[feat] expired public key are remotely fetched if expired

- private key is not allowed to be fetched remotely
- fetch_remote needs to be specifically set
- if a new key is fetched (ie different KeyID), the validation
  rule applies

1 files changed, 4 insertions, 3 deletions

diff --git a/tests/integration/keymanager/test_keymanager.py b/tests/integration/keymanager/test_keymanager.py
index d8772191..cacdc704 100644
--- a/tests/integration/keymanager/test_keymanager.py
+++ b/tests/integration/keymanager/test_keymanager.py
@@ -55,7 +55,7 @@ from common import (
     DIFFERENT_PRIVATE_KEY,
     DIFFERENT_KEY_FPR,
     DIFFERENT_PUBLIC_KEY,
-)
+    KEY_EXPIRING_CREATION_DATE)
 
 NICKSERVER_URI = "http://leap.se/"
 REMOTE_KEY_URL = "http://site.domain/key"
@@ -658,14 +658,15 @@ class KeyManagerKeyManagementTestCase(KeyManagerWithSoledadTestCase):
         km = self._key_manager(user=ADDRESS_EXPIRING)
 
         yield km._openpgp.put_raw_key(PRIVATE_EXPIRING_KEY, ADDRESS_EXPIRING)
-        key = yield km.get_key(ADDRESS_EXPIRING)
+        key = yield km.get_key(ADDRESS_EXPIRING, fetch_remote=False)
 
         yield km.extend_key_expiration(validity='1w')
 
         new_expiry_date = datetime.strptime(
             KEY_EXPIRING_CREATION_DATE, '%Y-%m-%d')
         new_expiry_date += timedelta(weeks=1)
-        renewed_public_key = yield km.get_key(ADDRESS_EXPIRING)
+        renewed_public_key = yield km.get_key(ADDRESS_EXPIRING,
+                                              fetch_remote=False)
         renewed_private_key = yield km.get_key(ADDRESS_EXPIRING, private=True)
 
         self.assertEqual(new_expiry_date.date(),