Class: Yast::KeyManagerClass

Inherits:
Module
  • Object
show all
Defined in:
src/modules/KeyManager.rb,
src/modules/KeyManager.rb

Overview

GPG Key Management

Instance Method Summary collapse

Instance Method Details

#DeleteKey(key_id) ⇒ Boolean

Delete the key from the package manager


153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
# File 'src/modules/KeyManager.rb', line 153

def DeleteKey(key_id)
  if key_id.nil? || key_id == ""
    Builtins.y2error("Invalid key ID: %1", key_id)
    return false
  end

  # index of the key
  found = nil
  i = 0

  # copy the key from known keys to the deleted list
  Builtins.foreach(@known_keys) do |key|
    if Ops.get_string(key, "id", "") == key_id
      @deleted_keys = Builtins.add(@deleted_keys, key)
      found = i
    end
    i = Ops.add(i, 1)
  end

  # remove from known keys when found
  @known_keys = Builtins.remove(@known_keys, found) if !found.nil?

  found_in_imported = false

  # remove from imported keys (deleting a key scheduled for import)
  @import_from_file = Builtins.filter(@import_from_file) do |new_key|
    found_key = Ops.get_string(new_key, "id", "") == key_id
    found_in_imported ||= found_key
    found_key
  end

  @modified = true

  !found.nil?
end

#GetKeysArray

Return the current keys.


146
147
148
# File 'src/modules/KeyManager.rb', line 146

def GetKeys
  deep_copy(@known_keys)
end

#ImportFromFile(file, trusted) ⇒ Hash

Import key from a file (invalid key, not existing file, already imported key…)


194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
# File 'src/modules/KeyManager.rb', line 194

def ImportFromFile(file, trusted)
  # check whether the file is valid, copy the file to the tmpdir
  key = Pkg.CheckGPGKeyFile(file)
  Builtins.y2milestone("File content: %1", key)

  if !key.nil? && Ops.greater_than(Builtins.size(key), 0)
    # update the trusted flag
    Ops.set(key, "trusted", trusted)
  else
    Report.Error(
      Builtins.sformat(
        _("File '%1'\ndoes not contain a valid GPG key.\n"),
        file
      )
    )
    return nil
  end

  known = false

  # check whether the key is already known
  Builtins.foreach(@known_keys) do |k|
    if Ops.get_string(k, "id", "") == Ops.get_string(key, "id", "")
      known = true
    end
  end

  if known
    # %1 is key ID (e.g. A84EDAE89C800ACA), %2 is key name
    # (e.g. "SuSE Package Signing Key <[email protected]>")
    Report.Error(
      Builtins.sformat(
        _(
          "Key '%1'\n" \
            "'%2'\n" \
            "is already known, it cannot be added again."
        ),
        Ops.get_string(key, "id", ""),
        Ops.get_string(key, "name", "")
      )
    )
    return nil
  end

  found_in_deleted = false
  # check if the key is scheduled for removal
  @deleted_keys = Builtins.filter(@deleted_keys) do |deleted_key|
    key_found = Ops.get_string(deleted_key, "id", "") ==
      Ops.get_string(key, "id", "")
    found_in_deleted ||= key_found
    !key_found
  end

  # the key was known, move it to the known list
  if found_in_deleted
    @known_keys = Builtins.add(@known_keys, key)
    return deep_copy(key)
  end

  # copy the key to the temporary directory (in fact the keys are imported in Write())
  tmpfile = Builtins.sformat(
    "%1/tmp_gpg_key.%2",
    Directory.tmpdir,
    Builtins.size(@known_keys)
  )
  command = Builtins.sformat(
    "/bin/cp -- '%1' '%2'",
    String.Quote(file),
    String.Quote(tmpfile)
  )

  Builtins.y2milestone("Copying the key: %1", command)

  out = Convert.to_integer(SCR.Execute(path(".target.bash"), command))

  if out.nonzero?
    Report.Error(_("Cannot copy the key to the temporary directory."))
    return nil
  end

  # store the import request
  @import_from_file = Builtins.add(
    @import_from_file,
    "file"    => tmpfile,
    "trusted" => trusted,
    "id"      => Ops.get_string(key, "id", "")
  )

  # add the new key to the current config
  @known_keys = Builtins.add(@known_keys, key)

  @modified = true

  deep_copy(key)
end

#mainObject


8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
# File 'src/modules/KeyManager.rb', line 8

def main
  Yast.import "Pkg"

  textdomain "packager"

  Yast.import "Report"
  Yast.import "Directory"
  Yast.import "String"

  # the current state
  @known_keys = []

  # keys to delete
  @deleted_keys = []

  # keys to import from a file (file name => trusted flag)
  @import_from_file = []

  @modified = false
end

#ModifiedBoolean

Has been something changed?


139
140
141
# File 'src/modules/KeyManager.rb', line 139

def Modified
  @modified
end

#ReadBoolean

Read the current configuration from the package manager. The previous changes are lost (@see Reset). The target system of the package manager must be initialized before reading GPG keys!


57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
# File 'src/modules/KeyManager.rb', line 57

def Read
  if Ops.greater_than(Builtins.size(@known_keys), 0)
    Builtins.y2warning("Rereading GPG keys from the package manager")
    Reset()
  end

  @known_keys = ReadCurrentKeys()

  if @known_keys.nil?
    @known_keys = []
    return false
  end

  true
end

#ReadCurrentKeysArray

Read the current configuration from the package manager


44
45
46
47
48
49
50
51
# File 'src/modules/KeyManager.rb', line 44

def ReadCurrentKeys
  # read trusted keys
  ret = Pkg.GPGKeys(true)

  Builtins.y2milestone("Read configuration: %1", ret)

  deep_copy(ret)
end

#ResetObject

Reset the internal state of the module. The current configuration and all changes are deleted.


33
34
35
36
37
38
39
40
# File 'src/modules/KeyManager.rb', line 33

def Reset
  @known_keys = []
  @deleted_keys = []
  @import_from_file = []
  @modified = false

  nil
end

#SearchGPGKey(key_id) ⇒ Hash

Search a GPG key in the known keys


76
77
78
79
80
81
82
83
84
85
86
87
88
# File 'src/modules/KeyManager.rb', line 76

def SearchGPGKey(key_id)
  ret = nil

  # search the properties of the key
  Builtins.foreach(@known_keys) do |key|
    if Ops.get_string(key, "id", "") == key_id
      ret = deep_copy(key)
      raise Break
    end
  end

  deep_copy(ret)
end

#WriteBoolean

Apply the changes, update the current status


92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
# File 'src/modules/KeyManager.rb', line 92

def Write
  if !@modified
    Builtins.y2milestone("No change, nothing to write")
    return true
  end

  Builtins.y2milestone("Writing key management configuration")

  ret = true

  # delete the keys marked for removal
  Builtins.foreach(@deleted_keys) do |deleted_key|
    Builtins.y2milestone(
      "Deleting key %1 ('%2')",
      Ops.get_string(deleted_key, "id", ""),
      Ops.get_string(deleted_key, "name", "")
    )
    ret = Pkg.DeleteGPGKey(
      Ops.get_string(deleted_key, "id", ""),
      Ops.get_boolean(deleted_key, "trusted", false)
    ) && ret
  end

  # import the new keys
  Builtins.foreach(@import_from_file) do |new_key|
    Builtins.y2milestone(
      "Importing key %1 from '%2', trusted: %3",
      Ops.get_string(new_key, "id", ""),
      Ops.get_string(new_key, "file", ""),
      Ops.get_boolean(new_key, "trusted", false)
    )
    ret = Pkg.ImportGPGKey(
      Ops.get_string(new_key, "file", ""),
      Ops.get_boolean(new_key, "trusted", false)
    ) && ret
  end

  # all changes are saved, reset them
  @deleted_keys = []
  @import_from_file = []
  @modified = false

  ret
end