1 /*---------------------------------------------------------------------\
3 | |__ / \ / / . \ . \ |
8 \---------------------------------------------------------------------*/
9 /** \file zypp/KeyRing.h
12 #ifndef ZYPP_KEYRING_H
13 #define ZYPP_KEYRING_H
21 #include "zypp/base/ReferenceCounted.h"
22 #include "zypp/base/Flags.h"
23 #include "zypp/Callback.h"
24 #include "zypp/base/PtrTypes.h"
25 #include "zypp/Locale.h"
26 #include "zypp/PublicKey.h"
27 #include "zypp/KeyContext.h"
29 ///////////////////////////////////////////////////////////////////
31 { /////////////////////////////////////////////////////////////////
33 DEFINE_PTR_TYPE(KeyRing);
35 /** Callbacks from signature verification workflow.
37 * Per default all methods answer \c false. This may be canged
38 * by calling \ref KeyRing::setDefaultAccept.
40 * KeyRing::setDefaultAccept( KeyRing::ACCEPT_UNSIGNED_FILE | KeyRing::ACCEPT_VERIFICATION_FAILED );
44 struct KeyRingReport : public callback::ReportBase
47 * User reply options for the askUserToTrustKey callback.
49 * \param filedes Name of the file (repo alias) or filename if not available
54 * User has chosen not to trust the key.
58 * This basically means, we knew the key, but it was not trusted. User
59 * has chosen to continue, but not import the key.
61 KEY_TRUST_TEMPORARILY,
64 * This means saving the key in the trusted database so next run it will appear as trusted.
65 * Nothing to do with KEY_TRUST_TEMPORARILY, as you CAN trust a key without importing it,
66 * basically you will be asked every time again.
67 * There are programs who prefer to manage the trust keyring on their own and use trustKey
68 * without importing it into rpm.
74 * Ask user to trust and/or import the key to trusted keyring.
77 virtual KeyTrust askUserToAcceptKey( const PublicKey &key, const KeyContext &keycontext = KeyContext() );
79 virtual bool askUserToAcceptUnsignedFile( const std::string &file, const KeyContext &keycontext = KeyContext() );
82 * we DONT know the key, only its id, but we have never seen it, the difference
83 * with trust key is that if you dont have it, you can't import it later.
84 * The answer means continue yes or no?
87 virtual bool askUserToAcceptUnknownKey( const std::string &file, const std::string &id, const KeyContext &keycontext = KeyContext() );
90 * The file \ref filedesc is signed but the verification failed
92 * \param filedesc Filename or its description.
94 virtual bool askUserToAcceptVerificationFailed( const std::string &file, const PublicKey &key, const KeyContext &keycontext = KeyContext() );
98 struct KeyRingSignals : public callback::ReportBase
100 virtual void trustedKeyAdded( const PublicKey &/*key*/ )
102 virtual void trustedKeyRemoved( const PublicKey &/*key*/ )
106 class KeyRingException : public Exception
109 /** Ctor taking message.
110 * Use \ref ZYPP_THROW to throw exceptions.
113 : Exception( "Bad Key Exception" )
115 /** Ctor taking message.
116 * Use \ref ZYPP_THROW to throw exceptions.
118 KeyRingException( const std::string & msg_r )
122 virtual ~KeyRingException() throw() {};
125 ///////////////////////////////////////////////////////////////////
127 // CLASS NAME : KeyRing
129 /** Gpg key handling.
132 class KeyRing : public base::ReferenceCounted, private base::NonCopyable
134 friend std::ostream & operator<<( std::ostream & str, const KeyRing & obj );
137 /** \name Default answers in verification workflow.
138 * Per default all answers are \c false.
141 /** \ref DefaultAccept flags (\see \ref base::Flags) are used to
142 * define the default callback answers during signature verification.
144 * KeyRing::setDefaultAccept( KeyRing::ACCEPT_UNSIGNED_FILE | ACCEPT_VERIFICATION_FAILED );
146 * \see \ref KeyRingReport.
148 enum DefaultAcceptBits
150 ACCEPT_NOTHING = 0x0000,
151 ACCEPT_UNSIGNED_FILE = 0x0001,
152 ACCEPT_UNKNOWNKEY = 0x0002,
153 TRUST_KEY_TEMPORARILY = 0x0004,
154 TRUST_AND_IMPORT_KEY = 0x0008,
155 ACCEPT_VERIFICATION_FAILED = 0x0010,
157 ZYPP_DECLARE_FLAGS( DefaultAccept, DefaultAcceptBits );
159 /** Get the active accept bits. */
160 static DefaultAccept defaultAccept();
162 /** Set the active accept bits. */
163 static void setDefaultAccept( DefaultAccept value_r );
167 /** Implementation */
172 KeyRing(const Pathname &baseTmpDir);
174 //KeyRing(const Pathname &general_kr, const Pathname &trusted_kr);
177 * imports a key from a file.
178 * throw if key was not imported
180 void importKey( const PublicKey &key, bool trusted = false);
182 void dumpTrustedPublicKey( const std::string &id, std::ostream &stream )
183 { dumpPublicKey(id, true, stream); }
185 void dumpUntrustedPublicKey( const std::string &id, std::ostream &stream )
186 { dumpPublicKey(id, false, stream); }
188 void dumpPublicKey( const std::string &id, bool trusted, std::ostream &stream );
191 * reads the public key id from a signature
193 std::string readSignatureKeyId( const Pathname &signature );
196 * true if the key id is trusted
198 bool isKeyTrusted( const std::string &id);
201 * true if the key id is knows, that means
202 * at least exist on the untrusted keyring
204 bool isKeyKnown( const std::string &id );
207 * removes a key from the keyring.
208 * If trusted is true, Remove it from trusted keyring too.
210 void deleteKey( const std::string &id, bool trusted = false);
213 * Get a list of public keys in the keyring
215 std::list<PublicKey> publicKeys();
218 * Get a list of trusted public keys in the keyring
220 std::list<PublicKey> trustedPublicKeys();
223 * Get a list of public key ids in the keyring
225 std::list<std::string> publicKeyIds();
228 * Get a list of trusted public key ids in the keyring
230 std::list<std::string> trustedPublicKeyIds();
233 * Follows a signature verification interacting with the user.
234 * The bool returned depends on user decision to trust or not.
236 * To propagate user decisions, either connect to the \ref KeyRingReport
237 * or use its static methods to set the desired defaults.
240 * struct KeyRingReportReceive : public callback::ReceiveReport<KeyRingReport>
242 * KeyRingReportReceive() { connect(); }
244 * // Overload the virtual methods to return the appropriate values.
245 * virtual bool askUserToAcceptUnsignedFile( const std::string &file );
250 * \param file Path of the file to be verified
251 * \param filedesc Description of the file (to give the user some context)
252 * \param signature Signature to verify the file against
254 * \see \ref KeyRingReport
256 bool verifyFileSignatureWorkflow(
257 const Pathname &file,
258 const std::string filedesc,
259 const Pathname &signature,
260 const KeyContext &keycontext = KeyContext());
264 * Verifies a file against a signature, with no user interaction
266 * \param file Path of the file to be verified
267 * \param signature Signature to verify the file against
269 bool verifyFileSignature( const Pathname &file, const Pathname &signature);
271 bool verifyFileTrustedSignature( const Pathname &file, const Pathname &signature);
277 /** Pointer to implementation */
278 RWCOW_pointer<Impl> _pimpl;
280 ///////////////////////////////////////////////////////////////////
282 /** \relates KeyRing Stream output */
283 inline std::ostream & operator<<( std::ostream & str, const KeyRing & /*obj*/ )
285 //return str << obj.asString();
289 /** \relates KeyRing::DefaultAccept */
290 ZYPP_DECLARE_OPERATORS_FOR_FLAGS( KeyRing::DefaultAccept );
292 ///////////////////////////////////////////////////////////////////
298 /** Internal connection to rpm database. Not for public use. */
299 struct KeyRingSignals : public ::zypp::KeyRingSignals
304 /////////////////////////////////////////////////////////////////
306 ///////////////////////////////////////////////////////////////////
307 #endif // ZYPP_KEYRING_H