summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/leap/bitmask/keymanager/keys.py22
-rw-r--r--src/leap/bitmask/keymanager/openpgp.py2
2 files changed, 20 insertions, 4 deletions
diff --git a/src/leap/bitmask/keymanager/keys.py b/src/leap/bitmask/keymanager/keys.py
index d26f8b31..1e8d383f 100644
--- a/src/leap/bitmask/keymanager/keys.py
+++ b/src/leap/bitmask/keymanager/keys.py
@@ -30,6 +30,9 @@ from leap.bitmask.keymanager.wrapper import TempGPGWrapper
from leap.bitmask.keymanager.validation import ValidationLevels
from leap.bitmask.keymanager import documents as doc
+TWO_MONTHS = 60
+DEFAULT_THRESHOLD = TWO_MONTHS
+
log = Logger()
@@ -288,9 +291,6 @@ class OpenPGPKey(object):
value = str(value)
return key, value
- def has_expired(self):
- return self.expiry_date and self.expiry_date < datetime.now()
-
def __iter__(self):
return self
@@ -327,6 +327,22 @@ class OpenPGPKey(object):
return False if self.expiry_date is None \
else self.expiry_date < datetime.now()
+ def should_be_renewed(self, before_expiry_threshold=DEFAULT_THRESHOLD):
+ """
+ Indicates if the key reaches the renewal period. For ease of transition
+ keys should be renewed before they expire.
+
+ :param before_expiry_threshold: the amount of days before expiry date
+ whereby the key should be renewed -- default value is 60 days
+ :type before_expiry_threshold: int
+
+ :return: True if the current date is within the threshold
+ :rtype: Boolean
+ """
+
+ days_till_expiry = (self.expiry_date - datetime.now())
+ return days_till_expiry.days < before_expiry_threshold
+
def parse_address(address):
"""
diff --git a/src/leap/bitmask/keymanager/openpgp.py b/src/leap/bitmask/keymanager/openpgp.py
index d82f8e52..a856ee06 100644
--- a/src/leap/bitmask/keymanager/openpgp.py
+++ b/src/leap/bitmask/keymanager/openpgp.py
@@ -178,7 +178,7 @@ class OpenPGPScheme(object):
current_sec_key = yield self.get_key(address, private=True)
current_pub_key = yield self.get_key(address, private=False)
with TempGPGWrapper([current_sec_key], self._gpgbinary) as gpg:
- if current_sec_key.has_expired():
+ if current_sec_key.is_expired():
temporary_extension_period = '1' # extend for 1 extra day
gpg.extend_key(current_sec_key.fingerprint,
validity=temporary_extension_period)