Verified Commit 6300a435 by Tulio Casagrande Committed by meskio

[feat] stop resetting signs used after key regeneration

We were considering to reset the sign_used flag to force the new key to
be resend as attachment in forthcoming emails. Although, this is not a
good solution, because we'll lose information about which keys the
client has signed.
parent fbdb541b
......@@ -373,8 +373,6 @@ class KeyManager(object):
self.log.info('Regenerating key for %s.' % self._address)
new_key = yield self._openpgp.regenerate_key(self._address)
yield self._openpgp.reset_all_keys_sign_used()
defer.returnValue(new_key)
#
......
......@@ -584,27 +584,6 @@ class OpenPGPScheme(object):
active_doc = yield self._get_active_doc_from_address(address, False)
yield self._soledad.delete_doc(active_doc)
@defer.inlineCallbacks
def reset_all_keys_sign_used(self):
"""
Reset sign_used flag for all keys in storage, to False...
to indicate that the key pair has not interacted with all
keys in the key ring yet.
This should only be used when regenerating/extending the key pair.
"""
all_keys = yield self.get_all_keys(private=False)
deferreds = []
@defer.inlineCallbacks
def reset_sign_used(key):
key.sign_used = False
yield self.put_key(key, key_renewal=True)
for open_pgp_key in all_keys:
deferreds.append(reset_sign_used(open_pgp_key))
yield defer.gatherResults(deferreds)
#
# Data encryption, decryption, signing and verifying
#
......
......@@ -639,18 +639,6 @@ class KeyManagerKeyManagementTestCase(KeyManagerWithSoledadTestCase):
self.assertEqual(new_key.fingerprint, renewed_public_key.fingerprint)
self.assertIn(old_key.fingerprint[-16:], renewed_public_key.signatures)
@defer.inlineCallbacks
def test_key_regenerate_resets_all_public_key_sign_used(self):
km = self._key_manager(user=ADDRESS_EXPIRING)
yield km._openpgp.put_raw_key(PRIVATE_EXPIRING_KEY, ADDRESS_EXPIRING)
yield km._openpgp.put_raw_key(PUBLIC_KEY_2, ADDRESS_2)
km._openpgp.reset_all_keys_sign_used = mock.Mock()
yield km.regenerate_key()
km._openpgp.reset_all_keys_sign_used.assert_called_once()
class KeyManagerCryptoTestCase(KeyManagerWithSoledadTestCase):
RAW_DATA = 'data'
......
......@@ -100,33 +100,6 @@ class OpenPGPCryptoTestCase(KeyManagerWithSoledadTestCase):
yield self._assert_key_not_found(pgp, ADDRESS)
@inlineCallbacks
def test_reset_sign_used_for_all_keys(self):
pgp = openpgp.OpenPGPScheme(
self._soledad, gpgbinary=self.gpg_binary_path)
yield pgp.put_raw_key(PRIVATE_KEY, ADDRESS)
yield pgp.put_raw_key(PUBLIC_KEY, ADDRESS)
yield pgp.put_raw_key(PUBLIC_KEY_2, ADDRESS_2)
pubkey = yield pgp.get_key(ADDRESS)
pubkey.sign_used = True
yield pgp.put_key(pubkey)
pubkey2 = yield pgp.get_key(ADDRESS_2)
pubkey2.sign_used = True
yield pgp.put_key(pubkey2)
yield pgp.reset_all_keys_sign_used()
pubkey_refetched = yield pgp.get_key(ADDRESS)
pubkey2_refetched = yield pgp.get_key(ADDRESS_2)
self.assertEqual(False, pubkey_refetched.sign_used)
self.assertEqual(False, pubkey2_refetched.sign_used)
self.assertEqual(pubkey.fingerprint, pubkey_refetched.fingerprint)
self.assertEqual(pubkey.key_data, pubkey_refetched.key_data)
self.assertEqual(pubkey2.fingerprint, pubkey2_refetched.fingerprint)
self.assertEqual(pubkey2.key_data, pubkey2_refetched.key_data)
@inlineCallbacks
def test_openpgp_encrypt_decrypt(self):
data = 'data'
pgp = openpgp.OpenPGPScheme(
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment