Bug 113188 - [Digital-Signatures][OpenPGP] Option to have <PGPKeyPacket> content be either full public key or minimal public key
Summary: [Digital-Signatures][OpenPGP] Option to have <PGPKeyPacket> content be either...
Status: VERIFIED FIXED
Alias: None
Product: LibreOffice
Classification: Unclassified
Component: LibreOffice (show other bugs)
Version:
(earliest affected)
5.4.0.0.alpha0+
Hardware: All All
: medium enhancement
Assignee: Thorsten Behrens (CIB)
URL:
Whiteboard: target:6.0.0
Keywords:
Depends on:
Blocks: Digital-Signatures
  Show dependency treegraph
 
Reported: 2017-10-17 14:29 UTC by Eike Rathke
Modified: 2018-02-28 09:04 UTC (History)
1 user (show)

See Also:
Crash report or crash signature:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Eike Rathke 2017-10-17 14:29:00 UTC
Signing a document with OpenPGP the <PGPKeyPacket> element in META-INF/documentsignatures.xml contains the full public key, which with many signatures easily can blow up to 1.5MB or more. Optionally only the minimal public key should be included, which is stripped of all signatures except the latest self-signatures.

Gpgme has a GPGME_EXPORT_MODE_MINIMAL flag for this, see https://www.gnupg.org/documentation/manuals/gpgme/Exporting-Keys.html
Comment 1 Commit Notification 2017-10-18 13:06:36 UTC
Thorsten Behrens committed a patch related to this issue.
It has been pushed to "master":

http://cgit.freedesktop.org/libreoffice/core/commit/?id=7b00829e27b0a26e9fa8d06bb651134f03a466e9

gpg4libre - tdf#113188 add option for minimal PGPKeyPacket

It will be available in 6.0.0.

The patch should be included in the daily builds available at
http://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More
information about daily builds can be found at:
http://wiki.documentfoundation.org/Testing_Daily_Builds

Affected users are encouraged to test the fix and report feedback.
Comment 2 Thorsten Behrens (CIB) 2017-10-18 13:11:09 UTC
new hidden config item: Office/Common/Security/OpenPGP/MinimalKeyExport - set to true to get only minimal public key in the key packet
Comment 3 Eike Rathke 2017-10-18 13:24:10 UTC
Verified it works as intended.