/base/WatchFile.h"
30 #include "zypp/PathInfo.h"
31 #include "zypp/KeyRing.h"
32 #include "zypp/ExternalProgram.h"
33 #include "zypp/TmpPath.h"
37 #undef ZYPP_BASE_LOGGER_LOGGROUP
38 #define ZYPP_BASE_LOGGER_LOGGROUP "zypp::KeyRing"
40 /** \todo Fix duplicate define in PublicKey/KeyRing */
41 #define GPG_BINARY "/usr/bin/gpg2"
43 ///////////////////////////////////////////////////////////////////
45 { /////////////////////////////////////////////////////////////////
47 IMPL_PTR_TYPE(KeyRing);
51 KeyRing::DefaultAccept _keyRingDefaultAccept( KeyRing::ACCEPT_NOTHING );
54 KeyRing::DefaultAccept KeyRing::defaultAccept()
55 { return _keyRingDefaultAccept; }
57 void KeyRing::setDefaultAccept( DefaultAccept value_r )
59 MIL << "Set new KeyRing::DefaultAccept: " << value_r << endl;
60 _keyRingDefaultAccept = value_r;
63 void KeyRingReport::infoVerify( const std::string & file_r, const PublicKeyData & keyData_r, const KeyContext & keycontext )
66 bool KeyRingReport::askUserToAcceptUnsignedFile( const std::string & file, const KeyContext & keycontext )
67 { return _keyRingDefaultAccept.testFlag( KeyRing::ACCEPT_UNSIGNED_FILE ); }
69 KeyRingReport::KeyTrust
70 KeyRingReport::askUserToAcceptKey( const PublicKey & key, const KeyContext & keycontext )
72 if ( _keyRingDefaultAccept.testFlag( KeyRing::TRUST_KEY_TEMPORARILY ) )
73 return KEY_TRUST_TEMPORARILY;
74 if ( _keyRingDefaultAccept.testFlag( KeyRing::TRUST_AND_IMPORT_KEY ) )
75 return KEY_TRUST_AND_IMPORT;
76 return KEY_DONT_TRUST;
79 bool KeyRingReport::askUserToAcceptUnknownKey( const std::string & file, const std::string & id, const KeyContext & keycontext )
80 { return _keyRingDefaultAccept.testFlag( KeyRing::ACCEPT_UNKNOWNKEY ); }
82 bool KeyRingReport::askUserToAcceptVerificationFailed( const std::string & file, const PublicKey & key, const KeyContext & keycontext )
83 { return _keyRingDefaultAccept.testFlag( KeyRing::ACCEPT_VERIFICATION_FAILED ); }
87 ///////////////////////////////////////////////////////////////////
88 /// \class CachedPublicKeyData
89 /// \brief Functor returning the keyrings data (cached).
91 /// const std::list<PublicKeyData> & cachedPublicKeyData( const Pathname & keyring );
93 ///////////////////////////////////////////////////////////////////
94 struct CachedPublicKeyData // : private base::NonCopyable - but KeyRing uses RWCOW though also NonCopyable :(
96 const std::list<PublicKeyData> & operator()( const Pathname & keyring_r ) const
97 { return getData( keyring_r ); }
102 // Empty copy ctor to allow insert into std::map as
103 // scoped_ptr is noncopyable.
105 Cache( const Cache & rhs ) {}
107 void assertCache( const Pathname & keyring_r )
109 // .kbx since gpg2-2.1
111 _keyringK.reset( new WatchFile( keyring_r/"pubring.kbx", WatchFile::NO_INIT ) );
113 _keyringP.reset( new WatchFile( keyring_r/"pubring.gpg", WatchFile::NO_INIT ) );
116 bool hasChanged() const
118 bool k = _keyringK->hasChanged(); // be sure both files are checked
119 bool p = _keyringP->hasChanged();
123 std::list<PublicKeyData> _data;
126 scoped_ptr<WatchFile> _keyringK;
127 scoped_ptr<WatchFile> _keyringP;
130 typedef std::map<Pathname,Cache> CacheMap;
132 const std::list<PublicKeyData> & getData( const Pathname & keyring_r ) const
134 Cache & cache( _cacheMap[keyring_r] );
135 // init new cache entry
136 cache.assertCache( keyring_r );
137 return getData( keyring_r, cache );
140 const std::list<PublicKeyData> & getData( const Pathname & keyring_r, Cache & cache_r ) const
142 if ( cache_r.hasChanged() )
147 "--list-public-keys",
148 "--homedir", keyring_r.c_str(),
149 "--no-default-keyring",
153 "--with-fingerprint",
162 PublicKeyScanner scanner;
163 ExternalProgram prog( argv ,ExternalProgram::Discard_Stderr, false, -1, true );
164 for( std::string line = prog.receiveLine(); !line.empty(); line = prog.receiveLine() )
166 scanner.scan( line );
170 cache_r._data.swap( scanner._keys );
171 MIL << "Found keys: " << cache_r._data << endl;
173 return cache_r._data;
176 mutable CacheMap _cacheMap;
178 ///////////////////////////////////////////////////////////////////
181 ///////////////////////////////////////////////////////////////////
183 // CLASS NAME : KeyRing::Impl
185 /** KeyRing implementation. */
188 Impl( const Pathname & baseTmpDir )
189 : _trusted_tmp_dir( baseTmpDir, "zypp-trusted-kr" )
190 , _general_tmp_dir( baseTmpDir, "zypp-general-kr" )
191 , _base_dir( baseTmpDir )
193 MIL << "Current KeyRing::DefaultAccept: " << _keyRingDefaultAccept << endl;
196 void importKey( const PublicKey & key, bool trusted = false );
197 void multiKeyImport( const Pathname & keyfile_r, bool trusted_r = false );
198 void deleteKey( const std::string & id, bool trusted );
200 std::string readSignatureKeyId( const Pathname & signature );
202 bool isKeyTrusted( const std::string & id )
203 { return bool(publicKeyExists( id, trustedKeyRing() )); }
204 bool isKeyKnown( const std::string & id )
205 { return publicKeyExists( id, trustedKeyRing() ) || publicKeyExists( id, generalKeyRing() ); }
207 std::list<PublicKey> trustedPublicKeys()
208 { return publicKeys( trustedKeyRing() ); }
209 std::list<PublicKey> publicKeys()
210 { return publicKeys( generalKeyRing() ); }
212 const std::list<PublicKeyData> & trustedPublicKeyData()
213 { return publicKeyData( trustedKeyRing() ); }
214 const std::list<PublicKeyData> & publicKeyData()
215 { return publicKeyData( generalKeyRing() ); }
217 void dumpPublicKey( const std::string & id, bool trusted, std::ostream & stream )
218 { dumpPublicKey( id, ( trusted ? trustedKeyRing() : generalKeyRing() ), stream ); }
220 PublicKey exportPublicKey( const PublicKeyData & keyData )
221 { return exportKey( keyData, generalKeyRing() ); }
222 PublicKey exportTrustedPublicKey( const PublicKeyData & keyData )
223 { return exportKey( keyData, trustedKeyRing() ); }
225 bool verifyFileSignatureWorkflow( const Pathname & file, const std::string & filedesc, const Pathname & signature, bool & sigValid_r, const KeyContext & keycontext = KeyContext());
227 bool verifyFileSignature( const Pathname & file, const Pathname & signature )
228 { return verifyFile( file, signature, generalKeyRing() ); }
229 bool verifyFileTrustedSignature( const Pathname & file, const Pathname & signature )
230 { return verifyFile( file, signature, trustedKeyRing() ); }
233 bool verifyFile( const Pathname & file, const Pathname & signature, const Pathname & keyring );
234 void importKey( const Pathname & keyfile, const Pathname & keyring );
236 PublicKey exportKey( const std::string & id, const Pathname & keyring );
237 PublicKey exportKey( const PublicKeyData & keyData, const Pathname & keyring );
239 void dumpPublicKey( const std::string & id, const Pathname & keyring, std::ostream & stream );
240 filesystem::TmpFile dumpPublicKeyToTmp( const std::string & id, const Pathname & keyring );
242 void deleteKey( const std::string & id, const Pathname & keyring );
244 std::list<PublicKey> publicKeys( const Pathname & keyring);
245 const std::list<PublicKeyData> & publicKeyData( const Pathname & keyring )
246 { return cachedPublicKeyData( keyring ); }
248 /** Get \ref PublicKeyData for ID (\c false if ID is not found). */
249 PublicKeyData publicKeyExists( const std::string & id, const Pathname & keyring );
251 const Pathname generalKeyRing() const
252 { return _general_tmp_dir.path(); }
253 const Pathname trustedKeyRing() const
254 { return _trusted_tmp_dir.path(); }
256 // Used for trusted and untrusted keyrings
257 filesystem::TmpDir _trusted_tmp_dir;
258 filesystem::TmpDir _general_tmp_dir;
262 /** Functor returning the keyrings data (cached).
264 * const std::list<PublicKeyData> & cachedPublicKeyData( const Pathname & keyring );
267 CachedPublicKeyData cachedPublicKeyData;
269 ///////////////////////////////////////////////////////////////////
272 void KeyRing::Impl::importKey( const PublicKey & key, bool trusted )
274 importKey( key.path(), trusted ? trustedKeyRing() : generalKeyRing() );
278 callback::SendReport<target::rpm::KeyRingSignals> rpmdbEmitSignal;
279 callback::SendReport<KeyRingSignals> emitSignal;
281 rpmdbEmitSignal->trustedKeyAdded( key );
282 emitSignal->trustedKeyAdded( key );
286 void KeyRing::Impl::multiKeyImport( const Pathname & keyfile_r, bool trusted_r )
288 importKey( keyfile_r, trusted_r ? trustedKeyRing() : generalKeyRing() );
291 void KeyRing::Impl::deleteKey( const std::string & id, bool trusted )
297 key = exportKey( id, trustedKeyRing() );
300 deleteKey( id, trusted ? trustedKeyRing() : generalKeyRing() );
304 callback::SendReport<target::rpm::KeyRingSignals> rpmdbEmitSignal;
305 callback::SendReport<KeyRingSignals> emitSignal;
307 rpmdbEmitSignal->trustedKeyRemoved( key );
308 emitSignal->trustedKeyRemoved( key );
312 PublicKeyData KeyRing::Impl::publicKeyExists( const std::string & id, const Pathname & keyring )
314 MIL << "Searching key [" << id << "] in keyring " << keyring << endl;
315 const std::list<PublicKeyData> & keys( publicKeyData( keyring ) );
316 for_( it, keys.begin(), keys.end() )
318 if ( id == (*it).id() )
323 return PublicKeyData();
326 PublicKey KeyRing::Impl::exportKey( const PublicKeyData & keyData, const Pathname & keyring )
328 return PublicKey( dumpPublicKeyToTmp( keyData.id(), keyring ), keyData );
331 PublicKey KeyRing::Impl::exportKey( const std::string & id, const Pathname & keyring )
333 PublicKeyData keyData( publicKeyExists( id, keyring ) );
335 return PublicKey( dumpPublicKeyToTmp( keyData.id(), keyring ), keyData );
337 // Here: key not found
338 WAR << "No key " << id << " to export from " << keyring << endl;
343 void KeyRing::Impl::dumpPublicKey( const std::string & id, const Pathname & keyring, std::ostream & stream )
350 "--homedir", keyring.asString().c_str(),
351 "--no-default-keyring",
355 "--no-permission-warning",
360 ExternalProgram prog( argv,ExternalProgram::Discard_Stderr, false, -1, true );
361 for ( std::string line = prog.receiveLine(); !line.empty(); line = prog.receiveLine() )
368 filesystem::TmpFile KeyRing::Impl::dumpPublicKeyToTmp( const std::string & id, const Pathname & keyring )
370 filesystem::TmpFile tmpFile( _base_dir, "pubkey-"+id+"-" );
371 MIL << "Going to export key " << id << " from " << keyring << " to " << tmpFile.path() << endl;
373 std::ofstream os( tmpFile.path().c_str() );
374 dumpPublicKey( id, keyring, os );
379 bool KeyRing::Impl::verifyFileSignatureWorkflow( const Pathname & file, const std::string & filedesc, const Pathname & signature, bool & sigValid_r, const KeyContext & context )
381 sigValid_r = false; // set true if signature is actually successfully validated!
383 callback::SendReport<KeyRingReport> report;
384 MIL << "Going to verify signature for " << filedesc << " ( " << file << " ) with " << signature << endl;
386 // if signature does not exists, ask user if he wants to accept unsigned file.
387 if( signature.empty() || (!PathInfo( signature ).isExist()) )
389 bool res = report->askUserToAcceptUnsignedFile( filedesc, context );
390 MIL << "User decision on unsigned file: " << res << endl;
394 // get the id of the signature
395 std::string id = readSignatureKeyId( signature );
397 // doeskey exists in trusted keyring
398 PublicKeyData trustedKeyData( publicKeyExists( id, trustedKeyRing() ) );
399 if ( trustedKeyData )
401 MIL << "Key is trusted: " << trustedKeyData << endl;
403 // lets look if there is an updated key in the
405 PublicKeyData generalKeyData( publicKeyExists( id, generalKeyRing() ) );
406 if ( generalKeyData )
408 // bnc #393160: Comment #30: Compare at least the fingerprint
409 // in case an attacker created a key the the same id.
410 if ( trustedKeyData.fingerprint() == generalKeyData.fingerprint()
411 && trustedKeyData.created() < generalKeyData.created() )
413 MIL << "Key was updated. Saving new version into trusted keyring: " << generalKeyData << endl;
414 importKey( exportKey( generalKeyData, generalKeyRing() ), true );
415 trustedKeyData = generalKeyData = PublicKeyData(); // invalidated by import.
419 if ( ! trustedKeyData ) // invalidated by previous import
420 trustedKeyData = publicKeyExists( id, trustedKeyRing() );
421 report->infoVerify( filedesc, trustedKeyData, context );
423 // it exists, is trusted, does it validates?
424 if ( verifyFile( file, signature, trustedKeyRing() ) )
426 return (sigValid_r=true); // signature is actually successfully validated!
430 return report->askUserToAcceptVerificationFailed( filedesc, exportKey( trustedKeyData, trustedKeyRing() ), context );
435 PublicKeyData generalKeyData( publicKeyExists( id, generalKeyRing() ) );
436 if ( generalKeyData )
438 PublicKey key( exportKey( generalKeyData, generalKeyRing() ) );
439 MIL << "Exported key " << id << " to " << key.path() << endl;
440 MIL << "Key " << id << " " << key.name() << " is not trusted" << endl;
442 // ok the key is not trusted, ask the user to trust it or not
443 KeyRingReport::KeyTrust reply = report->askUserToAcceptKey( key, context );
444 if ( reply == KeyRingReport::KEY_TRUST_TEMPORARILY ||
445 reply == KeyRingReport::KEY_TRUST_AND_IMPORT )
447 MIL << "User wants to trust key " << id << " " << key.name() << endl;
448 //dumpFile( unKey.path() );
450 Pathname whichKeyring;
451 if ( reply == KeyRingReport::KEY_TRUST_AND_IMPORT )
453 MIL << "User wants to import key " << id << " " << key.name() << endl;
454 importKey( key, true );
455 whichKeyring = trustedKeyRing();
458 whichKeyring = generalKeyRing();
461 if ( verifyFile( file, signature, whichKeyring ) )
463 MIL << "File signature is verified" << endl;
464 return (sigValid_r=true); // signature is actually successfully validated!
468 MIL << "File signature check fails" << endl;
469 if ( report->askUserToAcceptVerificationFailed( filedesc, key, context ) )
471 MIL << "User continues anyway." << endl;
476 MIL << "User does not want to continue" << endl;
483 MIL << "User does not want to trust key " << id << " " << key.name() << endl;
490 MIL << "File [" << file << "] ( " << filedesc << " ) signed with unknown key [" << id << "]" << endl;
491 if ( report->askUserToAcceptUnknownKey( filedesc, id, context ) )
493 MIL << "User wants to accept unknown key " << id << endl;
498 MIL << "User does not want to accept unknown key " << id << endl;
506 std::list<PublicKey> KeyRing::Impl::publicKeys( const Pathname & keyring )
508 const std::list<PublicKeyData> & keys( publicKeyData( keyring ) );
509 std::list<PublicKey> ret;
511 for_( it, keys.begin(), keys.end() )
513 PublicKey key( exportKey( *it, keyring ) );
514 ret.push_back( key );
515 MIL << "Found key " << key << endl;
520 void KeyRing::Impl::importKey( const Pathname & keyfile, const Pathname & keyring )
522 if ( ! PathInfo( keyfile ).isExist() )
523 // TranslatorExplanation first %s is key name, second is keyring name
524 ZYPP_THROW(KeyRingException(boost::str(boost::format(
525 _("Tried to import not existent key %s into keyring %s"))
526 % keyfile.asString() % keyring.asString())));
532 "--homedir", keyring.asString().c_str(),
533 "--no-default-keyring",
537 "--no-permission-warning",
539 keyfile.asString().c_str(),
543 ExternalProgram prog( argv,ExternalProgram::Discard_Stderr, false, -1, true );
547 void KeyRing::Impl::deleteKey( const std::string & id, const Pathname & keyring )
553 "--homedir", keyring.asString().c_str(),
554 "--no-default-keyring",
564 ExternalProgram prog( argv,ExternalProgram::Discard_Stderr, false, -1, true );
566 int code = prog.close();
568 ZYPP_THROW(Exception(_("Failed to delete key.")));
570 MIL << "Deleted key " << id << " from keyring " << keyring << endl;
574 std::string KeyRing::Impl::readSignatureKeyId( const Pathname & signature )
576 if ( ! PathInfo( signature ).isFile() )
577 ZYPP_THROW(Exception(boost::str(boost::format(
578 _("Signature file %s not found"))% signature.asString())));
580 MIL << "Determining key id if signature " << signature << endl;
581 // HACK create a tmp keyring with no keys
582 filesystem::TmpDir dir( _base_dir, "fake-keyring" );
587 "--homedir", dir.path().asString().c_str(),
588 "--no-default-keyring",
594 signature.asString().c_str(),
598 ExternalProgram prog( argv,ExternalProgram::Discard_Stderr, false, -1, true );
603 str::regex rxNoKey( "^\\[GNUPG:\\] NO_PUBKEY (.+)\n$" );
605 for( line = prog.receiveLine(), count=0; !line.empty(); line = prog.receiveLine(), count++ )
607 //MIL << "[" << line << "]" << endl;
609 if( str::regex_match( line, what, rxNoKey ) )
611 if ( what.size() >= 1 )
616 //dumpRegexpResults( what );
622 MIL << "no output" << endl;
625 MIL << "Determined key id [" << id << "] for signature " << signature << endl;
630 bool KeyRing::Impl::verifyFile( const Pathname & file, const Pathname & signature, const Pathname & keyring )
636 "--homedir", keyring.asString().c_str(),
637 "--no-default-keyring",
643 signature.asString().c_str(),
644 file.asString().c_str(),
648 // no need to parse output for now
649 // [GNUPG:] SIG_ID yCc4u223XRJnLnVAIllvYbUd8mQ 2006-03-29 1143618744
650 // [GNUPG:] GOODSIG A84EDAE89C800ACA SuSE Package Signing Key <build@suse.de>
651 // gpg: Good signature from "SuSE Package Signing Key <build@suse.de>"
652 // [GNUPG:] VALIDSIG 79C179B2E1C820C1890F9994A84EDAE89C800ACA 2006-03-29 1143618744 0 3 0 17 2 00 79C179B2E1C820C1890F9994A84EDAE89C800ACA
653 // [GNUPG:] TRUST_UNDEFINED
655 // [GNUPG:] ERRSIG A84EDAE89C800ACA 17 2 00 1143618744 9
656 // [GNUPG:] NO_PUBKEY A84EDAE89C800ACA
658 ExternalProgram prog( argv,ExternalProgram::Discard_Stderr, false, -1, true );
660 return ( prog.close() == 0 ) ? true : false;
663 ///////////////////////////////////////////////////////////////////
665 ///////////////////////////////////////////////////////////////////
667 // CLASS NAME : KeyRing
669 ///////////////////////////////////////////////////////////////////
671 KeyRing::KeyRing( const Pathname & baseTmpDir )
672 : _pimpl( new Impl( baseTmpDir ) )
679 void KeyRing::importKey( const PublicKey & key, bool trusted )
680 { _pimpl->importKey( key, trusted ); }
682 void KeyRing::multiKeyImport( const Pathname & keyfile_r, bool trusted_r )
683 { _pimpl->multiKeyImport( keyfile_r, trusted_r ); }
685 std::string KeyRing::readSignatureKeyId( const Pathname & signature )
686 { return _pimpl->readSignatureKeyId( signature ); }
688 void KeyRing::deleteKey( const std::string & id, bool trusted )
689 { _pimpl->deleteKey( id, trusted ); }
691 std::list<PublicKey> KeyRing::publicKeys()
692 { return _pimpl->publicKeys(); }
694 std:: list<PublicKey> KeyRing::trustedPublicKeys()
695 { return _pimpl->trustedPublicKeys(); }
697 std::list<PublicKeyData> KeyRing::publicKeyData()
698 { return _pimpl->publicKeyData(); }
700 std::list<PublicKeyData> KeyRing::trustedPublicKeyData()
701 { return _pimpl->trustedPublicKeyData(); }
703 bool KeyRing::verifyFileSignatureWorkflow( const Pathname & file, const std::string & filedesc, const Pathname & signature, bool & sigValid_r, const KeyContext & keycontext )
704 { return _pimpl->verifyFileSignatureWorkflow( file, filedesc, signature, sigValid_r, keycontext ); }
706 bool KeyRing::verifyFileSignatureWorkflow( const Pathname & file, const std::string filedesc, const Pathname & signature, const KeyContext & keycontext )
707 { bool unused; return _pimpl->verifyFileSignatureWorkflow( file, filedesc, signature, unused, keycontext ); }
709 bool KeyRing::verifyFileSignature( const Pathname & file, const Pathname & signature )
710 { return _pimpl->verifyFileSignature( file, signature ); }
712 bool KeyRing::verifyFileTrustedSignature( const Pathname & file, const Pathname & signature )
713 { return _pimpl->verifyFileTrustedSignature( file, signature ); }
715 void KeyRing::dumpPublicKey( const std::string & id, bool trusted, std::ostream & stream )
716 { _pimpl->dumpPublicKey( id, trusted, stream ); }
718 PublicKey KeyRing::exportPublicKey( const PublicKeyData & keyData )
719 { return _pimpl->exportPublicKey( keyData ); }
721 PublicKey KeyRing::exportTrustedPublicKey( const PublicKeyData & keyData )
722 { return _pimpl->exportTrustedPublicKey( keyData ); }
724 bool KeyRing::isKeyTrusted( const std::string & id )
725 { return _pimpl->isKeyTrusted( id ); }
727 bool KeyRing::isKeyKnown( const std::string & id )
728 { return _pimpl->isKeyKnown( id ); }
730 /////////////////////////////////////////////////////////////////
732 ///////////////////////////////////////////////////////////////////
projects / platform / upstream / libzypp.git / blob