Bug Hunting Session
Bug 94903 - Digital Signatures are not working with 64-Bit LibreOffice 5.0.2.2 and 32-Bit LibreOffice 5.2.x in Windows
Summary: Digital Signatures are not working with 64-Bit LibreOffice 5.0.2.2 and 32-Bit...
Status: NEEDINFO
Alias: None
Product: LibreOffice
Classification: Unclassified
Component: LibreOffice (show other bugs)
Version:
(earliest affected)
5.0.2.2 release
Hardware: All Windows (All)
: high normal
Assignee: Not Assigned
URL:
Whiteboard:
Keywords: bibisected, bisected, regression
: 102276 (view as bug list)
Depends on:
Blocks: Digital-Signatures
  Show dependency treegraph
 
Reported: 2015-10-09 09:35 UTC by Oliver Ostertag
Modified: 2019-09-25 08:31 UTC (History)
11 users (show)

See Also:
Crash report or crash signature:


Attachments
Step-1.jpg, dialog for [Step #1], see description (37.09 KB, image/jpeg)
2015-10-09 09:42 UTC, Oliver Ostertag
Details
Step-2.jpg, dialog for [Step #2], see description (47.10 KB, image/jpeg)
2015-10-09 09:42 UTC, Oliver Ostertag
Details
Step-3.jpg, dialog for [Step #3], see description (33.67 KB, image/jpeg)
2015-10-09 09:42 UTC, Oliver Ostertag
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Oliver Ostertag 2015-10-09 09:35:17 UTC
With the 64-Bit Version of LibreOffice (reproduced with 64-Bit LO 5.0.2.2) it is not possitble to digitally sign documents.

Workflow (see attached Screenshots Step-[n]):

1. trying to sign the document, the "Digital Signatures" dialog comes up (see Step-1.jpg)

2. pressing "sign document" button (see Step-1.jpg)

3. the "choose certificate" dialog comes up with (correct) all availible certificates (see Step-2.jpg)

4. choosing a certificate (e.g. the first one, see Step-2.jpg) and pressing ok.

5. the Windows CryptoAPI Dialog comes up (correct), see Step-3.jpg

6. After confirming access to the certificate storage (with ok button) just nothing happens

--- this is the bug ---

7. There is still the open "Digital Signatures" dialog (see Step-1.jpg) with no signature inside.

In the 32-Bit Version of Libre Office this works fine, the document is signed and in "7." you can see an entry with the choosen certificate Signature in Step-1.jpg
Comment 1 Oliver Ostertag 2015-10-09 09:42:03 UTC
Created attachment 119447 [details]
Step-1.jpg, dialog for [Step #1], see description
Comment 2 Oliver Ostertag 2015-10-09 09:42:30 UTC
Created attachment 119448 [details]
Step-2.jpg, dialog for [Step #2], see description
Comment 3 Oliver Ostertag 2015-10-09 09:42:46 UTC
Created attachment 119449 [details]
Step-3.jpg, dialog for [Step #3], see description
Comment 4 Buovjaga 2015-10-09 15:39:01 UTC
It is enough to mention the bitness in the description or summary like you now have.
Comment 5 Buovjaga 2015-12-12 15:13:42 UTC
Reverting version change. It is earliest affected.
Comment 6 yanjingtao 2016-07-20 07:53:38 UTC
Reproduce in LibreOffice 5.1.4.2.

Version: 5.1.4.2 (x64)
Build ID: f99d75f39f1c57ebdd7ffc5f42867c12031db97a
CPU Threads: 8; OS Version: Windows 6.1; UI Render: default; 
Locale: zh-CN (zh_CN)

And when using 64bit LibreOffice open a file has Signatured it shows:

The digitally signed document content and/or macros do not match the current document signature.

This could be the result of document manipulation or of structural document damage due to data transmission.

We recommend that you do not trust the content of the current document.
Execution of macros is disabled for this document.
Comment 7 yanjingtao 2016-09-20 02:00:04 UTC
Version: 5.2.2.1
Build ID: 3c2231d4aa4c68281f28ad35a100c092cff84f5d
CPU Threads: 8; OS Version: Windows 6.2; UI Render: default; 
Locale: zh-CN (zh_CN); Calc: single

Now, LibreOffice 5.2.0 and 5.2.2 32bit cannot sign documnet either.
Comment 8 Samuel Mehrbrodt (CIB) 2017-07-05 20:29:40 UTC
LibreOffice 5.2 is EOL now.

Does the bug still exist in 5.3 or 5.4?
Comment 9 Buovjaga 2017-07-06 14:26:29 UTC
*** Bug 102276 has been marked as a duplicate of this bug. ***
Comment 10 Cor Nouws 2017-08-11 14:26:56 UTC
(In reply to Samuel Mehrbrodt (CIB) from comment #8)
> LibreOffice 5.2 is EOL now.
> 
> Does the bug still exist in 5.3 or 5.4?

I can use digital signatures on Windows 10 64 bits with LibreOffice 5.4.0.3
So resolve as WorksForMe.
Oliver, if you still have problems in the new versions, feel free to reopen with  details as much as possible :)
Comment 11 Cor Nouws 2017-08-11 14:27:11 UTC
.
Comment 12 Jesus Jimenez 2018-09-13 13:34:44 UTC
Digital signing doesn't work in 64 bit LibreOffice 6.0.6.2. Behaviour is as described by Oliver.
Comment 13 Klibre 2019-02-05 12:23:32 UTC
Digital signing doesn't work in 64 bit LibreOffice 6.0.7.3 in Windows 10. Behaviour is as described by Oliver.
Comment 14 Martin 2019-08-09 11:49:22 UTC
Digital signature is not working in 64 bit LibreOffice 6.2.x and 6.3 for Windows 10 x64.

Behaviour is similary as described by Oliver, but i was using a hardware digital signature (eToken):

1)The "Digital Signatures" dialog comes up.
2)The "choose certificate" windows opens up with all availible certificates.
3)I choose a certificate and press "Sign" button.
4)At this point, with a "hardware signature" (eToken), a dialog window should pop up asking for the digital signature password... that is just not happening.
5)The "Digital Signatures" window comes up again without the signature.

Note: Digital signature is working fine at LibreOffice 6.1.6 x64 version, wich actually i have installed and working good.
Comment 15 Buovjaga 2019-08-09 13:25:59 UTC
Martin: it would be great, if you could bibisect the bug: https://wiki.documentfoundation.org/QA/Bibisect/Windows
General instructions: https://wiki.documentfoundation.org/QA/Bibisect

After installing cygwin, the command to clone the repo you need:
git clone https://git.libreoffice.org/bibisect-win32-6.2
Comment 16 stavrosss 2019-09-02 07:26:07 UTC
Issue exists as described by Martin

Windows 8.1 pro x64

Libreoffice 6.3


In the older version Loffice 6.1.6.3
the digital signature is working.

However for that version another bug exists
https://bugs.documentfoundation.org/showdependencytree.cgi?id=75285&hide_resolved=1

In the older version Loffice 5.4.3
the bug does not appear.

If anyone knows a version 6.xx that is ok let us know in the comments.
Comment 17 NISZ LibreOffice Team 2019-09-19 07:03:59 UTC
We managed to reproduce this issue with 5.4 and newer versions.
5.3 and older (tested: 5.0-5.3, 4.2, 3.5) did work using an X509 certificate to sign odt files on Win 8.1 and 32 bit release versions via SI-GUI. 

bibisect-win32-5.4 shows it begun at:

https://cgit.freedesktop.org/libreoffice/core/commit/?id=273da4e3d1d2a9fb10807d9300d5bac47e1e2584

author	Miklos Vajna <vmiklos@collabora.co.uk>	2017-05-17 09:13:09 +0200
committer	Miklos Vajna <vmiklos@collabora.co.uk>	2017-05-17 10:20:50 +0200

xmlsecurity: use xmlsec API instead of patching out cert verification
This flag does exactly what we need since xmlsec-1.2.24.

Adding CC to: Miklos Vajna
Comment 18 NISZ LibreOffice Team 2019-09-19 07:19:36 UTC
Also a debug build gives this console output when trying to sign a document:

warn:xmlsecurity.xmlsec:17676:14848:xmlsecurity/source/xmlsec/errorcallback.cxx:52: ..\src\xmldsig.c:793: xmlSecDSigCtxProcessKeyInfoNode() '' '' 45 'details=NULL' A művelet sikeresen befejeződött.
warn:xmlsecurity.xmlsec:17676:14848:xmlsecurity/source/xmlsec/errorcallback.cxx:52: ..\src\xmldsig.c:508: xmlSecDSigCtxProcessSignatureNode() '' 'xmlSecDSigCtxProcessKeyInfoNode' 1 ' ' A művelet sikeresen befejeződött.
warn:xmlsecurity.xmlsec:17676:14848:xmlsecurity/source/xmlsec/errorcallback.cxx:52: ..\src\xmldsig.c:291: xmlSecDSigCtxSign() '' 'xmlSecDSigCtxProcessSignatureNode' 1 ' ' A művelet sikeresen befejeződött.

('A művelet sikeresen befejeződött.' = Operation completed successfully)
Comment 19 Miklos Vajna 2019-09-19 07:21:11 UTC
Could you please attach some test certificate that triggers this problem? I used the xmlsecurity/qa/create-certs/ script last time to create a self-signed cert for testing purposes, and it was OK, even after the above change.
Comment 20 stavrosss 2019-09-23 09:31:21 UTC
There is some nastiness going on here and I really hate it.


"JL: OpenOffice.org implements its own certificate verification routine. 
-+           The goal is to separate validation of the signature
-+           and the certificate. For example, OOo could show that the document signature is valid,
-+           but the certificate could not be verified. If we do not prevent the verification of
-+           the certificate by libxmlsec and the verification fails, then the XML signature will not be 
-+           verified. This would happen, for example, if the root certificate is not installed.                "


I don't really get it so I installed Apache openoffice 4.1.7 as well.

I sign a document with Libreoffice 5.4.3.2 that still works for me.

First test, I sign with Loffice and then I open the file from apacheOO.
Apache says the certificate is ok, but the signature is invalid.
Libreoffice says it is ok and the type of signature is XAdES

Second test I sign with Apache and then I open with LIbre
Libreoffice says everything ok and the type of sign is XML-DSig
Certificate is valid and signature is valid
Comment 21 Miklos Vajna 2019-09-23 09:42:18 UTC
AOO has some ancient libxmlsec, so you need to use crypto algos which are considered unsafe today to please it. If you create a new signature in LO, you'll get SHA-256 for hashing, but AOO only supports MD5 and SHA1. I would say this is their problem, not ours.
Comment 22 stavrosss 2019-09-24 09:54:45 UTC
@Miklos Vajna

I use safenet etoken 5100 and SafeNet Authentication Client

Who decides for the crypto algorithm, is it Libreoffice of the Safenet Client?
Comment 23 Miklos Vajna 2019-09-24 11:00:27 UTC
LO asks for the algo of the signing certificate, we handle RSA and ECDSA there. Then we create a signature using the same algo, we don't really have an other choice I think.
Comment 24 stavrosss 2019-09-24 14:29:35 UTC
Miklos 
I checked my signed libreoffice *.odt and it says

PKCS #1 SHA-1 With RSA Encryption

So it is not SHA-256. 

How come there is the issue with apacheOO ?


"AOO has some ancient libxmlsec, so you need to use crypto algos which are considered unsafe today to please it. If you create a new signature in LO, you'll get SHA-256 for hashing, but AOO only supports MD5 and SHA1. I would say this is their problem, not ours."
Comment 25 Miklos Vajna 2019-09-25 07:26:37 UTC
Perhaps I misremember, best to look at the code. :-)

What I remembered is that we always create SHA-256 hashes, we just roundtrip SHA-1 for existing signatures.

Anyhow, please don't misuse this bug. This bug tracks the problem of not being able to create signatures at all for specific certificates, on Windows.

Your problem is about an AOO vs LO compatibility; please file a separate issue and then it can be triaged to see if that's a regression, etc. Thanks.
Comment 26 stavrosss 2019-09-25 08:31:17 UTC
Yes this bug is about that. It would be useful if we had a test build of Libreoffice 6.XX version with the problematic patch reverted so that we could test it the bug is not present.

"Anyhow, please don't misuse this bug. This bug tracks the problem of not being able to create signatures at all for specific certificates, on Windows."