Merge pull request #4009 from freedomofpress/fix-source-key-export

avoid accidentally exporting all pub keys
freedomofpress · Jan 7, 2019 · 445aa0a · 445aa0a
2 parents a1c2e2a + 7109aff
commit 445aa0a
Show file tree

Hide file tree

Showing 2 changed files with 20 additions and 1 deletion.
diff --git a/securedrop/crypto_util.py b/securedrop/crypto_util.py
@@ -205,7 +205,10 @@ def getkey(self, name):
 
     def export_pubkey(self, name):
         fingerprint = self.getkey(name)
-        return self.gpg.export_keys(fingerprint)
+        if fingerprint:
+            return self.gpg.export_keys(fingerprint)
+        else:
+            return None
 
     def encrypt(self, plaintext, fingerprints, output=None):
         # Verify the output path

diff --git a/securedrop/tests/test_crypto_util.py b/securedrop/tests/test_crypto_util.py
@@ -278,3 +278,19 @@ def test_delete_reply_keypair_no_key(source_app):
 def test_getkey(source_app, test_source):
     assert (source_app.crypto_util.getkey(test_source['filesystem_id'])
             is not None)
+
+    # check that a non-existent key returns None
+    assert source_app.crypto_util.getkey('x' * 50) is None
+
+
+def test_export_pubkey(source_app, test_source):
+    begin_pgp = '-----BEGIN PGP PUBLIC KEY BLOCK----'
+
+    # check that a filesystem_id exports the pubkey
+    exported = source_app.crypto_util.export_pubkey(
+        test_source['filesystem_id'])
+    assert exported.startswith(begin_pgp)
+
+    # check that a non-existent identifer exports None
+    exported = source_app.crypto_util.export_pubkey('x' * 50)
+    assert exported is None