summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNavaL <ayoyo@thoughtworks.com>2016-12-05 15:12:56 +0100
committerRuben Pollan <meskio@sindominio.net>2017-12-03 20:43:32 +0100
commita164b1daa6bcbbf6bffe84d6b02ed2be43c29e7f (patch)
treebaa5688b4237b51fa0e3c3bc73df1c384da7349b
parent9430464704fc58460613c4225f5a0eb59617d4b5 (diff)
[bug] sign_used flag is reset for all public keys when the key expiration date is extended
- this is required so that the key is re-attached to the first outgoing email to all users who already have the expired key.
-rw-r--r--src/leap/bitmask/keymanager/__init__.py3
-rw-r--r--tests/integration/keymanager/test_keymanager.py35
2 files changed, 36 insertions, 2 deletions
diff --git a/src/leap/bitmask/keymanager/__init__.py b/src/leap/bitmask/keymanager/__init__.py
index 7164cb91..6eeaecc9 100644
--- a/src/leap/bitmask/keymanager/__init__.py
+++ b/src/leap/bitmask/keymanager/__init__.py
@@ -793,7 +793,7 @@ class KeyManager(object):
yield self.put_key(pubkey)
@defer.inlineCallbacks
- def extend_key(self, validity='1y', passphrase=None):
+ def extend_key_expiration(self, validity='1y', passphrase=None):
"""
extend the expiration date of the key pair bound to the user's address
by the validity period, from the key's creation date.
@@ -810,6 +810,7 @@ class KeyManager(object):
my_secret_key = yield self.get_key(self._address, private=True)
renewed_key = yield self._openpgp.extend_key(my_secret_key, validity,
passphrase)
+ yield self._openpgp.reset_all_keys_sign_used()
defer.returnValue(renewed_key)
diff --git a/tests/integration/keymanager/test_keymanager.py b/tests/integration/keymanager/test_keymanager.py
index 6a6feb31..d8772191 100644
--- a/tests/integration/keymanager/test_keymanager.py
+++ b/tests/integration/keymanager/test_keymanager.py
@@ -654,6 +654,39 @@ class KeyManagerKeyManagementTestCase(KeyManagerWithSoledadTestCase):
km._openpgp.reset_all_keys_sign_used.assert_called_once()
@defer.inlineCallbacks
+ def test_keymanager_extend_key_expiry_date_for_key_pair(self):
+ km = self._key_manager(user=ADDRESS_EXPIRING)
+
+ yield km._openpgp.put_raw_key(PRIVATE_EXPIRING_KEY, ADDRESS_EXPIRING)
+ key = yield km.get_key(ADDRESS_EXPIRING)
+
+ yield km.extend_key_expiration(validity='1w')
+
+ new_expiry_date = datetime.strptime(
+ KEY_EXPIRING_CREATION_DATE, '%Y-%m-%d')
+ new_expiry_date += timedelta(weeks=1)
+ renewed_public_key = yield km.get_key(ADDRESS_EXPIRING)
+ renewed_private_key = yield km.get_key(ADDRESS_EXPIRING, private=True)
+
+ self.assertEqual(new_expiry_date.date(),
+ renewed_public_key.expiry_date.date())
+ self.assertEqual(new_expiry_date.date(),
+ renewed_private_key.expiry_date.date())
+ self.assertEqual(key.fingerprint, renewed_public_key.fingerprint)
+ self.assertEqual(key.fingerprint, renewed_private_key.fingerprint)
+
+ @defer.inlineCallbacks
+ def test_key_extension_resets_all_public_key_sign_used(self):
+ km = self._key_manager(user=ADDRESS_EXPIRING)
+
+ yield km._openpgp.put_raw_key(PRIVATE_EXPIRING_KEY, ADDRESS_EXPIRING)
+ km._openpgp.reset_all_keys_sign_used = mock.Mock()
+
+ yield km.extend_key_expiration(validity='1w')
+
+ km._openpgp.reset_all_keys_sign_used.assert_called_once()
+
+ @defer.inlineCallbacks
def test_key_extension_with_invalid_period_throws_exception(self):
km = self._key_manager(user=ADDRESS_EXPIRING)
@@ -663,7 +696,7 @@ class KeyManagerKeyManagementTestCase(KeyManagerWithSoledadTestCase):
invalid_validity_option = '2xw'
with self.assertRaises(KeyExpiryExtensionError):
- yield km.extend_key(validity=invalid_validity_option)
+ yield km.extend_key_expiration(validity=invalid_validity_option)
renewed_public_key = yield km.get_key(ADDRESS_EXPIRING,
fetch_remote=False)