| Age | Commit message (Collapse) | Author |
|---|
|
Check on every fetch of the private key if the expiration is less than
two months before it expire. And extend the expiration if needed.
- Resolves: #8217
|
|
We are not planning to regenerate keys (for now), only to extend the
expiration date.
|
|
- private key is not allowed to be fetched remotely
- fetch_remote needs to be specifically set
- if a new key is fetched (ie different KeyID), the validation
rule applies
|
|
|
|
|
|
is renewed
- there is only one private inactive key that is the key
expiring last among all inactive keys
- if there is an inactive key, decryption with it, is tried
if it fails with the current active key.
|
|
|
|
- this flag is used by leap.mail to attach the new key
|
|
- if current key pair is expired, it'll be extended for a day first
- new key pair will be signed by the old key
|
|
I changed most of the logger statements to use a class attribute, in
this way it's easier to identify which class it's logging them.
in some cases I leave a module-level logger, when we're either using
functions or when the module it's too small.
at the same time I did a general review and cleanup of the logging
statements.
|
|
Check if a new fetched key was signed by a old key with the same address.
Please do not merge before: https://github.com/isislovecruft/python-gnupg/pull/150
- Resolves #8112
|
|
- some pep8 problems
- some confusion with old and new code after merging
from old keymanager
|
|
Port of the original commit:
8f1fe8dd4a54fd2bdda2fc78c339ce9b3d0fc331
by Zara Gebru that introduced updating keys in the background.
This was made in the legacy leapcode/keymanager repo, but was lost in
the merge to the unified bitmask-dev.
Original commit message follows:
--------------------------------
- refresh random key in random time
- add get key by fingerprint
- refactor nicknym methods to own file
- tests
- note this do not include a check for
revoked key, since that need some changes
in gnupg
- Related: #6089
|
|
|
|
|
|
|
