Bug 84881 - Add RFC 3161 timestamp when digitally signing PDF (tracker)
Summary: Add RFC 3161 timestamp when digitally signing PDF (tracker)
Status: RESOLVED FIXED
Alias: None
Product: LibreOffice
Classification: Unclassified
Component: Printing and PDF export (show other bugs)
Version:
(earliest affected)
Inherited From OOo
Hardware: Other All
: medium enhancement
Assignee: Not Assigned
URL:
Whiteboard: target:4.5.0
Keywords:
Depends on: 88427 88428 88429 88431
Blocks:
  Show dependency treegraph
 
Reported: 2014-10-10 19:39 UTC by Markus Wernig
Modified: 2015-05-22 14:17 UTC (History)
7 users (show)

See Also:
Crash report or crash signature:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Markus Wernig 2014-10-10 19:39:16 UTC
In order to digitally sign a PDF document in a way that is legally binding, it is required by most countries' standards to embed a RFC 3161 timestamp in the PDF signature, as specified in RFC 3126 and the PDF standard.

This is a request to implement that functionality in LibreOffice, which creates PDF documents and is able to digitally sign them (currently work in progress).

In order to obtain a timestamp during signing, the URL of a timestamping service must be available.

So in addition this URL should be configurable by the user in the Options tab (presumably under "Security").
Comment 1 Cor Nouws 2014-10-10 22:10:37 UTC
thanks Markus > set to new
Comment 2 Mike §chinagl 2014-11-03 14:51:05 UTC
It should be mentioned that the fund raising of wilhelmtux was successful. 
Should there be any surplus from the current fundraising they will use it for getting this bug in LibreOffice fixed:

http://wilhelmtux.ch/?MID=10&PID=90

So maybe one should give them some extra money ...
Comment 3 Markus Wernig 2015-01-15 01:16:29 UTC
I've tried to split up this request into smaller ones that can be worked on more or less independently.

So we can use this as a tracker bug for the entire feature, which may take more time to finish.
Comment 4 bfoman (inactive) 2015-02-02 17:13:08 UTC
*** Bug 88927 has been marked as a duplicate of this bug. ***
Comment 5 Commit Notification 2015-02-18 23:14:56 UTC
Tor Lillqvist committed a patch related to this issue.
It has been pushed to "master":

http://cgit.freedesktop.org/libreoffice/core/commit/?id=4ece31faef6279cdb0d7eafa26f696e393649fd4

tdf#84881: WiP: Handle TimeStampReq::extensions correctly

It will be available in 4.5.0.

The patch should be included in the daily builds available at
http://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More
information about daily builds can be found at:
http://wiki.documentfoundation.org/Testing_Daily_Builds
Affected users are encouraged to test the fix and report feedback.
Comment 6 Commit Notification 2015-02-18 23:15:36 UTC
Tor Lillqvist committed a patch related to this issue.
It has been pushed to "master":

http://cgit.freedesktop.org/libreoffice/core/commit/?id=4f69b6de069b7ed70a4aa0095ad9bf981eed53ae

tdf#84881: Intermediate commit: Construct RFC3161 TimeStampReq

It will be available in 4.5.0.

The patch should be included in the daily builds available at
http://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More
information about daily builds can be found at:
http://wiki.documentfoundation.org/Testing_Daily_Builds
Affected users are encouraged to test the fix and report feedback.
Comment 7 Commit Notification 2015-02-19 12:28:27 UTC
Tor Lillqvist committed a patch related to this issue.
It has been pushed to "master":

http://cgit.freedesktop.org/libreoffice/core/commit/?id=159a4c3c75e3a7aecbf1656f3254331892098ba7

tdf#84881: WiP: Fill in more fields of the TimeStampReq

It will be available in 4.5.0.

The patch should be included in the daily builds available at
http://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More
information about daily builds can be found at:
http://wiki.documentfoundation.org/Testing_Daily_Builds
Affected users are encouraged to test the fix and report feedback.
Comment 8 Commit Notification 2015-02-19 12:28:56 UTC
Tor Lillqvist committed a patch related to this issue.
It has been pushed to "master":

http://cgit.freedesktop.org/libreoffice/core/commit/?id=2ddfaa6d323b5db2f59f06f7708c5209549abeee

tdf#84881: reqPolicy and certReq are optional

It will be available in 4.5.0.

The patch should be included in the daily builds available at
http://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More
information about daily builds can be found at:
http://wiki.documentfoundation.org/Testing_Daily_Builds
Affected users are encouraged to test the fix and report feedback.
Comment 9 Commit Notification 2015-02-19 12:29:46 UTC
Tor Lillqvist committed a patch related to this issue.
It has been pushed to "master":

http://cgit.freedesktop.org/libreoffice/core/commit/?id=27d7aea00d22ad3fcdff2e7b267be1cf5c28d43c

tdf#84881: Work in progress: Perform the RFC3161 interaction with the TSA

It will be available in 4.5.0.

The patch should be included in the daily builds available at
http://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More
information about daily builds can be found at:
http://wiki.documentfoundation.org/Testing_Daily_Builds
Affected users are encouraged to test the fix and report feedback.
Comment 10 Commit Notification 2015-02-20 00:18:55 UTC
Tor Lillqvist committed a patch related to this issue.
It has been pushed to "master":

http://cgit.freedesktop.org/libreoffice/core/commit/?id=3cc45e97dd9189b4c76747fce8925bfe48fac70a

tdf#84881: Work in progress: Decode the TimeStampResp

It will be available in 4.5.0.

The patch should be included in the daily builds available at
http://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More
information about daily builds can be found at:
http://wiki.documentfoundation.org/Testing_Daily_Builds
Affected users are encouraged to test the fix and report feedback.
Comment 11 Commit Notification 2015-02-20 15:37:11 UTC
Tor Lillqvist committed a patch related to this issue.
It has been pushed to "master":

http://cgit.freedesktop.org/libreoffice/core/commit/?id=d1293c666f08963cebb5f1439034dd11634392df

tdf#84881: Work in progress: Code to add the timestamp to the signature

It will be available in 4.5.0.

The patch should be included in the daily builds available at
http://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More
information about daily builds can be found at:
http://wiki.documentfoundation.org/Testing_Daily_Builds
Affected users are encouraged to test the fix and report feedback.
Comment 12 Commit Notification 2015-02-24 13:23:18 UTC
Tor Lillqvist committed a patch related to this issue.
It has been pushed to "master":

http://cgit.freedesktop.org/libreoffice/core/commit/?id=c98f569d035861b6b8c74b469512fa2ae7c9576f

tdf#84881: Fix typo in OID string for id-aa-timeStampToken

It will be available in 4.5.0.

The patch should be included in the daily builds available at
http://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More
information about daily builds can be found at:
http://wiki.documentfoundation.org/Testing_Daily_Builds
Affected users are encouraged to test the fix and report feedback.
Comment 13 Commit Notification 2015-02-24 13:41:20 UTC
Tor Lillqvist committed a patch related to this issue.
It has been pushed to "master":

http://cgit.freedesktop.org/libreoffice/core/commit/?id=167569bfea0bfa5f697ed7a25a354537bc97fa53

tdf#84881: NSSCMSAttribute::type can't be null. Must be same as typeTag.oid?

It will be available in 4.5.0.

The patch should be included in the daily builds available at
http://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More
information about daily builds can be found at:
http://wiki.documentfoundation.org/Testing_Daily_Builds
Affected users are encouraged to test the fix and report feedback.
Comment 14 Commit Notification 2015-02-24 16:04:00 UTC
Tor Lillqvist committed a patch related to this issue.
It has been pushed to "master":

http://cgit.freedesktop.org/libreoffice/core/commit/?id=5ffeec96228e0adb829612ecb855cd28e2063f1d

tdf#84881: Move some variables one block level out

It will be available in 4.5.0.

The patch should be included in the daily builds available at
http://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More
information about daily builds can be found at:
http://wiki.documentfoundation.org/Testing_Daily_Builds
Affected users are encouraged to test the fix and report feedback.
Comment 15 Commit Notification 2015-02-24 16:04:08 UTC
Tor Lillqvist committed a patch related to this issue.
It has been pushed to "master":

http://cgit.freedesktop.org/libreoffice/core/commit/?id=4702f6ae2f671ac48e4cae3cd46d5941d021e533

tdf#84881: Set TimeStampReq::certReq to true

It will be available in 4.5.0.

The patch should be included in the daily builds available at
http://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More
information about daily builds can be found at:
http://wiki.documentfoundation.org/Testing_Daily_Builds
Affected users are encouraged to test the fix and report feedback.
Comment 16 Commit Notification 2015-02-24 16:04:16 UTC
Tor Lillqvist committed a patch related to this issue.
It has been pushed to "master":

http://cgit.freedesktop.org/libreoffice/core/commit/?id=ca2d878659400b783ae72267f47d0c719b50a1ad

tdf#84881: Bump MAX_SIGNATURE_CONTENT_LENGTH to 50000 for now

It will be available in 4.5.0.

The patch should be included in the daily builds available at
http://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More
information about daily builds can be found at:
http://wiki.documentfoundation.org/Testing_Daily_Builds
Affected users are encouraged to test the fix and report feedback.
Comment 17 Commit Notification 2015-02-25 21:00:12 UTC
Tor Lillqvist committed a patch related to this issue.
It has been pushed to "master":

http://cgit.freedesktop.org/libreoffice/core/commit/?id=0874849206a38cbe15cc981b6cb814d3a7abf38b

tdf#84881: Slight refactoring and redordering of function calls

It will be available in 4.5.0.

The patch should be included in the daily builds available at
http://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More
information about daily builds can be found at:
http://wiki.documentfoundation.org/Testing_Daily_Builds
Affected users are encouraged to test the fix and report feedback.
Comment 18 Commit Notification 2015-02-25 21:00:17 UTC
Tor Lillqvist committed a patch related to this issue.
It has been pushed to "master":

http://cgit.freedesktop.org/libreoffice/core/commit/?id=86796f127b15fd33374f2a18344dc944b7b8314d

tdf#84881: Try to fix "The signature includes an embedded timestamp but ...

It will be available in 4.5.0.

The patch should be included in the daily builds available at
http://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More
information about daily builds can be found at:
http://wiki.documentfoundation.org/Testing_Daily_Builds
Affected users are encouraged to test the fix and report feedback.
Comment 19 Commit Notification 2015-02-26 19:45:35 UTC
Tor Lillqvist committed a patch related to this issue.
It has been pushed to "master":

http://cgit.freedesktop.org/libreoffice/core/commit/?id=00646102569739e0bf8929c271963f129d747a5a

tdf#84881: Add Windows implementation of timestamping of signature

It will be available in 4.5.0.

The patch should be included in the daily builds available at
http://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More
information about daily builds can be found at:
http://wiki.documentfoundation.org/Testing_Daily_Builds
Affected users are encouraged to test the fix and report feedback.
Comment 20 Commit Notification 2015-02-27 08:50:12 UTC
Tor Lillqvist committed a patch related to this issue.
It has been pushed to "master":

http://cgit.freedesktop.org/libreoffice/core/commit/?id=ce0e240ef10566f1cc334386dbde83b43ebb9281

tdf#84881: Timestamp the right data (NSS version)

It will be available in 4.5.0.

The patch should be included in the daily builds available at
http://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More
information about daily builds can be found at:
http://wiki.documentfoundation.org/Testing_Daily_Builds
Affected users are encouraged to test the fix and report feedback.
Comment 21 Commit Notification 2015-02-27 15:29:17 UTC
Tor Lillqvist committed a patch related to this issue.
It has been pushed to "master":

http://cgit.freedesktop.org/libreoffice/core/commit/?id=2c78736c19a8f2a1df0f406c3e92f5ac55576148

tdf#84881: Timestamp the right data (Win32 version)

It will be available in 4.5.0.

The patch should be included in the daily builds available at
http://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More
information about daily builds can be found at:
http://wiki.documentfoundation.org/Testing_Daily_Builds
Affected users are encouraged to test the fix and report feedback.
Comment 22 Markus Wernig 2015-03-28 13:07:23 UTC
This will be in 4.5 (It's in nightly since about March 1st). Thanks for the excellent work!
Comment 23 Mike §chinagl 2015-05-21 16:09:48 UTC
This bug fix is mentioned in the release notes of the coming LibreOffice 5.0 (see release notes https://wiki.documentfoundation.org/ReleaseNotes/5.0). Therefore it would be wonderful if this feature really worked well, otherwise it should not be mentioned in the release notes. In the notes it reads:

Export to PDF now supports the Time-Stamp Protocol (IETF standard RFC 3161). The address of a Time-Stamp Authority can be specified in the security settings of PDF options tdf#84881 (Tor Lillqvist, Collabora)
Comment 24 Markus Wernig 2015-05-21 21:24:02 UTC
Well, all our tests were successful on all 3 major platforms.

Do you have any other information? Have there been any issues reported?
Comment 25 Adolfo Jayme 2015-05-21 21:28:05 UTC
(In reply to Markus Wernig from comment #24)
> Well, all our tests were successful on all 3 major platforms.
> 
> Do you have any other information? Have there been any issues reported?

Markus, this user has been spamming all of the bug reports mentioned in the release notes for no good reason. I would say ignore him.
Comment 26 Mike §chinagl 2015-05-22 14:17:03 UTC
(In reply to Adolfo Jayme from comment #25)
> Markus, this user has been spamming all of the bug reports mentioned in the
> release notes for no good reason. I would say ignore him.

Please consider my clarifying statement:
https://bugs.documentfoundation.org/show_bug.cgi?id=86138#c13