libzypp  17.38.7
KeyRing.h
Go to the documentation of this file.
1 /*---------------------------------------------------------------------\
2 | ____ _ __ __ ___ |
3 | |__ / \ / / . \ . \ |
4 | / / \ V /| _/ _/ |
5 | / /__ | | | | | | |
6 | /_____||_| |_| |_| |
7 | |
8 \---------------------------------------------------------------------*/
12 #ifndef ZYPP_KEYRING_H
13 #define ZYPP_KEYRING_H
14 
15 #include <iosfwd>
16 #include <map>
17 #include <list>
18 #include <set>
19 #include <string>
20 
21 #include <zypp/base/ReferenceCounted.h>
22 #include <zypp-core/base/Flags.h>
23 #include <zypp/Callback.h>
24 #include <zypp-core/base/PtrTypes.h>
25 #include <zypp/Locale.h>
26 #include <zypp/KeyRingContexts.h>
27 
28 #include <zypp-common/PublicKey.h>
29 #include <zypp-common/KeyRingException.h>
30 
32 namespace zypp
33 {
34 
35  DEFINE_PTR_TYPE(KeyRing);
36 
46  struct ZYPP_API KeyRingReport : public callback::ReportBase
47  {
53  enum KeyTrust
54  {
58  KEY_DONT_TRUST = 0,
63  KEY_TRUST_TEMPORARILY,
72  KEY_TRUST_AND_IMPORT
73  };
74 
79  virtual KeyTrust askUserToAcceptKey( const PublicKey &key, const KeyContext &keycontext = KeyContext() );
80 
82  virtual void infoVerify( const std::string & file_r, const PublicKeyData & keyData_r, const KeyContext &keycontext = KeyContext() );
83 
84  virtual bool askUserToAcceptUnsignedFile( const std::string &file, const KeyContext &keycontext = KeyContext() );
85 
92  virtual bool askUserToAcceptUnknownKey( const std::string &file, const std::string &id, const KeyContext &keycontext = KeyContext() );
93 
99  virtual bool askUserToAcceptVerificationFailed( const std::string &file, const PublicKey &key, const KeyContext &keycontext = KeyContext() );
100 
117  bool askUserToAcceptPackageKey( const PublicKey &key_r, const KeyContext &keycontext_r = KeyContext() );
119  constexpr static const char * ACCEPT_PACKAGE_KEY_REQUEST = "KeyRingReport/AcceptPackageKey";
120 
130  void reportNonImportedKeys( const std::set<Edition> &keys_r );
132  constexpr static const char *KEYS_NOT_IMPORTED_REPORT = "KeyRingReport/KeysNotImported";
133 
134 
147  void reportAutoImportKey( const std::list<PublicKeyData> & keyDataList_r,
148  const PublicKeyData & keySigning_r,
149  const KeyContext &keyContext_r );
151  constexpr static const char *REPORT_AUTO_IMPORT_KEY = "KeyRingReport/reportAutoImportKey";
152  };
153 
154  struct ZYPP_API KeyRingSignals : public callback::ReportBase
155  {
156  virtual void trustedKeyAdded( const PublicKey &/*key*/ )
157  {}
158  virtual void trustedKeyRemoved( const PublicKey &/*key*/ )
159  {}
160  };
161 
163  //
164  // CLASS NAME : KeyRing
165  //
169  class ZYPP_API KeyRing : public base::ReferenceCounted, private base::NonCopyable
170  {
171  friend std::ostream & operator<<( std::ostream & str, const KeyRing & obj );
172 
173  public:
185  enum DefaultAcceptBits
186  {
187  ACCEPT_NOTHING = 0x0000,
188  ACCEPT_UNSIGNED_FILE = 0x0001,
189  ACCEPT_UNKNOWNKEY = 0x0002,
190  TRUST_KEY_TEMPORARILY = 0x0004,
191  TRUST_AND_IMPORT_KEY = 0x0008,
192  ACCEPT_VERIFICATION_FAILED = 0x0010,
193  };
194  ZYPP_DECLARE_FLAGS( DefaultAccept, DefaultAcceptBits );
195 
197  static DefaultAccept defaultAccept();
198 
200  static void setDefaultAccept( DefaultAccept value_r );
202 
203  public:
205  struct Impl;
206 
207  public:
209  KeyRing(const Pathname &baseTmpDir);
210 
215  void importKey( const PublicKey &key, bool trusted = false);
216 
218  void multiKeyImport( const Pathname & keyfile_r, bool trusted_r = false );
219 
220  void dumpTrustedPublicKey( const std::string &id, std::ostream &stream )
221  { dumpPublicKey(id, true, stream); }
222 
223  void dumpUntrustedPublicKey( const std::string &id, std::ostream &stream )
224  { dumpPublicKey(id, false, stream); }
225 
226  void dumpPublicKey( const std::string &id, bool trusted, std::ostream &stream );
227 
229  PublicKey exportPublicKey( const PublicKeyData & keyData );
230 
232  PublicKey exportTrustedPublicKey( const PublicKeyData & keyData );
233 
237  std::string readSignatureKeyId( const Pathname &signature );
238 
242  bool isKeyTrusted( const std::string &id );
243 
248  bool isKeyKnown( const std::string &id );
249 
254  void deleteKey( const std::string &id, bool trusted = false );
255 
259  std::list<PublicKey> publicKeys();
260 
264  std::list<PublicKey> trustedPublicKeys();
265 
269  std::list<PublicKeyData> publicKeyData();
270 
274  std::list<PublicKeyData> trustedPublicKeyData();
275 
279  PublicKeyData publicKeyData( const std::string &id );
280 
284  PublicKeyData trustedPublicKeyData( const std::string &id );
285 
292  bool verifyFileSignature( const Pathname &file, const Pathname &signature ) ZYPP_API;
293 
294  bool verifyFileTrustedSignature( const Pathname &file, const Pathname &signature ) ZYPP_API;
295 
297  ~KeyRing() override;
298 
300  KeyRing::Impl &pimpl();
301 
302  public:
304  void allowPreload( bool yesno_r );
305 
306  private:
308  RW_pointer<Impl> _pimpl;
309  };
311 
313  inline std::ostream & operator<<( std::ostream & str, const KeyRing & /*obj*/ )
314  {
315  //return str << obj.asString();
316  return str;
317  }
318 
320  ZYPP_DECLARE_OPERATORS_FOR_FLAGS( KeyRing::DefaultAccept );
321 
323 
324  namespace target
325  {
326  namespace rpm
327  {
329  struct KeyRingSignals : public ::zypp::KeyRingSignals
330  {};
331  }
332  }
333 
335 } // namespace zypp
337 #endif // ZYPP_KEYRING_H
zypp::ZYPP_DECLARE_FLAGS
ZYPP_DECLARE_FLAGS(VendorSupportOptions, VendorSupportOption)
zyppng::KeyRing
zypp::KeyRing KeyRing
Definition: context.h:24
zypp::KeyRing::dumpTrustedPublicKey
void dumpTrustedPublicKey(const std::string &id, std::ostream &stream)
Definition: KeyRing.h:220
zypp::KeyRing
Gpg key handling.
Definition: KeyRing.h:169
zypp::KeyRingReport::KEY_TRUST_TEMPORARILY
This basically means, we knew the key, but it was not trusted.
Definition: KeyRing.h:63
zypp::PublicKeyData
Class representing one GPG Public Keys data.
Definition: PublicKey.h:200
zypp::ZYPP_DECLARE_OPERATORS_FOR_FLAGS
ZYPP_DECLARE_OPERATORS_FOR_FLAGS(DiskUsageCounter::MountPoint::HintFlags)
str
String related utilities and Regular expression matching.
zypp::target::rpm::KeyRingSignals
Internal connection to rpm database.
Definition: KeyRing.h:329
zypp::KeyRingReport::KeyTrust
KeyTrust
User reply options for the askUserToTrustKey callback.
Definition: KeyRing.h:53
trusted
bool trusted
Whether the key may validate data. Keys in Ring::General may if the user temp. trusted.
Definition: keyringwf.cc:143
zypp::KeyRing::dumpUntrustedPublicKey
void dumpUntrustedPublicKey(const std::string &id, std::ostream &stream)
Definition: KeyRing.h:223
zypp::ZYPP_API
const Arch Arch_empty ZYPP_API
relates: Arch This is an empty Arch represented by an empty string.
Definition: Arch.h:173
zypp::DEFINE_PTR_TYPE
DEFINE_PTR_TYPE(Application)
zypp::KeyRingSignals::trustedKeyAdded
virtual void trustedKeyAdded(const PublicKey &)
Definition: KeyRing.h:156
zypp::base::ReferenceCounted
Base class for reference counted objects.
Definition: ReferenceCounted.h:34
zypp::KeyRing::DefaultAcceptBits
DefaultAcceptBits
DefaultAccept flags (
Definition: KeyRing.h:185
zypp::KeyRing::_pimpl
RW_pointer< Impl > _pimpl
Pointer to implementation.
Definition: KeyRing.h:308
zypp::PublicKey
Class representing one GPG Public Key (PublicKeyData + ASCII armored in a tempfile).
Definition: PublicKey.h:374
zypp::KeyRingReport
Callbacks from signature verification workflow.
Definition: KeyRing.h:46
zypp::RW_pointer< Impl >
zyppng::KeyRingWorkflow::verifyFileSignature
MaybeAwaitable< std::pair< bool, zypp::keyring::VerifyFileContext > > verifyFileSignature(ContextRef zyppContext, zypp::keyring::VerifyFileContext &&context_r)
Follows a signature verification interacting with the user.
Definition: keyringwf.cc:324
zypp::operator<<
std::ostream & operator<<(std::ostream &str, const Capabilities &obj)
relates: Capabilities Stream output
Definition: Capabilities.cc:65
zypp
Easy-to use interface to the ZYPP dependency resolver.
Definition: CodePitfalls.doc:1
zypp::KeyRingSignals::trustedKeyRemoved
virtual void trustedKeyRemoved(const PublicKey &)
Definition: KeyRing.h:158
zypp::base::NonCopyable
boost::noncopyable NonCopyable
Ensure derived classes cannot be copied.
Definition: NonCopyable.h:26