summaryrefslogtreecommitdiff
path: root/src/leap/bitmask/keymanager/__init__.py
AgeCommit message (Collapse)Author
2017-12-03[feat] extend the expiration of private keys if neededRuben Pollan
Check on every fetch of the private key if the expiration is less than two months before it expire. And extend the expiration if needed. - Resolves: #8217
2017-12-03[refactor] remove rengenerate keyRuben Pollan
We are not planning to regenerate keys (for now), only to extend the expiration date.
2017-12-03[feat] stop resetting signs used after key regenerationTulio Casagrande
We were considering to reset the sign_used flag to force the new key to be resend as attachment in forthcoming emails. Although, this is not a good solution, because we'll lose information about which keys the client has signed.
2017-12-03[bug] remove change_key_expiration from the APITulio Casagrande
This was intended to offer the option of only extend the old key and not change it for a new one. However, we don't plan to use this behavior anymore.
2017-12-03[bug] specify _get_inactive_private_keys as a private methodTulio Casagrande
2017-12-03[refactor] rename key extension to expirationTulio Casagrande
This changes reflect python-gnupg naming. With @aarni
2017-12-03[bug] fix log of the key being fetchedTulio Casagrande
2017-12-03[bug] remove key generation event from regenerate_keyTulio Casagrande
The KEYMANAGER_FINISHED_KEY_GENERATION event is used to send a welcome mail to the users, which was causing a new welcome mail when regenerating a key. We removed the event from regenerate_key method. We should implement a KEYMANAGER_FINISHED_KEY_REGENERATION event when it's needed.
2017-12-03[feat] expired public key are remotely fetched if expiredNavaL
- private key is not allowed to be fetched remotely - fetch_remote needs to be specifically set - if a new key is fetched (ie different KeyID), the validation rule applies
2017-12-03[bug] sign_used flag is reset for all public keys when the key expiration ↵NavaL
date is extended - this is required so that the key is re-attached to the first outgoing email to all users who already have the expired key.
2017-12-03[feat] expired public key are remotely fetched if expiredNavaL
- private key is not allowed to be fetched remotely - fetch_remote needs to be specifically set - if a new key is fetched (ie different KeyID), the validation rule applies
2017-12-03[bug] decryption will be tried for all inactive keysNavaL
2017-12-03[feat] decryption interoperability, when the current key pairNavaL
is renewed - there is only one private inactive key that is the key expiring last among all inactive keys - if there is an inactive key, decryption with it, is tried if it fails with the current active key.
2017-12-03[feat] reset sign_used flag after regenerating key pairNavaL
- this flag is used by leap.mail to attach the new key
2017-12-03[feat] first phase of key regenerationNavaL
- if current key pair is expired, it'll be extended for a day first - new key pair will be signed by the old key
2017-12-03[feat] add key expiry date extension in keymanagerNavaL
- extends key pair (unlocked from soledad) - extension period is counted from key creation date
2017-10-26[feat] add fetch key by fingerprint to keymanagerRuben Pollan
- Resolves: #9023
2017-10-26[bug] make nicknym return key dataRuben Pollan
There was a mismatch on the return values of Nicknym class and the expectations. As most of the code was expecting an OpenPGPKey, but it was returning the json as it came from the nickserver. Now is just returning the key data.
2017-07-14[bug] handle 503 responses from nyckserverRuben Pollan
This can be produced by errors fetching keys from the server. - Resolves: #8971
2017-06-28[docs] fix the docstring since the implementation does not sign yetKali Kaneko (leap communications)
2017-06-13[bug] fix keymanager issues with last mergeRuben Pollan
2017-06-12[feat] push private key updates into nicknymRuben Pollan
Deal as well with sending key if key is outdated in the providers nicknym. - Resolves: #8819, #8832
2017-04-27[bug] unify logging style using class attrKali Kaneko (leap communications)
I changed most of the logger statements to use a class attribute, in this way it's easier to identify which class it's logging them. in some cases I leave a module-level logger, when we're either using functions or when the module it's too small. at the same time I did a general review and cleanup of the logging statements.
2017-01-19rename some varsZara Gebru
2016-11-30[bug] make srp token changes propagate to nicknym objectKali Kaneko (leap communications)
the token is set when we get the srp token in the keymanager service, but it wasn't been propagated properly to the internal nicknym object that was refactored recently. here I make the setter write the same token to both keymanager itself and the nicknym. some little additional refactors: - move gpg initialization to a helper method in this way it becomes easier to stub the soledad and keymanager components, for testing. - name nicknym token as publicly visible, since i'm accessing it from the keymanager object. - Resolves: #8651
2016-11-22[tests] fix keymanager tests after refactor and mergeZara Gebru
- some pep8 problems - some confusion with old and new code after merging from old keymanager
2016-11-22[refactor] use qualified exceptionsKali Kaneko (leap communications)
2016-11-22[feature] keymanager: background update keysZara Gebru
Port of the original commit: 8f1fe8dd4a54fd2bdda2fc78c339ce9b3d0fc331 by Zara Gebru that introduced updating keys in the background. This was made in the legacy leapcode/keymanager repo, but was lost in the merge to the unified bitmask-dev. Original commit message follows: -------------------------------- - refresh random key in random time - add get key by fingerprint - refactor nicknym methods to own file - tests - note this do not include a check for revoked key, since that need some changes in gnupg - Related: #6089
2016-11-03[style] pep8 fixesKali Kaneko (leap communications)
2016-10-21[bug] fail gracefully if cannot find cert fileKali Kaneko (leap communications)
2016-10-07[style] pep8Kali Kaneko (leap communications)
2016-10-07[refactor] use new logger infrastructureKali Kaneko (leap communications)
2016-09-29[bug] remove destructor, pass combined_ca_bundle as optional paramKali Kaneko (leap communications)
this brings back a couple of commits by pixelated that were missed in my keymanager merge. https://github.com/leapcode/keymanager/commit/354ad5a12e90463f9952fe056f191c6d4cdadf40 https://github.com/leapcode/keymanager/commit/dd7ba606df2909c76b20b1d4bb0134302f94b3d0 basically it removes the destructor (there's no guarantee that it gets executed!) and it addds the combined ca bundle as an optional parameter to keymanager initialization
2016-09-22[bug] only generate key if soledad has ever synceddrebs
2016-09-01[refactor] remove unneeded version infoKali Kaneko (leap communications)
2016-08-29[pkg] mv keymanager to leap.bitmask.keymanager submoduleKali Kaneko (leap communications)