[refactor] remove rengenerate key

We are not planning to regenerate keys (for now), only to extend the expiration date.
author: Ruben Pollan <meskio@sindominio.net> 2017-10-31 10:36:35 +0100
committer: Ruben Pollan <meskio@sindominio.net> 2017-12-03 20:43:38 +0100
commit: f6c71494f0ada864e80ee74c60ec09939a14f44b (patch)
tree: 89f89a5549ad462ff5ee3fc2ed6cda8c0c367109
parent: d13fb37acd01dc1e4d62631e0e131a937a001f33 (diff)
4 files changed, 4 insertions, 108 deletions
diff --git a/src/leap/bitmask/keymanager/__init__.py b/src/leap/bitmask/keymanager/__init__.py
index 2fa80c7c..c1095877 100644
--- a/src/leap/bitmask/keymanager/__init__.py
+++ b/src/leap/bitmask/keymanager/__init__.py
@@ -361,20 +361,6 @@ class KeyManager(object):
         d.addCallback(signal_finished)
         return d
 
-    @defer.inlineCallbacks
-    def regenerate_key(self):
-        """
-        Regenerate a key bound to the user's address.
-
-        :return: A Deferred which fires with the generated EncryptionKey.
-        :rtype: Deferred
-        """
-
-        self.log.info('Regenerating key for %s.' % self._address)
-
-        new_key = yield self._openpgp.regenerate_key(self._address)
-        defer.returnValue(new_key)
-
     #
     # Setters/getters
     #
diff --git a/src/leap/bitmask/keymanager/keys.py b/src/leap/bitmask/keymanager/keys.py
index 6c0c64ff..0f68c06b 100644
--- a/src/leap/bitmask/keymanager/keys.py
+++ b/src/leap/bitmask/keymanager/keys.py
@@ -191,7 +191,7 @@ class OpenPGPKey(object):
 
             return False
 
-    def merge(self, newkey, key_renewal=False):
+    def merge(self, newkey):
         if newkey.fingerprint != self.fingerprint:
             self.log.critical(
                 "Can't put a key whith the same key_id and different "
@@ -223,8 +223,7 @@ class OpenPGPKey(object):
         if newkey.last_audited_at > self.last_audited_at:
             self.validation = newkey.last_audited_at
         self.encr_used = newkey.encr_used or self.encr_used
-        if not key_renewal:
-            self.sign_used = newkey.sign_used or self.sign_used
+        self.sign_used = newkey.sign_used or self.sign_used
         self.refreshed_at = datetime.now()
 
     def get_json(self):
diff --git a/src/leap/bitmask/keymanager/openpgp.py b/src/leap/bitmask/keymanager/openpgp.py
index aea82156..ef77e30c 100644
--- a/src/leap/bitmask/keymanager/openpgp.py
+++ b/src/leap/bitmask/keymanager/openpgp.py
@@ -161,44 +161,6 @@ class OpenPGPScheme(object):
     #
     # Keys management
     #
-    @defer.inlineCallbacks
-    def regenerate_key(self, address):
-        """
-        Deactivate Current keypair,
-        Generate a new OpenPGP keypair bound to C{address},
-        and sign the new key with the old key.
-
-        :param address: The address bound to the key.
-        :type address: str
-
-        :return: A Deferred which fires with the new key bound to address.
-        :rtype: Deferred
-        """
-        leap_assert(is_address(address), 'Not an user address: %s' % address)
-        current_sec_key = yield self.get_key(address, private=True)
-        current_pub_key = yield self.get_key(address, private=False)
-        with TempGPGWrapper([current_sec_key], self._gpgbinary) as gpg:
-            if current_sec_key.is_expired():
-                temporary_extension_period = '1'  # extend for 1 extra day
-                gpg.expire(current_sec_key.fingerprint,
-                           expiration_time=temporary_extension_period)
-            yield self.unactivate_key(address)  # only one priv key allowed
-            yield self.delete_key(current_pub_key)
-            new_key = yield self.gen_key(address)
-            gpg.import_keys(new_key.key_data)
-            key_signing = yield from_thread(gpg.sign_key, new_key.fingerprint)
-            if key_signing.status == 'ok':
-                fetched_keys = gpg.list_keys(secret=False)
-                fetched_key = filter(lambda k: k['fingerprint'] ==
-                                     new_key.fingerprint, fetched_keys)[0]
-                key_data = gpg.export_keys(new_key.fingerprint, secret=False)
-                renewed_key = self._build_key_from_gpg(
-                    fetched_key,
-                    key_data,
-                    new_key.address)
-                yield self.put_key(renewed_key)
-        defer.returnValue(new_key)
-
     def gen_key(self, address):
         """
         Generate an OpenPGP keypair bound to C{address}.
@@ -411,7 +373,7 @@ class OpenPGPScheme(object):
             d.addCallback(put_key, openpgp_privkey)
         return d
 
-    def put_key(self, key, key_renewal=False):
+    def put_key(self, key):
         """
         Put C{key} in local storage.
 
@@ -431,7 +393,7 @@ class OpenPGPScheme(object):
                 active_content = activedoc.content
             oldkey = build_key_from_dict(keydoc.content, active_content)
 
-            key.merge(oldkey, key_renewal)
+            key.merge(oldkey)
             keydoc.set_json(key.get_json())
             d = self._soledad.put_doc(keydoc)
             d.addCallback(put_active, activedoc)
diff --git a/tests/integration/keymanager/test_keymanager.py b/tests/integration/keymanager/test_keymanager.py
index 2e4a9a97..8ed70bdf 100644
--- a/tests/integration/keymanager/test_keymanager.py
+++ b/tests/integration/keymanager/test_keymanager.py
@@ -592,51 +592,6 @@ class KeyManagerKeyManagementTestCase(KeyManagerWithSoledadTestCase):
         yield km.put_raw_key(PRIVATE_KEY, ADDRESS)
         km.send_key.assert_called_once_with()
 
-    @defer.inlineCallbacks
-    def test_key_regenerate_gets_new_expiry_date_and_signed_by_old_key(self):
-        km = self._key_manager(user=ADDRESS_EXPIRING)
-
-        yield km._openpgp.put_raw_key(PRIVATE_EXPIRING_KEY, ADDRESS_EXPIRING)
-        old_key = yield km.get_key(ADDRESS_EXPIRING, fetch_remote=False)
-
-        new_key = yield km.regenerate_key()
-
-        today = datetime.now()
-        new_expiry_date = date(today.year + 1, today.month, today.day)
-        renewed_public_key = yield km.get_key(ADDRESS_EXPIRING,
-                                              fetch_remote=False)
-        renewed_private_key = yield km.get_key(ADDRESS_EXPIRING, private=True)
-
-        self.assertEqual(new_expiry_date,
-                         renewed_public_key.expiry_date.date())
-        self.assertEqual(new_expiry_date,
-                         renewed_private_key.expiry_date.date())
-        self.assertNotEqual(old_key.fingerprint,
-                            renewed_public_key.fingerprint)
-        self.assertEqual(new_key.fingerprint, renewed_public_key.fingerprint)
-        self.assertIn(old_key.fingerprint[-16:], renewed_public_key.signatures)
-
-    @defer.inlineCallbacks
-    def test_key_regenerate_deactivate_the_old_private_key(self):
-        km = self._key_manager(user=ADDRESS_EXPIRING)
-
-        yield km._openpgp.put_raw_key(PRIVATE_EXPIRING_KEY, ADDRESS_EXPIRING)
-        old_key = yield km.get_key(ADDRESS_EXPIRING, fetch_remote=False)
-
-        new_key = yield km.regenerate_key()
-        inactive_private_keys = yield km._get_inactive_private_keys()
-        renewed_public_key = yield km.get_key(ADDRESS_EXPIRING, private=False,
-                                              fetch_remote=False)
-
-        self.assertEqual(1, len(inactive_private_keys))
-        retrieved_old_key = inactive_private_keys[0]
-        self.assertEqual(old_key.fingerprint,
-                         retrieved_old_key.fingerprint)
-        self.assertNotEqual(old_key.fingerprint,
-                            new_key.fingerprint)
-        self.assertEqual(new_key.fingerprint, renewed_public_key.fingerprint)
-        self.assertIn(old_key.fingerprint[-16:], renewed_public_key.signatures)
-
 
 class KeyManagerCryptoTestCase(KeyManagerWithSoledadTestCase):
     RAW_DATA = 'data'
@@ -669,9 +624,6 @@ class KeyManagerCryptoTestCase(KeyManagerWithSoledadTestCase):
                                    fetch_remote=False)
         self.assertNotEqual(self.RAW_DATA, encdata)
 
-        # renew key
-        yield km.regenerate_key()
-
         # decrypt
         rawdata, signingkey = yield km.decrypt(
             encdata, ADDRESS, verify=ADDRESS_2, fetch_remote=False)
@@ -686,9 +638,6 @@ class KeyManagerCryptoTestCase(KeyManagerWithSoledadTestCase):
         yield km._openpgp.put_raw_key(PRIVATE_KEY, ADDRESS)
         yield km._openpgp.put_raw_key(PRIVATE_KEY_2, ADDRESS_2)
 
-        # renew key -- deactivate current key
-        yield km.regenerate_key()
-
         # decrypt
         with self.assertRaises(errors.DecryptError):
             yield km.decrypt(ENCRYPTED_MESSAGE_FOR_DIFFERENT_KEY,
author	Ruben Pollan <meskio@sindominio.net>	2017-10-31 10:36:35 +0100
committer	Ruben Pollan <meskio@sindominio.net>	2017-12-03 20:43:38 +0100
commit	f6c71494f0ada864e80ee74c60ec09939a14f44b (patch)
tree	89f89a5549ad462ff5ee3fc2ed6cda8c0c367109
parent	d13fb37acd01dc1e4d62631e0e131a937a001f33 (diff)