1 /*---------------------------------------------------------------------\
3 | |__ / \ / / . \ . \ |
8 \---------------------------------------------------------------------*/
9 /** \file zypp/KeyRing.h
12 #ifndef ZYPP_KEYRING_H
13 #define ZYPP_KEYRING_H
21 #include "zypp/base/ReferenceCounted.h"
22 #include "zypp/base/Flags.h"
23 #include "zypp/Callback.h"
24 #include "zypp/base/PtrTypes.h"
25 #include "zypp/Locale.h"
26 #include "zypp/PublicKey.h"
27 #include "zypp/KeyContext.h"
29 ///////////////////////////////////////////////////////////////////
31 { /////////////////////////////////////////////////////////////////
33 DEFINE_PTR_TYPE(KeyRing);
35 /** Callbacks from signature verification workflow.
37 * Per default all methods answer \c false. This may be canged
38 * by calling \ref KeyRing::setDefaultAccept.
40 * KeyRing::setDefaultAccept( KeyRing::ACCEPT_UNSIGNED_FILE | KeyRing::ACCEPT_VERIFICATION_FAILED );
44 struct KeyRingReport : public callback::ReportBase
47 * User reply options for the askUserToTrustKey callback.
49 * \param filedes Name of the file (repo alias) or filename if not available
54 * User has chosen not to trust the key.
58 * This basically means, we knew the key, but it was not trusted. User
59 * has chosen to continue, but not import the key.
61 KEY_TRUST_TEMPORARILY,
64 * This means saving the key in the trusted database so next run it will appear as trusted.
65 * Nothing to do with KEY_TRUST_TEMPORARILY, as you CAN trust a key without importing it,
66 * basically you will be asked every time again.
67 * There are programs who prefer to manage the trust keyring on their own and use trustKey
68 * without importing it into rpm.
75 * Ask user to trust and/or import the key to trusted keyring.
78 virtual KeyTrust askUserToAcceptKey( const PublicKey &key, const KeyContext &keycontext = KeyContext() );
80 virtual bool askUserToAcceptUnsignedFile( const std::string &file, const KeyContext &keycontext = KeyContext() );
83 * we DONT know the key, only its id, but we have never seen it, the difference
84 * with trust key is that if you dont have it, you can't import it later.
85 * The answer means continue yes or no?
88 virtual bool askUserToAcceptUnknownKey( const std::string &file, const std::string &id, const KeyContext &keycontext = KeyContext() );
91 * The file \ref filedesc is signed but the verification failed
93 * \param filedesc Filename or its description.
95 virtual bool askUserToAcceptVerificationFailed( const std::string &file, const PublicKey &key, const KeyContext &keycontext = KeyContext() );
99 struct KeyRingSignals : public callback::ReportBase
101 virtual void trustedKeyAdded( const PublicKey &/*key*/ )
103 virtual void trustedKeyRemoved( const PublicKey &/*key*/ )
107 class KeyRingException : public Exception
110 /** Ctor taking message.
111 * Use \ref ZYPP_THROW to throw exceptions.
114 : Exception( "Bad Key Exception" )
116 /** Ctor taking message.
117 * Use \ref ZYPP_THROW to throw exceptions.
119 KeyRingException( const std::string & msg_r )
123 virtual ~KeyRingException() throw() {};
126 ///////////////////////////////////////////////////////////////////
128 // CLASS NAME : KeyRing
130 /** Gpg key handling.
133 class KeyRing : public base::ReferenceCounted, private base::NonCopyable
135 friend std::ostream & operator<<( std::ostream & str, const KeyRing & obj );
138 /** \name Default answers in verification workflow.
139 * Per default all answers are \c false.
142 /** \ref DefaultAccept flags (\see \ref base::Flags) are used to
143 * define the default callback answers during signature verification.
145 * KeyRing::setDefaultAccept( KeyRing::ACCEPT_UNSIGNED_FILE | ACCEPT_VERIFICATION_FAILED );
147 * \see \ref KeyRingReport.
149 enum DefaultAcceptBits
151 ACCEPT_NOTHING = 0x0000,
152 ACCEPT_UNSIGNED_FILE = 0x0001,
153 ACCEPT_UNKNOWNKEY = 0x0002,
154 TRUST_KEY_TEMPORARILY = 0x0004,
155 TRUST_AND_IMPORT_KEY = 0x0008,
156 ACCEPT_VERIFICATION_FAILED = 0x0010,
158 ZYPP_DECLARE_FLAGS( DefaultAccept, DefaultAcceptBits );
160 /** Get the active accept bits. */
161 static DefaultAccept defaultAccept();
163 /** Set the active accept bits. */
164 static void setDefaultAccept( DefaultAccept value_r );
168 /** Implementation */
173 KeyRing(const Pathname &baseTmpDir);
175 //KeyRing(const Pathname &general_kr, const Pathname &trusted_kr);
178 * imports a key from a file.
179 * throw if key was not imported
181 void importKey( const PublicKey &key, bool trusted = false);
183 void dumpTrustedPublicKey( const std::string &id, std::ostream &stream )
184 { dumpPublicKey(id, true, stream); }
186 void dumpUntrustedPublicKey( const std::string &id, std::ostream &stream )
187 { dumpPublicKey(id, false, stream); }
189 void dumpPublicKey( const std::string &id, bool trusted, std::ostream &stream );
192 * reads the public key id from a signature
194 std::string readSignatureKeyId( const Pathname &signature );
197 * true if the key id is trusted
199 bool isKeyTrusted( const std::string &id);
202 * true if the key id is knows, that means
203 * at least exist on the untrusted keyring
205 bool isKeyKnown( const std::string &id );
208 * removes a key from the keyring.
209 * If trusted is true, Remove it from trusted keyring too.
211 void deleteKey( const std::string &id, bool trusted = false);
214 * Get a list of public keys in the keyring
216 std::list<PublicKey> publicKeys();
219 * Get a list of trusted public keys in the keyring
221 std::list<PublicKey> trustedPublicKeys();
224 * Get a list of public key ids in the keyring
226 std::list<std::string> publicKeyIds();
229 * Get a list of trusted public key ids in the keyring
231 std::list<std::string> trustedPublicKeyIds();
234 * Follows a signature verification interacting with the user.
235 * The bool returned depends on user decision to trust or not.
237 * To propagate user decisions, either connect to the \ref KeyRingReport
238 * or use its static methods to set the desired defaults.
241 * struct KeyRingReportReceive : public callback::ReceiveReport<KeyRingReport>
243 * KeyRingReportReceive() { connect(); }
245 * // Overload the virtual methods to return the appropriate values.
246 * virtual bool askUserToAcceptUnsignedFile( const std::string &file );
251 * \param file Path of the file to be verified
252 * \param filedesc Description of the file (to give the user some context)
253 * \param signature Signature to verify the file against
255 * \see \ref KeyRingReport
257 bool verifyFileSignatureWorkflow(
258 const Pathname &file,
259 const std::string filedesc,
260 const Pathname &signature,
261 const KeyContext &keycontext = KeyContext());
265 * Verifies a file against a signature, with no user interaction
267 * \param file Path of the file to be verified
268 * \param signature Signature to verify the file against
270 bool verifyFileSignature( const Pathname &file, const Pathname &signature);
272 bool verifyFileTrustedSignature( const Pathname &file, const Pathname &signature);
278 /** Pointer to implementation */
279 RWCOW_pointer<Impl> _pimpl;
281 ///////////////////////////////////////////////////////////////////
283 /** \relates KeyRing Stream output */
284 inline std::ostream & operator<<( std::ostream & str, const KeyRing & /*obj*/ )
286 //return str << obj.asString();
290 /** \relates KeyRing::DefaultAccept */
291 ZYPP_DECLARE_OPERATORS_FOR_FLAGS( KeyRing::DefaultAccept );
293 ///////////////////////////////////////////////////////////////////
299 /** Internal connection to rpm database. Not for public use. */
300 struct KeyRingSignals : public ::zypp::KeyRingSignals
305 /////////////////////////////////////////////////////////////////
307 ///////////////////////////////////////////////////////////////////
308 #endif // ZYPP_KEYRING_H