From 087a90e27b7219e8c1aaa880b39376c94a0dcaae Mon Sep 17 00:00:00 2001
From: Thorsten Behrens <Thorsten.Behrens@CIB.de>
Date: Wed, 18 Oct 2017 14:23:37 +0200
Subject: gpg4libre fix tdf#113190 don't show expired/invalid keys

Change-Id: I30485bc97d3d287bd867b50398927eabe018914b
Reviewed-on: https://gerrit.libreoffice.org/43502
Reviewed-by: Eike Rathke <erack@redhat.com>
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
Tested-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
---
 xmlsecurity/source/gpg/SecurityEnvironment.cxx | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/xmlsecurity/source/gpg/SecurityEnvironment.cxx b/xmlsecurity/source/gpg/SecurityEnvironment.cxx
index c3cd90565fe2..2392bf0c8031 100644
--- a/xmlsecurity/source/gpg/SecurityEnvironment.cxx
+++ b/xmlsecurity/source/gpg/SecurityEnvironment.cxx
@@ -76,7 +76,7 @@ Sequence< Reference < XCertificate > > SecurityEnvironmentGpg::getCertificatesIm
         GpgME::Key k = m_ctx->nextKey(err);
         if (err)
             break;
-        if (!k.isInvalid()) {
+        if (!k.isRevoked() && !k.isExpired() && !k.isDisabled() && !k.isInvalid()) {
             // We can't create CertificateImpl here as CertificateImpl::setCertificate uses GpgME API
             // which interrupts our key listing here. So first get the keys from GpgME, then create the CertificateImpls
             keyList.push_back(k);
-- 
cgit