13#include <config-libkleo.h>
15#include "defaultkeyfilter.h"
16#include "utils/compliance.h"
18#if GPGMEPP_KEY_HAS_HASCERTIFY_SIGN_ENCRYPT_AUTHENTICATE
20#include <libkleo/compat.h>
22#include <libkleo/compliance.h>
23#include <libkleo/formatting.h>
24#include <libkleo/keyhelpers.h>
31static bool is_card_key(
const Key &key)
33 const std::vector<Subkey> sks = key.subkeys();
34 return std::find_if(sks.begin(), sks.end(), std::mem_fn(&Subkey::isCardKey)) != sks.end();
37class DefaultKeyFilter::Private
49 MatchContexts mMatchContexts = AnyMatchContext;
50 unsigned int mSpecificity = 0;
53 bool mStrikeOut =
false;
54 bool mUseFullFont =
false;
57 TriState mRevoked = DoesNotMatter;
58 TriState mExpired = DoesNotMatter;
59 TriState mInvalid = DoesNotMatter;
60 TriState mDisabled = DoesNotMatter;
61 TriState mRoot = DoesNotMatter;
62 TriState mCanEncrypt = DoesNotMatter;
63 TriState mCanSign = DoesNotMatter;
64 TriState mCanCertify = DoesNotMatter;
65 TriState mCanAuthenticate = DoesNotMatter;
66 TriState mHasEncrypt = DoesNotMatter;
67 TriState mHasSign = DoesNotMatter;
68 TriState mHasCertify = DoesNotMatter;
69 TriState mHasAuthenticate = DoesNotMatter;
70 TriState mQualified = DoesNotMatter;
71 TriState mCardKey = DoesNotMatter;
72 TriState mHasSecret = DoesNotMatter;
73 TriState mIsOpenPGP = DoesNotMatter;
74 TriState mWasValidated = DoesNotMatter;
75 TriState mIsDeVs = DoesNotMatter;
76 TriState mBad = DoesNotMatter;
77 TriState mValidIfSMIME = DoesNotMatter;
79 LevelState mOwnerTrust = LevelDoesNotMatter;
80 GpgME::Key::OwnerTrust mOwnerTrustReferenceLevel = Key::OwnerTrust::Unknown;
81 LevelState mValidity = LevelDoesNotMatter;
82 GpgME::UserID::Validity mValidityReferenceLevel = UserID::Validity::Unknown;
85DefaultKeyFilter::DefaultKeyFilter()
91DefaultKeyFilter::~DefaultKeyFilter() =
default;
93bool DefaultKeyFilter::matches(
const Key &key, MatchContexts contexts)
const
95 if (!(d->mMatchContexts & contexts)) {
101#define MATCH(member, method) \
103 if (member != DoesNotMatter && key.method() != bool(member == Set)) { \
107#define IS_MATCH(what) MATCH(d->m##what, is##what)
108#define CAN_MATCH(what) MATCH(d->mCan##what, can##what)
109#if GPGMEPP_KEY_HAS_HASCERTIFY_SIGN_ENCRYPT_AUTHENTICATE
110#define HAS_MATCH(what) MATCH(d->mHas##what, has##what)
112#define HAS_MATCH(what) \
114 if (d->mHas##what != DoesNotMatter && Kleo::keyHas##what(key) != bool(d->mHas##what == Set)) { \
127 CAN_MATCH(Authenticate);
131 HAS_MATCH(Authenticate);
133 if (d->mCardKey != DoesNotMatter) {
134 if ((d->mCardKey == Set && !is_card_key(key)) || (d->mCardKey == NotSet && is_card_key(key))) {
138 MATCH(d->mHasSecret, hasSecret);
140 if (d->mIsOpenPGP != DoesNotMatter &&
bool(key.protocol() == GpgME::OpenPGP) !=
bool(d->mIsOpenPGP == Set)) {
143 if (d->mWasValidated != DoesNotMatter &&
bool(key.keyListMode() & GpgME::Validate) !=
bool(d->mWasValidated == Set)) {
146 if (d->mIsDeVs != DoesNotMatter &&
bool(DeVSCompliance::keyIsCompliant(key)) !=
bool(d->mIsDeVs == Set)) {
149 if (d->mBad != DoesNotMatter &&
151 bool(key.isNull() || key.isRevoked() || key.isExpired() || key.isDisabled() || key.isInvalid()) !=
bool(d->mBad == Set)) {
154 const UserID uid = key.userID(0);
155 if ((key.protocol() == GpgME::CMS)
156 && (d->mValidIfSMIME != DoesNotMatter)
157 && (
bool(uid.validity() >= UserID::Full) !=
bool(d->mValidIfSMIME == Set))) {
160 switch (d->mOwnerTrust) {
162 case LevelDoesNotMatter:
165 if (key.ownerTrust() != d->mOwnerTrustReferenceLevel) {
170 if (key.ownerTrust() == d->mOwnerTrustReferenceLevel) {
175 if (
static_cast<int>(key.ownerTrust()) <
static_cast<int>(d->mOwnerTrustReferenceLevel)) {
180 if (
static_cast<int>(key.ownerTrust()) >
static_cast<int>(d->mOwnerTrustReferenceLevel)) {
185 switch (d->mValidity) {
187 case LevelDoesNotMatter:
190 if (uid.validity() != d->mValidityReferenceLevel) {
195 if (uid.validity() == d->mValidityReferenceLevel) {
200 if (
static_cast<int>(uid.validity()) <
static_cast<int>(d->mValidityReferenceLevel)) {
205 if (
static_cast<int>(uid.validity()) >
static_cast<int>(d->mValidityReferenceLevel)) {
213bool DefaultKeyFilter::matches(
const UserID &userID, MatchContexts contexts)
const
215 if (!(d->mMatchContexts & contexts)) {
221#define MATCH_KEY(member, method) \
223 if (member != DoesNotMatter && userID.parent().method() != bool(member == Set)) { \
227#define IS_MATCH_KEY(what) MATCH_KEY(d->m##what, is##what)
228#define CAN_MATCH_KEY(what) MATCH_KEY(d->mCan##what, can##what)
229#if GPGMEPP_KEY_HAS_HASCERTIFY_SIGN_ENCRYPT_AUTHENTICATE
230#define HAS_MATCH_KEY(what) MATCH_KEY(d->mHas##what, has##what)
232#define HAS_MATCH_KEY(what) \
234 if (d->mHas##what != DoesNotMatter && Kleo::keyHas##what(userID.parent()) != bool(d->mHas##what == Set)) { \
243#define MATCH(member, method) \
245 if (member != DoesNotMatter && (userID.parent().method() != bool(member == Set) || userID.method() != bool(member == Set))) { \
249#define IS_MATCH(what) MATCH(d->m##what, is##what)
251 IS_MATCH_KEY(Expired);
253 if (d->mExpired != DoesNotMatter && (userID.parent().isExpired() !=
bool(d->mExpired == Set) || isExpired(userID) !=
bool(d->mExpired == Set))) {
257 IS_MATCH_KEY(Disabled);
259 CAN_MATCH_KEY(Encrypt);
261 CAN_MATCH_KEY(Certify);
262 CAN_MATCH_KEY(Authenticate);
263 HAS_MATCH_KEY(Encrypt);
265 HAS_MATCH_KEY(Certify);
266 HAS_MATCH_KEY(Authenticate);
267 IS_MATCH_KEY(Qualified);
268 if (d->mCardKey != DoesNotMatter) {
269 if ((d->mCardKey == Set && !is_card_key(userID.parent())) || (d->mCardKey == NotSet && is_card_key(userID.parent()))) {
273 MATCH_KEY(d->mHasSecret, hasSecret);
275 if (d->mIsOpenPGP != DoesNotMatter &&
bool(userID.parent().protocol() == GpgME::OpenPGP) !=
bool(d->mIsOpenPGP == Set)) {
278 if (d->mWasValidated != DoesNotMatter &&
bool(userID.parent().keyListMode() & GpgME::Validate) !=
bool(d->mWasValidated == Set)) {
281 if (d->mIsDeVs != DoesNotMatter &&
bool(DeVSCompliance::userIDIsCompliant(userID)) !=
bool(d->mIsDeVs == Set)) {
284 if (d->mBad != DoesNotMatter &&
286 bool(userID.parent().isNull() || userID.isNull() || userID.parent().isRevoked() || userID.isRevoked() || userID.parent().isExpired()
287 || userID.parent().isDisabled() || userID.parent().isInvalid() || userID.isInvalid())
288 !=
bool(d->mBad == Set)) {
291 if ((userID.parent().protocol() == GpgME::CMS)
292 && (d->mValidIfSMIME != DoesNotMatter)
293 && (
bool(userID.validity() >= UserID::Full) !=
bool(d->mValidIfSMIME == Set))) {
296 switch (d->mOwnerTrust) {
298 case LevelDoesNotMatter:
301 if (userID.parent().ownerTrust() != d->mOwnerTrustReferenceLevel) {
306 if (userID.parent().ownerTrust() == d->mOwnerTrustReferenceLevel) {
311 if (
static_cast<int>(userID.parent().ownerTrust()) <
static_cast<int>(d->mOwnerTrustReferenceLevel)) {
316 if (
static_cast<int>(userID.parent().ownerTrust()) >
static_cast<int>(d->mOwnerTrustReferenceLevel)) {
321 switch (d->mValidity) {
323 case LevelDoesNotMatter:
326 if (userID.validity() != d->mValidityReferenceLevel) {
331 if (userID.validity() == d->mValidityReferenceLevel) {
336 if (
static_cast<int>(userID.validity()) <
static_cast<int>(d->mValidityReferenceLevel)) {
341 if (
static_cast<int>(userID.validity()) >
static_cast<int>(d->mValidityReferenceLevel)) {
349KeyFilter::FontDescription DefaultKeyFilter::fontDescription()
const
351 if (d->mUseFullFont) {
352 return FontDescription::create(font(), bold(), italic(), strikeOut());
354 return FontDescription::create(bold(), italic(), strikeOut());
358void DefaultKeyFilter::setFgColor(
const QColor &value)
363void DefaultKeyFilter::setBgColor(
const QColor &value)
368void DefaultKeyFilter::setName(
const QString &value)
373void DefaultKeyFilter::setIcon(
const QString &value)
378void DefaultKeyFilter::setId(
const QString &value)
383void DefaultKeyFilter::setMatchContexts(MatchContexts value)
385 d->mMatchContexts = value;
388void DefaultKeyFilter::setSpecificity(
unsigned int value)
390 d->mSpecificity = value;
393void DefaultKeyFilter::setItalic(
bool value)
398void DefaultKeyFilter::setBold(
bool value)
403void DefaultKeyFilter::setStrikeOut(
bool value)
405 d->mStrikeOut = value;
408void DefaultKeyFilter::setUseFullFont(
bool value)
410 d->mUseFullFont = value;
413void DefaultKeyFilter::setFont(
const QFont &value)
435 d->mDisabled = value;
445 d->mCanEncrypt = value;
455 d->mCanCertify = value;
460 d->mCanAuthenticate = value;
465 d->mHasEncrypt = value;
475 d->mHasCertify = value;
480 d->mHasAuthenticate = value;
485 d->mQualified = value;
495 d->mHasSecret = value;
500 d->mIsOpenPGP = value;
505 d->mWasValidated = value;
510 d->mOwnerTrust = value;
513void DefaultKeyFilter::setOwnerTrustReferenceLevel(GpgME::Key::OwnerTrust value)
515 d->mOwnerTrustReferenceLevel = value;
520 d->mValidity = value;
523void DefaultKeyFilter::setValidityReferenceLevel(GpgME::UserID::Validity value)
525 d->mValidityReferenceLevel = value;
540 d->mValidIfSMIME = value;
543QColor DefaultKeyFilter::fgColor()
const
548QColor DefaultKeyFilter::bgColor()
const
553QString DefaultKeyFilter::name()
const
558QString DefaultKeyFilter::icon()
const
563QString DefaultKeyFilter::id()
const
568QFont DefaultKeyFilter::font()
const
575 return d->mMatchContexts;
578unsigned int DefaultKeyFilter::specificity()
const
580 return d->mSpecificity;
583bool DefaultKeyFilter::italic()
const
588bool DefaultKeyFilter::bold()
const
593bool DefaultKeyFilter::strikeOut()
const
595 return d->mStrikeOut;
598bool DefaultKeyFilter::useFullFont()
const
600 return d->mUseFullFont;
630 return d->mCanEncrypt;
640 return d->mCanCertify;
645 return d->mCanAuthenticate;
650 return d->mHasEncrypt;
660 return d->mHasCertify;
665 return d->mHasAuthenticate;
670 return d->mQualified;
680 return d->mHasSecret;
685 return d->mIsOpenPGP;
690 return d->mWasValidated;
695 return d->mOwnerTrust;
698GpgME::Key::OwnerTrust DefaultKeyFilter::ownerTrustReferenceLevel()
const
700 return d->mOwnerTrustReferenceLevel;
708GpgME::UserID::Validity DefaultKeyFilter::validityReferenceLevel()
const
710 return d->mValidityReferenceLevel;
725 return d->mValidIfSMIME;
TriState
Used for bool checks.
LevelState
Used for level checks.
void setValidIfSMIME(TriState value)
If value is Set, then invalid S/MIME certificates do not match.
An abstract base class key filters.