summaryrefslogtreecommitdiff
path: root/src/leap/keymanager
AgeCommit message (Collapse)Author
2015-10-01[feat] self-repair the keyring if keys get duplicatedRuben Pollan
In some cases in the past keys got stored twice in different documents. Hopefully this issue is solved now, this tries to self-repair the keyring if encounters that. This is not really solving the problem, if it keeps happening we need to investigate the source. - Resolves: #7498
2015-09-28[bug] fix verify keys usageRuben Pollan
The latests refactor missed one line.
2015-09-25[refactor] improve readabilityKali Kaneko
Improve readability of operations on generic keys, by assigning the class matching the type of key (_wrapper_map[ktype]) at the beginning of each block. in the future, we could pass the type of key (only PGP keys being used at the moment) on initialization of the Keymanager, so we don't have to pass the ktype on each method call.
2015-09-24[refactor] refactor key parsingKali Kaneko
so that it can be tested without needing to instantiate the whole OpenPGPScheme object, that receives a soledad instance.
2015-09-24[style] more pep8 fixesKali Kaneko
2015-09-24[style] fix pep8 warningsFolker Bernitt
2015-09-24[bug] keep combined file longer in scopeFolker Bernitt
In previous commit 9546348c, the combined bundle ca was not long enough in scope and was therefore deleted when it actually was used. Adopted test to check whether file is deleted.
2015-09-24[tests] Add regression tests for sign_usedFolker Bernitt
Fails if wrong address is passed to the put_key method, or wrong key is marked as sign_used. - Related: #7420
2015-09-24[bug] don't repush a public key with different addressRuben Pollan
During decryption the signing public key was getting repush with a different address as part of the verify usage flagging. - Resolves: https://github.com/pixelated/pixelated-user-agent/issues/466 - Related: #7420
2015-09-24[bug] treat empty string ca_cert_path as NoneFolker Bernitt
Fixup for 9546348c36. This problem only occurs in test setups where '' is passed to ca_cert_path.
2015-09-22[bug] catch request exceptionsRuben Pollan
On fetch_key we were not catching the request exceptions, now they are returned as failure in the deferred as it should. - Related: #7410
2015-09-21[feat] more verbosity in get_key wrong address logRuben Pollan
2015-09-21[style] fix pep8 problemsRuben Pollan
2015-09-18[feature] Use ca_bundle when fetching keys by urlFolker Bernitt
This is necessary as a fetch by url will talk to remote sites or, for providers with a commercial cert, with a cert that had not been signed with the provider CA. - support lookup of local keys by url for providers with a commercial cert - combine ca_bundle with ca_cert_path if specified - close soledad after each test
2015-09-17[feat] add logging to fetch_keyRuben Pollan
In case of failure of fetch_key will be useful to have some logging telling us wich key is fetching. - Related: #7410
2015-09-16[style] pep8 fixKali Kaneko
2015-09-14[feat] use async events apiKali Kaneko
this avoids using a separate thread with tornado ioloop for events client, since we can use twisted reactor. - Resolves: #7274
2015-08-17[style] pep8 fixKali Kaneko
2015-08-03[style] Re-added lambdas to openpgp on keymanagerBruno Wagner
2015-08-03[style] Fixed pep8 warningsBruno Wagner
Fixed pep8 warnings to prepare the keymanager for CI
2015-07-29[style] pep8Kali Kaneko
2015-07-23[pkg] avoid choking on latest gnupg versionKali Kaneko
latest gnupg version (from pypi) was '2.0.2-py2.7.egg', which is parsed as a LegacyVersion and therefore breaks the numeric comparison. this is a workaround to allow the sanity check to continue, by comparing just the numeric part of the version string.
2015-06-29[style] spelling typoKali Kaneko
2015-06-27[bug] remove the dependency on enum34Ruben Pollan
* Resolves: #7188
2015-05-27[feat] adapt to new events api on commonIvan Alejandro
- Related: #6359
2015-04-07[doc] added the right link the validation levels documentationRuben Pollan
The mailing list was linked, but now there is a proper documentation page. - Releases: 0.4.0
2015-03-30[feat] set fetched keys as Weak Chain if they are not from the same domainRuben Pollan
Nicknym server is authoritative for its own domain, but for others it might retrieve keys from key servers. On keys from the same domain we set the validation level to 'Provider Trust'. For other domains in the email address we set it to 'Weak Chain' as we don't have info about its source. Resolves: #6815 Related: #6718 Releases: 0.4.0
2015-02-19Fetch keys should return KeyNotFound for unknown errorsRuben Pollan
2015-01-15Port validation levels to enum34Ruben Pollan
2015-01-15upgrade key when signed by old keyRuben Pollan
2015-01-15Upgrade keys if not successfully used and strict high validation levelRuben Pollan
2015-01-15On key update merge metadata correctlyRuben Pollan
2015-01-15Fix key upgrade on no expiration date and higher validation levelRuben Pollan
2015-01-15Return a valid error from gatherResultsRuben Pollan
2014-12-16Return the right error on signature verificationRuben Pollan
2014-12-16Find the gpg path instead of hard code itRuben Pollan
2014-12-16Fix key generationRuben Pollan
2014-12-16Port to soledad new async APIRuben Pollan
2014-11-25Return signing key on signature verificationRuben Pollan
Don't throw an exception if verification fails
2014-11-25Use addresses instead of keys on the public APIRuben Pollan
2014-11-25Fix test to use correct new signature for openpgp.put_ascii_key().drebs
2014-11-19Fix commentsRuben Pollan
2014-11-19Implement multi uid supportRuben Pollan
2014-11-19Implement active key documentRuben Pollan
2014-11-10Use type instead of tags to get docs in openpgpRuben Pollan
For that that now the type is the class.__name__ instead of str(class)
2014-11-10Implement the new encryption-key soledad documentRuben Pollan
2014-11-06Use datetime for key expirationRuben Pollan
2014-11-04Remove outdated commentRuben Pollan
2014-11-04Merge keys when updating an exisiting keyRuben Pollan
This is needed to prevent roll back attacks where the attacker push us to accept a key with an old expiration date that could be use to push an untrusted key when after it's expiration.
2014-10-23Update doc string of OpenPGPScheme._temporary_gpgwrapperRuben Pollan