Created attachment 190799 [details] Original "unsigned.pdf" and "destroyed.pdf" as a result of the signing attempt. In the past, I have used LibreOffice Draw to easily digitally sign PDFs (X.509). With the last update this function is broken. The Digital Signatures window does not close as usual, and the signed PDF is no longer automatically loaded to verify the signature. If you close the window and then the PDF manually and then try to open it again, the error message "This PDF file is encrypted and can't be opened." is shown. This doesn't seem to be the full truth, as pdfinfo says: $ pdfinfo destroyed.pdf Syntax Error: Invalid object stream Syntax Error: Couldn't find trailer dictionary Syntax Error: Catalog object is wrong type (null) Syntax Error: Couldn't find trailer dictionary Internal Error: xref num -1 not found but needed, try to reconstruct<0a> Syntax Error: Couldn't find trailer dictionary Syntax Error: Couldn't find trailer dictionary Syntax Error: Catalog object is wrong type (null) Syntax Error: Couldn't read page catalog Attachment: - "unsigned.pdf": Original file - "destroyed.pdf": destroyed copy after the signing (attempt).
On which Linux distrib are you? Could you give a try to a recent LO version like 7.5.8 or 7.6.2 ?
I Am using Debian 12.2 and the LibreOffice version from its repository. No, I have not yet tried another version of LibreOffice. After stressful experiences with mixed versions in the package management, I avoid such experiments whenever possible. So I would have to take the time to install another version in parallel without jeopardizing the normal package management, but I first have to find out how to do this without risk.
[Automated Action] NeedInfo-To-Unconfirmed
(In reply to Wolf-Dieter Groll from comment #2) > > So I would have to take the time to install another version in parallel > without jeopardizing the normal package management, but I first have to find > out how to do this without risk. Hello, you can use AppImage https://www.libreoffice.org/download/appimage/
(In reply to Wolf-Dieter Groll from comment #2) > I Am using Debian 12.2 and the LibreOffice version from its repository. > No, I have not yet tried another version of LibreOffice. After stressful > experiences with mixed versions in the package management, I avoid such > experiments whenever possible. > > So I would have to take the time to install another version in parallel > without jeopardizing the normal package management, but I first have to find > out how to do this without risk. I use Debian testing, LO version is 7.5.8.2 with Debian updated today. I didn't mean having 2 versions in the same time. You can stick to stable and retrieve LO from testing repo but I suppose it would also require to update some libs (gtk or kde for example). IMHO, Debian stable are more for servers than end user machines so it uses old versions with security fixes. SID are for "power users", those who are ready to test bleeding edge versions but know/are not afraid how to deal with potential critical bugs. Testing is a good compromise.
If the problem appeared in 7.4, you could try to bibisect it with the 7.4 repository: https://bibisect.libreoffice.org/linux-64-7.4 https://wiki.documentfoundation.org/QA/Bibisect https://wiki.documentfoundation.org/QA/Bibisect/Linux I would investigate it myself, but at the moment I don't have the ability to sign documents.
Reproduced using Thunderbird as the certificate manager, a x.509 key created with openssl, and: Version: 7.6.3.2 (X86_64) / LibreOffice Community Build ID: 29d686fea9f6705b262d369fede658f824154cc0 CPU threads: 8; OS: Linux 5.15; UI render: default; VCL: gtk3 Locale: en-AU (en_AU.UTF-8); UI: en-US Calc: threaded Version: 24.2.0.0.alpha0+ (X86_64) / LibreOffice Community Build ID: 7d357628d6e8ce3f9e3c3a567ada21f02bce8d42 CPU threads: 8; OS: Linux 5.15; UI render: default; VCL: gtk3 Locale: en-AU (en_AU.UTF-8); UI: en-US Calc: threaded Same all the way back to: Version: 6.2.0.3 Build ID: 98c6a8a1c6c7b144ce3cc729e34964b47ce25d62 CPU threads: 8; OS: Linux 5.15; UI render: default; VCL: gtk3; Locale: en-AU (en_AU.UTF-8); UI-Language: en-US Calc: threaded (Before 6.2, the certificate wasn't listed in the dialog.) Once the certificate is applied, the Digital Signatures dialog does not list it. The PDF is then corrupted. Evince reports "failed to read the document catalog". LO reports "This PDF file is encrypted and can't be opened" on page. Okular throws an error, Foxit says "not a PDF or corrupted". Do you know which version worked for you, Wolf-Dieter? The issue seems specific to the file you shared (I could sign another PDF with the same certificate), so might not be a regression after all regression after all.