File indexing completed on 2024-04-28 15:28:59
0001 /* 0002 This file is part of KNewStuff2. 0003 SPDX-FileCopyrightText: 2004, 2005 Andras Mantia <amantia@kde.org> 0004 SPDX-FileCopyrightText: 2007 Josef Spillner <spillner@kde.org> 0005 0006 SPDX-License-Identifier: LGPL-2.1-or-later 0007 */ 0008 0009 #ifndef KNEWSTUFF2_SECURITY_P_H 0010 #define KNEWSTUFF2_SECURITY_P_H 0011 0012 // qt includes 0013 #include <QMap> 0014 #include <QObject> 0015 #include <QProcess> 0016 0017 #include "knewstuffcore_export.h" 0018 0019 #if KNEWSTUFFCORE_ENABLE_DEPRECATED_SINCE(5, 31) 0020 0021 struct KeyStruct { 0022 QString id; 0023 QString name; 0024 QString mail; 0025 bool trusted; 0026 bool secret; 0027 }; 0028 0029 namespace KNSCore 0030 { 0031 /** 0032 * Do not use this class. It is non-functional and internal. 0033 * @internal 0034 * @deprecated 0035 */ 0036 class KNEWSTUFFCORE_EXPORT KNEWSTUFFCORE_DEPRECATED_VERSION(5, 31, "No longer use") Security : public QObject 0037 { 0038 Q_OBJECT 0039 public: 0040 static Security *ref() 0041 { 0042 static Security *m_ref; 0043 if (!m_ref) { 0044 m_ref = new Security(); 0045 } 0046 return m_ref; 0047 } 0048 ~Security() override; 0049 0050 /** Verifies the integrity and the signature of a tarball file. 0051 * @param fileName the file to be verified. It should be a tar.gz (.tgz) file. The directory where 0052 * the file is should contain a "signature" and a "md5sum" file, otherwise verification will fail. 0053 * The method is asynchronous and the result is signalled with @ref validityResult. 0054 */ 0055 void checkValidity(const QString &fileName); 0056 0057 /** Creates a signature and an md5sum file for the fileName and packs 0058 * everything into a gzipped tarball. 0059 * @param fileName the file with full path to sign 0060 * 0061 * The method is asynchronous and the result is signalled with @ref fileSigned. 0062 */ 0063 void signFile(const QString &fileName); 0064 0065 /** Get the key used for signing. This method is valid only if: 0066 * - the checkValidity was called 0067 * - the result of the validity check does not have the UNKNOWN bit set 0068 * 0069 * @return the key used for signing the file 0070 */ 0071 KeyStruct signatureKey() 0072 { 0073 return m_signatureKey; 0074 } 0075 0076 enum Results { 0077 MD5_OK = 1, /// The MD5 sum check is OK 0078 SIGNED_OK = 2, /// The file is signed with a good signature 0079 SIGNED_BAD = 4, /// The file is signed with a bad signature 0080 TRUSTED = 8, /// The signature is trusted 0081 UNKNOWN = 16, /// The key is unknown 0082 SIGNED_BAD_CLEAR = 27, /// used to clear the SIGNED_BAD flag 0083 BAD_PASSPHRASE = 32, /// wrong passhprase entered 0084 }; 0085 0086 public Q_SLOTS: 0087 0088 /** Reads the available public keys */ 0089 void readKeys(); 0090 0091 /** Reads the available secret keys */ 0092 void readSecretKeys(); 0093 0094 /** Verifies the integrity and the signature of a tarball file (see m_fileName). 0095 */ 0096 void slotCheckValidity(); 0097 0098 /** Creates a signature and an md5sum file for the m_fileName and packs 0099 * everything into a gzipped tarball. 0100 */ 0101 void slotSignFile(); 0102 0103 private: 0104 Security(); 0105 0106 enum RunMode { 0107 List = 0, /// read the public keys 0108 ListSecret, /// read the secret keys 0109 Verify, /// verify the signature 0110 Sign, /// create signature 0111 }; 0112 0113 KeyStruct m_signatureKey; 0114 int m_result; 0115 int m_runMode; 0116 bool m_gpgRunning; /// true if gpg is currently running 0117 bool m_keysRead; /// true if all the keys were read 0118 QMap<QString, KeyStruct> m_keys; /// holds information about the available key 0119 QString m_fileName; /// the file to sign/verify 0120 QString m_secretKey; /// the key used for signing 0121 QProcess *m_process; 0122 0123 private Q_SLOTS: 0124 void slotFinished(int exitCode, QProcess::ExitStatus exitStatus); 0125 void slotReadyReadStandardOutput(); 0126 0127 Q_SIGNALS: 0128 /** Sent when the validity check is done. 0129 * 0130 * @return the result of the check. See @ref Results 0131 */ 0132 void validityResult(int result); 0133 0134 /** Sent when the signing is done. 0135 * 0136 * @return the result of the operation. See @ref Results 0137 */ 0138 void fileSigned(int result); 0139 0140 void signalInformation(const QString &) const; 0141 void signalError(const QString &) const; 0142 }; 0143 0144 } 0145 0146 #endif // KNEWSTUFFCORE_ENABLE_DEPRECATED_SINCE(5, 31) 0147 0148 #endif