From f908838822c8bf33fcde0d46f48224b2b938a649 Mon Sep 17 00:00:00 2001 From: Levente Polyak Date: Fri, 25 Feb 2022 21:36:35 +0100 Subject: [PATCH] fix(trust): do not count revoked main keys for packager trust If a main key is revoked we do not want to use those keys to count the required trust threshold. --- libkeyringctl/trust.py | 11 +++++++++++ tests/test_trust.py | 17 +++++++++++++++++ 2 files changed, 28 insertions(+) diff --git a/libkeyringctl/trust.py b/libkeyringctl/trust.py index ec9796c..7911b60 100644 --- a/libkeyringctl/trust.py +++ b/libkeyringctl/trust.py @@ -85,6 +85,14 @@ def certificate_trust( # noqa: ignore=C901 """ fingerprint: Fingerprint = Fingerprint(certificate.name) + keyring_root = certificate.parent.parent.parent + + # collect revoked main keys + main_keys_revoked: Set[Fingerprint] = set() + for main_key in main_keys: + for revocation in keyring_root.glob(f"main/*/{main_key}/revocation/*.asc"): + if main_key.endswith(revocation.stem): + main_keys_revoked.add(main_key) revocations: Set[Fingerprint] = set() # TODO: what about direct key revocations/signatures? @@ -131,6 +139,9 @@ def certificate_trust( # noqa: ignore=C901 # only take main key certifications into account if not contains_fingerprint(fingerprints=main_keys, fingerprint=issuer): continue + # do not care about revoked main keys + if contains_fingerprint(fingerprints=main_keys_revoked, fingerprint=issuer): + continue # do not care about certifications that are revoked if contains_fingerprint(fingerprints=revocations, fingerprint=issuer): continue diff --git a/tests/test_trust.py b/tests/test_trust.py index 344dfc2..014f6a4 100644 --- a/tests/test_trust.py +++ b/tests/test_trust.py @@ -161,6 +161,23 @@ def test_certificate_trust_three_main_signature_gives_full_trust(working_dir: Pa assert Trust.full == trust +@create_certificate(username=Username("main1"), uids=[Uid("main1 ")], keyring_type="main") +@create_certificate(username=Username("main2"), uids=[Uid("main2 ")], keyring_type="main") +@create_certificate(username=Username("main3"), uids=[Uid("main3 ")], keyring_type="main") +@create_certificate(username=Username("foobar"), uids=[Uid("foobar ")]) +@create_uid_certification(issuer=Username("main1"), certified=Username("foobar"), uid=Uid("foobar ")) +@create_uid_certification(issuer=Username("main2"), certified=Username("foobar"), uid=Uid("foobar ")) +@create_uid_certification(issuer=Username("main3"), certified=Username("foobar"), uid=Uid("foobar ")) +@create_key_revocation(username=Username("main3"), keyring_type="main") +def test_certificate_trust_three_main_signature_one_revoked(working_dir: Path, keyring_dir: Path) -> None: + trust = certificate_trust( + test_keyring_certificates[Username("foobar")][0], + test_main_fingerprints, + test_all_fingerprints, + ) + assert Trust.marginal == trust + + @create_certificate(username=Username("main"), uids=[Uid("main ")], keyring_type="main") @create_certificate(username=Username("foobar"), uids=[Uid("foobar ")]) @create_key_revocation(username=Username("foobar"))