summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/leap/bitmask/keymanager/__init__.py20
-rw-r--r--src/leap/bitmask/keymanager/errors.py4
-rw-r--r--src/leap/bitmask/keymanager/openpgp.py31
-rw-r--r--tests/integration/keymanager/test_keymanager.py22
4 files changed, 40 insertions, 37 deletions
diff --git a/src/leap/bitmask/keymanager/__init__.py b/src/leap/bitmask/keymanager/__init__.py
index 09ac9bc7..9240b8a5 100644
--- a/src/leap/bitmask/keymanager/__init__.py
+++ b/src/leap/bitmask/keymanager/__init__.py
@@ -787,23 +787,25 @@ class KeyManager(object):
yield self.put_key(pubkey)
@defer.inlineCallbacks
- def extend_key_expiration(self, validity='1y', passphrase=None):
+ def change_key_expiration(self, expiration_time='1y', passphrase=None):
"""
- extend the expiration date of the key pair bound to the user's address
- by the validity period, from the key's creation date.
+ Change the expiration date of the key pair bound to the user's address
+ by the expiration_time period, from the current day.
- :param validity: new validity from creation date 'n','nw','nm' or 'ny'
- where n is a number
- :type validity: str
+ :param expiration_time: new expiration time from current day in 'n',
+ 'nw', 'nm' or 'ny' where n is a number
+ :type expiration_time: str
:return: The updated secret key, with new expiry date
:rtype: OpenPGPKey
- :raise KeyExpiryExtensionError: if invalid validity period
+ :raise KeyExpirationError: if invalid expiration time period
"""
my_secret_key = yield self.get_key(self._address, private=True)
- renewed_key = yield self._openpgp.extend_key(my_secret_key, validity,
- passphrase)
+ renewed_key = yield self._openpgp.expire(
+ my_secret_key,
+ expiration_time=expiration_time,
+ passphrase=passphrase)
yield self._openpgp.reset_all_keys_sign_used()
defer.returnValue(renewed_key)
diff --git a/src/leap/bitmask/keymanager/errors.py b/src/leap/bitmask/keymanager/errors.py
index 1ca234de..0ec3650a 100644
--- a/src/leap/bitmask/keymanager/errors.py
+++ b/src/leap/bitmask/keymanager/errors.py
@@ -88,9 +88,9 @@ class GPGError(Exception):
pass
-class KeyExpiryExtensionError(Exception):
+class KeyExpirationError(Exception):
"""
- Error during key expiry date extension
+ Error during key expiry date change
"""
diff --git a/src/leap/bitmask/keymanager/openpgp.py b/src/leap/bitmask/keymanager/openpgp.py
index e667fd97..2361e6a8 100644
--- a/src/leap/bitmask/keymanager/openpgp.py
+++ b/src/leap/bitmask/keymanager/openpgp.py
@@ -180,8 +180,8 @@ class OpenPGPScheme(object):
with TempGPGWrapper([current_sec_key], self._gpgbinary) as gpg:
if current_sec_key.is_expired():
temporary_extension_period = '1' # extend for 1 extra day
- gpg.extend_key(current_sec_key.fingerprint,
- validity=temporary_extension_period)
+ gpg.expire(current_sec_key.fingerprint,
+ expiration_time=temporary_extension_period)
yield self.unactivate_key(address) # only one priv key allowed
yield self.delete_key(current_pub_key)
new_key = yield self.gen_key(address)
@@ -679,30 +679,31 @@ class OpenPGPScheme(object):
raise errors.EncryptError()
@defer.inlineCallbacks
- def extend_key(self, seckey, validity='1y', passphrase=None):
+ def expire(self, seckey, expiration_time='1y', passphrase=None):
"""
- Extend C{key} key pair, expiration date for C{validity} period,
- from its creation date.
+ Change expiration for C{key} key pair for the given C{expiration_time}
+ period, from the current day.
- :param seckey: The secret key of the key pair to be extended.
+ :param seckey: The secret key of the key pair to have the expiration
+ time changed.
:type seckey: OpenPGPKey
- :param validity: new validity from creation date 'n','nw','nm' or 'ny'
- where n is a number
- :type validity: str
+ :param expiration_time: new expiration time from the current day in
+ 'n', 'nw','nm' or 'ny' where n is a number
+ :type expiration_time: str
:return: The updated secret key, with new expiry date
:rtype: OpenPGPKey
- :raise KeyExpiryExtensionError: Raised if failed to extend key
- for some reason.
+ :raise KeyExpirationError: Raised if failed to change expiration of key
+ for some reason.
"""
leap_assert_type(seckey, OpenPGPKey)
leap_assert(seckey.private is True, 'Key is not private.')
keys = [seckey]
try:
with TempGPGWrapper(keys, self._gpgbinary) as gpg:
- result = yield from_thread(gpg.extend_key, seckey.fingerprint,
- validity=validity,
+ result = yield from_thread(gpg.expire, seckey.fingerprint,
+ expiration_time=expiration_time,
passphrase=passphrase)
if result.status == 'ok':
for secret in [False, True]:
@@ -716,8 +717,8 @@ class OpenPGPScheme(object):
yield self.put_key(renewed_key)
defer.returnValue(renewed_key)
except Exception as e:
- log.warn('Failed to Extend Key: %s expiration date.' % str(e))
- raise errors.KeyExpiryExtensionError(str(e))
+ log.warn('Failed to change expiration of key: %s' % str(e))
+ raise errors.KeyExpirationError(str(e))
@defer.inlineCallbacks
def decrypt(self, data, privkey, passphrase=None, verify=None):
diff --git a/tests/integration/keymanager/test_keymanager.py b/tests/integration/keymanager/test_keymanager.py
index 5b805ea4..474643d4 100644
--- a/tests/integration/keymanager/test_keymanager.py
+++ b/tests/integration/keymanager/test_keymanager.py
@@ -31,7 +31,7 @@ import mock
from leap.common import ca_bundle
from leap.bitmask.keymanager import errors
-from leap.bitmask.keymanager.errors import KeyExpiryExtensionError
+from leap.bitmask.keymanager.errors import KeyExpirationError
from leap.bitmask.keymanager.keys import (
OpenPGPKey,
is_address,
@@ -54,8 +54,7 @@ from common import (
OLD_AND_NEW_KEY_ADDRESS,
DIFFERENT_PRIVATE_KEY,
DIFFERENT_KEY_FPR,
- DIFFERENT_PUBLIC_KEY,
- KEY_EXPIRING_CREATION_DATE)
+ DIFFERENT_PUBLIC_KEY)
NICKSERVER_URI = "http://leap.se/"
REMOTE_KEY_URL = "http://site.domain/key"
@@ -654,13 +653,13 @@ class KeyManagerKeyManagementTestCase(KeyManagerWithSoledadTestCase):
km._openpgp.reset_all_keys_sign_used.assert_called_once()
@defer.inlineCallbacks
- def test_keymanager_extend_key_expiry_date_for_key_pair(self):
+ def test_keymanager_change_key_expiry_date_for_key_pair(self):
km = self._key_manager(user=ADDRESS_EXPIRING)
yield km._openpgp.put_raw_key(PRIVATE_EXPIRING_KEY, ADDRESS_EXPIRING)
key = yield km.get_key(ADDRESS_EXPIRING, fetch_remote=False)
- yield km.extend_key_expiration(validity='1w')
+ yield km.change_key_expiration(expiration_time='1w')
new_expiry_date = date.today() + timedelta(weeks=1)
@@ -676,27 +675,28 @@ class KeyManagerKeyManagementTestCase(KeyManagerWithSoledadTestCase):
self.assertEqual(key.fingerprint, renewed_private_key.fingerprint)
@defer.inlineCallbacks
- def test_key_extension_resets_all_public_key_sign_used(self):
+ def test_change_key_expiration_resets_all_public_key_sign_used(self):
km = self._key_manager(user=ADDRESS_EXPIRING)
yield km._openpgp.put_raw_key(PRIVATE_EXPIRING_KEY, ADDRESS_EXPIRING)
km._openpgp.reset_all_keys_sign_used = mock.Mock()
- yield km.extend_key_expiration(validity='1w')
+ yield km.change_key_expiration(expiration_time='1w')
km._openpgp.reset_all_keys_sign_used.assert_called_once()
@defer.inlineCallbacks
- def test_key_extension_with_invalid_period_throws_exception(self):
+ def test_change_key_expiration_with_invalid_period_throws_exception(self):
km = self._key_manager(user=ADDRESS_EXPIRING)
yield km._openpgp.put_raw_key(PRIVATE_EXPIRING_KEY, ADDRESS_EXPIRING)
key = yield km.get_key(ADDRESS_EXPIRING, fetch_remote=False)
- invalid_validity_option = '2xw'
+ invalid_expiration_time_option = '2xw'
- with self.assertRaises(KeyExpiryExtensionError):
- yield km.extend_key_expiration(validity=invalid_validity_option)
+ with self.assertRaises(KeyExpirationError):
+ yield km.change_key_expiration(
+ expiration_time=invalid_expiration_time_option)
renewed_public_key = yield km.get_key(ADDRESS_EXPIRING,
fetch_remote=False)