Check if key is synchronized with server at every login

This is a temporary solution when uploading a regenerated key fails.
It's going to attempt the upload again on the subsequent logins. The
drawback with this solution, is that the fetch remote can increase the
login time, specially with multiple users.

See: #815

2 files changed, 59 insertions, 1 deletions

diff --git a/service/pixelated/bitmask_libraries/keymanager.py b/service/pixelated/bitmask_libraries/keymanager.py
index 28d5f9db..4171c655 100644
--- a/service/pixelated/bitmask_libraries/keymanager.py
+++ b/service/pixelated/bitmask_libraries/keymanager.py
@@ -52,9 +52,23 @@ class Keymanager(object):
         elif current_key.needs_renewal(DEFAULT_EXTENSION_THRESHOLD):
             current_key = yield self._regenerate_key_and_send_to_leap()
 
+        self._synchronize_remote_key(current_key)
         logger.info("Current key for {}: {}".format(self._email, current_key.fingerprint))
 
     @defer.inlineCallbacks
+    def _synchronize_remote_key(self, current_key):
+        if not self._is_key_synchronized_with_server(current_key):
+            try:
+                yield self.keymanager.send_key()
+            except Exception as e:
+                raise UploadKeyError(e.message)
+
+    @defer.inlineCallbacks
+    def _is_key_synchronized_with_server(self, current_key):
+        remote_key = yield self.get_key(self._email, private=False, fetch_remote=True)
+        defer.returnValue(remote_key.fingerprint == current_key.fingerprint)
+
+    @defer.inlineCallbacks
     def _regenerate_key_and_send_to_leap(self):
         logger.info("Regenerating keys - this could take a while...")
         key = yield self.keymanager.regenerate_key()
@@ -62,7 +76,6 @@ class Keymanager(object):
             yield self.keymanager.send_key()
             defer.returnValue(key)
         except Exception as e:
-            # what to be done when upload key error
             raise UploadKeyError(e.message)
 
     @defer.inlineCallbacks
diff --git a/service/test/unit/bitmask_libraries/test_keymanager.py b/service/test/unit/bitmask_libraries/test_keymanager.py
index 1fad9df6..1886e10f 100644
--- a/service/test/unit/bitmask_libraries/test_keymanager.py
+++ b/service/test/unit/bitmask_libraries/test_keymanager.py
@@ -68,6 +68,7 @@ class KeymanagerTest(TestCase):
             combined_ca_bundle='combined_ca_bundle')
 
     def test_keymanager_generate_openpgp_key_generates_key_correctly(self):
+        self.keymanager._synchronize_remote_key = MagicMock()
         when(self.keymanager)._key_exists('test_user@some-server.test').thenReturn(None)
 
         self.leap_keymanager.gen_key = MagicMock()
@@ -90,6 +91,7 @@ class KeymanagerTest(TestCase):
         self.leap_keymanager.gen_key.assert_not_called()
 
     def test_keymanager_generate_openpgp_key_doesnt_upload_preexisting_key(self):
+        self.keymanager._synchronize_remote_key = MagicMock()
         mock_open_pgp_key = MagicMock()
         mock_open_pgp_key.needs_renewal = MagicMock(return_value=False)
         when(self.keymanager)._key_exists('test_user@some-server.test').thenReturn(mock_open_pgp_key)
@@ -114,6 +116,7 @@ class KeymanagerTest(TestCase):
 
     @defer.inlineCallbacks
     def test_keymanager_regenerate_key_pair_if_current_key_is_about_to_expire(self):
+        self.keymanager._synchronize_remote_key = MagicMock()
         mock_open_pgp_key = MagicMock()
         mock_open_pgp_key.needs_renewal = MagicMock(return_value=True)
         when(self.keymanager)._key_exists('test_user@some-server.test').thenReturn(mock_open_pgp_key)
@@ -137,3 +140,45 @@ class KeymanagerTest(TestCase):
 
         self.leap_keymanager.regenerate_key.assert_called_once()
         self.keymanager.delete_key_pair.assert_not_called()
+
+    @defer.inlineCallbacks
+    def test_key_is_syncronized_with_server(self):
+        self.keymanager._is_key_synchronized_with_server = MagicMock(return_value=True)
+        mock_open_pgp_key = MagicMock()
+        mock_open_pgp_key.needs_renewal = MagicMock(return_value=False)
+        when(self.keymanager)._key_exists('test_user@some-server.test').thenReturn(mock_open_pgp_key)
+
+        yield self.keymanager.generate_openpgp_key()
+        self.leap_keymanager.send_key.assert_not_called()
+
+    @defer.inlineCallbacks
+    def test_key_is_not_syncronized_with_server(self):
+        self.keymanager._is_key_synchronized_with_server = MagicMock(return_value=False)
+        mock_open_pgp_key = MagicMock()
+        mock_open_pgp_key.needs_renewal = MagicMock(return_value=False)
+        when(self.keymanager)._key_exists('test_user@some-server.test').thenReturn(mock_open_pgp_key)
+
+        yield self.keymanager.generate_openpgp_key()
+        self.leap_keymanager.send_key.assert_called_once()
+
+    @defer.inlineCallbacks
+    def test_local_and_remote_keys_are_the_same(self):
+        mock_current_key = MagicMock()
+        mock_current_key.fingerprint = 'ABC'
+        mock_remote_key = MagicMock()
+        mock_remote_key.fingerprint = 'ABC'
+
+        self.keymanager.get_key = MagicMock(return_value=mock_remote_key)
+        result = yield self.keymanager._is_key_synchronized_with_server(mock_current_key)
+        self.assertTrue(result)
+
+    @defer.inlineCallbacks
+    def test_local_and_remote_keys_are_not_the_same(self):
+        mock_current_key = MagicMock()
+        mock_current_key.fingerprint = 'ABC'
+        mock_remote_key = MagicMock()
+        mock_remote_key.fingerprint = '123'
+
+        self.keymanager.get_key = MagicMock(return_value=mock_remote_key)
+        result = yield self.keymanager._is_key_synchronized_with_server(mock_current_key)
+        self.assertFalse(result)