author: J08nY 2017-08-21 18:18:07 +0200
committer: J08nY 2017-08-21 18:18:07 +0200
commit: 8f105928b6d79a5bd56ae20bec0dd288136ddf9f (patch)
tree: 43eac4fe1f8015f55898e54f1ec76c63f9677891 /src/mailman_pgp/utils/pgp.py
parent: c74e96f813542d94592bf80c24afdec5d6988b2a (diff)
download: mailman-pgp-8f105928b6d79a5bd56ae20bec0dd288136ddf9f.tar.gz
mailman-pgp-8f105928b6d79a5bd56ae20bec0dd288136ddf9f.tar.zst
mailman-pgp-8f105928b6d79a5bd56ae20bec0dd288136ddf9f.zip
1 files changed, 48 insertions, 24 deletions
diff --git a/src/mailman_pgp/utils/pgp.py b/src/mailman_pgp/utils/pgp.py
index c44a27e..46fc797 100644
--- a/src/mailman_pgp/utils/pgp.py
+++ b/src/mailman_pgp/utils/pgp.py
@@ -31,7 +31,19 @@ def expired(verifications):
     :param verifications:
     :return:
     """
-    return any(any(sigsubj.signature.is_expired
+    return any(any(sigsubj.signature.is_expired or sigsubj.by.is_expired
+                   for sigsubj in verification.good_signatures)
+               for verification in verifications)
+
+
+@public
+def revoked(verifications):
+    """
+
+    :param verifications:
+    :return:
+    """
+    return any(any(key_revoked(sigsubj.by)
                    for sigsubj in verification.good_signatures)
                for verification in verifications)
 
@@ -114,16 +126,43 @@ def revoc_from_blob(blob):
 
 
 @public
-def key_flags(key):
-    if key.is_expired:
-        return set()
+def key_revoked(key):
+    """
+
+    :param key:
+    :type key: pgpy.PGPKey
+    :return:
+    :rtype: bool
+    """
+    if key.is_primary:
+        verifier = key
+    else:
+        verifier = key.parent
+
     for revoc in key.revocation_signatures:
         try:
-            verified = key.verify(key, revoc)
+            verified = verifier.verify(key, revoc)
         except PGPError:
             continue
         if bool(verified):
-            return set()
+            return True
+
+    return False
+
+
+@public
+def key_flags(key):
+    """
+
+    :param key:
+    :type key: pgpy.PGPKey
+    :return:
+    :rtype: Set[pgpy.constants.KeyFlags]
+    """
+    if key.is_expired:
+        return set()
+    if key_revoked(key):
+        return set()
 
     usage_flags = set()
     uids = (uid for uid in key.userids if uid.is_primary)
@@ -151,17 +190,7 @@ def key_flags(key):
         if subkey.is_expired:
             continue
 
-        valid = True
-        for revoc in subkey.revocation_signatures:
-            try:
-                verified = key.verify(subkey, revoc)
-            except PGPError:
-                continue
-            if bool(verified):
-                valid = False
-                break
-
-        if valid:
+        if not key_revoked(subkey):
             usage_flags |= subkey.usage_flags()
     return usage_flags
 
@@ -183,13 +212,8 @@ def key_usable(key, flags_required):
     """
     if key.is_expired:
         return False
-    for revoc in key.revocation_signatures:
-        try:
-            verified = key.verify(key, revoc)
-        except PGPError:
-            continue
-        if bool(verified):
-            return False
+    if key_revoked(key):
+        return False
     return flags_required.issubset(key_flags(key))
author	J08nY	2017-08-21 18:18:07 +0200
committer	J08nY	2017-08-21 18:18:07 +0200
commit	8f105928b6d79a5bd56ae20bec0dd288136ddf9f (patch)
tree	43eac4fe1f8015f55898e54f1ec76c63f9677891 /src/mailman_pgp/utils/pgp.py
parent	c74e96f813542d94592bf80c24afdec5d6988b2a (diff)
download	mailman-pgp-8f105928b6d79a5bd56ae20bec0dd288136ddf9f.tar.gz mailman-pgp-8f105928b6d79a5bd56ae20bec0dd288136ddf9f.tar.zst mailman-pgp-8f105928b6d79a5bd56ae20bec0dd288136ddf9f.zip