/***************************************************************************
                          security.h  -  description
                             -------------------
    begin                : Thu Jun 24 11:22:12 2004
    copyright          : (C) 2004, 2005 by Andras Mantia <amantia@kde.org>
 ***************************************************************************/

/***************************************************************************
 *                                                                         *
 *   This program is free software; you can redistribute it and/or modify  *
 *   it under the terms of the GNU Library General Public License as       *
 *   published by the Free Software Foundation; version 2 of the License.  *
 *                                                                         *
 ***************************************************************************/


#ifndef SECURITY_H
#define SECURITY_H

//qt includes
#include <tqmap.h>
#include <tqobject.h>

class KProcIO;
class KProcess;

struct KeyStruct {
   TQString id;
   TQString name;
   TQString mail;
   bool trusted;
   bool secret;
};

/**
Handles security releated issues, like signing, verifying.
It is a private class, not meant to be used by third party applications.

@author Andras Mantia <amantia@kde.org>
*/

namespace KNS {

class Security : public TQObject
{
Q_OBJECT
public:
  static Security* const ref()
  {
    static Security *m_ref;
    if (!m_ref) m_ref = new Security();
    return m_ref;
  }
  ~Security();


  /** Verifies the integrity and the signature of a tarball file.
   * @param fileName the file to be verified. It should be a tar.gz (.tgz) file. The directory where
   *               the file is should contain a "signature" and a "md5sum" file, otherwise verification will fail.
   *               The method is asynchronous and the result is signalled with @ref validityResult.
   */
  void checkValidity(const TQString &fileName);

  /** Creates a signature and an md5sum file for the fileName and packs
   * everything into a gzipped tarball.
   * @param fileName the file with full path to sign
   *
   * The method is asynchronous and the result is signalled with @ref fileSigned.
   */
  void signFile(const TQString &fileName);
  /** Get the key used for signing. This method is valid only if:
  *  - the checkValidity was called
  *  - the result of the validity check does not have the UNKNOWN bit set
  *
  *  @return the key used for signing the file
  */
  KeyStruct signatureKey() {return m_signatureKey;}

  enum Results {
     MD5_OK = 1, /// The MD5 sum check is OK
     SIGNED_OK = 2, /// The file is signed with a good signature
     SIGNED_BAD = 4, /// The file is signed with a bad signature
     TRUSTED = 8, /// The signature is trusted
     UNKNOWN = 16, ///The key is unknown
     SIGNED_BAD_CLEAR = 27, ///used to clear the SIGNED_BAD flag
     BAD_PASSPHRASE = 32 ///wrong passhprase entered
  };

public slots:
  /** Reads the available public keys */
  void readKeys();
  /** Reads the available secret keys */
  void readSecretKeys();
  /** Verifies the integrity and the signature of a tarball file (see m_fileName).
   */
  void slotCheckValidity();

  /** Creates a signature and an md5sum file for the m_fileName and packs
   * everything into a gzipped tarball.
   */
  void slotSignFile();

private:
   Security();

   enum RunMode {
       List = 0, ///read the public keys
       ListSecret, ///read the secret keys
       Verify, ///verify the signature
       Sign ///create signature
   };

   KeyStruct m_signatureKey;
   int m_result;
   int m_runMode;
   bool m_gpgRunning; /// true if gpg is currently running
   bool m_keysRead; /// true if all the keys were read
   TQMap<TQString, KeyStruct> m_keys; /// holds information about the available key
   TQString m_fileName; /// the file to sign/verify
   TQString m_secretKey; /// the key used for signing

private slots:
   void slotProcessExited(KProcess *process);
   void slotDataArrived(KProcIO *process);

signals:
   /** Sent when the validity check is done.
   *
   *    @return the result of the check. See @ref Results
   */
    void validityResult(int result);
   /** Sent when the signing is done.
     *
     *    @return the result of the operation. See @ref Results
    */
    void fileSigned(int result);
};

}

#endif