Download it now!
Bug 105856 - XAdES signature created via LibreOffice is not compliant (SignedProperties reference is missing Type attribute).
Summary: XAdES signature created via LibreOffice is not compliant (SignedProperties re...
Status: NEW
Alias: None
Product: LibreOffice
Classification: Unclassified
Component: LibreOffice (show other bugs)
Version:
(earliest affected)
5.3.0.3 release
Hardware: All All
: medium normal
Assignee: Not Assigned
URL:
Whiteboard:
Keywords:
: 124768 (view as bug list)
Depends on:
Blocks: Digital-Signatures
  Show dependency treegraph
 
Reported: 2017-02-08 12:30 UTC by T. H.
Modified: 2021-01-02 12:24 UTC (History)
3 users (show)

See Also:
Crash report or crash signature:


Attachments
Signed OpenDocument with eSignature DSS library (28.71 KB, application/pdf)
2020-07-16 00:52 UTC, Francisco de la Peña
Details
Signed OpenDocument with eSignature DSS library (fixed) (24.64 KB, application/vnd.oasis.opendocument.text)
2020-07-16 00:55 UTC, Francisco de la Peña
Details

Note You need to log in before you can comment on or make changes to this bug.
Description T. H. 2017-02-08 12:30:35 UTC
XAdES signature created via LibreOffice does not confirm to specifications.
A reference to SignedProperties (Reference with URI="#idSignedProperties") is missing a Type attribute (shall be Type="http://uri.etsi.org/01903#SignedProperties").

Check specification ETSI EN 319 132-1 V1.1.1 (2016-04), section 4.4.2, which mentions exactly that. Link to specs: http://www.etsi.org/deliver/etsi_en/319100_319199/31913201/01.01.01_60/en_31913201v010101p.pdf

Validation of such documents (signatures) might be difficult, because its not immediately clear which reference is which.
Comment 1 Cor Nouws 2017-02-08 13:36:19 UTC
thanks for filing hlavnicka.
@miklos: can you please have a look?
Comment 2 QA Administrators 2018-02-19 03:34:34 UTC Comment hidden (obsolete)
Comment 3 T. H. 2018-03-29 13:37:40 UTC
Bug is still present, application incorrectly gives user a choice to select "AdES-compliant" signature that in fact is not compliant (conflict with specification ETSI EN 319 132-1 V1.1.1 (2016-04), section 4.4.2)

Tested again in version:

Version: 6.0.2.1 (x64)
Build ID: f7f06a8f319e4b62f9bc5095aa112a65d2f3ac89
CPU threads: 4; OS: Windows 6.1; UI render: default; 
Locale: cs-CZ (cs_CZ); Calc: CL
Comment 4 QA Administrators 2019-03-30 06:12:53 UTC Comment hidden (obsolete)
Comment 5 Olivia Reed 2020-05-17 10:08:09 UTC
I have noticed that the XAdES signature that has been created with the help of LibreOffice is not compliant that’s why I have abandoned using it  but now I read reviews on https://essayreviewexpert.com/review/edubirdie/ about writing source I will make them to write me an essay. I think it is missing some significant attributes.
Comment 6 Francisco de la Peña 2020-07-16 00:52:43 UTC
Created attachment 163087 [details]
Signed OpenDocument with eSignature DSS library

The attached document is signed with a XAdES signature, but not detected by LibreOffice because it does not support the XML namespaces. Tested with latest Libreoffice 6.4.5.2 and 7.0.0.1
Comment 7 Francisco de la Peña 2020-07-16 00:55:50 UTC
Created attachment 163088 [details]
Signed OpenDocument with eSignature DSS library (fixed)

Apologies for the previous attachment, it was the wrong file.
Comment 8 Timur 2020-09-18 07:08:58 UTC
*** Bug 124768 has been marked as a duplicate of this bug. ***