On a windows 7 platform, I have two certificates available in the keystore: one RSA certificate and one ELC nist256 certificate. I am able to view and sign an odt document with the RSA certificate but I am not able to view the ELC certificate in the LibreOffice popup window, thus not being able to sign the document. I have the same behaviour whether the certificates are stored locally (ie. on the hard disk) or externally (ie. on a smart card).
Hi eric, Maybe unrelated, but I mention it anyway: https://vmiklos.hu/blog/xmlsec-lo54.html Ciao
Could you please try to reproduce it with the latest version of LibreOffice from https://www.libreoffice.org/download/libreoffice-fresh/ ? I have set the bug's status to 'NEEDINFO'. Please change it back to 'UNCONFIRMED' if the bug is still present in the latest version.
No need to test, this is a known problem. ECDSA works with NSS (Linux, macOS), but not with CryptoAPI (Windows). The hard part is CryptoAPI won't support this, which means most probably the whole Windows signing has to be ported to CNG first, and then it can support ECDSA. This affects libxmlsec + the mscrypto part of xmlsecurity/.
** Please read this message in its entirety before responding ** To make sure we're focusing on the bugs that affect our users today, LibreOffice QA is asking bug reporters and confirmers to retest open, confirmed bugs which have not been touched for over a year. There have been thousands of bug fixes and commits since anyone checked on this bug report. During that time, it's possible that the bug has been fixed, or the details of the problem have changed. We'd really appreciate your help in getting confirmation that the bug is still present. If you have time, please do the following: Test to see if the bug is still present with the latest version of LibreOffice from https://www.libreoffice.org/download/ If the bug is present, please leave a comment that includes the information from Help - About LibreOffice. If the bug is NOT present, please set the bug's Status field to RESOLVED-WORKSFORME and leave a comment that includes the information from Help - About LibreOffice. Please DO NOT Update the version field Reply via email (please reply directly on the bug tracker) Set the bug's Status field to RESOLVED - FIXED (this status has a particular meaning that is not appropriate in this case) If you want to do more to help you can test to see if your issue is a REGRESSION. To do so: 1. Download and install oldest version of LibreOffice (usually 3.3 unless your bug pertains to a feature added after 3.3) from http://downloadarchive.documentfoundation.org/libreoffice/old/ 2. Test your bug 3. Leave a comment with your results. 4a. If the bug was present with 3.3 - set version to 'inherited from OOo'; 4b. If the bug was not present in 3.3 - add 'regression' to keyword Feel free to come ask questions or to say hello in our QA chat: https://kiwiirc.com/nextclient/irc.freenode.net/#libreoffice-qa Thank you for helping us make LibreOffice even better for everyone! Warm Regards, QA Team MassPing-UntouchedBug
https://vmiklos.hu/blog/xmlsec-cng-ecsa.html LO 6.2 is meant to accept ECDSA certificates on Windows, I implemented the certificate chooser support for that in commit 93e33ba279e837356e157745177d7f6061d442b7. I did not mention this bug in the commit message as I forgot that this was already reported. So let's mark this as resolved.