https://bugs.freedesktop.org/show_bug.cgi?id=78820
Priority: medium
Bug ID: 78820
Assignee: [email protected]
Summary: document signing should only make use of signing
certificates
Severity: major
Classification: Unclassified
OS: All
Reporter: [email protected]
Hardware: All
Status: UNCONFIRMED
Version: 4.2.4.2 release
Component: framework
Product: LibreOffice
When digitally signing a document, the user is presented with a list of
certificates to choose from. This list should not contain certificates that
have an express purpose of encryption (not signing).
The bug seems to be in the function CertificateChooser::ImplInitialize() in
xmlsecurity/source/dialogs/certificatechooser.cxx, which loops and inserts all
the available certificates, without checking their purpose.
I apologize for not being familiar enough with the security::XCertificate
framework to contribute a fix.
--
You are receiving this mail because:
You are the assignee for the bug.
_______________________________________________
Libreoffice-bugs mailing list
[email protected]
http://lists.freedesktop.org/mailman/listinfo/libreoffice-bugs
