keymanager.git
2 years agoDeprecated notice master
Ruben Pollan [Thu, 26 Oct 2017 09:11:32 +0000 (11:11 +0200)]
Deprecated notice

3 years agoMerge tag '0.5.1'
Kali Kaneko (leap communications) [Wed, 4 May 2016 21:54:07 +0000 (17:54 -0400)]
Merge tag '0.5.1'

Tag keymanager version 0.5.1

3 years agoMerge branch 'develop' into release/0.5.1 0.5.1
Kali Kaneko (leap communications) [Wed, 4 May 2016 21:50:06 +0000 (17:50 -0400)]
Merge branch 'develop' into release/0.5.1

3 years ago[feat] creat an iterator to build dicts
Ruben Pollan [Mon, 25 Apr 2016 23:24:48 +0000 (20:24 -0300)]
[feat] creat an iterator to build dicts

Need pizza!!!!!!

3 years ago[pkg] fix changelog path in manifest
Kali Kaneko (leap communications) [Wed, 27 Apr 2016 03:57:34 +0000 (23:57 -0400)]
[pkg] fix changelog path in manifest

3 years ago[bug] encryption keys can now be serialized to json using key.get_dict()
elijah [Tue, 19 Apr 2016 06:48:17 +0000 (23:48 -0700)]
[bug] encryption keys can now be serialized to json using key.get_dict()

3 years agoMerge tag '0.5.0' into develop
Kali Kaneko (leap communications) [Mon, 18 Apr 2016 15:08:29 +0000 (11:08 -0400)]
Merge tag '0.5.0' into develop

Tag leap.bitmask version 0.5.0

3 years agoMerge tag '0.5.0'
Kali Kaneko (leap communications) [Mon, 18 Apr 2016 15:07:44 +0000 (11:07 -0400)]
Merge tag '0.5.0'

Tag leap.bitmask version 0.5.0

# gpg: Signature made Mon 18 Apr 2016 11:05:46 AM BOT
# gpg:                using RSA key 1CAF6C5B9F720808
# gpg: Good signature from "Kaliyuga <kaliyuga@riseup.net>" [ultimate]
# gpg:                 aka "Kali Kaneko (leap communications) <kali@leap.se>" [ultimate]

3 years agoMerge tag '0.5.0' into release/0.5.x
Kali Kaneko (leap communications) [Mon, 18 Apr 2016 15:06:42 +0000 (11:06 -0400)]
Merge tag '0.5.0' into release/0.5.x

Tag leap.bitmask version 0.5.0

3 years ago[pkg] Update changelog 0.5.0
Kali Kaneko (leap communications) [Mon, 18 Apr 2016 15:04:54 +0000 (11:04 -0400)]
[pkg] Update changelog

3 years ago[feat] reduce log level for encrypt/decrypt errors
Ruben Pollan [Fri, 8 Apr 2016 16:22:14 +0000 (18:22 +0200)]
[feat] reduce log level for encrypt/decrypt errors

* Related: #8022

3 years ago[bug] delete versioneer duplicated block
Kali Kaneko (leap communications) [Mon, 11 Apr 2016 16:14:01 +0000 (12:14 -0400)]
[bug] delete versioneer duplicated block

3 years ago[style] Removed duplicated import
Bruno Wagner [Mon, 11 Apr 2016 14:57:58 +0000 (11:57 -0300)]
[style] Removed duplicated import

There was a duplicate import for get_versions, that was not at
the top of the file, that caused a pep warning and was fixed
in this commit

3 years ago[pkg] update to versioneer 0.16
Kali Kaneko [Fri, 1 Apr 2016 21:25:58 +0000 (17:25 -0400)]
[pkg] update to versioneer 0.16

3 years ago[bug] Return KeyNotFound Failure if not valid key is given to put_raw_key
Ruben Pollan [Sun, 20 Mar 2016 17:44:23 +0000 (18:44 +0100)]
[bug] Return KeyNotFound Failure if not valid key is given to put_raw_key

- Resolves: #7974

3 years ago[test] refactor key deletion tests
Ruben Pollan [Thu, 25 Feb 2016 17:34:45 +0000 (11:34 -0600)]
[test] refactor key deletion tests

3 years ago[feat] update usage only if needed
Ruben Pollan [Thu, 21 Jan 2016 17:48:23 +0000 (18:48 +0100)]
[feat] update usage only if needed

During encryption we where updating 'enc_used' in the key without
checking if it was already set.

3 years ago[doc] soledad docs fields
Ruben Pollan [Mon, 21 Dec 2015 14:59:58 +0000 (15:59 +0100)]
[doc] soledad docs fields

- Resolves: #7712

3 years ago[feat] Make EncryptionKey aware of the active address
Ruben Pollan [Mon, 21 Dec 2015 18:26:55 +0000 (19:26 +0100)]
[feat] Make EncryptionKey aware of the active address

3 years ago[test] add updater tests
Ruben Pollan [Mon, 21 Dec 2015 19:24:52 +0000 (20:24 +0100)]
[test] add updater tests

3 years ago[feat] Use fingerprints instead of key ids
Ruben Pollan [Fri, 18 Dec 2015 19:31:18 +0000 (20:31 +0100)]
[feat] Use fingerprints instead of key ids

- Resolves: #7500

3 years ago[feat] Migrate soledad documents by adding versioning field
Ruben Pollan [Fri, 18 Dec 2015 18:37:44 +0000 (19:37 +0100)]
[feat] Migrate soledad documents by adding versioning field

- Resolves: #7713

3 years ago[feat] move validation, usage and audited date to the active document
Ruben Pollan [Tue, 15 Dec 2015 12:29:44 +0000 (13:29 +0100)]
[feat] move validation, usage and audited date to the active document

- Resolves: #7485

3 years agoMerge branch 'feat/async_gpg' into develop
Ruben Pollan [Tue, 23 Feb 2016 17:42:01 +0000 (11:42 -0600)]
Merge branch 'feat/async_gpg' into develop

3 years ago[feat] defer decrypt, gen_key and encrypt
Victor Shyba [Thu, 11 Feb 2016 22:22:34 +0000 (19:22 -0300)]
[feat] defer decrypt, gen_key and encrypt

This commit put those gnupg operations to be run on external threads
limited by the amount of cores present on user machine.
Some gnupg calls spawn processes and communicating to them is a
synchronous operation, so running outside of a reactor should improve
response time by avoiding reactor locking.

3 years ago[style] fix pep8
Ruben Pollan [Tue, 9 Feb 2016 15:32:53 +0000 (16:32 +0100)]
[style] fix pep8

3 years agoMerge branch 'feat/defer_requests' into develop
Ruben Pollan [Thu, 4 Feb 2016 16:33:50 +0000 (17:33 +0100)]
Merge branch 'feat/defer_requests' into develop

3 years ago[docs] add docstrings and fixes pep8
Victor Shyba [Tue, 2 Feb 2016 22:51:36 +0000 (19:51 -0300)]
[docs] add docstrings and fixes pep8

Some methods were missing docstrings and some code was exceeding the 80
column limit. Also some asserts arent needed anymore.

3 years ago[feat] use HTTPClient instead of requests
Victor Shyba [Thu, 28 Jan 2016 02:18:04 +0000 (23:18 -0300)]
[feat] use HTTPClient instead of requests

This commit adapts code to use HTTPClient instead of requests.
requests library receives a certificate as parameter during requests
while HTTPClient recelives a cert only on constructor. In order to have
both types (leap cert and commercial certs) working together we
introduced two clients on constructor.

3 years ago[refactor] isolate requests
Victor Shyba [Thu, 28 Jan 2016 00:35:43 +0000 (21:35 -0300)]
[refactor] isolate requests

Isolate requests lib related code and update docstrings.

3 years ago[feat] defer blocking requests calls to thread
Victor Shyba [Wed, 27 Jan 2016 23:45:00 +0000 (20:45 -0300)]
[feat] defer blocking requests calls to thread

That's a temporary fix for #6506
This commit adapts code to deal with deferreds coming from calling
requests from Twisted. Next step is just to change requests for twisted
http client present in leap.common.
Unfortunately, this last step will be a bit longer and would be better
to have integrations tests to ensure current HTTP behaviour.

4 years ago[pkg] fold in changes 0.4.3
Ivan Alejandro [Tue, 27 Oct 2015 21:44:10 +0000 (18:44 -0300)]
[pkg] fold in changes

4 years ago[pkg] bump common dependency (due to events-async)
Kali Kaneko [Thu, 8 Oct 2015 14:37:23 +0000 (10:37 -0400)]
[pkg] bump common dependency (due to events-async)

4 years ago[feat] self-repair the keyring if keys get duplicated
Ruben Pollan [Tue, 29 Sep 2015 14:36:20 +0000 (16:36 +0200)]
[feat] self-repair the keyring if keys get duplicated

In some cases in the past keys got stored twice in different documents.
Hopefully this issue is solved now, this tries to self-repair the keyring
if encounters that. This is not really solving the problem, if it keeps
happening we need to investigate the source.

- Resolves: #7498

4 years ago[bug] fix verify keys usage
Ruben Pollan [Mon, 28 Sep 2015 17:06:20 +0000 (19:06 +0200)]
[bug] fix verify keys usage

The latests refactor missed one line.

4 years ago[refactor] improve readability
Kali Kaneko [Thu, 24 Sep 2015 16:44:28 +0000 (12:44 -0400)]
[refactor] improve readability

Improve readability of operations on generic keys, by assigning the
class matching the type of key (_wrapper_map[ktype]) at the beginning of
each block.

in the future, we could pass the type of key (only PGP keys being used
at the moment) on initialization of the Keymanager, so we don't have to
pass the ktype on each method call.

4 years ago[refactor] refactor key parsing
Kali Kaneko [Thu, 10 Sep 2015 14:36:53 +0000 (10:36 -0400)]
[refactor] refactor key parsing

so that it can be tested without needing to instantiate the whole
OpenPGPScheme object, that receives a soledad instance.

4 years ago[style] more pep8 fixes
Kali Kaneko [Thu, 24 Sep 2015 16:11:37 +0000 (12:11 -0400)]
[style] more pep8 fixes

4 years ago[style] fix pep8 warnings
Folker Bernitt [Thu, 24 Sep 2015 12:04:43 +0000 (14:04 +0200)]
[style] fix pep8 warnings

4 years ago[bug] keep combined file longer in scope
Folker Bernitt [Mon, 21 Sep 2015 13:59:53 +0000 (15:59 +0200)]
[bug] keep combined file longer in scope

In previous commit 9546348c, the combined bundle ca
was not long enough in scope and was therefore deleted
when it actually was used.
Adopted test to check whether file is deleted.

4 years ago[tests] Add regression tests for sign_used
Folker Bernitt [Thu, 24 Sep 2015 09:46:14 +0000 (11:46 +0200)]
[tests] Add regression tests for sign_used

Fails if wrong address is passed to the put_key method,
or wrong key is marked as sign_used.

- Related: #7420

4 years ago[bug] don't repush a public key with different address
Ruben Pollan [Wed, 23 Sep 2015 23:15:11 +0000 (01:15 +0200)]
[bug] don't repush a public key with different address

During decryption the signing public key was getting repush with a
different address as part of the verify usage flagging.

- Resolves: https://github.com/pixelated/pixelated-user-agent/issues/466
- Related: #7420

4 years agoMerge branch 'fix_empty_string_ca_certs' into develop
Ruben Pollan [Thu, 24 Sep 2015 10:19:36 +0000 (12:19 +0200)]
Merge branch 'fix_empty_string_ca_certs' into develop

4 years ago[bug] treat empty string ca_cert_path as None
Folker Bernitt [Tue, 22 Sep 2015 15:43:29 +0000 (17:43 +0200)]
[bug] treat empty string ca_cert_path as None

Fixup for 9546348c36. This problem only occurs in
test setups where '' is passed to ca_cert_path.

4 years ago[bug] catch request exceptions
Ruben Pollan [Tue, 22 Sep 2015 14:18:36 +0000 (16:18 +0200)]
[bug] catch request exceptions

On fetch_key we were not catching the request exceptions, now they are
returned as failure in the deferred as it should.

- Related: #7410

4 years ago[feat] more verbosity in get_key wrong address log
Ruben Pollan [Mon, 21 Sep 2015 21:15:33 +0000 (23:15 +0200)]
[feat] more verbosity in get_key wrong address log

4 years ago[style] fix pep8 problems
Ruben Pollan [Mon, 21 Sep 2015 17:59:11 +0000 (19:59 +0200)]
[style] fix pep8 problems

4 years ago[feature] Use ca_bundle when fetching keys by url
Folker Bernitt [Fri, 18 Sep 2015 15:03:14 +0000 (17:03 +0200)]
[feature] Use ca_bundle when fetching keys by url

This is necessary as a fetch by url will talk to remote
sites or, for providers with a commercial cert, with
a cert that had not been signed with the provider CA.

- support lookup of local keys by url for providers
  with a commercial cert
- combine ca_bundle with ca_cert_path if specified
- close soledad after each test

4 years ago[feat] add logging to fetch_key
Ruben Pollan [Wed, 16 Sep 2015 09:04:33 +0000 (11:04 +0200)]
[feat] add logging to fetch_key

In case of failure of fetch_key will be useful to have some logging
telling us wich key is fetching.

- Related: #7410

4 years ago[style] pep8 fix
Kali Kaneko [Wed, 16 Sep 2015 16:55:08 +0000 (12:55 -0400)]
[style] pep8 fix

4 years ago[feat] use async events api
Kali Kaneko [Tue, 15 Sep 2015 03:08:41 +0000 (23:08 -0400)]
[feat] use async events api

this avoids using a separate thread with tornado ioloop for events
client, since we can use twisted reactor.

- Resolves: #7274

4 years ago[docs] beautify links to docs
Kali Kaneko [Wed, 9 Sep 2015 19:27:55 +0000 (15:27 -0400)]
[docs] beautify links to docs

4 years ago[docs] update link to nicknym docs
Kali Kaneko [Wed, 9 Sep 2015 19:22:03 +0000 (15:22 -0400)]
[docs] update link to nicknym docs

4 years ago[docs] add downloads info
Kali Kaneko [Wed, 9 Sep 2015 19:18:45 +0000 (15:18 -0400)]
[docs] add downloads info

4 years ago[docs] fix broken pypi badge
Kali Kaneko [Wed, 9 Sep 2015 18:59:38 +0000 (14:59 -0400)]
[docs] fix broken pypi badge

4 years ago[pkg] update changelog 0.4.2
Ivan Alejandro [Wed, 26 Aug 2015 21:15:54 +0000 (18:15 -0300)]
[pkg] update changelog

4 years ago[style] pep8 fixes
Kali Kaneko [Tue, 18 Aug 2015 01:52:55 +0000 (21:52 -0400)]
[style] pep8 fixes

4 years ago[style] pep8 fix
Kali Kaneko [Mon, 17 Aug 2015 23:22:14 +0000 (19:22 -0400)]
[style] pep8 fix

4 years ago[tests] add pep8/flake8 ignores
Kali Kaneko [Mon, 17 Aug 2015 23:20:58 +0000 (19:20 -0400)]
[tests] add pep8/flake8 ignores

4 years ago[feat] WHEELHOUSE can be a url + --use-leap-wheels
Parménides GV [Thu, 6 Aug 2015 06:51:03 +0000 (08:51 +0200)]
[feat] WHEELHOUSE can be a url + --use-leap-wheels

--use-leap-wheels sets --trusted-host (remove it when we have a proper
cert) and WHEELHOUSE to https://ftp.lizard.leap.se

Until we get ftp.lizard cname, use lizard as the wheels server.

    Related: #7339

4 years ago[style] Re-added lambdas to openpgp on keymanager
Bruno Wagner [Mon, 3 Aug 2015 20:37:09 +0000 (17:37 -0300)]
[style] Re-added lambdas to openpgp on keymanager

4 years ago[tests] Added requirements-latest to help HEAD development
Bruno Wagner [Mon, 3 Aug 2015 18:48:07 +0000 (15:48 -0300)]
[tests] Added requirements-latest to help HEAD development

That's an easy way to setup the latest develop without
depending on manually downloading the dependencies

4 years ago[style] Fixed pep8 warnings
Bruno Wagner [Fri, 24 Jul 2015 19:24:13 +0000 (16:24 -0300)]
[style] Fixed pep8 warnings

Fixed pep8 warnings to prepare the keymanager for CI

4 years ago[feat] use wheels to install dependencies
Parménides GV [Fri, 31 Jul 2015 07:01:53 +0000 (09:01 +0200)]
[feat] use wheels to install dependencies

generate_wheels uses $WHEELHOUSE to generate and store the wheels for
requirements.pip and requirements-testing.pip (if it exists).

pip_install_requirements.sh installs requirements.pip from them if
possible (if not, then it fetches them from pypi) or, if passed the
--testing flag, it installs requirements-testing.pip.

Related: #7327

4 years ago[style] pep8
Kali Kaneko [Wed, 29 Jul 2015 20:27:54 +0000 (16:27 -0400)]
[style] pep8

4 years ago[tests] add pep8 to requirements-testing
Kali Kaneko [Tue, 28 Jul 2015 13:57:40 +0000 (09:57 -0400)]
[tests] add pep8 to requirements-testing

4 years ago[pkg] add AUTHORS file + one-liner to generate it
Kali Kaneko [Tue, 28 Jul 2015 02:30:38 +0000 (22:30 -0400)]
[pkg] add AUTHORS file + one-liner to generate it

4 years ago[pkg] add script to install base requirements
Kali Kaneko [Tue, 28 Jul 2015 02:02:27 +0000 (22:02 -0400)]
[pkg] add script to install base requirements

- update pip
- install base reqs

4 years ago[pkg] comment the line until the version string is fixed
Parménides GV [Mon, 27 Jul 2015 17:00:03 +0000 (19:00 +0200)]
[pkg] comment the line until the version string is fixed

otherwise, the tests will be pulling outdated versions from pypi.

4 years ago[pkg] avoid choking on latest gnupg version
Kali Kaneko [Thu, 23 Jul 2015 18:34:53 +0000 (14:34 -0400)]
[pkg] avoid choking on latest gnupg version

latest gnupg version (from pypi) was '2.0.2-py2.7.egg', which is parsed
as a LegacyVersion and therefore breaks the numeric comparison. this is
a workaround to allow the sanity check to continue, by comparing just
the numeric part of the version string.

4 years ago[pkg] do not add leap deps in develop mode
Kali Kaneko [Wed, 22 Jul 2015 20:03:50 +0000 (16:03 -0400)]
[pkg] do not add leap deps in develop mode

it is the responsibility of the developer to install them now

- Related: #7288

4 years ago[style] add the magnificient leap commit template
Kali Kaneko [Wed, 22 Jul 2015 14:34:21 +0000 (10:34 -0400)]
[style] add the magnificient leap commit template

4 years ago[pkg] separate leap requirements
Kali Kaneko [Wed, 22 Jul 2015 14:31:59 +0000 (10:31 -0400)]
[pkg] separate leap requirements

this is part of a process to make the setup of the development mode less
troublesome. from now on, setting up a virtualenv in pure development
mode will be as easy as telling pip to just install the external
dependencies::

  pip install -r pkg/requirements.pip

and traversing all the leap repos for the needed leap dependencies doing::

  python setup.py develop

- Related: #7288

4 years ago[pkg] fold in changes 0.4.1
Ivan Alejandro [Fri, 10 Jul 2015 17:44:19 +0000 (14:44 -0300)]
[pkg] fold in changes

4 years ago[style] spelling typo
Kali Kaneko [Mon, 29 Jun 2015 16:05:51 +0000 (12:05 -0400)]
[style] spelling typo

4 years ago[bug] remove the dependency on enum34
Ruben Pollan [Fri, 26 Jun 2015 16:12:22 +0000 (18:12 +0200)]
[bug] remove the dependency on enum34

* Resolves: #7188

4 years ago[pkg] bump dependencies release/0.4.x 0.4.0
Ivan Alejandro [Mon, 8 Jun 2015 18:21:00 +0000 (15:21 -0300)]
[pkg] bump dependencies

4 years ago[pkg] fold in changes
Ivan Alejandro [Mon, 8 Jun 2015 18:20:34 +0000 (15:20 -0300)]
[pkg] fold in changes

4 years ago[feat] adapt to new events api on common
Ivan Alejandro [Wed, 6 May 2015 21:04:03 +0000 (18:04 -0300)]
[feat] adapt to new events api on common

- Related: #6359

4 years ago[doc] added the right link the validation levels documentation
Ruben Pollan [Tue, 7 Apr 2015 10:56:20 +0000 (12:56 +0200)]
[doc] added the right link the validation levels documentation

The mailing list was linked, but now there is a proper documentation
page.

- Releases: 0.4.0

4 years ago[feat] set fetched keys as Weak Chain if they are not from the same domain
Ruben Pollan [Mon, 30 Mar 2015 09:25:21 +0000 (11:25 +0200)]
[feat] set fetched keys as Weak Chain if they are not from the same domain

Nicknym server is authoritative for its own domain, but for others it might
retrieve keys from key servers. On keys from the same domain we set the
validation level to 'Provider Trust'. For other domains in the email
address we set it to 'Weak Chain' as we don't have info about its source.

Resolves: #6815
Related: #6718
Releases: 0.4.0

4 years agoFetch keys should return KeyNotFound for unknown errors
Ruben Pollan [Thu, 19 Feb 2015 16:21:56 +0000 (10:21 -0600)]
Fetch keys should return KeyNotFound for unknown errors

4 years agoMerge branch 'feature/async-api' into develop
Kali Kaneko [Wed, 11 Feb 2015 18:01:20 +0000 (14:01 -0400)]
Merge branch 'feature/async-api' into develop

4 years agoPort validation levels to enum34
Ruben Pollan [Mon, 5 Jan 2015 14:54:24 +0000 (08:54 -0600)]
Port validation levels to enum34

4 years agoupgrade key when signed by old key
Ruben Pollan [Sat, 20 Dec 2014 04:37:40 +0000 (22:37 -0600)]
upgrade key when signed by old key

4 years agoUpgrade keys if not successfully used and strict high validation level
Ruben Pollan [Fri, 19 Dec 2014 14:15:43 +0000 (08:15 -0600)]
Upgrade keys if not successfully used and strict high validation level

4 years agoOn key update merge metadata correctly
Ruben Pollan [Fri, 19 Dec 2014 13:40:05 +0000 (07:40 -0600)]
On key update merge metadata correctly

4 years agoFix key upgrade on no expiration date and higher validation level
Ruben Pollan [Fri, 19 Dec 2014 13:38:42 +0000 (07:38 -0600)]
Fix key upgrade on no expiration date and higher validation level

4 years agoReturn a valid error from gatherResults
Ruben Pollan [Mon, 29 Dec 2014 06:27:27 +0000 (00:27 -0600)]
Return a valid error from gatherResults

4 years agoUse trial as test runner.
drebs [Wed, 7 Jan 2015 18:45:37 +0000 (16:45 -0200)]
Use trial as test runner.

4 years agoReturn the right error on signature verification
Ruben Pollan [Mon, 15 Dec 2014 04:13:57 +0000 (22:13 -0600)]
Return the right error on signature verification

4 years agoFind the gpg path instead of hard code it
Ruben Pollan [Sat, 13 Dec 2014 16:15:53 +0000 (10:15 -0600)]
Find the gpg path instead of hard code it

4 years agoFix key generation
Ruben Pollan [Fri, 5 Dec 2014 18:28:37 +0000 (12:28 -0600)]
Fix key generation

4 years agoPort to soledad new async API
Ruben Pollan [Fri, 28 Nov 2014 16:37:00 +0000 (10:37 -0600)]
Port to soledad new async API

4 years agoReturn signing key on signature verification
Ruben Pollan [Thu, 20 Nov 2014 16:56:21 +0000 (10:56 -0600)]
Return signing key on signature verification

Don't throw an exception if verification fails

4 years agoUse addresses instead of keys on the public API
Ruben Pollan [Thu, 20 Nov 2014 16:55:09 +0000 (10:55 -0600)]
Use addresses instead of keys on the public API

4 years agoFix test to use correct new signature for openpgp.put_ascii_key().
drebs [Tue, 25 Nov 2014 14:36:24 +0000 (12:36 -0200)]
Fix test to use correct new signature for openpgp.put_ascii_key().

4 years agoAdd enum as a dependency.
drebs [Tue, 25 Nov 2014 14:35:52 +0000 (12:35 -0200)]
Add enum as a dependency.

4 years agoMerge branch 'feature/6299_new_doc' into develop
drebs [Tue, 25 Nov 2014 14:30:40 +0000 (12:30 -0200)]
Merge branch 'feature/6299_new_doc' into develop

4 years agoFix comments
Ruben Pollan [Tue, 11 Nov 2014 01:00:04 +0000 (19:00 -0600)]
Fix comments