summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTulio Casagrande <tcasagra@thoughtworks.com>2017-04-21 18:27:36 -0300
committerRuben Pollan <meskio@sindominio.net>2017-12-03 20:43:37 +0100
commit6300a435aaf3f4dacd4615c75defaa8ea7369248 (patch)
tree6ee17c63f58d4097a191e81c40b793d8c40b1221
parentfbdb541bfc0fcbf2d9c92c785f0d8ff1fe98f68a (diff)
[feat] stop resetting signs used after key regeneration
We were considering to reset the sign_used flag to force the new key to be resend as attachment in forthcoming emails. Although, this is not a good solution, because we'll lose information about which keys the client has signed.
-rw-r--r--src/leap/bitmask/keymanager/__init__.py2
-rw-r--r--src/leap/bitmask/keymanager/openpgp.py21
-rw-r--r--tests/integration/keymanager/test_keymanager.py12
-rw-r--r--tests/integration/keymanager/test_openpgp.py27
4 files changed, 0 insertions, 62 deletions
diff --git a/src/leap/bitmask/keymanager/__init__.py b/src/leap/bitmask/keymanager/__init__.py
index d1fd4edb..2fa80c7c 100644
--- a/src/leap/bitmask/keymanager/__init__.py
+++ b/src/leap/bitmask/keymanager/__init__.py
@@ -373,8 +373,6 @@ class KeyManager(object):
self.log.info('Regenerating key for %s.' % self._address)
new_key = yield self._openpgp.regenerate_key(self._address)
- yield self._openpgp.reset_all_keys_sign_used()
-
defer.returnValue(new_key)
#
diff --git a/src/leap/bitmask/keymanager/openpgp.py b/src/leap/bitmask/keymanager/openpgp.py
index 2361e6a8..aea82156 100644
--- a/src/leap/bitmask/keymanager/openpgp.py
+++ b/src/leap/bitmask/keymanager/openpgp.py
@@ -584,27 +584,6 @@ class OpenPGPScheme(object):
active_doc = yield self._get_active_doc_from_address(address, False)
yield self._soledad.delete_doc(active_doc)
- @defer.inlineCallbacks
- def reset_all_keys_sign_used(self):
- """
- Reset sign_used flag for all keys in storage, to False...
- to indicate that the key pair has not interacted with all
- keys in the key ring yet.
- This should only be used when regenerating/extending the key pair.
-
- """
- all_keys = yield self.get_all_keys(private=False)
- deferreds = []
-
- @defer.inlineCallbacks
- def reset_sign_used(key):
- key.sign_used = False
- yield self.put_key(key, key_renewal=True)
-
- for open_pgp_key in all_keys:
- deferreds.append(reset_sign_used(open_pgp_key))
- yield defer.gatherResults(deferreds)
-
#
# Data encryption, decryption, signing and verifying
#
diff --git a/tests/integration/keymanager/test_keymanager.py b/tests/integration/keymanager/test_keymanager.py
index 88a8ba93..656b070c 100644
--- a/tests/integration/keymanager/test_keymanager.py
+++ b/tests/integration/keymanager/test_keymanager.py
@@ -639,18 +639,6 @@ class KeyManagerKeyManagementTestCase(KeyManagerWithSoledadTestCase):
self.assertEqual(new_key.fingerprint, renewed_public_key.fingerprint)
self.assertIn(old_key.fingerprint[-16:], renewed_public_key.signatures)
- @defer.inlineCallbacks
- def test_key_regenerate_resets_all_public_key_sign_used(self):
- km = self._key_manager(user=ADDRESS_EXPIRING)
-
- yield km._openpgp.put_raw_key(PRIVATE_EXPIRING_KEY, ADDRESS_EXPIRING)
- yield km._openpgp.put_raw_key(PUBLIC_KEY_2, ADDRESS_2)
- km._openpgp.reset_all_keys_sign_used = mock.Mock()
-
- yield km.regenerate_key()
-
- km._openpgp.reset_all_keys_sign_used.assert_called_once()
-
class KeyManagerCryptoTestCase(KeyManagerWithSoledadTestCase):
RAW_DATA = 'data'
diff --git a/tests/integration/keymanager/test_openpgp.py b/tests/integration/keymanager/test_openpgp.py
index d994f801..d04f5d01 100644
--- a/tests/integration/keymanager/test_openpgp.py
+++ b/tests/integration/keymanager/test_openpgp.py
@@ -100,33 +100,6 @@ class OpenPGPCryptoTestCase(KeyManagerWithSoledadTestCase):
yield self._assert_key_not_found(pgp, ADDRESS)
@inlineCallbacks
- def test_reset_sign_used_for_all_keys(self):
- pgp = openpgp.OpenPGPScheme(
- self._soledad, gpgbinary=self.gpg_binary_path)
-
- yield pgp.put_raw_key(PRIVATE_KEY, ADDRESS)
- yield pgp.put_raw_key(PUBLIC_KEY, ADDRESS)
- yield pgp.put_raw_key(PUBLIC_KEY_2, ADDRESS_2)
- pubkey = yield pgp.get_key(ADDRESS)
- pubkey.sign_used = True
- yield pgp.put_key(pubkey)
- pubkey2 = yield pgp.get_key(ADDRESS_2)
- pubkey2.sign_used = True
- yield pgp.put_key(pubkey2)
-
- yield pgp.reset_all_keys_sign_used()
-
- pubkey_refetched = yield pgp.get_key(ADDRESS)
- pubkey2_refetched = yield pgp.get_key(ADDRESS_2)
-
- self.assertEqual(False, pubkey_refetched.sign_used)
- self.assertEqual(False, pubkey2_refetched.sign_used)
- self.assertEqual(pubkey.fingerprint, pubkey_refetched.fingerprint)
- self.assertEqual(pubkey.key_data, pubkey_refetched.key_data)
- self.assertEqual(pubkey2.fingerprint, pubkey2_refetched.fingerprint)
- self.assertEqual(pubkey2.key_data, pubkey2_refetched.key_data)
-
- @inlineCallbacks
def test_openpgp_encrypt_decrypt(self):
data = 'data'
pgp = openpgp.OpenPGPScheme(