Description: LibreOffice Draw does not detect Electronic Signature in PDF with valid skribble.com signature! Example Pdf File is attached. Steps to Reproduce: Open the attached PDF, check if Libreoffice finds the signature Actual Results: Libreoffice does not even find a signature, not even an invalid one. Expected Results: Find a valid signature from skribble.com one of the main swiss digital signature vendors. Reproducible: Always User Profile Reset: No Additional Info: Find a valid signature from skribble.com one of the main swiss digital signature vendors.
Created attachment 177365 [details] Example file with valid signature as of Swiss law
Created attachment 177378 [details] Screenshot opened sample file with draw. It's detected with Version: 7.3.0.1 (x64) / LibreOffice Community Build ID: 840fe2f57ae5ad80d62bfa6e25550cb10ddabd1d CPU threads: 4; OS: Windows 10.0 Build 21390; UI render: Skia/Vulkan; VCL: win Locale: es-ES (es_ES); UI: en-US Calc: CL But remember, when pdf is open in draw it is not anymore a pdf file, draw can export again to pdf but it is not the very same original pdf, so it's needed to sign it again.
I used to work in cryptographic business, so of course i know when you save the sig is broken, but thx for pointing out, may help others. Actually i came across Draw, cause some Linux Readers don't check signatures and i wanted to check with it. will try if my newer version here on mageia also works, feel free to close for the moment
strange, why it does say the signature is invalid? It must be valid.
It's out of my knowledge, let see if someone else can help.
well when i have the newer version i can test, however in my opinion, we should also fix the signature detection for 7.2 as thats current fresh-stable would also be nice if somebody could test with 7.1 as thats "full-stable" kind regards Tuxi
7.1 it's end of life https://wiki.documentfoundation.org/ReleasePlan And 7.2.5 behaves like 7.3.
How can 7.1.8 be EOL if it is recommended for enterprise/more stable usage then? Source: https://de.libreoffice.org/download/download/
maybe somebody is on 7.2.2 like me and could also try? it is the most recent version on mageia at the moment i think, however will look at testing packages soon
Have you still seen this in the latest versions? Set to NEEDINFO. Change back to UNCONFIRMED, if the problem persists. Change to RESOLVED WORKSFORME, if the problem went away.
At the Moment on 7.3.6.2 on Mageia Linux it does not even find a signature anymore. Could somebody test it with my attached example?
(In reply to tuxinator from comment #12) > At the Moment on 7.3.6.2 on Mageia Linux it does not even find a signature > anymore. Could somebody test it with my attached example? I find the signature, just like in the screenshot attachment 177378 [details]. I don't know if this could be because of how Mageia packages LibreOffice. Arch Linux 64-bit Version: 7.5.0.0.alpha1+ (X86_64) / LibreOffice Community Build ID: d45d65559f11ecb34b14e3b5c838391c62c8c694 CPU threads: 8; OS: Linux 6.0; UI render: default; VCL: kf5 (cairo+xcb) Locale: fi-FI (fi_FI.UTF-8); UI: en-US Calc: threaded Built on 1 December 2022
Now I tested the file with https://validator.docusign.com/ (which unfortunately will shut down soon). Output: Signature from: 41763842300 Status: Indeterminate The validity of the signature is uncertain because of the following issues: The signature could not be validated because the signing certificate chain is not trusted. The signature could not be validated as the certificate 41763842300 seems to be either expired or not valid yet and it’s not possible to verify that the signing time lies within the validity interval of the signing certificate. Check the validity of your certificate. The signature could not be verified because the necessary revocation data is not currently available for the certificate Swisscom Saphir CA 4. Source: http://crl.swissdigicert.ch/sdcs-root4.crl. This data may be available at a future time, try again later. Name: 41763842300 Certification path: Swisscom Root CA 4 Swisscom Saphir CA 4 41763842300 Validity: 2022-01-07 10:12:56 +0200 to 2022-01-07 10:22:56 +0200 Trust point: Swisscom Root CA 4 Signature level: PAdES-BASELINE-T Serial number: 39 B2 19 67 79 44 16 30 1A 38 ED 58 22 CF 1D B3 Signature application entity: www.skribble.com Signature algorithm: SHA512 RSA Signature hash algorithm: SHA512 Signature time source: Timestamp Authority So let's close this.