gpg4libre: use full SHA1 hash for key identification

Read and write full 20 bytes/40 hex chars of SHA1 key hash,
instead of some abridged versions. See also
https://lists.debian.org/debian-devel/2016/08/msg00215.html

Change-Id: I741afc94ac7cf559880fe55ff02420723e13310d
Reviewed-on: https://gerrit.libreoffice.org/40027
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
Tested-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>

1 files changed, 3 insertions, 0 deletions

diff --git a/xmlsecurity/source/component/documentdigitalsignatures.cxx b/xmlsecurity/source/component/documentdigitalsignatures.cxx
index 832d4d082034..9d94b1845fd9 100644
--- a/xmlsecurity/source/component/documentdigitalsignatures.cxx
+++ b/xmlsecurity/source/component/documentdigitalsignatures.cxx
@@ -353,6 +353,9 @@ DocumentDigitalSignatures::ImplVerifySignatures(
             }
             else // GPG
             {
+                // TODO not ideal to retrieve cert by keyID, might
+                // collide, or PGPKeyID format might change - can't we
+                // keep the xCert ifself in rInfo?
                 rSigInfo.Signer = xGpgSecEnv->getCertificate( rInfo.ouGpgKeyID, xmlsecurity::numericStringToBigInteger("") );
                 rSigInfo.CertificateStatus = xGpgSecEnv->verifyCertificate(rSigInfo.Signer,
                                                                            Sequence<Reference<css::security::XCertificate> >());