diff options
author | Ruben Pollan <meskio@sindominio.net> | 2016-06-16 20:16:54 +0200 |
---|---|---|
committer | Ruben Pollan <meskio@sindominio.net> | 2016-06-20 18:30:22 +0200 |
commit | 5409c0dec9d1d4a562cc69798e36d534b6690d30 (patch) | |
tree | 6e9197e4a933c4f0ded905d4b5f4f4df2084aec9 /keymanager | |
parent | 161fd0542425dc9afa336dcb0675f56b3e1b0b55 (diff) |
[feat] check key document versions and fail if it's unknown
- Closes: #8165
Diffstat (limited to 'keymanager')
-rw-r--r-- | keymanager/changes/next-changelog.txt | 1 | ||||
-rw-r--r-- | keymanager/src/leap/keymanager/__init__.py | 8 | ||||
-rw-r--r-- | keymanager/src/leap/keymanager/errors.py | 9 | ||||
-rw-r--r-- | keymanager/src/leap/keymanager/openpgp.py | 11 |
4 files changed, 26 insertions, 3 deletions
diff --git a/keymanager/changes/next-changelog.txt b/keymanager/changes/next-changelog.txt index a2ab4fb1..56ff7aa9 100644 --- a/keymanager/changes/next-changelog.txt +++ b/keymanager/changes/next-changelog.txt @@ -13,6 +13,7 @@ Features - `#8031 <https://leap.se/code/issues/8031>`_: Remove support for multiple key types. - `#8068 <https://leap.se/code/issues/8068>`_: make get_all_keys aware of active addresses. - `#6658 <https://leap.se/code/issues/6658>`_: Improve duplicated active documents fixup. +- `#8165 <https://leap.se/code/issues/8165>`_: Check key document versions and fail if it's unknown. - `#1234 <https://leap.se/code/issues/1234>`_: Description of the new feature corresponding with issue #1234. - New feature without related issue number. diff --git a/keymanager/src/leap/keymanager/__init__.py b/keymanager/src/leap/keymanager/__init__.py index 97d29857..0b8a5b30 100644 --- a/keymanager/src/leap/keymanager/__init__.py +++ b/keymanager/src/leap/keymanager/__init__.py @@ -376,7 +376,8 @@ class KeyManager(object): :return: A Deferred which fires with an EncryptionKey bound to address, or which fails with KeyNotFound if no key was found neither - locally or in keyserver. + locally or in keyserver or fail with KeyVersionError if the + key has a format not supported by this version of KeyManager :rtype: Deferred :raise UnsupportedKeyTypeError: if invalid key type @@ -522,8 +523,9 @@ class KeyManager(object): :return: A Deferred which fires with the encrypted data as str, or which fails with KeyNotFound if no keys were found neither - locally or in keyserver or fails with EncryptError if failed - encrypting for some reason. + locally or in keyserver or fails with KeyVersionError if the + key format is not supported or fails with EncryptError if + failed encrypting for some reason. :rtype: Deferred :raise UnsupportedKeyTypeError: if invalid key type diff --git a/keymanager/src/leap/keymanager/errors.py b/keymanager/src/leap/keymanager/errors.py index 8a9fb3c7..dfff3936 100644 --- a/keymanager/src/leap/keymanager/errors.py +++ b/keymanager/src/leap/keymanager/errors.py @@ -28,6 +28,15 @@ class KeyNotFound(Exception): pass +class KeyVersionError(KeyNotFound): + """ + Raised when key was found in the keyring but the version is not supported. + + It will usually mean that it was created by a newer version of KeyManager. + """ + pass + + class KeyAlreadyExists(Exception): """ Raised when attempted to create a key that already exists. diff --git a/keymanager/src/leap/keymanager/openpgp.py b/keymanager/src/leap/keymanager/openpgp.py index 98ce4649..31c13df1 100644 --- a/keymanager/src/leap/keymanager/openpgp.py +++ b/keymanager/src/leap/keymanager/openpgp.py @@ -53,6 +53,8 @@ from leap.keymanager.documents import ( KEY_ENCR_USED_KEY, KEY_ADDRESS_KEY, KEY_TYPE_KEY, + KEY_VERSION_KEY, + KEYMANAGER_DOC_VERSION, KEYMANAGER_ACTIVE_TYPE, KEYMANAGER_KEY_TAG, KEYMANAGER_ACTIVE_TAG, @@ -734,6 +736,7 @@ class OpenPGPScheme(object): address, '1' if private else '0') d.addCallback(self._repair_and_get_doc, self._repair_active_docs) + d.addCallback(self._check_version) return d def _get_key_doc_from_fingerprint(self, fingerprint, private): @@ -743,6 +746,7 @@ class OpenPGPScheme(object): fingerprint, '1' if private else '0') d.addCallback(self._repair_and_get_doc, self._repair_key_docs) + d.addCallback(self._check_version) return d def _repair_and_get_doc(self, doclist, repair_func): @@ -752,6 +756,13 @@ class OpenPGPScheme(object): return repair_func(doclist) return doclist[0] + def _check_version(self, doc): + if doc is not None: + version = doc.content[KEY_VERSION_KEY] + if version > KEYMANAGER_DOC_VERSION: + raise errors.KeyVersionError(str(version)) + return doc + def _repair_key_docs(self, doclist): """ If there is more than one key for a key id try to self-repair it |