summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRuben Pollan <meskio@sindominio.net>2017-06-08 11:14:38 +0200
committerRuben Pollan <meskio@sindominio.net>2017-06-12 20:34:15 +0200
commitf0117969b19e05d568a108b12390c47a011576f6 (patch)
treeadfd7406d0cacf31e682a62f4a5384ec747a977d
parent1fd9bd8f5284ed1b61da2d5cc81e3347c61a761d (diff)
[feat] push private key updates into nicknym
Deal as well with sending key if key is outdated in the providers nicknym. - Resolves: #8819, #8832
-rw-r--r--docs/changelog.rst2
-rw-r--r--src/leap/bitmask/core/mail_services.py125
-rw-r--r--src/leap/bitmask/core/service.py2
-rw-r--r--src/leap/bitmask/keymanager/__init__.py125
-rw-r--r--src/leap/bitmask/keymanager/openpgp.py2
-rw-r--r--src/leap/bitmask/mail/testing/__init__.py2
-rw-r--r--src/leap/bitmask/mua/pixelizer.py4
-rw-r--r--tests/integration/keymanager/test_keymanager.py27
-rw-r--r--tests/integration/keymanager/test_validation.py27
-rw-r--r--tests/integration/mail/incoming/test_incoming_mail.py4
10 files changed, 130 insertions, 190 deletions
diff --git a/docs/changelog.rst b/docs/changelog.rst
index d0a426a2..559af6e6 100644
--- a/docs/changelog.rst
+++ b/docs/changelog.rst
@@ -11,6 +11,7 @@ Features
- `#8769 <https://0xacab.org/leap/bitmask-dev/issues/8769>`_: Eliminate active user from bonafide
- `#8771 <https://0xacab.org/leap/bitmask-dev/issues/8771>`_: Add json print to the cli
- `#8765 <https://0xacab.org/leap/bitmask-dev/issues/8765>`_: Require a global authentication token for the api
+- `#8819 <https://0xacab.org/leap/bitmask-dev/issues/8819>`_: Send key to provider if a new priv key is putted in the keyring
- Initial cli port of the legacy vpn code
- Add VPN API to bitmask.js
- Add vpn get_cert command
@@ -26,6 +27,7 @@ Bugfixes
- Repeat decryption if signed with attached key
- `#8783 <https://0xacab.org/leap/bitmask-dev/issues/8783>`_: use username instead of provider in the vpn calls
- `#8868 <https://0xacab.org/leap/bitmask-dev/issues/8868>`_: can't upload generated key with bitmask
+- `#8832 <https://0xacab.org/leap/bitmask-dev/issues/8832>`_: don't allow putting non-private keys for the keyring address
Misc
~~~~
diff --git a/src/leap/bitmask/core/mail_services.py b/src/leap/bitmask/core/mail_services.py
index 16b20ed3..d1ccdb95 100644
--- a/src/leap/bitmask/core/mail_services.py
+++ b/src/leap/bitmask/core/mail_services.py
@@ -29,8 +29,6 @@ from collections import namedtuple
from twisted.application import service
from twisted.internet import defer
-from twisted.internet import reactor
-from twisted.internet import task
from twisted.logger import Logger
from leap.common.events import catalog, emit_async
@@ -74,6 +72,8 @@ class ImproperlyConfigured(Exception):
class SoledadContainer(Container):
+ log = Logger()
+
def __init__(self, service=None, basedir=DEFAULT_BASEDIR):
self._basedir = os.path.expanduser(basedir)
self._usermap = UserMap()
@@ -105,6 +105,14 @@ class SoledadContainer(Container):
'soledad': soledad}
self.service.trigger_hook('on_new_soledad_instance', **data)
+ self.log.debug('Syncing soledad for the first time...')
+ d = soledad.sync()
+ d.addCallbacks(
+ lambda _:
+ self.service.trigger_hook('on_soledad_first_sync', **data),
+ lambda _:
+ self.log.failure('Something failed on soledad first sync'))
+
def _create_soledad_instance(self, uuid, passphrase, soledad_path,
server_url, cert_file, token):
# setup soledad info
@@ -230,10 +238,6 @@ class KeymanagerContainer(Container):
keymanager = self._create_keymanager_instance(
userid, token, uuid, soledad)
super(KeymanagerContainer, self).add_instance(userid, keymanager)
- d = self._get_or_generate_keys(keymanager, userid)
- d.addCallback(self._on_keymanager_ready_cb, userid, soledad)
- d.addCallback(lambda _: self._set_status(userid, "on", keys="found"))
- return d
def set_remote_auth_token(self, userid, token):
self.get_instance(userid).token = token
@@ -243,87 +247,58 @@ class KeymanagerContainer(Container):
return {'status': 'off', 'error': None, 'keys': None}
return self._status[userid]
- def _set_status(self, address, status, error=None, keys=None):
- self._status[address] = {"status": status,
- "error": error, "keys": keys}
- emit_async(catalog.MAIL_STATUS_CHANGED, address)
-
- def _on_keymanager_ready_cb(self, keymanager, userid, soledad):
- data = {'userid': userid, 'soledad': soledad, 'keymanager': keymanager}
- self.service.trigger_hook('on_new_keymanager_instance', **data)
-
- def _get_or_generate_keys(self, keymanager, userid):
-
- def _get_key(_):
- self.log.info('Looking up private key for %s' % userid)
- return keymanager.get_key(userid, private=True, fetch_remote=False)
+ def get_or_generate_keys(self, userid):
+ keymanager = self.get_instance(userid)
def _found_key(key):
self.log.info('Found key: %r' % key)
+ return key
def _if_not_found_generate(failure):
failure.trap(KeyNotFound)
self.log.info('Key not found, generating key for %s' % (userid,))
self._set_status(userid, "starting", keys="generating")
d = keymanager.gen_key()
- d.addCallbacks(_send_key, _log_key_error("generating"))
+ d.addErrback(_log_key_error)
return d
- def _send_key(ignored):
- # ----------------------------------------------------------------
- # It might be the case that we have generated a key-pair
- # but this hasn't been successfully uploaded. How do we know that?
- # XXX Should this be a method of bonafide instead?
- # -----------------------------------------------------------------
- self.log.info('Key generated for %s' % userid)
-
- if not keymanager.token:
- self.log.debug(
- 'Token not available, scheduling '
- 'a new key sending attempt...')
- return task.deferLater(reactor, 5, _send_key, None)
-
- self.log.info('Sending public key to server')
- d = keymanager.send_key()
- d.addCallbacks(
- lambda _: self.log.info('Key sent to server'),
- _log_key_error("sending"))
- return d
+ def _log_key_error(failure):
+ self.log.failure('Error while generating key!')
+ error = "Error generating key: %s" % failure.getErrorMessage()
+ self._set_status(userid, "failure", error=error)
+ return failure
- def _log_key_error(step):
- def log_error(failure):
- self.log.error('Error while %s key!' % step)
- self.log.failure('error!')
- error = "Error generating key: %s" % failure.getErrorMessage()
- self._set_status(userid, "failure", error=error)
- return failure
- return log_error
-
- def _sync_if_never_synced(ever_synced):
- if ever_synced:
- self.log.debug('Soledad has synced in the past')
- return defer.succeed(None)
-
- self.log.debug('Soledad has never synced')
-
- if not keymanager.token:
- self.log.debug('No token to sync now, scheduling a new check')
- d = task.deferLater(reactor, 5, keymanager.ever_synced)
- d.addCallback(_sync_if_never_synced)
- return d
-
- self.log.debug('Syncing soledad for the first time...')
- self._set_status(userid, "starting", keys="sync")
- return keymanager._soledad.sync()
-
- self.log.debug('Checking if soledad has ever synced...')
- d = keymanager.ever_synced()
- d.addCallback(_sync_if_never_synced)
- d.addCallback(_get_key)
+ self.log.info('Looking up private key for %s' % userid)
+ d = keymanager.get_key(userid, private=True, fetch_remote=False)
d.addCallbacks(_found_key, _if_not_found_generate)
- d.addCallback(lambda _: keymanager)
+ d.addCallback(self._on_keymanager_ready_cb, keymanager, userid)
+ self._set_status(userid, "on", keys="found")
return d
+ @defer.inlineCallbacks
+ def send_if_outdated_key_in_nicknym(self, userid):
+ keymanager = self.get_instance(userid)
+ key = yield keymanager.get_key(userid, fetch_remote=False)
+ try:
+ remote = yield keymanager._nicknym.fetch_key_with_address(userid)
+ except Exception:
+ remote = {}
+
+ if (keymanager.OPENPGP_KEY not in remote or
+ key.key_data != remote[KeyManager.OPENPGP_KEY]):
+ yield keymanager.send_key()
+
+ def _set_status(self, address, status, error=None, keys=None):
+ self._status[address] = {"status": status,
+ "error": error, "keys": keys}
+ emit_async(catalog.MAIL_STATUS_CHANGED, address)
+
+ def _on_keymanager_ready_cb(self, key, keymanager, userid):
+ soledad = keymanager._soledad
+ data = {'userid': userid, 'soledad': soledad, 'keymanager': keymanager}
+ self.service.trigger_hook('on_new_keymanager_instance', **data)
+ return key
+
def _create_keymanager_instance(self, userid, token, uuid, soledad):
user, provider = userid.split('@')
nickserver_uri = self._get_nicknym_uri(provider)
@@ -384,6 +359,12 @@ class KeymanagerService(HookableService):
token = self.tokens.get(user)
container.add_instance(user, token, uuid, soledad)
+ def hook_on_soledad_first_sync(self, **kw):
+ userid = kw['user']
+ d = self._container.get_or_generate_keys(userid)
+ d.addCallback(
+ lambda _: self._container.send_if_outdated_key_in_nicknym(userid))
+
def hook_on_bonafide_auth(self, **kw):
userid = kw['username']
provider = _get_provider_from_full_userid(userid)
diff --git a/src/leap/bitmask/core/service.py b/src/leap/bitmask/core/service.py
index 310ac08e..0a3ac6bd 100644
--- a/src/leap/bitmask/core/service.py
+++ b/src/leap/bitmask/core/service.py
@@ -178,6 +178,8 @@ class BitmaskBackend(configurable.ConfigurableService):
if sol:
sol.register_hook(
'on_new_soledad_instance', listener='keymanager')
+ sol.register_hook(
+ 'on_soledad_first_sync', listener='keymanager')
# XXX this might not be the right place for hooking the sessions.
# If we want to be offline, we need to authenticate them after
diff --git a/src/leap/bitmask/keymanager/__init__.py b/src/leap/bitmask/keymanager/__init__.py
index 190e26ff..68184175 100644
--- a/src/leap/bitmask/keymanager/__init__.py
+++ b/src/leap/bitmask/keymanager/__init__.py
@@ -25,7 +25,7 @@ import tempfile
from urlparse import urlparse
from twisted.logger import Logger
-from twisted.internet import defer
+from twisted.internet import defer, task, reactor
from twisted.web import client
from twisted.web._responses import NOT_FOUND
@@ -132,70 +132,6 @@ class KeyManager(object):
return tmp_file.name
@defer.inlineCallbacks
- def _get_key_from_nicknym(self, address):
- """
- Send a GET request to C{uri} containing C{data}.
-
- :param address: The URI of the request.
- :type address: str
-
- :return: A deferred that will be fired with GET content as json (dict)
- :rtype: Deferred
- """
- try:
- uri = self._nickserver_uri + '?address=' + address
- content = yield self._fetch_and_handle_404_from_nicknym(
- uri, address)
- json_content = json.loads(content)
-
- except keymanager_errors.KeyNotFound:
- raise
- except IOError as e:
- self.log.warn("HTTP error retrieving key: %r" % (e,))
- self.log.warn("%s" % (content,))
- raise keymanager_errors.KeyNotFound(e.message), \
- None, sys.exc_info()[2]
- except ValueError as v:
- self.log.warn("Invalid JSON data from key: %s" % (uri,))
- raise keymanager_errors.KeyNotFound(v.message + ' - ' + uri), \
- None, sys.exc_info()[2]
-
- except Exception as e:
- self.log.warn("Error retrieving key: %r" % (e,))
- raise keymanager_errors.KeyNotFound(e.message), \
- None, sys.exc_info()[2]
- # Responses are now text/plain, although it's json anyway, but
- # this will fail when it shouldn't
- # leap_assert(
- # res.headers['content-type'].startswith('application/json'),
- # 'Content-type is not JSON.')
- defer.returnValue(json_content)
-
- def _fetch_and_handle_404_from_nicknym(self, uri, address):
- """
- Send a GET request to C{uri} containing C{data}.
-
- :param uri: The URI of the request.
- :type uri: str
- :param address: The email corresponding to the key.
- :type address: str
-
- :return: A deferred that will be fired with GET content as json (dict)
- :rtype: Deferred
- """
- def check_404(response):
- if response.code == NOT_FOUND:
- message = '%s: %s key not found.' % (response.code, address)
- self.log.warn(message)
- raise KeyNotFound(message), None, sys.exc_info()[2]
- return response
-
- d = self._nicknym._async_client_pinned.request(
- str(uri), 'GET', callback=check_404)
- d.addCallback(client.readBody)
- return d
-
- @defer.inlineCallbacks
def _get_with_combined_ca_bundle(self, uri, data=None):
"""
Send a GET request to C{uri} containing C{data}.
@@ -224,6 +160,7 @@ class KeyManager(object):
# key management
#
+ @defer.inlineCallbacks
def send_key(self):
"""
Send user's key to provider.
@@ -237,18 +174,20 @@ class KeyManager(object):
:raise UnsupportedKeyTypeError: if invalid key type
"""
- def send(pubkey):
- d = self._nicknym.put_key(self.uid, pubkey.key_data,
- self._api_uri, self._api_version)
- d.addCallback(lambda _:
- emit_async(catalog.KEYMANAGER_DONE_UPLOADING_KEYS,
- self._address))
- return d
-
- d = self.get_key(
- self._address, private=False, fetch_remote=False)
- d.addCallback(send)
- return d
+ if not self.token:
+ self.log.debug(
+ 'Token not available, scheduling '
+ 'a new key sending attempt...')
+ yield task.deferLater(reactor, 5, self.send_key)
+
+ self.log.info('Sending public key to server')
+ key = yield self.get_key(self._address, fetch_remote=False)
+ yield self._nicknym.put_key(self.uid, key.key_data,
+ self._api_uri, self._api_version)
+ emit_async(catalog.KEYMANAGER_DONE_UPLOADING_KEYS,
+ self._address)
+ self.log.info('Key sent to server')
+ defer.returnValue(key)
@defer.inlineCallbacks
def _fetch_keys_from_server_and_store_local(self, address):
@@ -276,7 +215,7 @@ class KeyManager(object):
validation_level = ValidationLevels.Provider_Trust
yield self.put_raw_key(
- server_keys['openpgp'],
+ server_keys[OPENPGP_KEY],
address=address,
validation=validation_level)
@@ -355,6 +294,7 @@ class KeyManager(object):
:raise UnsupportedKeyTypeError: if invalid key type
"""
def signal_finished(key):
+ self.log.info('Key generated for %s' % self._address)
emit_async(
catalog.KEYMANAGER_FINISHED_KEY_GENERATION, self._address)
return key
@@ -662,6 +602,7 @@ class KeyManager(object):
d.addCallback(check_upgrade)
return d
+ @defer.inlineCallbacks
def put_raw_key(self, key, address,
validation=ValidationLevels.Weak_Chain):
"""
@@ -688,13 +629,26 @@ class KeyManager(object):
pubkey, privkey = self._openpgp.parse_key(key, address)
if pubkey is None:
- return defer.fail(keymanager_errors.KeyNotFound(key))
+ raise keymanager_errors.KeyNotFound(key)
+
+ if address == self._address and not privkey:
+ try:
+ existing = yield self.get_key(address, fetch_remote=False)
+ except KeyNotFound:
+ existing = None
+ if (existing is not None or
+ pubkey.fingerprint != existing.fingerprint):
+ raise keymanager_errors.KeyNotValidUpgrade(
+ "Cannot update your %s key without the private part"
+ % (address,))
pubkey.validation = validation
- d = self.put_key(pubkey)
+ yield self.put_key(pubkey)
if privkey is not None:
- d.addCallback(lambda _: self.put_key(privkey))
- return d
+ yield self.put_key(privkey)
+
+ if address == self._address:
+ yield self.send_key()
@defer.inlineCallbacks
def fetch_key(self, address, uri, validation=ValidationLevels.Weak_Chain):
@@ -731,13 +685,6 @@ class KeyManager(object):
pubkey.validation = validation
yield self.put_key(pubkey)
- def ever_synced(self):
- # TODO: provide this method in soledad api, avoid using a private
- # attribute here
- d = self._soledad._dbpool.runQuery('SELECT * FROM sync_log')
- d.addCallback(lambda result: bool(result))
- return d
-
def _split_email(address):
"""
diff --git a/src/leap/bitmask/keymanager/openpgp.py b/src/leap/bitmask/keymanager/openpgp.py
index 8c9dc1e8..a27eb3de 100644
--- a/src/leap/bitmask/keymanager/openpgp.py
+++ b/src/leap/bitmask/keymanager/openpgp.py
@@ -226,7 +226,7 @@ class OpenPGPScheme(object):
d = self.get_key(address)
d.addCallbacks(key_already_exists, _gen_key)
- d.addCallback(lambda _: self.get_key(address, private=True))
+ d.addCallback(lambda _: self.get_key(address, private=False))
return d
def get_key(self, address, private=False):
diff --git a/src/leap/bitmask/mail/testing/__init__.py b/src/leap/bitmask/mail/testing/__init__.py
index 2fc4c073..e430f6aa 100644
--- a/src/leap/bitmask/mail/testing/__init__.py
+++ b/src/leap/bitmask/mail/testing/__init__.py
@@ -67,6 +67,8 @@ class KeyManagerWithSoledadTestCase(unittest.TestCase, BaseLeapTest):
self.km._nicknym._async_client_pinned.request = Mock(
return_value=defer.succeed(Response()))
+ self.km.send_key = Mock(
+ return_value=defer.succeed(Response()))
d1 = self.km.put_raw_key(PRIVATE_KEY, ADDRESS)
d2 = self.km.put_raw_key(PRIVATE_KEY_2, ADDRESS_2)
diff --git a/src/leap/bitmask/mua/pixelizer.py b/src/leap/bitmask/mua/pixelizer.py
index 98333bd2..819ffa70 100644
--- a/src/leap/bitmask/mua/pixelizer.py
+++ b/src/leap/bitmask/mua/pixelizer.py
@@ -215,7 +215,9 @@ class NickNym(object):
return self.keymanager.gen_key()
def _send_key_to_leap(self):
- return self.keymanager.send_key()
+ # XXX: this needs to be removed in pixels side
+ # km.send_key doesn't exist anymore
+ return defer.succeed(None)
class LeapSessionAdapter(object):
diff --git a/tests/integration/keymanager/test_keymanager.py b/tests/integration/keymanager/test_keymanager.py
index 9f81e020..4282629a 100644
--- a/tests/integration/keymanager/test_keymanager.py
+++ b/tests/integration/keymanager/test_keymanager.py
@@ -22,7 +22,6 @@ import urllib
import tempfile
import pkg_resources
from datetime import datetime
-from os import path
from twisted.internet import defer
from twisted.trial import unittest
@@ -31,7 +30,6 @@ from twisted.web import client
import mock
from leap.common import ca_bundle
-from leap.bitmask.keymanager import client
from leap.bitmask.keymanager import errors
from leap.bitmask.keymanager.keys import (
OpenPGPKey,
@@ -193,11 +191,6 @@ class KeyManagerKeyManagementTestCase(KeyManagerWithSoledadTestCase):
key.fingerprint.lower(), KEY_FINGERPRINT.lower())
self.assertTrue(key.private)
- def test_send_key_raises_key_not_found(self):
- km = self._key_manager()
- d = km.send_key()
- return self.assertFailure(d, errors.KeyNotFound)
-
@defer.inlineCallbacks
def test_send_key(self):
"""
@@ -215,8 +208,8 @@ class KeyManagerKeyManagementTestCase(KeyManagerWithSoledadTestCase):
km.api_uri = 'apiuri'
km.api_version = 'apiver'
yield km.send_key()
+ pubkey = yield km.get_key(ADDRESS, fetch_remote=False)
# setup expected args
- pubkey = yield km.get_key(km._address)
data = urllib.urlencode({
km.PUBKEY_KEY: pubkey.key_data,
})
@@ -309,7 +302,7 @@ class KeyManagerKeyManagementTestCase(KeyManagerWithSoledadTestCase):
"""
Test that getting a key successfuly fetches from server.
"""
- km = self._key_manager(url=NICKSERVER_URI)
+ km = self._key_manager(user=ADDRESS_2, url=NICKSERVER_URI)
key = yield self._fetch_key_with_address(km, ADDRESS, PUBLIC_KEY)
self.assertIsInstance(key, OpenPGPKey)
@@ -368,7 +361,7 @@ class KeyManagerKeyManagementTestCase(KeyManagerWithSoledadTestCase):
"""
Test that putting ascii key works
"""
- km = self._key_manager(url=NICKSERVER_URI)
+ km = self._key_manager(user=ADDRESS_2, url=NICKSERVER_URI)
yield km.put_raw_key(PUBLIC_KEY, ADDRESS)
key = yield km.get_key(ADDRESS)
@@ -380,7 +373,7 @@ class KeyManagerKeyManagementTestCase(KeyManagerWithSoledadTestCase):
"""
Test that putting binary key works
"""
- km = self._key_manager(url=NICKSERVER_URI)
+ km = self._key_manager(user=ADDRESS_2, url=NICKSERVER_URI)
yield km.put_raw_key(self.get_public_binary_key(), ADDRESS)
key = yield km.get_key(ADDRESS)
@@ -545,6 +538,18 @@ class KeyManagerKeyManagementTestCase(KeyManagerWithSoledadTestCase):
# then
self.assertEqual(False, key.sign_used)
+ def test_put_pubkey_address_fails(self):
+ km = self._key_manager()
+ d = km.put_raw_key(PUBLIC_KEY, ADDRESS)
+ return self.assertFailure(d, errors.KeyNotValidUpgrade)
+
+ @defer.inlineCallbacks
+ def test_put_privkey_address_sends(self):
+ km = self._key_manager()
+ km.send_key = mock.Mock()
+ yield km.put_raw_key(PRIVATE_KEY, ADDRESS)
+ km.send_key.assert_called_once_with()
+
class KeyManagerCryptoTestCase(KeyManagerWithSoledadTestCase):
diff --git a/tests/integration/keymanager/test_validation.py b/tests/integration/keymanager/test_validation.py
index aa297127..73391b31 100644
--- a/tests/integration/keymanager/test_validation.py
+++ b/tests/integration/keymanager/test_validation.py
@@ -19,6 +19,7 @@ Tests for the Validation Levels
"""
import unittest
from datetime import datetime
+from mock import MagicMock
from twisted.internet.defer import inlineCallbacks
from leap.bitmask.keymanager.errors import KeyNotValidUpgrade
@@ -44,14 +45,14 @@ class ValidationLevelsTestCase(KeyManagerWithSoledadTestCase):
@inlineCallbacks
def test_none_old_key(self):
- km = self._key_manager()
+ km = self._key_manager("unrelated@leap.se")
yield km.put_raw_key(PUBLIC_KEY, ADDRESS)
key = yield km.get_key(ADDRESS, fetch_remote=False)
self.assertEqual(key.fingerprint, KEY_FINGERPRINT)
@inlineCallbacks
def test_cant_upgrade(self):
- km = self._key_manager()
+ km = self._key_manager("unrelated@leap.se")
yield km.put_raw_key(PUBLIC_KEY, ADDRESS,
validation=ValidationLevels.Provider_Trust)
d = km.put_raw_key(UNRELATED_KEY, ADDRESS)
@@ -59,7 +60,7 @@ class ValidationLevelsTestCase(KeyManagerWithSoledadTestCase):
@inlineCallbacks
def test_fingerprint_level(self):
- km = self._key_manager()
+ km = self._key_manager("unrelated@leap.se")
yield km.put_raw_key(PUBLIC_KEY, ADDRESS)
yield km.put_raw_key(UNRELATED_KEY, ADDRESS,
validation=ValidationLevels.Fingerprint)
@@ -68,7 +69,7 @@ class ValidationLevelsTestCase(KeyManagerWithSoledadTestCase):
@inlineCallbacks
def test_expired_key(self):
- km = self._key_manager()
+ km = self._key_manager("unrelated@leap.se")
yield km.put_raw_key(EXPIRED_KEY, ADDRESS)
yield km.put_raw_key(UNRELATED_KEY, ADDRESS)
key = yield km.get_key(ADDRESS, fetch_remote=False)
@@ -76,7 +77,7 @@ class ValidationLevelsTestCase(KeyManagerWithSoledadTestCase):
@inlineCallbacks
def test_expired_fail_lower_level(self):
- km = self._key_manager()
+ km = self._key_manager("unrelated@leap.se")
yield km.put_raw_key(
EXPIRED_KEY, ADDRESS,
validation=ValidationLevels.Third_Party_Endorsement)
@@ -87,7 +88,7 @@ class ValidationLevelsTestCase(KeyManagerWithSoledadTestCase):
@inlineCallbacks
def test_can_upgrade_key(self):
- km = self._key_manager()
+ km = self._key_manager("unrelated@leap.se")
yield km.put_raw_key(OLD_PUB_KEY, OLD_AND_NEW_KEY_ADDRESS)
old_key = yield km.get_key(OLD_AND_NEW_KEY_ADDRESS, fetch_remote=False)
@@ -100,7 +101,7 @@ class ValidationLevelsTestCase(KeyManagerWithSoledadTestCase):
@inlineCallbacks
def test_roll_back(self):
- km = self._key_manager()
+ km = self._key_manager("unrelated@leap.se")
yield km.put_raw_key(EXPIRED_KEY_UPDATED, ADDRESS)
yield km.put_raw_key(EXPIRED_KEY, ADDRESS)
key = yield km.get_key(ADDRESS, fetch_remote=False)
@@ -108,7 +109,7 @@ class ValidationLevelsTestCase(KeyManagerWithSoledadTestCase):
@inlineCallbacks
def test_not_used(self):
- km = self._key_manager()
+ km = self._key_manager("unrelated@leap.se")
yield km.put_raw_key(UNEXPIRED_KEY, ADDRESS,
validation=ValidationLevels.Provider_Trust)
yield km.put_raw_key(UNRELATED_KEY, ADDRESS,
@@ -120,7 +121,8 @@ class ValidationLevelsTestCase(KeyManagerWithSoledadTestCase):
def test_used_with_verify(self):
TEXT = "some text"
- km = self._key_manager()
+ km = self._key_manager("unrelated@leap.se")
+ km._send_key = MagicMock() # let's skip sending key
yield km.put_raw_key(UNEXPIRED_PRIVATE, ADDRESS)
signature = yield km.sign(TEXT, ADDRESS)
yield self.delete_all_keys(km)
@@ -138,7 +140,8 @@ class ValidationLevelsTestCase(KeyManagerWithSoledadTestCase):
def test_used_with_decrypt(self):
TEXT = "some text"
- km = self._key_manager()
+ km = self._key_manager("unrelated@leap.se")
+ km._send_key = MagicMock() # let's skip sending key
yield km.put_raw_key(UNEXPIRED_PRIVATE, ADDRESS)
yield km.put_raw_key(PUBLIC_KEY_2, ADDRESS_2)
encrypted = yield km.encrypt(TEXT, ADDRESS_2, sign=ADDRESS)
@@ -156,7 +159,7 @@ class ValidationLevelsTestCase(KeyManagerWithSoledadTestCase):
@inlineCallbacks
def test_signed_key(self):
- km = self._key_manager()
+ km = self._key_manager("unrelated@leap.se")
yield km.put_raw_key(PUBLIC_KEY, ADDRESS)
yield km.put_raw_key(SIGNED_KEY, ADDRESS)
key = yield km.get_key(ADDRESS, fetch_remote=False)
@@ -166,7 +169,7 @@ class ValidationLevelsTestCase(KeyManagerWithSoledadTestCase):
def test_two_uuids(self):
TEXT = "some text"
- km = self._key_manager()
+ km = self._key_manager("unrelated@leap.se")
yield km.put_raw_key(UUIDS_PRIVATE, ADDRESS_2)
signature = yield km.sign(TEXT, ADDRESS_2)
yield self.delete_all_keys(km)
diff --git a/tests/integration/mail/incoming/test_incoming_mail.py b/tests/integration/mail/incoming/test_incoming_mail.py
index 43dbd09b..3b5727e3 100644
--- a/tests/integration/mail/incoming/test_incoming_mail.py
+++ b/tests/integration/mail/incoming/test_incoming_mail.py
@@ -133,10 +133,6 @@ subject: independence of cyberspace
d.addErrback(log.err)
return d
- def tearDown(self):
- d = KeyManagerWithSoledadTestCase.tearDown(self)
- return d
-
def testExtractOpenPGPHeader(self):
"""
Test the OpenPGP header key extraction