From 6300a435aaf3f4dacd4615c75defaa8ea7369248 Mon Sep 17 00:00:00 2001 From: Tulio Casagrande Date: Fri, 21 Apr 2017 18:27:36 -0300 Subject: [feat] stop resetting signs used after key regeneration We were considering to reset the sign_used flag to force the new key to be resend as attachment in forthcoming emails. Although, this is not a good solution, because we'll lose information about which keys the client has signed. --- src/leap/bitmask/keymanager/__init__.py | 2 -- src/leap/bitmask/keymanager/openpgp.py | 21 --------------------- 2 files changed, 23 deletions(-) (limited to 'src') diff --git a/src/leap/bitmask/keymanager/__init__.py b/src/leap/bitmask/keymanager/__init__.py index d1fd4edb..2fa80c7c 100644 --- a/src/leap/bitmask/keymanager/__init__.py +++ b/src/leap/bitmask/keymanager/__init__.py @@ -373,8 +373,6 @@ class KeyManager(object): self.log.info('Regenerating key for %s.' % self._address) new_key = yield self._openpgp.regenerate_key(self._address) - yield self._openpgp.reset_all_keys_sign_used() - defer.returnValue(new_key) # diff --git a/src/leap/bitmask/keymanager/openpgp.py b/src/leap/bitmask/keymanager/openpgp.py index 2361e6a8..aea82156 100644 --- a/src/leap/bitmask/keymanager/openpgp.py +++ b/src/leap/bitmask/keymanager/openpgp.py @@ -584,27 +584,6 @@ class OpenPGPScheme(object): active_doc = yield self._get_active_doc_from_address(address, False) yield self._soledad.delete_doc(active_doc) - @defer.inlineCallbacks - def reset_all_keys_sign_used(self): - """ - Reset sign_used flag for all keys in storage, to False... - to indicate that the key pair has not interacted with all - keys in the key ring yet. - This should only be used when regenerating/extending the key pair. - - """ - all_keys = yield self.get_all_keys(private=False) - deferreds = [] - - @defer.inlineCallbacks - def reset_sign_used(key): - key.sign_used = False - yield self.put_key(key, key_renewal=True) - - for open_pgp_key in all_keys: - deferreds.append(reset_sign_used(open_pgp_key)) - yield defer.gatherResults(deferreds) - # # Data encryption, decryption, signing and verifying # -- cgit v1.2.3