1 /*---------------------------------------------------------------------\
3 | |__ / \ / / . \ . \ |
8 \---------------------------------------------------------------------*/
9 /** \file zypp/KeyRing.h
12 #ifndef ZYPP_KEYRING_H
13 #define ZYPP_KEYRING_H
21 #include "zypp/base/ReferenceCounted.h"
22 #include "zypp/base/Flags.h"
23 #include "zypp/Callback.h"
24 #include "zypp/base/PtrTypes.h"
25 #include "zypp/Locale.h"
26 #include "zypp/PublicKey.h"
28 ///////////////////////////////////////////////////////////////////
30 { /////////////////////////////////////////////////////////////////
32 DEFINE_PTR_TYPE(KeyRing);
34 /** Callbacks from signature verification workflow.
36 * Per default all methods answer \c false.
38 struct KeyRingReport : public callback::ReportBase
41 virtual bool askUserToAcceptUnsignedFile( const std::string &file );
44 * we DONT know the key, only its id, but we have never seen it, the difference
45 * with trust key is that if you dont have it, you can't import it later.
46 * The answer means continue yes or no?
48 virtual bool askUserToAcceptUnknownKey( const std::string &file, const std::string &id );
51 * This basically means, we know the key, but it is not trusted, Continue
52 * yes or no?. Nothing else is performed (import, etc)
54 virtual bool askUserToTrustKey( const PublicKey &key);
59 * This means saving the key in the trusted database so next run it will appear as trusted.
60 * Nothing to do with trustKey, as you CAN trust a key without importing it,
61 * basically you will be asked every time again.
62 * There are programs who prefer to manage the trust keyring on their own and use trustKey
63 * without importing it into rpm.
65 virtual bool askUserToImportKey( const PublicKey &key);
66 virtual bool askUserToAcceptVerificationFailed( const std::string &file, const PublicKey &key );
69 /** \name Query/change the default values.
70 * Per default all methods answer \c false.
73 enum DefaultAcceptBits
75 ACCEPT_NOTHING = 0x0000,
76 ACCEPT_UNSIGNED_FILE = 0x0001,
77 ACCEPT_UNKNOWNKEY = 0x0002,
80 ACCEPT_VERIFICATION_FAILED = 0x0010,
82 ZYPP_DECLARE_FLAGS(DefaultAccept,DefaultAcceptBits);
84 /** Get the active accept bits. */
85 static DefaultAccept defaultAccept();
86 /** Set the active accept bits. */
87 static void setDefaultAccept( DefaultAccept value_r );
90 ZYPP_DECLARE_OPERATORS_FOR_FLAGS(KeyRingReport::DefaultAccept);
92 struct KeyRingSignals : public callback::ReportBase
94 virtual void trustedKeyAdded( const PublicKey &/*key*/ )
96 virtual void trustedKeyRemoved( const PublicKey &/*key*/ )
100 class KeyRingException : public Exception
103 /** Ctor taking message.
104 * Use \ref ZYPP_THROW to throw exceptions.
107 : Exception( "Bad Key Exception" )
109 /** Ctor taking message.
110 * Use \ref ZYPP_THROW to throw exceptions.
112 KeyRingException( const std::string & msg_r )
116 virtual ~KeyRingException() throw() {};
119 ///////////////////////////////////////////////////////////////////
121 // CLASS NAME : KeyRing
123 /** Class that represent a text and multiple translations.
125 class KeyRing : public base::ReferenceCounted, private base::NonCopyable
127 friend std::ostream & operator<<( std::ostream & str, const KeyRing & obj );
130 /** Implementation */
135 KeyRing(const Pathname &baseTmpDir);
137 //KeyRing(const Pathname &general_kr, const Pathname &trusted_kr);
140 * imports a key from a file.
141 * throw if key was not imported
143 void importKey( const PublicKey &key, bool trusted = false);
145 void dumpTrustedPublicKey( const std::string &id, std::ostream &stream )
146 { dumpPublicKey(id, true, stream); }
148 void dumpUntrustedPublicKey( const std::string &id, std::ostream &stream )
149 { dumpPublicKey(id, false, stream); }
151 void dumpPublicKey( const std::string &id, bool trusted, std::ostream &stream );
154 * reads the public key id from a signature
156 std::string readSignatureKeyId( const Pathname &signature );
159 * true if the key id is trusted
161 bool isKeyTrusted( const std::string &id);
164 * true if the key id is knows, that means
165 * at least exist on the untrusted keyring
167 bool isKeyKnown( const std::string &id );
170 * removes a key from the keyring.
171 * If trusted is true, Remove it from trusted keyring too.
173 void deleteKey( const std::string &id, bool trusted = false);
176 * Get a list of public keys in the keyring
178 std::list<PublicKey> publicKeys();
181 * Get a list of trusted public keys in the keyring
183 std::list<PublicKey> trustedPublicKeys();
186 * Get a list of public key ids in the keyring
188 std::list<std::string> publicKeyIds();
191 * Get a list of trusted public key ids in the keyring
193 std::list<std::string> trustedPublicKeyIds();
196 * Follows a signature verification interacting with the user.
197 * The bool returned depends on user decision to trust or not.
199 * To propagate user decisions, either connect to the \ref KeyRingReport
200 * or use its static methods to set the desired defaults.
203 * struct KeyRingReportReceive : public callback::ReceiveReport<KeyRingReport>
205 * KeyRingReportReceive() { connect(); }
207 * // Overload the virtual methods to return the appropriate values.
208 * virtual bool askUserToAcceptUnsignedFile( const std::string &file );
212 * \see \ref KeyRingReport
214 bool verifyFileSignatureWorkflow( const Pathname &file, const std::string filedesc, const Pathname &signature);
215 bool verifyFileSignature( const Pathname &file, const Pathname &signature);
216 bool verifyFileTrustedSignature( const Pathname &file, const Pathname &signature);
222 /** Pointer to implementation */
223 RWCOW_pointer<Impl> _pimpl;
225 ///////////////////////////////////////////////////////////////////
227 /** \relates KeyRing Stream output */
228 inline std::ostream & operator<<( std::ostream & str, const KeyRing & /*obj*/ )
230 //return str << obj.asString();
234 ///////////////////////////////////////////////////////////////////
240 /** Internal connection to rpm database. Not for public use. */
241 struct KeyRingSignals : public ::zypp::KeyRingSignals
246 /////////////////////////////////////////////////////////////////
248 ///////////////////////////////////////////////////////////////////
249 #endif // ZYPP_KEYRING_H