[Libreoffice-commits] core.git: external/gpgme officecfg/registry xmlsecurity/source
Thorsten Behrens
Thorsten.Behrens at CIB.de
Wed Oct 18 13:06:33 UTC 2017
external/gpgme/UnpackedTarball_gpgme.mk | 1
external/gpgme/add-minimal-keyexport.patch | 68 +++++++++++++
officecfg/registry/schema/org/openoffice/Office/Common.xcs | 13 ++
xmlsecurity/source/gpg/CertificateImpl.cxx | 6 -
4 files changed, 87 insertions(+), 1 deletion(-)
New commits:
commit 7b00829e27b0a26e9fa8d06bb651134f03a466e9
Author: Thorsten Behrens <Thorsten.Behrens at CIB.de>
Date: Wed Oct 18 12:48:55 2017 +0200
gpg4libre - tdf#113188 add option for minimal PGPKeyPacket
Change-Id: I660e68074616f6953e6527e40ec22276ce8ef2fb
Reviewed-on: https://gerrit.libreoffice.org/43492
Reviewed-by: Thorsten Behrens <Thorsten.Behrens at CIB.de>
Tested-by: Thorsten Behrens <Thorsten.Behrens at CIB.de>
diff --git a/external/gpgme/UnpackedTarball_gpgme.mk b/external/gpgme/UnpackedTarball_gpgme.mk
index ca9fd79feaab..15259971f798 100644
--- a/external/gpgme/UnpackedTarball_gpgme.mk
+++ b/external/gpgme/UnpackedTarball_gpgme.mk
@@ -16,5 +16,6 @@ $(eval $(call gb_UnpackedTarball_set_patchlevel,gpgme,0))
$(eval $(call gb_UnpackedTarball_add_patches,gpgme, \
external/gpgme/find-libgpg-error-libassuan.patch \
external/gpgme/fix-autoconf-macros.patch \
+ external/gpgme/add-minimal-keyexport.patch \
))
# vim: set noet sw=4 ts=4:
diff --git a/external/gpgme/add-minimal-keyexport.patch b/external/gpgme/add-minimal-keyexport.patch
new file mode 100644
index 000000000000..abaeb15897fc
--- /dev/null
+++ b/external/gpgme/add-minimal-keyexport.patch
@@ -0,0 +1,68 @@
+--- lang/cpp/src/context.h.bak 2017-10-18 12:28:00.898945587 +0200
++++ lang/cpp/src/context.h 2017-10-18 12:28:35.794832395 +0200
+@@ -178,10 +178,10 @@
+ // Key Export
+ //
+
+- GpgME::Error exportPublicKeys(const char *pattern, Data &keyData);
+- GpgME::Error exportPublicKeys(const char *pattern[], Data &keyData);
+- GpgME::Error startPublicKeyExport(const char *pattern, Data &keyData);
+- GpgME::Error startPublicKeyExport(const char *pattern[], Data &keyData);
++ GpgME::Error exportPublicKeys(const char *pattern, Data &keyData, bool minimal=false);
++ GpgME::Error exportPublicKeys(const char *pattern[], Data &keyData, bool minimal=false);
++ GpgME::Error startPublicKeyExport(const char *pattern, Data &keyData, bool minimal=false);
++ GpgME::Error startPublicKeyExport(const char *pattern[], Data &keyData, bool minimal=false);
+
+ //
+ // Key Import
+--- lang/cpp/src/context.cpp.bak 2017-10-18 12:27:50.830978224 +0200
++++ lang/cpp/src/context.cpp 2017-10-18 12:30:13.278515603 +0200
+@@ -557,14 +557,14 @@
+ }
+ }
+
+-Error Context::exportPublicKeys(const char *pattern, Data &keyData)
++Error Context::exportPublicKeys(const char *pattern, Data &keyData, bool minimal)
+ {
+ d->lastop = Private::Export;
+ Data::Private *const dp = keyData.impl();
+- return Error(d->lasterr = gpgme_op_export(d->ctx, pattern, 0, dp ? dp->data : 0));
++ return Error(d->lasterr = gpgme_op_export(d->ctx, pattern, minimal ? GPGME_EXPORT_MODE_MINIMAL : 0, dp ? dp->data : 0));
+ }
+
+-Error Context::exportPublicKeys(const char *patterns[], Data &keyData)
++Error Context::exportPublicKeys(const char *patterns[], Data &keyData, bool minimal)
+ {
+ d->lastop = Private::Export;
+ #ifndef HAVE_GPGME_EXT_KEYLIST_MODE_EXTERNAL_NONBROKEN
+@@ -574,17 +574,17 @@
+ }
+ #endif
+ Data::Private *const dp = keyData.impl();
+- return Error(d->lasterr = gpgme_op_export_ext(d->ctx, patterns, 0, dp ? dp->data : 0));
++ return Error(d->lasterr = gpgme_op_export_ext(d->ctx, patterns, minimal ? GPGME_EXPORT_MODE_MINIMAL : 0, dp ? dp->data : 0));
+ }
+
+-Error Context::startPublicKeyExport(const char *pattern, Data &keyData)
++Error Context::startPublicKeyExport(const char *pattern, Data &keyData, bool minimal)
+ {
+ d->lastop = Private::Export;
+ Data::Private *const dp = keyData.impl();
+- return Error(d->lasterr = gpgme_op_export_start(d->ctx, pattern, 0, dp ? dp->data : 0));
++ return Error(d->lasterr = gpgme_op_export_start(d->ctx, pattern, minimal ? GPGME_EXPORT_MODE_MINIMAL : 0, dp ? dp->data : 0));
+ }
+
+-Error Context::startPublicKeyExport(const char *patterns[], Data &keyData)
++Error Context::startPublicKeyExport(const char *patterns[], Data &keyData, bool minimal)
+ {
+ d->lastop = Private::Export;
+ #ifndef HAVE_GPGME_EXT_KEYLIST_MODE_EXTERNAL_NONBROKEN
+@@ -594,7 +594,7 @@
+ }
+ #endif
+ Data::Private *const dp = keyData.impl();
+- return Error(d->lasterr = gpgme_op_export_ext_start(d->ctx, patterns, 0, dp ? dp->data : 0));
++ return Error(d->lasterr = gpgme_op_export_ext_start(d->ctx, patterns, minimal ? GPGME_EXPORT_MODE_MINIMAL : 0, dp ? dp->data : 0));
+ }
+
+ ImportResult Context::importKeys(const Data &data)
diff --git a/officecfg/registry/schema/org/openoffice/Office/Common.xcs b/officecfg/registry/schema/org/openoffice/Office/Common.xcs
index 118700782343..01651dabe8f5 100644
--- a/officecfg/registry/schema/org/openoffice/Office/Common.xcs
+++ b/officecfg/registry/schema/org/openoffice/Office/Common.xcs
@@ -2460,6 +2460,19 @@
</info>
<value>true</value>
</prop>
+ <group oor:name="OpenPGP">
+ <info>
+ <desc>Contains security settings regarding the GnuPG/OpenPGP backend.</desc>
+ </info>
+ <prop oor:name="MinimalKeyExport" oor:type="xs:boolean" oor:nillable="false">
+ <info>
+ <desc>Determines if the PGPKeyPacket element on signed
+ documents will contain the full public key (default), or
+ the potentially much smaller minimal one, without any signatures.</desc>
+ </info>
+ <value>false</value>
+ </prop>
+ </group>
<group oor:name="Scripting">
<info>
<desc>Contains security settings regarding Basic scripts.</desc>
diff --git a/xmlsecurity/source/gpg/CertificateImpl.cxx b/xmlsecurity/source/gpg/CertificateImpl.cxx
index 49674f877956..6d06b24c3a2a 100644
--- a/xmlsecurity/source/gpg/CertificateImpl.cxx
+++ b/xmlsecurity/source/gpg/CertificateImpl.cxx
@@ -13,6 +13,7 @@
#include <comphelper/sequence.hxx>
#include <com/sun/star/security/KeyUsage.hpp>
+#include <officecfg/Office/Common.hxx>
#include <gpgme.h>
#include <context.h>
@@ -212,7 +213,10 @@ void CertificateImpl::setCertificate(GpgME::Context* ctx, const GpgME::Key& key)
// extract key data, store into m_aBits
GpgME::Data data_out;
ctx->setArmor(false); // caller will base64-encode anyway
- GpgME::Error err = ctx->exportPublicKeys(key.primaryFingerprint(), data_out);
+ GpgME::Error err = ctx->exportPublicKeys(
+ key.primaryFingerprint(),
+ data_out,
+ officecfg::Office::Common::Security::OpenPGP::MinimalKeyExport::get());
if (err)
throw RuntimeException("The GpgME library failed to retrieve the public key");
More information about the Libreoffice-commits
mailing list