From 6300a435aaf3f4dacd4615c75defaa8ea7369248 Mon Sep 17 00:00:00 2001
From: Tulio Casagrande <tcasagra@thoughtworks.com>
Date: Fri, 21 Apr 2017 18:27:36 -0300
Subject: [feat] stop resetting signs used after key regeneration

We were considering to reset the sign_used flag to force the new key to
be resend as attachment in forthcoming emails. Although, this is not a
good solution, because we'll lose information about which keys the
client has signed.
---
 src/leap/bitmask/keymanager/__init__.py         |  2 --
 src/leap/bitmask/keymanager/openpgp.py          | 21 -------------------
 tests/integration/keymanager/test_keymanager.py | 12 -----------
 tests/integration/keymanager/test_openpgp.py    | 27 -------------------------
 4 files changed, 62 deletions(-)

diff --git a/src/leap/bitmask/keymanager/__init__.py b/src/leap/bitmask/keymanager/__init__.py
index d1fd4edb..2fa80c7c 100644
--- a/src/leap/bitmask/keymanager/__init__.py
+++ b/src/leap/bitmask/keymanager/__init__.py
@@ -373,8 +373,6 @@ class KeyManager(object):
         self.log.info('Regenerating key for %s.' % self._address)
 
         new_key = yield self._openpgp.regenerate_key(self._address)
-        yield self._openpgp.reset_all_keys_sign_used()
-
         defer.returnValue(new_key)
 
     #
diff --git a/src/leap/bitmask/keymanager/openpgp.py b/src/leap/bitmask/keymanager/openpgp.py
index 2361e6a8..aea82156 100644
--- a/src/leap/bitmask/keymanager/openpgp.py
+++ b/src/leap/bitmask/keymanager/openpgp.py
@@ -584,27 +584,6 @@ class OpenPGPScheme(object):
         active_doc = yield self._get_active_doc_from_address(address, False)
         yield self._soledad.delete_doc(active_doc)
 
-    @defer.inlineCallbacks
-    def reset_all_keys_sign_used(self):
-        """
-        Reset sign_used flag for all keys in storage, to False...
-        to indicate that the key pair has not interacted with all
-        keys in the key ring yet.
-        This should only be used when regenerating/extending the key pair.
-
-        """
-        all_keys = yield self.get_all_keys(private=False)
-        deferreds = []
-
-        @defer.inlineCallbacks
-        def reset_sign_used(key):
-            key.sign_used = False
-            yield self.put_key(key, key_renewal=True)
-
-        for open_pgp_key in all_keys:
-            deferreds.append(reset_sign_used(open_pgp_key))
-        yield defer.gatherResults(deferreds)
-
     #
     # Data encryption, decryption, signing and verifying
     #
diff --git a/tests/integration/keymanager/test_keymanager.py b/tests/integration/keymanager/test_keymanager.py
index 88a8ba93..656b070c 100644
--- a/tests/integration/keymanager/test_keymanager.py
+++ b/tests/integration/keymanager/test_keymanager.py
@@ -639,18 +639,6 @@ class KeyManagerKeyManagementTestCase(KeyManagerWithSoledadTestCase):
         self.assertEqual(new_key.fingerprint, renewed_public_key.fingerprint)
         self.assertIn(old_key.fingerprint[-16:], renewed_public_key.signatures)
 
-    @defer.inlineCallbacks
-    def test_key_regenerate_resets_all_public_key_sign_used(self):
-        km = self._key_manager(user=ADDRESS_EXPIRING)
-
-        yield km._openpgp.put_raw_key(PRIVATE_EXPIRING_KEY, ADDRESS_EXPIRING)
-        yield km._openpgp.put_raw_key(PUBLIC_KEY_2, ADDRESS_2)
-        km._openpgp.reset_all_keys_sign_used = mock.Mock()
-
-        yield km.regenerate_key()
-
-        km._openpgp.reset_all_keys_sign_used.assert_called_once()
-
 
 class KeyManagerCryptoTestCase(KeyManagerWithSoledadTestCase):
     RAW_DATA = 'data'
diff --git a/tests/integration/keymanager/test_openpgp.py b/tests/integration/keymanager/test_openpgp.py
index d994f801..d04f5d01 100644
--- a/tests/integration/keymanager/test_openpgp.py
+++ b/tests/integration/keymanager/test_openpgp.py
@@ -99,33 +99,6 @@ class OpenPGPCryptoTestCase(KeyManagerWithSoledadTestCase):
         yield pgp.delete_key(key)
         yield self._assert_key_not_found(pgp, ADDRESS)
 
-    @inlineCallbacks
-    def test_reset_sign_used_for_all_keys(self):
-        pgp = openpgp.OpenPGPScheme(
-            self._soledad, gpgbinary=self.gpg_binary_path)
-
-        yield pgp.put_raw_key(PRIVATE_KEY, ADDRESS)
-        yield pgp.put_raw_key(PUBLIC_KEY, ADDRESS)
-        yield pgp.put_raw_key(PUBLIC_KEY_2, ADDRESS_2)
-        pubkey = yield pgp.get_key(ADDRESS)
-        pubkey.sign_used = True
-        yield pgp.put_key(pubkey)
-        pubkey2 = yield pgp.get_key(ADDRESS_2)
-        pubkey2.sign_used = True
-        yield pgp.put_key(pubkey2)
-
-        yield pgp.reset_all_keys_sign_used()
-
-        pubkey_refetched = yield pgp.get_key(ADDRESS)
-        pubkey2_refetched = yield pgp.get_key(ADDRESS_2)
-
-        self.assertEqual(False, pubkey_refetched.sign_used)
-        self.assertEqual(False, pubkey2_refetched.sign_used)
-        self.assertEqual(pubkey.fingerprint, pubkey_refetched.fingerprint)
-        self.assertEqual(pubkey.key_data, pubkey_refetched.key_data)
-        self.assertEqual(pubkey2.fingerprint, pubkey2_refetched.fingerprint)
-        self.assertEqual(pubkey2.key_data, pubkey2_refetched.key_data)
-
     @inlineCallbacks
     def test_openpgp_encrypt_decrypt(self):
         data = 'data'
-- 
cgit v1.2.3