Bug 148267 - LibreOffice can’t produce a digital signature on Windows 10 if the private key is not exportable
Summary: LibreOffice can’t produce a digital signature on Windows 10 if the private ke...
Status: NEEDINFO
Alias: None
Product: LibreOffice
Classification: Unclassified
Component: framework (show other bugs)
Version:
(earliest affected)
unspecified
Hardware: All All
: medium normal
Assignee: Not Assigned
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2022-03-30 12:44 UTC by Rodrigo d
Modified: 2024-03-26 09:04 UTC (History)
1 user (show)

See Also:
Crash report or crash signature:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Rodrigo d 2022-03-30 12:44:37 UTC 
When you try to make a digital sign in Windows 10 and you use a digital certificate stored in Windows´certificate managerit will silently fail if the private key is marked as non-exportable.
If you reinstall the certificate and make the private key exportable then it will work.
This is the case in the various programs of the suite and all the instances where a digital sign is involved (sign an existing PDF, sign an odt/ods etc, export to PDF and sign.
Comment 1 Adolfo Jayme Barrientos 2022-03-30 13:12:09 UTC 
Context: https://t.me/libreoffice_es/64181
Comment 2 Stéphane Guillou (stragu) 2024-03-26 09:04:52 UTC 
Rodrigo's message on Telegram:

"Como dije, creo que Libreoffice en vez de usar adecuadamente las APIs criptográficas de Windows copia directamente la clave privada, y si no es exportable falla silenciosamente.. Es un bug claro."

Translated to:

"As I said, I think that LibreOffice, instead of properly using the Windows cryptographic APIs, directly copies the private key, and if it is not exportable, it fails silently. It is a clear bug."

Thank you for the report, Rodrigo. Would you mind checking if this is still relevant in a currently-maintained version of LO, preferably 24.2?