libzypp 17.38.3
KeyManager.cc
Go to the documentation of this file.
1/*---------------------------------------------------------------------\
2| ____ _ __ __ ___ |
3| |__ / \ / / . \ . \ |
4| / / \ V /| _/ _/ |
5| / /__ | | | | | | |
6| /_____||_| |_| |_| |
7| |
8\---------------------------------------------------------------------*/
9#include <iostream>
10#include "KeyManager.h"
11#include "KeyRingException.h"
12
13#include <zypp-core/fs/PathInfo.h>
14#include <zypp-core/base/Logger.h>
15#include <zypp-core/fs/TmpPath.h>
16#include <zypp-core/base/String.h>
17#include <zypp-core/AutoDispose.h>
18
19#include <boost/thread/once.hpp>
20#include <boost/interprocess/smart_ptr/scoped_ptr.hpp>
21#include <gpgme.h>
22
23#include <stdio.h>
24using std::endl;
25
26#undef ZYPP_BASE_LOGGER_LOGGROUP
27#define ZYPP_BASE_LOGGER_LOGGROUP "zypp::gpg"
28
30namespace zypp
31{
33 namespace
34 {
35 // @TODO [threading]
36 // make sure to call the init code of gpgme only once
37 // this might need to be moved to a different location when
38 // threads are introduced into libzypp
39 boost::once_flag gpgme_init_once = BOOST_ONCE_INIT;
40
41 void initGpgme ()
42 {
43 const char *version = gpgme_check_version(NULL);
44 if ( version )
45 {
46 MIL << "Initialized libgpgme version: " << version << endl;
47 }
48 else
49 {
50 MIL << "Initialized libgpgme with unknown version" << endl;
51 }
52 }
53
54 //using boost::interprocess pointer because it allows a custom deleter
55 using GpgmeDataPtr = boost::interprocess::scoped_ptr<gpgme_data, boost::function<void (gpgme_data_t)>>;
56 using GpgmeKeyPtr = boost::interprocess::scoped_ptr<_gpgme_key, boost::function<void (gpgme_key_t)>>;
57 using FILEPtr = boost::interprocess::scoped_ptr<FILE, boost::function<int (FILE *)>>;
58
59 struct GpgmeErr
60 {
61 GpgmeErr( gpgme_error_t err_r = GPG_ERR_NO_ERROR )
62 : _err( err_r )
63 {}
64 operator gpgme_error_t() const { return _err; }
65 private:
66 gpgme_error_t _err;
67 };
68
69 std::ostream & operator<<( std::ostream & str, const GpgmeErr & obj )
70 { return str << "<" << gpgme_strsource(obj) << "> " << gpgme_strerror(obj); }
71
73 [[maybe_unused]] std::ostream & operator<<( std::ostream & str, const _gpgme_op_import_result & obj )
74 {
75 str << "gpgme_op_import_result {" << endl;
76 str << " " << obj.considered << " The total number of considered keys." << endl;
77 str << " " << obj.no_user_id << " The number of keys without user ID." << endl;
78 str << " " << obj.imported << " The total number of imported keys." << endl;
79 str << " " << obj.imported_rsa << " imported RSA keys." << endl;
80 str << " " << obj.unchanged << " unchanged keys." << endl;
81 str << " " << obj.new_user_ids << " new user IDs." << endl;
82 str << " " << obj.new_sub_keys << " new sub keys." << endl;
83 str << " " << obj.new_signatures << " new signatures." << endl;
84 str << " " << obj.new_revocations << " new revocations." << endl;
85 str << " " << obj.secret_read << " secret keys read." << endl;
86 str << " " << obj.secret_imported << " imported secret keys." << endl;
87 str << " " << obj.secret_unchanged << " unchanged secret keys." << endl;
88 str << " " << obj.not_imported << " keys not imported." << endl;
89 for ( gpgme_import_status_t p = obj.imports; p; p = p->next )
90 {
91 str << " - " << p->fpr << ": " << p->result << endl;
92 }
93 // In V.1.11: str << " " << obj.skipped_v3_keys << " skipped v3 keys." << endl;
94 return str << "}";
95 }
96
97 [[maybe_unused]] std::ostream & operator<<( std::ostream & str, const gpgme_sigsum_t & obj )
98 {
99 str << ((int)obj&(int)0xffff) << ":";
100#define OSC(V) if ( V & (unsigned)obj ) str << " " << #V;
101 OSC(GPGME_SIGSUM_VALID );
102 OSC(GPGME_SIGSUM_GREEN );
103 OSC(GPGME_SIGSUM_RED );
104 OSC(GPGME_SIGSUM_KEY_REVOKED );
105 OSC(GPGME_SIGSUM_KEY_EXPIRED );
106 OSC(GPGME_SIGSUM_SIG_EXPIRED );
107 OSC(GPGME_SIGSUM_KEY_MISSING );
108 OSC(GPGME_SIGSUM_CRL_MISSING );
109 OSC(GPGME_SIGSUM_CRL_TOO_OLD );
110 OSC(GPGME_SIGSUM_BAD_POLICY );
111 OSC(GPGME_SIGSUM_SYS_ERROR );
112 OSC(GPGME_SIGSUM_TOFU_CONFLICT);
113#undef OSC
114 return str;
115 }
116
117 [[maybe_unused]] std::ostream & operator<<( std::ostream & str, const gpgme_signature_t & obj )
118 {
119 str << "gpgme_signature_t " << (void *)obj << " {" << endl;
120 str << " next: " << (void *)obj->next << endl;
121 str << " summary: " << obj->summary << endl;
122 str << " fpr: " << obj->fpr << endl;
123 str << " status: " << obj->status << " " << GpgmeErr(obj->status) << endl;
124 str << " timestamp: " << obj->timestamp << endl;
125 str << " exp_timestamp: " << obj->exp_timestamp << endl;
126 str << " wrong_key_usage: " << obj->wrong_key_usage << endl;
127 str << " pka_trust: " << obj->pka_trust << endl;
128 str << " chain_model: " << obj->chain_model << endl;
129 str << " is_de_vs: " << obj->is_de_vs << endl;
130 str << " validity: " << obj->validity << endl;
131 str << " validity_reason: " << obj->validity_reason << " " << GpgmeErr(obj->validity_reason) << endl;
132 str << " pubkey_algo: " << obj->pubkey_algo << endl;
133 str << " hash_algo: " << obj->hash_algo << endl;
134 str << " pka_address: " << (obj->pka_address ? obj->pka_address : "") << endl;
135 return str;
136 }
137
138 } // namespace
140
141 struct GpgmeException : public KeyRingException
142 {
143 GpgmeException( const std::string & in_r, const GpgmeErr & err_r )
144 : KeyRingException( str::Format( "libgpgme error in '%1%': %2%" ) % in_r % err_r )
145 {}
146 };
147
148 class KeyManagerCtx::Impl
149 {
150 public:
151 Impl()
152 { boost::call_once( gpgme_init_once, initGpgme ); }
153
154 Impl(const Impl &) = delete;
155 Impl(Impl &&) = delete;
156 Impl &operator=(const Impl &) = delete;
157 Impl &operator=(Impl &&) = delete;
158
159 ~Impl() {
160 if (_ctx)
161 gpgme_release(_ctx);
162 }
163
165 std::list<std::string> readSignaturesFprs( const Pathname & signature_r )
166 { return readSignaturesFprsOptVerify( signature_r ); }
167
169 std::list<std::string> readSignaturesFprs( const ByteArray & signature_r )
170 { return readSignaturesFprsOptVerify( signature_r ); }
171
173 bool verifySignaturesFprs( const Pathname & file_r, const Pathname & signature_r )
174 {
175 bool verify = false;
176 readSignaturesFprsOptVerify( signature_r, file_r, &verify );
177 return verify;
178 }
179
180 template< typename Callback >
181 bool importKey(GpgmeDataPtr &data, Callback &&calcDataSize );
182
183 gpgme_ctx_t _ctx { nullptr };
184 bool _volatile { false };
185
186 private:
192 std::list<std::string> readSignaturesFprsOptVerify( const Pathname & signature_r, const Pathname & file_r = "/dev/null", bool * verify_r = nullptr );
193 std::list<std::string> readSignaturesFprsOptVerify( const ByteArray& keyData_r, const Pathname & file_r = "/dev/null", bool * verify_r = nullptr );
194 std::list<std::string> readSignaturesFprsOptVerify( GpgmeDataPtr &sigData, const Pathname & file_r = "/dev/null", bool * verify_r = nullptr );
195 };
196
197std::list<std::string> KeyManagerCtx::Impl::readSignaturesFprsOptVerify( const Pathname & signature_r, const Pathname & file_r, bool * verify_r )
198{
199 //lets be pessimistic
200 if ( verify_r )
201 *verify_r = false;
202
203 if (!PathInfo( signature_r ).isExist())
204 return std::list<std::string>();
205
206 FILEPtr sigFile(fopen(signature_r.c_str(), "rb"), fclose);
207 if (!sigFile) {
208 ERR << "Unable to open signature file '" << signature_r << "'" <<endl;
209 return std::list<std::string>();
210 }
211
212 GpgmeDataPtr sigData(nullptr, gpgme_data_release);
213 GpgmeErr err = gpgme_data_new_from_stream (&sigData.get(), sigFile.get());
214 if (err) {
215 ERR << err << endl;
216 return std::list<std::string>();
217 }
218
219 return readSignaturesFprsOptVerify( sigData, file_r, verify_r );
220}
221
222std::list<std::string> KeyManagerCtx::Impl::readSignaturesFprsOptVerify( const ByteArray &keyData_r, const filesystem::Pathname &file_r, bool *verify_r )
223{
224 //lets be pessimistic
225 if ( verify_r )
226 *verify_r = false;
227
228 GpgmeDataPtr sigData(nullptr, gpgme_data_release);
229 GpgmeErr err = gpgme_data_new_from_mem(&sigData.get(), keyData_r.data(), keyData_r.size(), 1 );
230 if (err) {
231 ERR << err << endl;
232 return std::list<std::string>();
233 }
234
235 return readSignaturesFprsOptVerify( sigData, file_r, verify_r );
236}
237
238std::list<std::string> KeyManagerCtx::Impl::readSignaturesFprsOptVerify(GpgmeDataPtr &sigData, const filesystem::Pathname &file_r, bool *verify_r)
239{
240 //lets be pessimistic
241 if ( verify_r )
242 *verify_r = false;
243
244 FILEPtr dataFile(fopen(file_r.c_str(), "rb"), fclose);
245 if (!dataFile)
246 return std::list<std::string>();
247
248 GpgmeDataPtr fileData(nullptr, gpgme_data_release);
249 GpgmeErr err = gpgme_data_new_from_stream (&fileData.get(), dataFile.get());
250 if (err) {
251 ERR << err << endl;
252 return std::list<std::string>();
253 }
254
255 err = gpgme_op_verify(_ctx, sigData.get(), fileData.get(), NULL);
256 if (err != GPG_ERR_NO_ERROR) {
257 ERR << err << endl;
258 return std::list<std::string>();
259 }
260
261 gpgme_verify_result_t res = gpgme_op_verify_result(_ctx);
262 if (!res || !res->signatures) {
263 ERR << "Unable to read signature fingerprints" <<endl;
264 return std::list<std::string>();
265 }
266
267 bool foundBadSignature = false;
268 bool foundGoodSignature = false;
269 std::list<std::string> signatures;
270 for ( gpgme_signature_t sig = res->signatures; sig; sig = sig->next ) {
271 //DBG << "- " << sig << std::endl;
272 if ( sig->fpr )
273 {
274 // bsc#1100427: With libgpgme11-1.11.0 and if a recent gpg version was used
275 // to create the signature, the field may contain the full fingerprint, but
276 // we're expected to return the ID.
277 // [https://github.com/gpg/gpgme/commit/478d1650bbef84958ccce439fac982ef57b16cd0]
278 std::string id( sig->fpr );
279 if ( id.size() > 16 )
280 id = id.substr( id.size()-16 );
281
282 DBG << "Found signature with ID: " << id << " in " << file_r << std::endl;
283 signatures.push_back( std::move(id) );
284 }
285
286 if ( verify_r && sig->status != GPG_ERR_NO_ERROR ) {
287 const auto status = gpgme_err_code(sig->status);
288
289 // bsc#1180721: libgpgme started to return signatures of unknown keys, which breaks
290 // our workflow when verifying files that have multiple signatures, including some that are
291 // not in the trusted keyring. We should not fail if we have unknown or expired keys and at least a good one.
292 // We will however keep the behaviour of failing if we find a bad signatures even if others are good.
293 if ( status != GPG_ERR_KEY_EXPIRED && status != GPG_ERR_NO_PUBKEY )
294 {
295 WAR << "Failed signature check: " << file_r << " " << GpgmeErr(sig->status) << endl;
296 if ( !foundBadSignature )
297 foundBadSignature = true;
298 }
299 else
300 {
301 WAR << "Legacy: Ignore expired or unknown key: " << file_r << " " << GpgmeErr(sig->status) << endl;
302 // for now treat expired keys as good signature
303 if ( status == GPG_ERR_KEY_EXPIRED )
304 foundGoodSignature = true;
305 }
306 } else {
307 foundGoodSignature = true;
308 }
309 }
310
311 if ( verify_r )
312 *verify_r = (!foundBadSignature) && foundGoodSignature;
313 return signatures;
314}
315
319
320KeyManagerCtx KeyManagerCtx::createForOpenPGP()
321{
322 static Pathname tmppath( zypp::myTmpDir() / "PublicKey" );
323 filesystem::assert_dir( tmppath );
324
325 KeyManagerCtx ret { createForOpenPGP( tmppath ) };
326 ret._pimpl->_volatile = true; // readKeyFromFile workaround bsc#1140670
327 return ret;
328}
329
330KeyManagerCtx KeyManagerCtx::createForOpenPGP( const Pathname & keyring_r )
331{
332 DBG << "createForOpenPGP(" << keyring_r << ")" << endl;
333
334 KeyManagerCtx ret;
335 gpgme_ctx_t & ctx { ret._pimpl->_ctx };
336
337 // create the context
338 GpgmeErr err = gpgme_new( &ctx );
339 if ( err != GPG_ERR_NO_ERROR )
340 ZYPP_THROW( GpgmeException( "gpgme_new", err ) );
341
342 // use OpenPGP
343 err = gpgme_set_protocol( ctx, GPGME_PROTOCOL_OpenPGP );
344 if ( err != GPG_ERR_NO_ERROR )
345 ZYPP_THROW( GpgmeException( "gpgme_set_protocol", err ) );
346
347 if ( !keyring_r.empty() ) {
348 // get engine information to read current state
349 gpgme_engine_info_t enginfo = gpgme_ctx_get_engine_info( ctx );
350 if ( !enginfo )
351 ZYPP_THROW( GpgmeException( "gpgme_ctx_get_engine_info", err ) );
352
353 err = gpgme_ctx_set_engine_info( ctx, GPGME_PROTOCOL_OpenPGP, enginfo->file_name, keyring_r.c_str() );
354 if ( err != GPG_ERR_NO_ERROR )
355 ZYPP_THROW( GpgmeException( "gpgme_ctx_set_engine_info", err ) );
356 }
357#if 0
358 DBG << "createForOpenPGP {" << endl;
359 for ( const auto & key : ret.listKeys() ) {
360 DBG << " " << key << endl;
361 }
362 DBG << "}" << endl;
363#endif
364 return ret;
365}
366
367Pathname KeyManagerCtx::homedir() const
368{
369 Pathname ret;
370 if ( gpgme_engine_info_t enginfo = gpgme_ctx_get_engine_info( _pimpl->_ctx ) )
371 ret = enginfo->home_dir;
372 return ret;
373}
374
375std::list<PublicKeyData> KeyManagerCtx::listKeys()
376{
377 std::list<PublicKeyData> ret;
378 GpgmeErr err = GPG_ERR_NO_ERROR;
379
380 // Reset gpgme_keylist_mode on return!
381 AutoDispose<gpgme_keylist_mode_t> guard { gpgme_get_keylist_mode( _pimpl->_ctx ), bind( &gpgme_set_keylist_mode, _pimpl->_ctx, _1 ) };
382 // Let listed keys include signatures (required if PublicKeyData are created from the key)
383 if ( (err = gpgme_set_keylist_mode( _pimpl->_ctx, GPGME_KEYLIST_MODE_LOCAL | GPGME_KEYLIST_MODE_SIGS )) != GPG_ERR_NO_ERROR ) {
384 ERR << "gpgme_set_keylist_mode: " << err << endl;
385 return ret;
386 }
387
388 if ( (err = gpgme_op_keylist_start( _pimpl->_ctx, NULL, 0 )) != GPG_ERR_NO_ERROR ) {
389 ERR << "gpgme_op_keylist_start: " << err << endl;
390 return ret;
391 }
392 // Close list operation on return!
393 AutoDispose<gpgme_ctx_t> guard2 { _pimpl->_ctx, &gpgme_op_keylist_end };
394
395 AutoDispose<gpgme_key_t> key { nullptr, &gpgme_key_release };
396 for ( ; gpgme_op_keylist_next( _pimpl->_ctx, &(*key) ) == GPG_ERR_NO_ERROR; key.getDispose()( key ) ) {
397 PublicKeyData data { PublicKeyData::fromGpgmeKey( key ) };
398 if ( data )
399 ret.push_back( data );
400 }
401
402 return ret;
403}
404
405std::list<PublicKeyData> KeyManagerCtx::readKeyFromFile( const Pathname & keyfile_r )
406{
407 // bsc#1140670: GPGME does not support reading keys from a keyfile using
408 // gpgme_data_t and gpgme_op_keylist_from_data_start. Despite GPGME_KEYLIST_MODE_SIGS
409 // the signatures are missing, but we need them to create proper PublicKeyData objects.
410 // While this is not resolved, we read into a temp. keyring. Impl::_volatile helps
411 // to detect whether we can clear and import into the current context or need to
412 // create a temp. one.
413 std::list<PublicKeyData> ret;
414
415 if ( _pimpl->_volatile ) {
416 // in a volatile context we can simple clear the keyring...
417 filesystem::clean_dir( homedir() );
418 if ( importKey( keyfile_r ) )
419 ret = listKeys();
420 } else {
421 // read in a volatile context
422 ret = createForOpenPGP().readKeyFromFile( keyfile_r );
423 }
424
425 return ret;
426}
427
428bool KeyManagerCtx::verify(const Pathname &file, const Pathname &signature)
429{
430 return _pimpl->verifySignaturesFprs(file, signature);
431}
432
433bool KeyManagerCtx::exportKey(const std::string &id, std::ostream &stream)
434{
435 GpgmeErr err = GPG_ERR_NO_ERROR;
436
437 GpgmeKeyPtr foundKey;
438
439 //search for requested key id
440 gpgme_key_t key = nullptr;
441 gpgme_op_keylist_start(_pimpl->_ctx, NULL, 0);
442 while (!(err = gpgme_op_keylist_next(_pimpl->_ctx, &key))) {
443 if (key->subkeys && id == str::asString(key->subkeys->keyid)) {
444 GpgmeKeyPtr(key, gpgme_key_release).swap(foundKey);
445 break;
446 }
447 gpgme_key_release(key);
448 }
449 gpgme_op_keylist_end(_pimpl->_ctx);
450
451 if (!foundKey) {
452 WAR << "Key " << id << "not found" << endl;
453 return false;
454 }
455
456 //function needs a array of keys to export
457 gpgme_key_t keyarray[2];
458 keyarray[0] = foundKey.get();
459 keyarray[1] = NULL;
460
461 GpgmeDataPtr out(nullptr, gpgme_data_release);
462 err = gpgme_data_new (&out.get());
463 if (err) {
464 ERR << err << endl;
465 return false;
466 }
467
468 //format as ascii armored
469 gpgme_set_armor (_pimpl->_ctx, 1);
470 // bsc#1179222: Remove outdated self signatures when exporting the key.
471 // The keyring does not order the signatures when multiple versions of the
472 // same key are imported. Rpm however uses the 1st to compute the -release
473 // of the gpg-pubkey. So we export only the latest to get a proper-release.
474 err = gpgme_op_export_keys (_pimpl->_ctx, keyarray, GPGME_EXPORT_MODE_MINIMAL, out.get());
475 if (!err) {
476 int ret = gpgme_data_seek (out.get(), 0, SEEK_SET);
477 if (ret) {
478 ERR << "Unable to seek in exported key data" << endl;
479 return false;
480 }
481
482 const int bufsize = 512;
483 char buf[bufsize + 1];
484 while ((ret = gpgme_data_read(out.get(), buf, bufsize)) > 0) {
485 stream.write(buf, ret);
486 }
487
488 //failed to read from buffer
489 if (ret < 0) {
490 ERR << "Unable to read exported key data" << endl;
491 return false;
492 }
493 } else {
494 ERR << "Error exporting key: "<< err << endl;
495 return false;
496 }
497
498 //if we reach this point export was successful
499 return true;
500}
501
502bool KeyManagerCtx::importKey(const Pathname &keyfile)
503{
504 if ( !PathInfo( keyfile ).isExist() ) {
505 ERR << "Keyfile '" << keyfile << "' does not exist.";
506 return false;
507 }
508
509 GpgmeDataPtr data(nullptr, gpgme_data_release);
510 GpgmeErr err;
511
512 err = gpgme_data_new_from_file(&data.get(), keyfile.c_str(), 1);
513 if (err) {
514 ERR << "Error importing key: "<< err << endl;
515 return false;
516 }
517
518 return _pimpl->importKey( data, [&](){ return PathInfo(keyfile).size(); } );
519}
520
521bool KeyManagerCtx::importKey( const ByteArray &keydata )
522{
523 GpgmeDataPtr data(nullptr, gpgme_data_release);
524 GpgmeErr err;
525
526 err = gpgme_data_new_from_mem( &data.get(), keydata.data(), keydata.size(), 1);
527 if (err) {
528 ERR << "Error importing key: "<< err << endl;
529 return false;
530 }
531
532 return _pimpl->importKey( data, [&](){ return keydata.size(); } );
533}
534
535template<typename Callback>
536bool KeyManagerCtx::Impl::importKey(GpgmeDataPtr &data, Callback &&calcDataSize)
537{
538 GpgmeErr err;
539 err = gpgme_op_import( _ctx, data.get() );
540 if (err) {
541 ERR << "Error importing key: "<< err << endl;
542 return false;
543 }
544
545 // Work around bsc#1127220 [libgpgme] no error upon incomplete import due to signal received.
546 // We need this error, otherwise RpmDb will report the missing keys as 'probably v3'.
547 if ( gpgme_import_result_t res = gpgme_op_import_result(_ctx) )
548 {
549 if ( ! res->considered && std::forward<Callback>(calcDataSize)() )
550 {
551 DBG << *res << endl;
552 ERR << "Error importing key: No keys considered (bsc#1127220, [libgpgme] signal received?)" << endl;
553 return false;
554 }
555 }
556
557 return (err == GPG_ERR_NO_ERROR);
558}
559
560bool KeyManagerCtx::deleteKey(const std::string &id)
561{
562 gpgme_key_t key = nullptr;
563 GpgmeErr err = GPG_ERR_NO_ERROR;
564
565 gpgme_op_keylist_start(_pimpl->_ctx, NULL, 0);
566
567 while (!(err = gpgme_op_keylist_next(_pimpl->_ctx, &key))) {
568 if (key->subkeys && id == str::asString(key->subkeys->keyid)) {
569 err = gpgme_op_delete(_pimpl->_ctx, key, 0);
570
571 gpgme_key_release(key);
572 gpgme_op_keylist_end(_pimpl->_ctx);
573
574 if (err) {
575 ERR << "Error deleting key: "<< err << endl;
576 return false;
577 }
578 return true;
579 }
580 gpgme_key_release(key);
581 }
582
583 gpgme_op_keylist_end(_pimpl->_ctx);
584 WAR << "Key: '"<< id << "' not found." << endl;
585 return false;
586}
587
588std::list<std::string> KeyManagerCtx::readSignatureFingerprints(const Pathname &signature)
589{ return _pimpl->readSignaturesFprs(signature); }
590
591std::list<std::string> KeyManagerCtx::readSignatureFingerprints(const ByteArray &keyData)
592{ return _pimpl->readSignaturesFprs(keyData); }
593
594} // namespace zypp
ZYPP_THROW
#define ZYPP_THROW(EXCPT)
Drops a logline and throws the Exception.
Definition Exception.h:459
OSC
#define OSC(V)
DBG
#define DBG
Definition Logger.h:99
MIL
#define MIL
Definition Logger.h:100
ERR
#define ERR
Definition Logger.h:102
WAR
#define WAR
Definition Logger.h:101
zypp::AutoDispose
Reference counted access to a Tp object calling a custom Dispose function when the last AutoDispose h...
Definition AutoDispose.h:95
zypp::AutoDispose::getDispose
const Dispose & getDispose() const
Return the current dispose function.
Definition AutoDispose.h:163
zypp::KeyManagerCtx::Impl::operator=
Impl & operator=(const Impl &)=delete
zypp::KeyManagerCtx::Impl::readSignaturesFprs
std::list< std::string > readSignaturesFprs(const Pathname &signature_r)
Return all fingerprints found in signature_r.
Definition KeyManager.cc:165
zypp::KeyManagerCtx::Impl::Impl
Impl(const Impl &)=delete
zypp::KeyManagerCtx::Impl::_volatile
bool _volatile
readKeyFromFile workaround bsc#1140670
Definition KeyManager.cc:184
zypp::KeyManagerCtx::Impl::operator=
Impl & operator=(Impl &&)=delete
zypp::KeyManagerCtx::Impl::readSignaturesFprs
std::list< std::string > readSignaturesFprs(const ByteArray &signature_r)
Return all fingerprints found in signature_r.
Definition KeyManager.cc:169
zypp::KeyManagerCtx::Impl::readSignaturesFprsOptVerify
std::list< std::string > readSignaturesFprsOptVerify(const Pathname &signature_r, const Pathname &file_r="/dev/null", bool *verify_r=nullptr)
Return all fingerprints found in signature_r and optionally verify the file_r on the fly.
Definition KeyManager.cc:197
zypp::KeyManagerCtx::Impl::verifySignaturesFprs
bool verifySignaturesFprs(const Pathname &file_r, const Pathname &signature_r)
Tries to verify the file_r using signature_r.
Definition KeyManager.cc:173
zypp::KeyManagerCtx::Impl::importKey
bool importKey(GpgmeDataPtr &data, Callback &&calcDataSize)
Definition KeyManager.cc:536
zypp::KeyManagerCtx::exportKey
bool exportKey(const std::string &id, std::ostream &stream)
Exports the key with id into the given stream, returns true on success.
Definition KeyManager.cc:433
zypp::KeyManagerCtx::listKeys
std::list< PublicKeyData > listKeys()
Returns a list of all public keys found in the current keyring.
Definition KeyManager.cc:375
zypp::KeyManagerCtx::verify
bool verify(const Pathname &file, const Pathname &signature)
Tries to verify file using signature, returns true on success.
Definition KeyManager.cc:428
zypp::KeyManagerCtx::createForOpenPGP
static KeyManagerCtx createForOpenPGP()
Creates a new KeyManagerCtx for PGP using a volatile temp.
Definition KeyManager.cc:320
zypp::KeyManagerCtx::readSignatureFingerprints
std::list< std::string > readSignatureFingerprints(const Pathname &signature)
Reads all fingerprints from the signature file , returns a list of all found fingerprints.
Definition KeyManager.cc:588
zypp::KeyManagerCtx::readKeyFromFile
std::list< PublicKeyData > readKeyFromFile(const Pathname &file)
Returns a list of all PublicKeyData found in file.
Definition KeyManager.cc:405
zypp::KeyManagerCtx::_pimpl
RW_pointer< Impl > _pimpl
Pointer to implementation.
Definition KeyManager.h:88
zypp::KeyManagerCtx::deleteKey
bool deleteKey(const std::string &id)
Tries to delete a key specified by id, returns true on success.
Definition KeyManager.cc:560
zypp::KeyManagerCtx::homedir
Pathname homedir() const
Return the homedir/keyring.
Definition KeyManager.cc:367
zypp::KeyManagerCtx::importKey
bool importKey(const Pathname &keyfile)
Tries to import a key from keyfile, returns true on success.
Definition KeyManager.cc:502
zypp::KeyRingException::KeyRingException
KeyRingException()
Ctor taking message.
Definition KeyRingException.h:26
zypp::PublicKeyData
Class representing one GPG Public Keys data.
Definition PublicKey.h:201
zypp::PublicKeyData::fromGpgmeKey
static PublicKeyData fromGpgmeKey(_gpgme_key *data)
Definition PublicKey.cc:406
zypp::filesystem::PathInfo
Wrapper class for stat/lstat.
Definition PathInfo.h:226
zypp::filesystem::Pathname::c_str
const char * c_str() const
String representation.
Definition Pathname.h:113
zypp::filesystem::Pathname::empty
bool empty() const
Test for an empty path.
Definition Pathname.h:117
str
String related utilities and Regular expression matching.
zypp::filesystem::clean_dir
int clean_dir(const Pathname &path)
Like 'rm -r DIR/ *'.
Definition PathInfo.cc:461
zypp::filesystem::assert_dir
int assert_dir(const Pathname &path, unsigned mode)
Like 'mkdir -p'.
Definition PathInfo.cc:338
zypp::str::asString
const std::string & asString(const std::string &t)
Global asString() that works with std::string too.
Definition String.h:140
zypp
Easy-to use interface to the ZYPP dependency resolver.
Definition CodePitfalls.doc:2
zypp::myTmpDir
Pathname myTmpDir()
Global access to the zypp.TMPDIR (created on demand, deleted when libzypp is unloaded).
Definition TmpPath.cc:276
zypp::operator<<
std::ostream & operator<<(std::ostream &str, const SerialNumber &obj)
Definition SerialNumber.cc:52
zypp::GpgmeException::GpgmeException
GpgmeException(const std::string &in_r, const GpgmeErr &err_r)
Definition KeyManager.cc:143