summaryrefslogtreecommitdiffstats
path: root/knewstuff/security.h
blob: 03117fd96a069bc35f6cca839e7b39c413c09d2a (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
/***************************************************************************
                          security.h  -  description
                             -------------------
    begin                : Thu Jun 24 11:22:12 2004
    copyright          : (C) 2004, 2005 by Andras Mantia <amantia@kde.org>
 ***************************************************************************/

/***************************************************************************
 *                                                                         *
 *   This program is free software; you can redistribute it and/or modify  *
 *   it under the terms of the GNU Library General Public License as       *
 *   published by the Free Software Foundation; version 2 of the License.  *
 *                                                                         *
 ***************************************************************************/


#ifndef SECURITY_H
#define SECURITY_H

//qt includes
#include <qmap.h>
#include <qobject.h>

class KProcIO;
class KProcess;

struct KeyStruct {
   QString id;
   QString name;
   QString mail;
   bool trusted;
   bool secret;
};

/**
Handles security releated issues, like signing, verifying.
It is a private class, not meant to be used by third party applications.

@author Andras Mantia <amantia@kde.org>
*/

namespace KNS {

class Security : public QObject
{
Q_OBJECT
public:
  static Security* const ref()
  {
    static Security *m_ref;
    if (!m_ref) m_ref = new Security();
    return m_ref;
  }
  ~Security();


  /** Verifies the integrity and the signature of a tarball file.
   * @param fileName the file to be verified. It should be a tar.gz (.tgz) file. The directory where
   *               the file is should contain a "signature" and a "md5sum" file, otherwise verification will fail.
   *               The method is asynchronous and the result is signalled with @ref validityResult.
   */
  void checkValidity(const QString &fileName);

  /** Creates a signature and an md5sum file for the fileName and packs
   * everything into a gzipped tarball.
   * @param fileName the file with full path to sign
   *
   * The method is asynchronous and the result is signalled with @ref fileSigned.
   */
  void signFile(const QString &fileName);
  /** Get the key used for signing. This method is valid only if:
  *  - the checkValidity was called
  *  - the result of the validity check does not have the UNKNOWN bit set
  *
  *  @return the key used for signing the file
  */
  KeyStruct signatureKey() {return m_signatureKey;}

  enum Results {
     MD5_OK = 1, /// The MD5 sum check is OK
     SIGNED_OK = 2, /// The file is signed with a good signature
     SIGNED_BAD = 4, /// The file is signed with a bad signature
     TRUSTED = 8, /// The signature is trusted
     UNKNOWN = 16, ///The key is unknown
     SIGNED_BAD_CLEAR = 27, ///used to clear the SIGNED_BAD flag
     BAD_PASSPHRASE = 32 ///wrong passhprase entered
  };

public slots:
  /** Reads the available public keys */
  void readKeys();
  /** Reads the available secret keys */
  void readSecretKeys();
  /** Verifies the integrity and the signature of a tarball file (see m_fileName).
   */
  void slotCheckValidity();

  /** Creates a signature and an md5sum file for the m_fileName and packs
   * everything into a gzipped tarball.
   */
  void slotSignFile();

private:
   Security();

   enum RunMode {
       List = 0, ///read the public keys
       ListSecret, ///read the secret keys
       Verify, ///verify the signature
       Sign ///create signature
   };

   KeyStruct m_signatureKey;
   int m_result;
   int m_runMode;
   bool m_gpgRunning; /// true if gpg is currently running
   bool m_keysRead; /// true if all the keys were read
   QMap<QString, KeyStruct> m_keys; /// holds information about the available key
   QString m_fileName; /// the file to sign/verify
   QString m_secretKey; /// the key used for signing

private slots:
   void slotProcessExited(KProcess *process);
   void slotDataArrived(KProcIO *process);

signals:
   /** Sent when the validity check is done.
   *
   *    @return the result of the check. See @ref Results
   */
    void validityResult(int result);
   /** Sent when the signing is done.
     *
     *    @return the result of the operation. See @ref Results
    */
    void fileSigned(int result);
};

}

#endif