tdf#108831 PGP signature shown as invalid

It was valid, but not trusted.
We need to show the owner trust in another place.

gpg4libre

Change-Id: I344a7b064a22c16b647c73d52f7abd91cfc86be9
Reviewed-on: https://gerrit.libreoffice.org/39959
Reviewed-by: Vasily Melenchuk <vasily.melenchuk@cib.de>
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
Tested-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
Reviewed-by: Katarina Behrens <Katarina.Behrens@cib.de>

1 files changed, 2 insertions, 6 deletions

diff --git a/xmlsecurity/source/gpg/xmlsignature_gpgimpl.cxx b/xmlsecurity/source/gpg/xmlsignature_gpgimpl.cxx
index 0700c43f1ea6..60983fc8e1b9 100644
--- a/xmlsecurity/source/gpg/xmlsignature_gpgimpl.cxx
+++ b/xmlsecurity/source/gpg/xmlsignature_gpgimpl.cxx
@@ -371,9 +371,7 @@ SAL_CALL XMLSignature_GpgImpl::validate(
             data_signature, data_text);
 
         // TODO: needs some more error handling, needs checking _all_ signatures
-        if( verify_res.isNull() ||
-            verify_res.numSignatures() == 0 ||
-            verify_res.signature(0).validity() < GpgME::Signature::Full )
+        if( verify_res.isNull() || verify_res.numSignatures() == 0 )
         {
             // let's try again, but this time import the public key payload
             // (avoiding that in a first cut for being a bit speedier)
@@ -422,9 +420,7 @@ SAL_CALL XMLSignature_GpgImpl::validate(
             verify_res=rCtx.verifyDetachedSignature(data_signature, data_text);
 
             // TODO: needs some more error handling, needs checking _all_ signatures
-            if( verify_res.isNull() ||
-                verify_res.numSignatures() == 0 ||
-                verify_res.signature(0).validity() < GpgME::Signature::Full )
+            if( verify_res.isNull() || verify_res.numSignatures() == 0 )
             {
                 clearErrorRecorder();
                 xmlFree(pSignatureValue);