29  template <
class Executor, 
class OpType>
 
   48      using zyppng::operators::operator|;
 
   65           key = zypp::PublicKey( myKey );
 
   71         if ( !key.isValid() ) {
 
   72           ERR << 
"Key [" << 
_keyId << 
"] from cache: " << cacheDir << 
" is not valid" << std::endl;
 
   76         MIL << 
"Key [" << 
_keyId << 
"] " << key.name() << 
" loaded from cache" << std::endl;
 
   84         MIL << 
"User wants to import key [" << 
_keyId << 
"] " << key.name() << 
" from cache" << std::endl;
 
   86           _context->keyRing()->importKey( key, 
true );
 
   87         } 
catch ( 
const zypp::KeyRingException &e ) {
 
 
 
  117    template <
class Executor, 
class OpType>
 
  118    struct VerifyFileSignatureLogic : 
public LogicBase<Executor, OpType>
 
  126        : _zyppContext( 
std::move(zyppContext) )
 
  127        , _keyringReport( _zyppContext )
 
  128        , _keyRing( 
std::move(keyRing) )
 
  129        , _verifyContext( 
std::move(ctx) )
 
  132      struct FoundKeyData {
 
  133        zypp::PublicKeyData _foundKey;
 
  135        bool trusted = 
false;
 
  138      MaybeAsyncRef<FoundKeyData> findKey ( 
const std::string &
id ) {
 
  140        using zyppng::operators::operator|;
 
  143          return makeReadyResult(FoundKeyData{zypp::PublicKeyData(), zypp::Pathname()});
 
  146        zypp::PublicKeyData trustedKeyData( _keyRing->pimpl().publicKeyExists( 
id, _keyRing->pimpl().trustedKeyRing() ) );
 
  147        if ( trustedKeyData )
 
  149          MIL << 
"Key is trusted: " << trustedKeyData << std::endl;
 
  153          zypp::PublicKeyData generalKeyData( _keyRing->pimpl().publicKeyExists( 
id, _keyRing->pimpl().generalKeyRing() ) );
 
  154          if ( generalKeyData )
 
  164            if ( trustedKeyData.fingerprint() == generalKeyData.fingerprint()
 
  165                 && trustedKeyData.created() < generalKeyData.created() )
 
  167              MIL << 
"Key was updated. Saving new version into trusted keyring: " << generalKeyData << std::endl;
 
  168              _keyRing->importKey( _keyRing->pimpl().exportKey( generalKeyData, _keyRing->pimpl().generalKeyRing() ), 
true );
 
  169              trustedKeyData = _keyRing->pimpl().publicKeyExists( 
id, _keyRing->pimpl().trustedKeyRing() ); 
 
  173          return makeReadyResult( FoundKeyData{ trustedKeyData,  _keyRing->pimpl().trustedKeyRing(), 
true } );
 
  177          zypp::PublicKeyData generalKeyData( _keyRing->pimpl().publicKeyExists( 
id, _keyRing->pimpl().generalKeyRing() ) );
 
  178          if ( generalKeyData )
 
  180            zypp::PublicKey key( _keyRing->pimpl().exportKey( generalKeyData, _keyRing->pimpl().generalKeyRing() ) );
 
  181            MIL << 
"Key [" << 
id << 
"] " << key.name() << 
" is not trusted" << std::endl;
 
  188              zypp::Pathname whichKeyring;
 
  190              MIL << 
"User wants to trust key [" << 
id << 
"] " << key.name() << std::endl;
 
  194                MIL << 
"User wants to import key [" << 
id << 
"] " << key.name() << std::endl;
 
  195                _keyRing->importKey( key, 
true );
 
  196                whichKeyring = _keyRing->pimpl().trustedKeyRing();
 
  199                whichKeyring = _keyRing->pimpl().generalKeyRing();
 
  201              return makeReadyResult(FoundKeyData { std::move(generalKeyData), std::move(whichKeyring), 
true });
 
  205              MIL << 
"User does not want to trust key [" << 
id << 
"] " << key.name() << std::endl;
 
  206              return makeReadyResult(FoundKeyData { std::move(generalKeyData),  _keyRing->pimpl().generalKeyRing(), 
false });
 
  209          else if ( ! _verifyContext.keyContext().empty() )
 
  213              | [
this, id]( 
bool success ) {
 
  215                    return FoundKeyData{ zypp::PublicKeyData(), zypp::Pathname() };
 
  217                  return FoundKeyData{ _keyRing->pimpl().publicKeyExists( 
id, _keyRing->pimpl().trustedKeyRing() ),   _keyRing->pimpl().trustedKeyRing(), 
true };
 
  221        return makeReadyResult(FoundKeyData{ zypp::PublicKeyData(), zypp::Pathname() });
 
  227        _verifyContext.resetResults();
 
  228        const zypp::Pathname & file         { _verifyContext.file() };
 
  229        const zypp::Pathname & signature    { _verifyContext.signature() };
 
  230        const std::string & filedesc        { _verifyContext.shortFile() };
 
  232        MIL << 
"Going to verify signature for " << filedesc << 
" ( " << file << 
" ) with " << signature << std::endl;
 
  235        if( signature.empty() || (!zypp::PathInfo( signature ).isExist()) )
 
  237          bool res = _keyringReport.askUserToAcceptUnsignedFile( filedesc, _verifyContext.keyContext() );
 
  238          MIL << 
"askUserToAcceptUnsignedFile: " << res << std::endl;
 
  243        _verifyContext.signatureId( _keyRing->readSignatureKeyId( signature ) ); 
 
  244        const std::string & 
id = _verifyContext.signatureId();
 
  247        std::list<zypp::PublicKeyData> buddies; 
 
  248        for ( 
const auto & sid : _verifyContext.buddyKeys() ) {
 
  249          if ( not zypp::PublicKeyData::isSafeKeyId( sid ) ) {
 
  250            WAR << 
"buddy " << sid << 
": key id is too short to safely identify a gpg key. Skipping it." << std::endl;
 
  253          if ( _keyRing->pimpl().trustedPublicKeyExists( sid ) ) {
 
  254            MIL << 
"buddy " << sid << 
": already in trusted key ring. Not needed." << std::endl;
 
  257          auto pk = _keyRing->pimpl().publicKeyExists( sid );
 
  259            WAR << 
"buddy " << sid << 
": not available in the public key ring. Skipping it." << std::endl;
 
  262          if ( pk.providesKey(
id) ) {
 
  263            MIL << 
"buddy " << sid << 
": is the signing key. Handled separately." << std::endl;
 
  266          MIL << 
"buddy " << sid << 
": candidate for auto import. Remeber it." << std::endl;
 
  267          buddies.push_back( pk );
 
  270        using zyppng::operators::operator|;
 
  271        return findKey( 
id ) | [
this, id, buddies=std::move(buddies)]( FoundKeyData res ) {
 
  273          const zypp::Pathname & file         { _verifyContext.file() };
 
  274          const zypp::KeyContext & keyContext { _verifyContext.keyContext() };
 
  275          const zypp::Pathname & signature    { _verifyContext.signature() };
 
  276          const std::string & filedesc        { _verifyContext.shortFile() };
 
  278          if ( res._foundKey ) {
 
  282              return makeReturn(
false);
 
  285            _verifyContext.signatureIdTrusted( res._whichKeyRing == _keyRing->pimpl().trustedKeyRing() );
 
  286            _keyringReport.infoVerify( filedesc, res._foundKey, keyContext );
 
  287            if ( _keyRing->pimpl().verifyFile( file, signature, res._whichKeyRing ) )
 
  289              _verifyContext.fileValidated( 
true );
 
  290              if ( _verifyContext.signatureIdTrusted() && not buddies.empty() ) {
 
  292                MIL << 
"Validated with trusted key: importing buddy list..." << std::endl;
 
  293                _keyringReport.reportAutoImportKey( buddies, res._foundKey, keyContext );
 
  294                for ( 
const auto & kd : buddies ) {
 
  295                  _keyRing->importKey( _keyRing->pimpl().exportKey( kd, _keyRing->pimpl().generalKeyRing() ), 
true );
 
  298              return makeReturn(_verifyContext.fileValidated());        
 
  302              bool userAnswer = _keyringReport.askUserToAcceptVerificationFailed( filedesc, _keyRing->pimpl().exportKey( res._foundKey, res._whichKeyRing ), keyContext );
 
  303              MIL << 
"askUserToAcceptVerificationFailed: " << userAnswer << std::endl;
 
  304              return makeReturn(userAnswer);
 
  308            MIL << 
"File [" << file << 
"] ( " << filedesc << 
" ) signed with unknown key [" << 
id << 
"]" << std::endl;
 
  309            bool res = _keyringReport.askUserToAcceptUnknownKey( filedesc, 
id, _verifyContext.keyContext() );
 
  310            MIL << 
"askUserToAcceptUnknownKey: " << res << std::endl;
 
  311            return makeReturn(res);
 
  314          return makeReturn(
false);
 
  319      ZyppContextRefType _zyppContext;
 
  320      KeyRingReportHelper<ZyppContextRefType> _keyringReport;
 
  322      zypp::keyring::VerifyFileContext _verifyContext;
 
  325      inline std::pair<bool, zypp::keyring::VerifyFileContext> makeReturn( 
bool res ){
 
  326        _verifyContext.fileAccepted( res );
 
  327        return std::make_pair( res, std::move(_verifyContext) ) ;
 
  334    auto kr = zyppContext->keyRing();
 
 
  340    auto kr = zyppContext->keyRing();