Upgrade keys if not successfully used and strict high validation level

author: Ruben Pollan <meskio@sindominio.net> 2014-12-19 08:15:43 -0600
committer: Ruben Pollan <meskio@sindominio.net> 2015-01-15 13:10:57 -0600
commit: 963c3afaf1f9674d876465dd4bffc1c11ce1cb51 (patch)
tree: 1b8c07bcfeee7fa9d5a0582644fab7ea65603e5d /src/leap/keymanager/validation.py
parent: 607e10bab5b81de692a31cfa5624d0f3630f4c55 (diff)
1 files changed, 5 insertions, 1 deletions
diff --git a/src/leap/keymanager/validation.py b/src/leap/keymanager/validation.py
index 87de2af..b3aff3e 100644
--- a/src/leap/keymanager/validation.py
+++ b/src/leap/keymanager/validation.py
@@ -60,7 +60,6 @@ def can_upgrade(new_key, old_key):
     :type old_key: EncryptionKey
     :rtype: bool
     """
-    # XXX not succesfully used and strict high validation level (#6211)
     # XXX implement key signature checking (#6120)
 
     # First contact
@@ -86,4 +85,9 @@ def can_upgrade(new_key, old_key):
             new_key.validation > old_key.validation):
         return True
 
+    # Not successfully used and strict high validation level
+    if (not (old_key.sign_used and old_key.encr_used) and
+            new_key.validation > old_key.validation):
+        return True
+
     return False
author	Ruben Pollan <meskio@sindominio.net>	2014-12-19 08:15:43 -0600
committer	Ruben Pollan <meskio@sindominio.net>	2015-01-15 13:10:57 -0600
commit	963c3afaf1f9674d876465dd4bffc1c11ce1cb51 (patch)
tree	1b8c07bcfeee7fa9d5a0582644fab7ea65603e5d /src/leap/keymanager/validation.py
parent	607e10bab5b81de692a31cfa5624d0f3630f4c55 (diff)