diff options
| author | Ruben Pollan <meskio@sindominio.net> | 2015-09-24 01:15:11 +0200 |
|---|---|---|
| committer | Ruben Pollan <meskio@sindominio.net> | 2015-09-24 17:08:59 +0200 |
| commit | 7242d003877ef08cb7fa0e55a05c915a03b602ab (patch) | |
| tree | ba025bf1133133195cb248861eb7285975b42cec /src/leap/keymanager/__init__.py | |
| parent | bad4662976e46047654d9b610f0e8517a43bfcc6 (diff) | |
[bug] don't repush a public key with different address
During decryption the signing public key was getting repush with a
different address as part of the verify usage flagging.
- Resolves: https://github.com/pixelated/pixelated-user-agent/issues/466
- Related: #7420
Diffstat (limited to 'src/leap/keymanager/__init__.py')
| -rw-r--r-- | src/leap/keymanager/__init__.py | 20 |
1 files changed, 12 insertions, 8 deletions
diff --git a/src/leap/keymanager/__init__.py b/src/leap/keymanager/__init__.py index cf099bb1..22fb725b 100644 --- a/src/leap/keymanager/__init__.py +++ b/src/leap/keymanager/__init__.py @@ -590,10 +590,12 @@ class KeyManager(object): if pubkey is None: signature = KeyNotFound(verify) elif signed: - pubkey.sign_used = True - d = self._wrapper_map[ktype].put_key(pubkey, address) - d.addCallback(lambda _: (decrypted, pubkey)) - return d + signature = pubkey + if not pubkey.sign_used: + pubkey.sign_used = True + d = self._wrapper_map[ktype].put_key(pubkey, verify) + d.addCallback(lambda _: (decrypted, signature)) + return d else: signature = InvalidSignature( 'Failed to verify signature with key %s' % @@ -685,10 +687,12 @@ class KeyManager(object): signed = self._wrapper_map[ktype].verify( data, pubkey, detached_sig=detached_sig) if signed: - pubkey.sign_used = True - d = self._wrapper_map[ktype].put_key(pubkey, address) - d.addCallback(lambda _: pubkey) - return d + if not pubkey.sign_used: + pubkey.sign_used = True + d = self._wrapper_map[ktype].put_key(pubkey, address) + d.addCallback(lambda _: pubkey) + return d + return pubkey else: raise InvalidSignature( 'Failed to verify signature with key %s' % |