summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/leap/bitmask/keymanager/keys.py22
-rw-r--r--src/leap/bitmask/keymanager/validation.py7
2 files changed, 23 insertions, 6 deletions
diff --git a/src/leap/bitmask/keymanager/keys.py b/src/leap/bitmask/keymanager/keys.py
index fd454480..622c1c68 100644
--- a/src/leap/bitmask/keymanager/keys.py
+++ b/src/leap/bitmask/keymanager/keys.py
@@ -160,6 +160,28 @@ class OpenPGPKey(object):
return []
+ def is_signed_by(self, other_key):
+ """
+ Checks if current key was signed by another key. Rather than just
+ relying on the fingerprint being there, we use gpg's --check-sigs with
+ both keys being present in the keychain to check the signature
+ validity. By doing so, relying on the long key id instead of the
+ fingerprint is fine.
+
+ :param other_key: the other key.
+ :return: True if valid signature could be found.
+ :rtype: bool
+ """
+ keys = [self, other_key]
+ with TempGPGWrapper(keys=keys, gpgbinary=self._gpgbinary) as gpg:
+ certs = gpg.check_sigs(str(self.fingerprint)).certs
+ for uid, cur_certs in certs.iteritems():
+ if (parse_address(uid) in other_key.uids and
+ other_key.fingerprint[-16:] in cur_certs):
+ return True
+
+ return False
+
def merge(self, newkey):
if newkey.fingerprint != self.fingerprint:
logger.critical(
diff --git a/src/leap/bitmask/keymanager/validation.py b/src/leap/bitmask/keymanager/validation.py
index 16a897e9..61adc0e1 100644
--- a/src/leap/bitmask/keymanager/validation.py
+++ b/src/leap/bitmask/keymanager/validation.py
@@ -121,9 +121,4 @@ def can_upgrade(new_key, old_key):
return True
# New key signed by the old key
- # XXX: signatures are using key-ids instead of fingerprints
- key_id = old_key.fingerprint[-16:]
- if key_id in new_key.signatures:
- return True
-
- return False
+ return new_key.is_signed_by(old_key)