From 380ab187ddeffe5820728a4d391d32a8aefe4235 Mon Sep 17 00:00:00 2001 From: Duncan Mac-Vicar P Date: Thu, 30 Mar 2006 14:23:05 +0000 Subject: [PATCH] implement signature file to id, keyexists, and others --- zypp/KeyRing.cc | 104 +++++++++++++++++++++++++++++++++++++++++++------------- zypp/KeyRing.h | 23 ++++++++++--- 2 files changed, 100 insertions(+), 27 deletions(-) diff --git a/zypp/KeyRing.cc b/zypp/KeyRing.cc index c08bd6d..7cab28b 100644 --- a/zypp/KeyRing.cc +++ b/zypp/KeyRing.cc @@ -66,9 +66,14 @@ namespace zypp void importKey( const Pathname &keyfile, bool trusted = false); PublicKey readPublicKey( const Pathname &keyfile ); + std::string readSignatureKeyId( const Pathname &keyfile ); + void deleteKey( const std::string &id, bool trusted ); std::list trustedPublicKeys(); std::list publicKeys(); + + bool verifyFileSignatureWorkflow( const Pathname &file, const Pathname &signature); + bool verifyFileSignature( const Pathname &file, const Pathname &signature); bool verifyFileTrustedSignature( const Pathname &file, const Pathname &signature); private: @@ -78,6 +83,8 @@ namespace zypp void deleteKey( const std::string &id, const Pathname &keyring ); std::list publicKeys(const Pathname &keyring); + bool publicKeyExists( std::string id, const Pathname &keyring); + Pathname _general_kr; Pathname _trusted_kr; public: @@ -125,6 +132,24 @@ namespace zypp return verifyFile( file, signature, _general_kr ); } + bool KeyRing::Impl::publicKeyExists( std::string id, const Pathname &keyring) + { + std::list keys = publicKeys(keyring); + for (std::list::const_iterator it = keys.begin(); it != keys.end(); it++) + { + if ( id == (*it).id ) + return true; + } + return false; + } + + bool KeyRing::Impl::verifyFileSignatureWorkflow( const Pathname &file, const Pathname &signature) + { + + return true; + } + + PublicKey KeyRing::Impl::readPublicKey( const Pathname &keyfile ) { const char* argv[] = @@ -177,7 +202,7 @@ namespace zypp { "gpg", "--quiet", - "--list-keys", + "--list-public-keys", "--with-colons", "--with-fingerprint", "--homedir", @@ -190,8 +215,7 @@ namespace zypp std::string line; int count = 0; - boost::regex rxColons("^([^:]*):([^:]*):([^:]*):([^:]*):([^:]*):([^:]*):([^:]*):([^:]*):([^:]*):([^:]*):\n$"); - + boost::regex rxColons("^([^:]*):([^:]*):([^:]*):([^:]*):([^:]*):([^:]*):([^:]*):([^:]*):([^:]*):([^:]*):([^:]*):([^:]*):\n$"); for(line = prog.receiveLine(), count=0; !line.empty(); line = prog.receiveLine(), count++ ) { //MIL << line << std::endl; @@ -236,26 +260,6 @@ namespace zypp if ( code != 0 ) ZYPP_THROW(Exception("failed to import key")); - -// boost::regex rxImported("^\\[GNUPG:\\] IMPORTED ([^[:space:]]+) (.+)\n$"); -// std::string line; -// int count = 0; -// for(line = prog.receiveLine(), count=0; !line.empty(); line = prog.receiveLine(), count++ ) -// { -// MIL << line << std::endl; -// boost::smatch what; -// if(boost::regex_match(line, what, rxImported, boost::match_extra)) -// { -// MIL << std::endl; -// PublicKey key; -// key.id = what[1]; -// key.name = what[2]; -// return key; -// } -// } -// prog.close(); -// throw Exception("failed to import key"); -// return PublicKey(); } void KeyRing::Impl::deleteKey( const std::string &id, const Pathname &keyring ) @@ -285,6 +289,49 @@ namespace zypp MIL << "Deleted key " << id << " from keyring " << keyring << std::endl; } + + std::string KeyRing::Impl::readSignatureKeyId( const Pathname &keyfile ) + { + // HACK create a tmp keyring with no keys + TmpDir dir; + + const char* argv[] = + { + "gpg", + "--quiet", + "--no-tty", + "--no-greeting", + "--batch", + "--status-fd", + "1", + "--homedir", + dir.path().asString().c_str(), + keyfile.asString().c_str(), + NULL + }; + + ExternalProgram prog(argv,ExternalProgram::Discard_Stderr, false, -1, true); + + std::string line; + int count = 0; + + boost::regex rxNoKey("^\\[GNUPG:\\] NO_PUBKEY (.+)\n$"); + std::string id; + for(line = prog.receiveLine(), count=0; !line.empty(); line = prog.receiveLine(), count++ ) + { + //MIL << "[" << line << "]" << std::endl; + boost::smatch what; + if(boost::regex_match(line, what, rxNoKey, boost::match_extra)) + { + if ( what.size() > 1 ) + id = what[1]; + //dumpRegexpResults(what); + } + } + prog.close(); + return id; + } + bool KeyRing::Impl::verifyFile( const Pathname &file, const Pathname &signature, const Pathname &keyring) { const char* argv[] = @@ -315,6 +362,7 @@ namespace zypp // [GNUPG:] NO_PUBKEY A84EDAE89C800ACA ExternalProgram prog(argv,ExternalProgram::Discard_Stderr, false, -1, true); + return (prog.close() == 0) ? true : false; } @@ -368,6 +416,11 @@ namespace zypp return _pimpl->readPublicKey(keyfile); } + std::string KeyRing::readSignatureKeyId( const Pathname &keyfile ) + { + return _pimpl->readSignatureKeyId(keyfile); + } + void KeyRing::deleteKey( const std::string &id, bool trusted ) { _pimpl->deleteKey(id, trusted); @@ -383,6 +436,11 @@ namespace zypp return _pimpl->trustedPublicKeys(); } + bool KeyRing::verifyFileSignatureWorkflow( const Pathname &file, const Pathname &signature) + { + return _pimpl->verifyFileSignatureWorkflow(file, signature); + } + bool KeyRing::verifyFileSignature( const Pathname &file, const Pathname &signature) { return _pimpl->verifyFileSignature(file, signature); diff --git a/zypp/KeyRing.h b/zypp/KeyRing.h index 3be9d1f..6b838a1 100644 --- a/zypp/KeyRing.h +++ b/zypp/KeyRing.h @@ -32,10 +32,18 @@ namespace zypp struct KeyRingReport : public callback::ReportBase { virtual bool askUserToTrustKey( const std::string keyid, const std::string keyname ) - { return false; } + { return true; } + }; - - + + struct KeyRingSignals : public callback::ReportBase + { + virtual void trustedKeyAdded( const KeyRing &keyring, const std::string keyid, const std::string keyname ) + {} + virtual void trustedKeyRemoved( const KeyRing &keyring, const std::string keyid, const std::string keyname ) + {} + }; + struct PublicKey { std::string id; @@ -70,7 +78,8 @@ namespace zypp */ void importKey( const Pathname &keyfile, bool trusted = false); PublicKey readPublicKey( const Pathname &keyfile ); - + std::string readSignatureKeyId( const Pathname &keyfile ); + /** * removes a key from the keyring. * If trusted is true, Remove it from trusted keyring too. @@ -80,6 +89,12 @@ namespace zypp std::list publicKeys(); std::list trustedPublicKeys(); + /** + * Follows a signature verification interacting with the user. + * The boolr eturned depends on user desicion to trust or not. + */ + bool verifyFileSignatureWorkflow( const Pathname &file, const Pathname &signature); + bool verifyFileSignature( const Pathname &file, const Pathname &signature); bool verifyFileTrustedSignature( const Pathname &file, const Pathname &signature); -- 2.7.4