upgrade key when signed by old key

author: Ruben Pollan <meskio@sindominio.net> 2014-12-19 22:37:40 -0600
committer: Ruben Pollan <meskio@sindominio.net> 2015-01-15 13:10:57 -0600
commit: 6fa8b2a9e7f02c59f794e9dd080fac574841e50b (patch)
tree: f6002c58277d4a426392a7a51fd18eb5f38e94b3 /src/leap/keymanager/validation.py
parent: 963c3afaf1f9674d876465dd4bffc1c11ce1cb51 (diff)
1 files changed, 4 insertions, 2 deletions
diff --git a/src/leap/keymanager/validation.py b/src/leap/keymanager/validation.py
index b3aff3e4..c6fe478b 100644
--- a/src/leap/keymanager/validation.py
+++ b/src/leap/keymanager/validation.py
@@ -60,8 +60,6 @@ def can_upgrade(new_key, old_key):
     :type old_key: EncryptionKey
     :rtype: bool
     """
-    # XXX implement key signature checking (#6120)
-
     # First contact
     if old_key is None:
         return True
@@ -90,4 +88,8 @@ def can_upgrade(new_key, old_key):
             new_key.validation > old_key.validation):
         return True
 
+    # New key signed by the old key
+    if old_key.key_id in new_key.signatures:
+        return True
+
     return False
author	Ruben Pollan <meskio@sindominio.net>	2014-12-19 22:37:40 -0600
committer	Ruben Pollan <meskio@sindominio.net>	2015-01-15 13:10:57 -0600
commit	6fa8b2a9e7f02c59f794e9dd080fac574841e50b (patch)
tree	f6002c58277d4a426392a7a51fd18eb5f38e94b3 /src/leap/keymanager/validation.py
parent	963c3afaf1f9674d876465dd4bffc1c11ce1cb51 (diff)