1 /*---------------------------------------------------------------------\
3 | |__ / \ / / . \ . \ |
8 \---------------------------------------------------------------------*/
9 /** \file zypp/KeyRing.cc
14 //#include "zypp/base/Logger.h"
19 #include "zypp/ZYppFactory.h"
20 #include "zypp/ZYpp.h"
22 #include <boost/regex.hpp>
24 #include "zypp/base/String.h"
25 #include "zypp/KeyRing.h"
26 #include "zypp/ExternalProgram.h"
27 #include "zypp/TmpPath.h"
30 using namespace boost;
31 using namespace zypp::filesystem;
34 ///////////////////////////////////////////////////////////////////
36 { /////////////////////////////////////////////////////////////////
38 IMPL_PTR_TYPE(KeyRing);
40 static void dumpRegexpResults( const boost::smatch &what )
42 for ( unsigned int k=0; k < what.size(); k++)
44 XXX << "[match "<< k << "] [" << what[k] << "]" << std::endl;
48 ///////////////////////////////////////////////////////////////////
50 // CLASS NAME : KeyRing::Impl
52 /** KeyRing implementation. */
58 Impl( const Pathname &general_kr, const Pathname &trusted_kr )
60 filesystem::assert_dir(general_kr);
61 filesystem::assert_dir(trusted_kr);
63 _general_kr = general_kr;
64 _trusted_kr = trusted_kr;
67 void importKey( const Pathname &keyfile, bool trusted = false);
68 PublicKey readPublicKey( const Pathname &keyfile );
69 void deleteKey( const std::string &id, bool trusted );
70 std::list<PublicKey> trustedPublicKeys();
71 std::list<PublicKey> publicKeys();
72 bool verifyFileSignature( const Pathname &file, const Pathname &signature);
73 bool verifyFileTrustedSignature( const Pathname &file, const Pathname &signature);
75 //mutable std::map<Locale, std::string> translations;
76 bool verifyFile( const Pathname &file, const Pathname &signature, const Pathname &keyring);
77 void importKey( const Pathname &keyfile, const Pathname &keyring);
78 void deleteKey( const std::string &id, const Pathname &keyring );
79 std::list<PublicKey> publicKeys(const Pathname &keyring);
84 /** Offer default Impl. */
85 static shared_ptr<Impl> nullimpl()
87 static shared_ptr<Impl> _nullimpl( new Impl );
92 friend Impl * rwcowClone<Impl>( const Impl * rhs );
93 /** clone for RWCOW_pointer */
95 { return new Impl( *this ); }
98 void KeyRing::Impl::importKey( const Pathname &keyfile, bool trusted)
100 importKey( keyfile, trusted ? _trusted_kr : _general_kr );
103 void KeyRing::Impl::deleteKey( const std::string &id, bool trusted)
105 deleteKey( id, trusted ? _trusted_kr : _general_kr );
108 std::list<PublicKey> KeyRing::Impl::publicKeys()
110 return publicKeys( _general_kr );
113 std::list<PublicKey> KeyRing::Impl::trustedPublicKeys()
115 return publicKeys( _trusted_kr );
118 bool KeyRing::Impl::verifyFileTrustedSignature( const Pathname &file, const Pathname &signature)
120 return verifyFile( file, signature, _trusted_kr );
123 bool KeyRing::Impl::verifyFileSignature( const Pathname &file, const Pathname &signature)
125 return verifyFile( file, signature, _general_kr );
128 PublicKey KeyRing::Impl::readPublicKey( const Pathname &keyfile )
133 "--with-fingerprint",
141 keyfile.asString().c_str(),
145 ExternalProgram prog(argv,ExternalProgram::Discard_Stderr, false, -1, true);
150 boost::regex rxColons("^([^:]*):([^:]*):([^:]*):([^:]*):([^:]*):([^:]*):([^:]*):([^:]*):([^:]*):([^:]*):\n$");
152 // pub:-:1024:17:A84EDAE89C800ACA:2000-10-19:2008-06-21::-:SuSE Package Signing Key <build@suse.de>:
155 for(line = prog.receiveLine(), count=0; !line.empty(); line = prog.receiveLine(), count++ )
157 //MIL << "[" << line << "]" << std::endl;
159 if(boost::regex_match(line, what, rxColons, boost::match_extra))
161 if ( what[1] == "pub" )
167 //dumpRegexpResults(what);
174 std::list<PublicKey> KeyRing::Impl::publicKeys(const Pathname &keyring)
182 "--with-fingerprint",
184 keyring.asString().c_str(),
187 std::list<PublicKey> keys;
189 ExternalProgram prog(argv,ExternalProgram::Discard_Stderr, false, -1, true);
193 boost::regex rxColons("^([^:]*):([^:]*):([^:]*):([^:]*):([^:]*):([^:]*):([^:]*):([^:]*):([^:]*):([^:]*):\n$");
195 for(line = prog.receiveLine(), count=0; !line.empty(); line = prog.receiveLine(), count++ )
197 //MIL << line << std::endl;
199 if(boost::regex_match(line, what, rxColons, boost::match_extra))
201 if ( what[1] == "pub" )
206 MIL << "Found key " << key.id << " [" << key.name << "]" << std::endl;
209 dumpRegexpResults(what);
216 void KeyRing::Impl::importKey( const Pathname &keyfile, const Pathname &keyring)
227 keyring.asString().c_str(),
229 keyfile.asString().c_str(),
234 ExternalProgram prog(argv,ExternalProgram::Discard_Stderr, false, -1, true);
238 ZYPP_THROW(Exception("failed to import key"));
240 // boost::regex rxImported("^\\[GNUPG:\\] IMPORTED ([^[:space:]]+) (.+)\n$");
243 // for(line = prog.receiveLine(), count=0; !line.empty(); line = prog.receiveLine(), count++ )
245 // MIL << line << std::endl;
246 // boost::smatch what;
247 // if(boost::regex_match(line, what, rxImported, boost::match_extra))
252 // key.name = what[2];
257 // throw Exception("failed to import key");
258 // return PublicKey();
261 void KeyRing::Impl::deleteKey( const std::string &id, const Pathname &keyring )
273 keyring.asString().c_str(),
279 ExternalProgram prog(argv,ExternalProgram::Discard_Stderr, false, -1, true);
281 int code = prog.close();
283 ZYPP_THROW(Exception("Failed to delete key."));
285 MIL << "Deleted key " << id << " from keyring " << keyring << std::endl;
288 bool KeyRing::Impl::verifyFile( const Pathname &file, const Pathname &signature, const Pathname &keyring)
300 keyring.asString().c_str(),
302 signature.asString().c_str(),
303 file.asString().c_str(),
307 // no need to parse output for now
308 // [GNUPG:] SIG_ID yCc4u223XRJnLnVAIllvYbUd8mQ 2006-03-29 1143618744
309 // [GNUPG:] GOODSIG A84EDAE89C800ACA SuSE Package Signing Key <build@suse.de>
310 // gpg: Good signature from "SuSE Package Signing Key <build@suse.de>"
311 // [GNUPG:] VALIDSIG 79C179B2E1C820C1890F9994A84EDAE89C800ACA 2006-03-29 1143618744 0 3 0 17 2 00 79C179B2E1C820C1890F9994A84EDAE89C800ACA
312 // [GNUPG:] TRUST_UNDEFINED
314 // [GNUPG:] ERRSIG A84EDAE89C800ACA 17 2 00 1143618744 9
315 // [GNUPG:] NO_PUBKEY A84EDAE89C800ACA
317 ExternalProgram prog(argv,ExternalProgram::Discard_Stderr, false, -1, true);
318 return (prog.close() == 0) ? true : false;
321 ///////////////////////////////////////////////////////////////////
323 ///////////////////////////////////////////////////////////////////
325 // CLASS NAME : KeyRing
327 ///////////////////////////////////////////////////////////////////
329 ///////////////////////////////////////////////////////////////////
331 // METHOD NAME : KeyRing::KeyRing
332 // METHOD TYPE : Ctor
335 : _pimpl( Impl::nullimpl() )
338 ///////////////////////////////////////////////////////////////////
340 // METHOD NAME : KeyRing::KeyRing
341 // METHOD TYPE : Ctor
343 KeyRing::KeyRing( const Pathname &general_kr, const Pathname &trusted_kr )
344 : _pimpl( new Impl(general_kr, trusted_kr) )
347 ///////////////////////////////////////////////////////////////////
349 // METHOD NAME : KeyRing::~KeyRing
350 // METHOD TYPE : Dtor
355 ///////////////////////////////////////////////////////////////////
357 // Forward to implementation:
359 ///////////////////////////////////////////////////////////////////
361 void KeyRing::importKey( const Pathname &keyfile, bool trusted)
363 _pimpl->importKey(keyfile, trusted);
366 PublicKey KeyRing::readPublicKey( const Pathname &keyfile )
368 return _pimpl->readPublicKey(keyfile);
371 void KeyRing::deleteKey( const std::string &id, bool trusted )
373 _pimpl->deleteKey(id, trusted);
376 std::list<PublicKey> KeyRing::publicKeys()
378 return _pimpl->publicKeys();
381 std::list<PublicKey> KeyRing::trustedPublicKeys()
383 return _pimpl->trustedPublicKeys();
386 bool KeyRing::verifyFileSignature( const Pathname &file, const Pathname &signature)
388 return _pimpl->verifyFileSignature(file, signature);
391 bool KeyRing::verifyFileTrustedSignature( const Pathname &file, const Pathname &signature)
393 return _pimpl->verifyFileTrustedSignature(file, signature);
396 /////////////////////////////////////////////////////////////////
398 ///////////////////////////////////////////////////////////////////