KNewStuff

security.h
1 /*
2  This file is part of KNewStuff2.
3  SPDX-FileCopyrightText: 2004, 2005 Andras Mantia <[email protected]>
4  SPDX-FileCopyrightText: 2007 Josef Spillner <[email protected]>
5 
6  SPDX-License-Identifier: LGPL-2.1-or-later
7 */
8 
9 #ifndef KNEWSTUFF2_SECURITY_P_H
10 #define KNEWSTUFF2_SECURITY_P_H
11 
12 // qt includes
13 #include <QMap>
14 #include <QObject>
15 #include <QProcess>
16 
17 #include "knewstuffcore_export.h"
18 
19 #if KNEWSTUFFCORE_ENABLE_DEPRECATED_SINCE(5, 31)
20 
21 struct KeyStruct {
22  QString id;
23  QString name;
24  QString mail;
25  bool trusted;
26  bool secret;
27 };
28 
29 namespace KNSCore
30 {
31 /**
32  * Do not use this class. It is non-functional and internal.
33  * @internal
34  * @deprecated
35  */
36 class KNEWSTUFFCORE_EXPORT KNEWSTUFFCORE_DEPRECATED_VERSION(5, 31, "No longer use") Security : public QObject
37 {
38  Q_OBJECT
39 public:
40  static Security *ref()
41  {
42  static Security *m_ref;
43  if (!m_ref) {
44  m_ref = new Security();
45  }
46  return m_ref;
47  }
48  ~Security() override;
49 
50  /** Verifies the integrity and the signature of a tarball file.
51  * @param fileName the file to be verified. It should be a tar.gz (.tgz) file. The directory where
52  * the file is should contain a "signature" and a "md5sum" file, otherwise verification will fail.
53  * The method is asynchronous and the result is signalled with @ref validityResult.
54  */
55  void checkValidity(const QString &fileName);
56 
57  /** Creates a signature and an md5sum file for the fileName and packs
58  * everything into a gzipped tarball.
59  * @param fileName the file with full path to sign
60  *
61  * The method is asynchronous and the result is signalled with @ref fileSigned.
62  */
63  void signFile(const QString &fileName);
64 
65  /** Get the key used for signing. This method is valid only if:
66  * - the checkValidity was called
67  * - the result of the validity check does not have the UNKNOWN bit set
68  *
69  * @return the key used for signing the file
70  */
71  KeyStruct signatureKey()
72  {
73  return m_signatureKey;
74  }
75 
76  enum Results {
77  MD5_OK = 1, /// The MD5 sum check is OK
78  SIGNED_OK = 2, /// The file is signed with a good signature
79  SIGNED_BAD = 4, /// The file is signed with a bad signature
80  TRUSTED = 8, /// The signature is trusted
81  UNKNOWN = 16, /// The key is unknown
82  SIGNED_BAD_CLEAR = 27, /// used to clear the SIGNED_BAD flag
83  BAD_PASSPHRASE = 32, /// wrong passhprase entered
84  };
85 
86 public Q_SLOTS:
87 
88  /** Reads the available public keys */
89  void readKeys();
90 
91  /** Reads the available secret keys */
92  void readSecretKeys();
93 
94  /** Verifies the integrity and the signature of a tarball file (see m_fileName).
95  */
96  void slotCheckValidity();
97 
98  /** Creates a signature and an md5sum file for the m_fileName and packs
99  * everything into a gzipped tarball.
100  */
101  void slotSignFile();
102 
103 private:
104  Security();
105 
106  enum RunMode {
107  List = 0, /// read the public keys
108  ListSecret, /// read the secret keys
109  Verify, /// verify the signature
110  Sign, /// create signature
111  };
112 
113  KeyStruct m_signatureKey;
114  int m_result;
115  int m_runMode;
116  bool m_gpgRunning; /// true if gpg is currently running
117  bool m_keysRead; /// true if all the keys were read
118  QMap<QString, KeyStruct> m_keys; /// holds information about the available key
119  QString m_fileName; /// the file to sign/verify
120  QString m_secretKey; /// the key used for signing
121  QProcess *m_process;
122 
123 private Q_SLOTS:
124  void slotFinished(int exitCode, QProcess::ExitStatus exitStatus);
125  void slotReadyReadStandardOutput();
126 
127 Q_SIGNALS:
128  /** Sent when the validity check is done.
129  *
130  * @return the result of the check. See @ref Results
131  */
132  void validityResult(int result);
133 
134  /** Sent when the signing is done.
135  *
136  * @return the result of the operation. See @ref Results
137  */
138  void fileSigned(int result);
139 
140  void signalInformation(const QString &) const;
141  void signalError(const QString &) const;
142 };
143 
144 }
145 
146 #endif // KNEWSTUFFCORE_ENABLE_DEPRECATED_SINCE(5, 31)
147 
148 #endif
QAction * mail(const QObject *recvr, const char *slot, QObject *parent)
Contains the core functionality for handling interaction with NewStuff providers. ...
Do not use this class.
Definition: security.h:36
const QLatin1String name
KeyStruct signatureKey()
Get the key used for signing.
Definition: security.h:71
This file is part of the KDE documentation.
Documentation copyright © 1996-2021 The KDE developers.
Generated on Tue Nov 30 2021 22:38:13 by doxygen 1.8.11 written by Dimitri van Heesch, © 1997-2006

KDE's Doxygen guidelines are available online.