From eb971354658c7075362bb5b07dc90c8d74e00e8e Mon Sep 17 00:00:00 2001 From: Tulio Casagrande Date: Tue, 10 Jan 2017 14:52:21 -0200 Subject: Check if key is synchronized with server at every login This is a temporary solution when uploading a regenerated key fails. It's going to attempt the upload again on the subsequent logins. The drawback with this solution, is that the fetch remote can increase the login time, specially with multiple users. See: #815 --- service/pixelated/bitmask_libraries/keymanager.py | 15 +++++++- .../test/unit/bitmask_libraries/test_keymanager.py | 45 ++++++++++++++++++++++ 2 files changed, 59 insertions(+), 1 deletion(-) (limited to 'service') diff --git a/service/pixelated/bitmask_libraries/keymanager.py b/service/pixelated/bitmask_libraries/keymanager.py index 28d5f9db..4171c655 100644 --- a/service/pixelated/bitmask_libraries/keymanager.py +++ b/service/pixelated/bitmask_libraries/keymanager.py @@ -52,8 +52,22 @@ class Keymanager(object): elif current_key.needs_renewal(DEFAULT_EXTENSION_THRESHOLD): current_key = yield self._regenerate_key_and_send_to_leap() + self._synchronize_remote_key(current_key) logger.info("Current key for {}: {}".format(self._email, current_key.fingerprint)) + @defer.inlineCallbacks + def _synchronize_remote_key(self, current_key): + if not self._is_key_synchronized_with_server(current_key): + try: + yield self.keymanager.send_key() + except Exception as e: + raise UploadKeyError(e.message) + + @defer.inlineCallbacks + def _is_key_synchronized_with_server(self, current_key): + remote_key = yield self.get_key(self._email, private=False, fetch_remote=True) + defer.returnValue(remote_key.fingerprint == current_key.fingerprint) + @defer.inlineCallbacks def _regenerate_key_and_send_to_leap(self): logger.info("Regenerating keys - this could take a while...") @@ -62,7 +76,6 @@ class Keymanager(object): yield self.keymanager.send_key() defer.returnValue(key) except Exception as e: - # what to be done when upload key error raise UploadKeyError(e.message) @defer.inlineCallbacks diff --git a/service/test/unit/bitmask_libraries/test_keymanager.py b/service/test/unit/bitmask_libraries/test_keymanager.py index 1fad9df6..1886e10f 100644 --- a/service/test/unit/bitmask_libraries/test_keymanager.py +++ b/service/test/unit/bitmask_libraries/test_keymanager.py @@ -68,6 +68,7 @@ class KeymanagerTest(TestCase): combined_ca_bundle='combined_ca_bundle') def test_keymanager_generate_openpgp_key_generates_key_correctly(self): + self.keymanager._synchronize_remote_key = MagicMock() when(self.keymanager)._key_exists('test_user@some-server.test').thenReturn(None) self.leap_keymanager.gen_key = MagicMock() @@ -90,6 +91,7 @@ class KeymanagerTest(TestCase): self.leap_keymanager.gen_key.assert_not_called() def test_keymanager_generate_openpgp_key_doesnt_upload_preexisting_key(self): + self.keymanager._synchronize_remote_key = MagicMock() mock_open_pgp_key = MagicMock() mock_open_pgp_key.needs_renewal = MagicMock(return_value=False) when(self.keymanager)._key_exists('test_user@some-server.test').thenReturn(mock_open_pgp_key) @@ -114,6 +116,7 @@ class KeymanagerTest(TestCase): @defer.inlineCallbacks def test_keymanager_regenerate_key_pair_if_current_key_is_about_to_expire(self): + self.keymanager._synchronize_remote_key = MagicMock() mock_open_pgp_key = MagicMock() mock_open_pgp_key.needs_renewal = MagicMock(return_value=True) when(self.keymanager)._key_exists('test_user@some-server.test').thenReturn(mock_open_pgp_key) @@ -137,3 +140,45 @@ class KeymanagerTest(TestCase): self.leap_keymanager.regenerate_key.assert_called_once() self.keymanager.delete_key_pair.assert_not_called() + + @defer.inlineCallbacks + def test_key_is_syncronized_with_server(self): + self.keymanager._is_key_synchronized_with_server = MagicMock(return_value=True) + mock_open_pgp_key = MagicMock() + mock_open_pgp_key.needs_renewal = MagicMock(return_value=False) + when(self.keymanager)._key_exists('test_user@some-server.test').thenReturn(mock_open_pgp_key) + + yield self.keymanager.generate_openpgp_key() + self.leap_keymanager.send_key.assert_not_called() + + @defer.inlineCallbacks + def test_key_is_not_syncronized_with_server(self): + self.keymanager._is_key_synchronized_with_server = MagicMock(return_value=False) + mock_open_pgp_key = MagicMock() + mock_open_pgp_key.needs_renewal = MagicMock(return_value=False) + when(self.keymanager)._key_exists('test_user@some-server.test').thenReturn(mock_open_pgp_key) + + yield self.keymanager.generate_openpgp_key() + self.leap_keymanager.send_key.assert_called_once() + + @defer.inlineCallbacks + def test_local_and_remote_keys_are_the_same(self): + mock_current_key = MagicMock() + mock_current_key.fingerprint = 'ABC' + mock_remote_key = MagicMock() + mock_remote_key.fingerprint = 'ABC' + + self.keymanager.get_key = MagicMock(return_value=mock_remote_key) + result = yield self.keymanager._is_key_synchronized_with_server(mock_current_key) + self.assertTrue(result) + + @defer.inlineCallbacks + def test_local_and_remote_keys_are_not_the_same(self): + mock_current_key = MagicMock() + mock_current_key.fingerprint = 'ABC' + mock_remote_key = MagicMock() + mock_remote_key.fingerprint = '123' + + self.keymanager.get_key = MagicMock(return_value=mock_remote_key) + result = yield self.keymanager._is_key_synchronized_with_server(mock_current_key) + self.assertFalse(result) -- cgit v1.2.3