summaryrefslogtreecommitdiff
path: root/src/leap/bitmask/keymanager
AgeCommit message (Collapse)Author
2017-12-03[refactor] rename key extension to expirationTulio Casagrande
This changes reflect python-gnupg naming. With @aarni
2017-12-03[bug] fix log of the key being fetchedTulio Casagrande
2017-12-03[bug] remove key generation event from regenerate_keyTulio Casagrande
The KEYMANAGER_FINISHED_KEY_GENERATION event is used to send a welcome mail to the users, which was causing a new welcome mail when regenerating a key. We removed the event from regenerate_key method. We should implement a KEYMANAGER_FINISHED_KEY_REGENERATION event when it's needed.
2017-12-03[bug] change edit-key to use fingerprint as paramTulio Casagrande
python-gnupg doesn't accept address as parameter for --edit-key
2017-12-03[feat] expired public key are remotely fetched if expiredNavaL
- private key is not allowed to be fetched remotely - fetch_remote needs to be specifically set - if a new key is fetched (ie different KeyID), the validation rule applies
2017-12-03[style] refactoring: renaming methods/variablesNavaL
2017-12-03[bug] sign_used flag is reset for all public keys when the key expiration ↵NavaL
date is extended - this is required so that the key is re-attached to the first outgoing email to all users who already have the expired key.
2017-12-03[feat] expired public key are remotely fetched if expiredNavaL
- private key is not allowed to be fetched remotely - fetch_remote needs to be specifically set - if a new key is fetched (ie different KeyID), the validation rule applies
2017-12-03[bug] key can tell if it should be renewedNavaL
2017-12-03[bug] decryption will be tried for all inactive keysNavaL
2017-12-03[feat] decryption interoperability, when the current key pairNavaL
is renewed - there is only one private inactive key that is the key expiring last among all inactive keys - if there is an inactive key, decryption with it, is tried if it fails with the current active key.
2017-12-03[feat] supplying gpgbinary when building gpg key from dictNavaL
2017-12-03[feat] reset sign_used flag after regenerating key pairNavaL
- this flag is used by leap.mail to attach the new key
2017-12-03[feat] first phase of key regenerationNavaL
- if current key pair is expired, it'll be extended for a day first - new key pair will be signed by the old key
2017-12-03[feat] add key expiry date extension in keymanagerNavaL
- extends key pair (unlocked from soledad) - extension period is counted from key creation date
2017-10-26[feat] add fetch key by fingerprint to keymanagerRuben Pollan
- Resolves: #9023
2017-10-26[bug] make nicknym return key dataRuben Pollan
There was a mismatch on the return values of Nicknym class and the expectations. As most of the code was expecting an OpenPGPKey, but it was returning the json as it came from the nickserver. Now is just returning the key data.
2017-07-14[bug] handle 503 responses from nyckserverRuben Pollan
This can be produced by errors fetching keys from the server. - Resolves: #8971
2017-06-28[docs] fix the docstring since the implementation does not sign yetKali Kaneko (leap communications)
2017-06-15[feat] handle maintenance mode from nicknym (503 responses)Ruben Pollan
2017-06-13[bug] fix keymanager issues with last mergeRuben Pollan
2017-06-12[feat] push private key updates into nicknymRuben Pollan
Deal as well with sending key if key is outdated in the providers nicknym. - Resolves: #8819, #8832
2017-04-27[style] pep8 fixesKali Kaneko (leap communications)
2017-04-27[bug] unify logging style using class attrKali Kaneko (leap communications)
I changed most of the logger statements to use a class attribute, in this way it's easier to identify which class it's logging them. in some cases I leave a module-level logger, when we're either using functions or when the module it's too small. at the same time I did a general review and cleanup of the logging statements.
2017-03-12[bug] remove offline toggledrebs
The offline toggle added a race condition in which the client could end up offline forever. We decided to remove it for now and then decide if soledad client needs to know about network connectivity (check: https://0xacab.org/leap/soledad/issues/8789).
2017-02-27[test] pass a fake shared db to soledad during testsdrebs
2017-02-27[refactor] use new soledad client parameterdrebs
- Resolves: #8721
2017-01-26Check validity of key signatureZara Gebru
Check if a new fetched key was signed by a old key with the same address. Please do not merge before: https://github.com/isislovecruft/python-gnupg/pull/150 - Resolves #8112
2017-01-19rename some varsZara Gebru
2016-11-30[bug] make srp token changes propagate to nicknym objectKali Kaneko (leap communications)
the token is set when we get the srp token in the keymanager service, but it wasn't been propagated properly to the internal nicknym object that was refactored recently. here I make the setter write the same token to both keymanager itself and the nicknym. some little additional refactors: - move gpg initialization to a helper method in this way it becomes easier to stub the soledad and keymanager components, for testing. - name nicknym token as publicly visible, since i'm accessing it from the keymanager object. - Resolves: #8651
2016-11-22[tests] fix keymanager tests after refactor and mergeZara Gebru
- some pep8 problems - some confusion with old and new code after merging from old keymanager
2016-11-22[tests] fix some refresher tests after the refactorKali Kaneko (leap communications)
disabled some tests that were failing, for some reason the twisted logger doesn't want to be patched? besides, I don't think it's a good idea to rely on log information for tests. what is it really that we were trying to test there?
2016-11-22[refactor] use qualified exceptionsKali Kaneko (leap communications)
2016-11-22[feature] keymanager: background update keysZara Gebru
Port of the original commit: 8f1fe8dd4a54fd2bdda2fc78c339ce9b3d0fc331 by Zara Gebru that introduced updating keys in the background. This was made in the legacy leapcode/keymanager repo, but was lost in the merge to the unified bitmask-dev. Original commit message follows: -------------------------------- - refresh random key in random time - add get key by fingerprint - refactor nicknym methods to own file - tests - note this do not include a check for revoked key, since that need some changes in gnupg - Related: #6089
2016-11-03[style] pep8 fixesKali Kaneko (leap communications)
2016-10-21[bug] fallback to python-gnupg as a workaroundKali Kaneko (leap communications)
currently windows 7 support is broken with gnupg.
2016-10-21[bug] fail gracefully if cannot find cert fileKali Kaneko (leap communications)
2016-10-07[style] pep8Kali Kaneko (leap communications)
2016-10-07[refactor] use new logger infrastructureKali Kaneko (leap communications)
2016-09-29[bug] remove destructor, pass combined_ca_bundle as optional paramKali Kaneko (leap communications)
this brings back a couple of commits by pixelated that were missed in my keymanager merge. https://github.com/leapcode/keymanager/commit/354ad5a12e90463f9952fe056f191c6d4cdadf40 https://github.com/leapcode/keymanager/commit/dd7ba606df2909c76b20b1d4bb0134302f94b3d0 basically it removes the destructor (there's no guarantee that it gets executed!) and it addds the combined ca bundle as an optional parameter to keymanager initialization
2016-09-22[bug] only generate key if soledad has ever synceddrebs
2016-09-20[feat] discover gpg bin path instead of hardcode itRuben Pollan
2016-09-06[tests] factor out the common pieces to keymanager.testingKali Kaneko (leap communications)
2016-09-01[refactor] fix imports after merging submodulesKali Kaneko (leap communications)
2016-09-01[refactor] remove unneeded version infoKali Kaneko (leap communications)
2016-08-29[pkg] mv keymanager to leap.bitmask.keymanager submoduleKali Kaneko (leap communications)