<html>
    <head>
      <base href="https://bugs.documentfoundation.org/">
    </head>
    <body><table border="1" cellspacing="0" cellpadding="8">
        <tr>
          <th>Bug ID</th>
          <td><a class="bz_bug_link 
          bz_status_UNCONFIRMED "
   title="UNCONFIRMED - Exported PDF digital signature conformance with ETSI standard"
   href="https://bugs.documentfoundation.org/show_bug.cgi?id=124768">124768</a>
          </td>
        </tr>

        <tr>
          <th>Summary</th>
          <td>Exported PDF digital signature conformance with ETSI standard
          </td>
        </tr>

        <tr>
          <th>Product</th>
          <td>LibreOffice
          </td>
        </tr>

        <tr>
          <th>Version</th>
          <td>6.2.2.2 release
          </td>
        </tr>

        <tr>
          <th>Hardware</th>
          <td>All
          </td>
        </tr>

        <tr>
          <th>OS</th>
          <td>All
          </td>
        </tr>

        <tr>
          <th>Status</th>
          <td>UNCONFIRMED
          </td>
        </tr>

        <tr>
          <th>Severity</th>
          <td>normal
          </td>
        </tr>

        <tr>
          <th>Priority</th>
          <td>medium
          </td>
        </tr>

        <tr>
          <th>Component</th>
          <td>LibreOffice
          </td>
        </tr>

        <tr>
          <th>Assignee</th>
          <td>libreoffice-bugs@lists.freedesktop.org
          </td>
        </tr>

        <tr>
          <th>Reporter</th>
          <td>pastas4@gmail.com
          </td>
        </tr></table>
      <p>
        <div>
        <pre>Description:
At the moment, documents signed when exporting a PDF from LibreOffice are
almost compliant with the ETSI specification, as reported by the conformance
checker, with a single error reported:

5. Error | Tool | Location-{CodeTest}:SubFilter-{CheckIfValueIsOneOfDefined} |
Found value: 'adbe.pkcs7.detached''. Allowed values: ETSI.CAdES.detached

So to be compliant with ETSI specs, it should use the ETSI tag rather than the
Adobe tag. (Adobe itself supports that as well, see:
<a href="https://www.adobe.com/devnet-docs/acrobatetk/tools/DigSigDC/standards.html">https://www.adobe.com/devnet-docs/acrobatetk/tools/DigSigDC/standards.html</a> )

Note that the test fully passes when the "sign existing PDF" option is used,
via Draw, as opposed to the Export to PDF option from Writer.

Steps to Reproduce:
1. Create a document in Writer.
2. Use the Export as PDF... option
3. Select the certificate in the Digital Signature tab
4. Upload the result to the ETSI conformance checker
(<a href="https://signatures-conformance-checker.etsi.org/">https://signatures-conformance-checker.etsi.org/</a> manual registration needed at
the moment).
5. Check report results.

Actual Results:
Failure with one error, about the algorithm to create the signature hash.

Expected Results:
Pass.


Reproducible: Always


User Profile Reset: No



Additional Info:</pre>
        </div>
      </p>


      <hr>
      <span>You are receiving this mail because:</span>

      <ul>
          <li>You are the assignee for the bug.</li>
      </ul>
    </body>
</html>