From f57978a8175e43b78b87b9ce8a88a5863d5fec8f Mon Sep 17 00:00:00 2001
From: Michał Górny <mgorny@gentoo.org>
Date: Fri, 19 Jan 2018 15:37:28 +0100
Subject: Refresh OpenPGP keys before verification

Always refresh OpenPGP keys before starting the verification process.
This ensures that the key has not been revoked, and also reduces
the risk of using an expired key.
---
 tests/test_openpgp.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'tests/test_openpgp.py')

diff --git a/tests/test_openpgp.py b/tests/test_openpgp.py
index 2241931..f42ad85 100644
--- a/tests/test_openpgp.py
+++ b/tests/test_openpgp.py
@@ -1,6 +1,6 @@
 # gemato: OpenPGP signature support tests
 # vim:fileencoding=utf-8
-# (c) 2017 Michał Górny
+# (c) 2017-2018 Michał Górny
 # Licensed under the terms of 2-clause BSD license
 
 import base64
@@ -436,6 +436,7 @@ class OpenPGPCorrectKeyTest(unittest.TestCase):
             self.assertEqual(
                     gemato.cli.main(['gemato', 'verify',
                         '--openpgp-key', os.path.join(d, '.key.asc'),
+                        '--no-refresh-keys',
                         '--require-signed-manifest', d]),
                     0)
         finally:
-- 
cgit v1.2.3