gpg4libre: Don't mark all keys as private

Only those that can sign (have a private key)

Change-Id: I1c8b553a788a14c236022c819cbc346fc4735daf
Reviewed-on: https://gerrit.libreoffice.org/35202Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Samuel Mehrbrodt <Samuel.Mehrbrodt@cib.de>

xmlsecurity/source/gpg/SecurityEnvironment.cxx

@@ -160,22 +160,21 @@ sal_Int32 SecurityEnvironmentGpg::verifyCertificate( const Reference< XCertifica
 }
 
 sal_Int32 SecurityEnvironmentGpg::getCertificateCharacters(
-    const Reference< XCertificate >& /*aCert*/)
-{
-//     const CertificateImpl* xCert;
-//     const GpgME::Key* key;
-//
-//     Reference< XUnoTunnel > xCertTunnel(aCert, UNO_QUERY_THROW) ;
-//     xCert = reinterpret_cast<CertificateImpl*>(sal::static_int_cast<sal_uIntPtr>(xCertTunnel->getSomething(CertificateImpl::getUnoTunnelId()))) ;
-//     if (xCert == nullptr)
-//         throw RuntimeException();
-//
-//     key = xCert->getCertificate();
-//
+    const Reference< XCertificate >& aCert)
+{
+    const CertificateImpl* xCert;
+    const GpgME::Key* key;
+
+    Reference< XUnoTunnel > xCertTunnel(aCert, UNO_QUERY_THROW) ;
+    xCert = reinterpret_cast<CertificateImpl*>(sal::static_int_cast<sal_uIntPtr>(xCertTunnel->getSomething(CertificateImpl::getUnoTunnelId()))) ;
+    if (xCert == nullptr)
+        throw RuntimeException();
+
+    key = xCert->getCertificate();
     sal_Int32 characters = 0x0;
 
-    // TODO There is a bug in gpgme, hasSecret() always returns false. Need to find a workaround.
-    //if (key->hasSecret())
+    // We need to use canSign() instead of hasSecret() because of a bug in the latter.
+    if (key->canSign())
         characters |= CertificateCharacters::HAS_PRIVATE_KEY;
 
     return characters;