set/k7
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
e944da9eda71837ad95b0d62d03b93e77afb9a44
k7/GpgMEWorker.h
SET e944da9eda Test export private keys in C++. 
Result : fails.
Reason : loopback passphrase provider is never called.

With default pinentry mode, the passphrase is requested normally 
and the private key is exported. But this can't be done on a web server.

Enclosed in #ifdef DEVTIME.
2020-11-15 11:53:03 +01:00

212 lines
6.0 KiB
C++
Raw Blame History

/*
* File: GpgMEWorker.h
* Author: SET - nmset@yandex.com
* License : LGPL v2.1
* Copyright SET - © 2019
*
* Created on 11 octobre 2019, 16:34
*/
#ifndef GPGMEWORKER_H
#define GPGMEWORKER_H
#include <gpgme++/context.h>
#include <gpgme++/error.h>
#include <gpgme++/key.h>
#include <gpgme++/gpgsetownertrusteditinteractor.h>
#include <gpgme++/gpgsignkeyeditinteractor.h>
#include <gpgme++/gpgsetexpirytimeeditinteractor.h>
#include <vector>
#include "LoopbackPassphraseProvider.h"
using namespace std;
using namespace GpgME;
/**
* Main class for GPGME OP, except deleting keys.
*/
class GpgMEWorker
{
public:
GpgMEWorker();
virtual ~GpgMEWorker();
/**
* Find keys corresponding to pattern. GPGME searches in many fields :
* keyid, fingerprint, name, email...
* @param pattern
* @param hasSecret
* @param e
* @return
*/
vector<GpgME::Key> FindKeys(const char * pattern, bool hasSecret, Error& e) const;
/**
* Search for a single key fully identified : keyid, short keyid, fingerprint.
* @param anyFullId
* @param e
* @param secret
* @return
*/
GpgME::Key FindKey(const char * anyFullId, Error& e, bool secret = false) const;
/**
* Import a key from file.
* @param filePath
* @param e
* @return : the fingerprint
*/
const string ImportKey(const char * filePath, Error& e);
/**
* Inplace editing of owner trust if allowed
* @param anyFullId
* @param trustLevel : New trust level in key owner
* @return
*/
const Error EditOwnerTrust(const char * anyFullId, GpgME::Key::OwnerTrust trustLevel);
/**
* Certify (sign) selected key.
* @param fprSigningKey
* @param fprKeyToSign
* @param userIDsToSign : index of each user identity in a vector.
* @param options : Exportable (1), Non revocable (2).
* \nTrust(4) is not implemented.
* @param passphrase
* @return
*/
const Error CertifyKey(const char * fprSigningKey,
const char * fprKeyToSign,
vector<uint>& userIDsToSign, int options,
const string& passphrase);
/**
* Set new expiry time of a secret key.
* @param timeString
* @return
*/
const Error SetExpiryTime(const char * keyFpr,
const string& passphrase,
const string& timeString = "0");
/**
* Creates a pair of secret and public keys with the default engine
* algorithms. Default expiry time is 2 * 365 days.
* @param k : must be a null key
* @param name
* @param email
* @param comment
* @param passphrase
* @param expires : seconds ahead of creation time. Use 0 for no expiry.
* @return
*/
const Error CreateKeyWithEngineDefaultAlgo(GpgME::Key& k,
const string& name,
const string& email,
const string& comment,
const string& passphrase,
ulong expires = 63072000);
/**
* Creates a secret key with passed in algorithm name. Default expiry time
* is 2 * 365 days.
* @param k : must be a null key
* @param name
* @param email
* @param comment
* @param algo : a valid algorithm name for a secret key
* @param passphrase
* @param expires : seconds ahead of creation time. Use 0 for no expiry.
* @return
*/
const Error CreateKey(GpgME::Key& k,
const string& name,
const string& email,
const string& comment,
const char * algo,
const string& passphrase,
ulong expires = 63072000);
/**
* Creates a public key with passed in algorithm name and adds it to secret
* key k. Default expiry time is 2 * 365 days.
* @param k : must be a secret key
* @param algo : : a valid algorithm name for a public key
* @param passphrase
* @param expires : seconds ahead of creation time. Use 0 for no expiry.
* @return
*/
const Error CreateSubKey(GpgME::Key& k,
const char * algo,
const string& passphrase,
ulong expires = 63072000);
#ifdef DEVTIME
/**
* Status : testing
* \n Result : fails to export a private key
* \n Reason : loopback passphrase provider is never called
* \n With default pinentry mode, the password is requested normally
* and the private key is exported. But this can't be done on a web server.
* @param fpr
* @param e
* @return
*/
const Error ExportPrivateKey(const char * pattern, string& buffer,
const string& passphrase = "");
#endif
private:
Context * m_ctx;
// GPG will fetch a password here.
LoopbackPassphraseProvider * m_ppp;
};
/**
* Edit trust in key owner
*/
class SetOwnerTrustEditInteractor : public GpgSetOwnerTrustEditInteractor
{
public:
/**
*
* @param ownerTrust : New trust level
*/
SetOwnerTrustEditInteractor(GpgME::Key::OwnerTrust ownerTrust)
: GpgSetOwnerTrustEditInteractor(ownerTrust)
{
}
virtual ~SetOwnerTrustEditInteractor()
{
}
};
/**
* Passed to GPG engine to certify (sign) a key.
*/
class SetSignKeyEditInteractor : public GpgSignKeyEditInteractor
{
public:
SetSignKeyEditInteractor() : GpgSignKeyEditInteractor()
{
};
virtual ~SetSignKeyEditInteractor()
{
};
};
class SetExpiryTimeEditInteractor : public GpgSetExpiryTimeEditInteractor
{
public:
SetExpiryTimeEditInteractor(const std::string& timeString = "0")
: GpgSetExpiryTimeEditInteractor(timeString)
{
};
virtual ~SetExpiryTimeEditInteractor()
{
};
};
#endif /* GPGMEWORKER_H */
Reference in New Issue View Git Blame Copy Permalink