Digital signature and encryption workflows with LibreOffice
This is a modal window.
The media could not be loaded, either because the server or network failed or because the format is not supported.
Formal Metadata
| Title |
| |
| Subtitle |
| |
| Title of Series | ||
| Number of Parts | 94 | |
| Author | ||
| License | CC Attribution 4.0 International: You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor. | |
| Identifiers | 10.5446/45800 (DOI) | |
| Publisher | ||
| Release Date | ||
| Language |
Content Metadata
| Subject Area | ||
| Genre | ||
| Abstract |
|
FrOSCon 201870 / 94
3
7
9
10
13
14
16
19
21
23
25
28
29
30
31
32
33
36
37
39
40
41
43
44
46
48
49
50
53
54
57
67
75
76
77
80
81
85
90
91
92
93
00:00
EncryptionElectronic signatureOpen sourceFreewareOpen sourceOffice suiteDigitizingTrailGoodness of fitMusical ensembleXMLUMLLecture/Conference
00:48
SoftwareWhiteboardOffice suiteOpen setCodeStandard deviationSource codeComputerHacker (term)Product (business)Office suiteProjective planeService (economics)Open setHacker (term)Open sourceStandard deviationMultiplication signFocus (optics)Computer animation
01:38
DigitizingSoftwareLattice (order)Office suiteSoftwareComputer animationLecture/Conference
02:36
Alphabet (computer science)Standard deviationElectronic meeting systemProbability density functionElectronic signatureStandard deviationBitAlphabet (computer science)Web pageOffice suiteSign (mathematics)NeuroinformatikDesign by contractElectronic signatureComputer animationLecture/Conference
03:43
Standard deviationAlphabet (computer science)WikiContent management systemProbability density functionWeb pageNeuroinformatikEmailMessage passingProbability density functionStandard deviationIdentity managementDigitizingTelecommunicationMoment (mathematics)NumberBitWordKeyboard shortcutState of matterData storage deviceUniverse (mathematics)Computer animationLecture/Conference
04:55
Electronic signatureElectronic signatureBitLevel (video gaming)Physical lawMultiplication signVideo gameTelecommunicationEncryptionReal numberPattern recognitionForcing (mathematics)Public key certificateFunctional (mathematics)CloningStandard deviationScaling (geometry)Musical ensembleService (economics)SoftwareOpen sourceView (database)Computer animation
07:23
Electronic signatureEquivalence relationElectronic data interchangeTelecommunicationProbability density functionMusical ensembleElectronic signaturePhysical lawNumberDesign by contractSign (mathematics)System administratorProcedural programmingLecture/ConferenceComputer animation
08:59
Electronic signatureCivil engineeringProof theorySign (mathematics)View (database)CodeElectronic design automationProcedural programmingDigital photographyLecture/Conference
09:46
Proof theoryDesign by contractExclusive orIdentifiabilityElectronic signatureShape (magazine)Electronic signatureNumberProof theoryView (database)Sign (mathematics)Musical ensemblePersonal identification numberPhysical systemPublic key certificateComputer animationLecture/Conference
11:01
Proof theoryExclusive orIdentifiabilityElectronic signatureOpen sourceFreewareDirection (geometry)Proof theoryMusical ensembleMereologySoftwareFreewareXMLComputer animation
11:58
Java appletSurjective functionElectronic signaturePlastikkarteCore dumpSoftware repositoryFunction (mathematics)Musical ensembleElectronic signaturePatch (Unix)CuboidInternet forumCore dumpQuicksortWindowCovering spaceDevice driverComputer animation
13:16
Java appletSurjective functionPlastikkarteElectronic signatureCore dumpSoftware repositoryFunction (mathematics)Lipschitz-StetigkeitInformation securityRadio-frequency identificationJava appletOpen setSoftware developerPlastikkartePoint (geometry)INTEGRALConnected spaceMusical ensembleElectronic signatureLecture/ConferenceComputer animation
14:23
Electronic signatureCodeQuadratic formRight angleFlow separationPlastikkarteOpen setMultiplication signSoftwareMusical ensembleUniqueness quantificationEmailLecture/Conference
15:19
EncryptionNamespaceExtension (kinesiology)TheoryKey (cryptography)TimestampOpen setImplementationProjective planeData managementKey (cryptography)Musical ensembleOpen sourceBitSign (mathematics)Demo (music)EncryptionQuicksortComputer animation
16:42
EncryptionRevision controlMarkup languageSet (mathematics)Computing platformSign (mathematics)MathematicsWaveformHand fanBus (computing)WaveExtension (kinesiology)Matching (graph theory)Video gameLecture/Conference
17:41
EncryptionNamespaceExtension (kinesiology)TheoryKey (cryptography)Standard deviationRevision controlGame controllerOffice suiteMixed realityProjective planeMultiplication signData managementComputer animation
18:41
SoftwareCryptographyEncryptionFreewareSoftwarePublic key certificateAuthorizationWeb 2.0Group actionProjective planeSelf-organizationEmailComputer animation
19:41
ArchitectureFilesharing-SystemMiniDiscEmailMusical ensembleKey (cryptography)Sign (mathematics)CryptographyEncryptionNP-hardLecture/ConferenceComputer animation
21:04
Electronic signatureLine (geometry)CodeCryptographyWindowBitShift operatorLecture/Conference
21:55
Drag (physics)Process (computing)Programmable read-only memoryLevel (video gaming)Key (cryptography)Public key certificateUniformer RaumData managementKey (cryptography)Electronic signatureElectronic visual displayComputer iconValidity (statistics)Level (video gaming)Price indexFisher informationWorkstation <Musikinstrument>Musical ensembleComputer animation
23:06
Public key certificateSoftwareElectronic signatureDisintegrationKey (cryptography)BuildingBackupKey (cryptography)Electronic mailing listData managementPower (physics)Functional (mathematics)RandomizationOffice suiteComputer animation
24:02
Game theoryKey (cryptography)Computing platformRSA (algorithm)Pauli exclusion principleGastropod shellPiCommutative propertyElectronic signatureSinguläres IntegralAlgorithmComputing platformMultiplication signProcess (computing)Musical ensembleRevision controlElectronic signatureMarkup languageHash functionComputer fileMilitary baseRule of inferenceContent (media)Streaming mediaMaxima and minimaComputer animationLecture/Conference
24:56
AlgorithmOnline helpEncryptionServer (computing)PasswordExtension (kinesiology)Electronic signatureStreaming mediaWindowWeb browserDreidimensionales VideoEncryptionInstallation artCuboidMusical ensembleComputer animationLecture/Conference
25:54
Online helpSoftwareEncryptionExtension (kinesiology)Server (computing)PasswordCurvaturePasswordException handlingMusical ensembleMacro (computer science)Sign (mathematics)Electronic mailing listComputer animation
27:17
Digital signalElectronic signaturePublic key certificateMenu (computing)EncryptionOffice suiteEmailSymmetric-key algorithmMetreBitCodeKey (cryptography)Electronic mailing listEncryptionImplementationPublic-key cryptographyComputer configurationInformationWorkstation <Musikinstrument>Game theoryNamespaceConnected spaceXMLComputer animation
29:03
EncryptionNamespaceExtension (kinesiology)Office suiteSpacetimeOperator (mathematics)Hidden Markov modelMusical ensembleCodeSinc functionLecture/ConferenceXMLComputer animation
29:53
Probability density functionTimestampProbability density functionMusical ensembleWindowAirfoilData storage deviceMoment (mathematics)Public key certificateElectronic signatureWeb pagePasswordComputer configurationDigitizingComputer animationSource code
31:19
Probability density functionTimestampMusical ensembleSlide ruleProbability density functionNumberData storage deviceTimestampPublic key certificateWindowOperating systemAuthorizationStatistical dispersionCryptographyInterface (computing)Integrated development environmentPhysical systemService (economics)EmailComputer animationLecture/Conference
33:19
Probability density functionTimestampProbability density functionMultiplication signDesign by contractAuthorizationTimestampSoftwareEmailQuadratic formRevision controlAdditionProjective planePoint (geometry)Negative numberMusical ensembleLecture/ConferenceComputer animation
34:38
Extension (kinesiology)Quadratic formLine (geometry)Visual systemRepresentation (politics)Electronic signatureSign (mathematics)Projective planeLine (geometry)Electronic signatureComputer configurationAssociative propertySign (mathematics)QuicksortMetreRoundness (object)Medical imagingExtension (kinesiology)SoftwareComputer animation
36:49
SoftwareQuadratic formLine (geometry)Visual systemElectronic signatureRepresentation (politics)Food energyPlanningMach's principleElectronic signatureSpecial unitary groupSoftware bugMedical imagingSet (mathematics)Orientation (vector space)Musical ensembleImplementationStandard deviationSign (mathematics)Lecture/ConferenceComputer animation
38:24
DatabaseView (database)Core dumpWechselseitige InformationWindowBitDemo (music)Musical ensembleComputer animation
39:28
Online helpWage labourFood energyWindowData typeQuadratic formColor managementFinite element methodHash functionSchmelze <Betrieb>LeakComputer fontMathematicsMaterialization (paranormal)Line (geometry)Key (cryptography)Validity (statistics)Electronic mailing listData storage deviceQuadratic form1 (number)Electronic signatureEncryptionMedical imagingDemo (music)Public key certificateView (database)Process (computing)Musical ensembleComputer animationSource code
42:18
Color managementWeb pageElectronic signatureDialectLemma (mathematics)Chi-squared distributionLimit (category theory)Execution unitConfiguration spaceMassLogical constantPersonal identification numberDefault (computer science)EncryptionSign (mathematics)Streaming mediaGroup actionMultiplication signMusical ensembleComputer animation
44:13
Convex hullRAIDComputer filePointer (computer programming)Electronic signatureFluxMaizeMIDIElectronic data interchangeInternationalization and localizationHill differential equationFinite element methodWeb pageEwe languageWage labourHash functionFood energyPlanningDigital signalElectronic visual displayDemo (music)Decision support systemFiber bundleDemo (music)Musical ensembleMobile WebOffice suiteDigitizingOpen sourceElectronic signatureQuadratic formStructural loadMereologyProbability density functionFreewareSoftwareComputer fileComputer animationSource code
45:42
Quadratic formElectronic signatureInformationPublic key certificateMusical ensembleEndliche ModelltheorieCASE <Informatik>Public key certificateQuadratic formEvent horizonFile viewerProbability density functionService (economics)Computer animation
46:35
Digital signalElectronic signatureDemo (music)Decision support systemFiber bundleProbability density functionWeb serviceProjective planeService (economics)DigitizingContent (media)Demo (music)WebsiteSoftware repositoryOpen setElectronic signatureFiber bundleTraffic reportingQuadratic formFreewareTimestampSoftwareFunction (mathematics)Probability density functionMoment (mathematics)Computer clusterComputer animationLecture/Conference
47:47
SoftwareLevel (video gaming)EncryptionElectronic signatureStandard deviationAndroid (robot)Extension (kinesiology)NamespaceLevel (video gaming)Line (geometry)DemosceneMusical ensembleContent (media)AreaDisk read-and-write headElectronic signatureSoftwareOpen sourceOperator (mathematics)BitSign (mathematics)Office suiteProbability density functionEncryptionStandard deviationComputer animation
49:48
Control flowOffice suiteState of matterSoftware bugDigitizingSign (mathematics)EncryptionVideo gameLevel (video gaming)Office <Programm>Musical ensemblePlastikkarteDisk read-and-write headConfidence intervalLecture/Conference
50:56
Product (business)CAN busOffice suiteUsabilityMusical ensembleFrame problemMultiplication signDifferent (Kate Ryan album)BitCuboidQuicksortOpen sourcePersonal identification numberComputer fileContent (media)SpreadsheetLine (geometry)AreaPublic key certificateKey (cryptography)Product (business)Office suiteOnline helpIdentity managementEncryptionPublic-key cryptographyCryptographyWeb pagePoint (geometry)Sign (mathematics)Group actionElectronic signatureWeb 2.0NumberStreaming mediaRoutingMiniDiscData structureProbability density functionCodeFile archiverSocial classCartesian coordinate systemNon-standard analysisEndliche ModelltheorieoutputReading (process)EmailScripting languageSoftwareOpen setComputer animationLecture/Conference
01:01:32
Product (business)CAN busFreewareOpen sourceComputer animation
Transcript: English(auto-generated)
00:08
Okay, good morning, everybody. Welcome to, I think it's the third, no, the second track in this room. Thank you very much for showing up the numbers.
00:20
This is about office workflows with liberal office signatures, encryption, and this whole digitalization topic that's very much on Vogue these days. So if you came for Linux kernel, this is the wrong room.
00:48
So this is me. My name is Thorsten Behrens. I work for CIB. That's the company we provide services around liberal office among other things.
01:01
Lots of other cool products there, but I'm here to talk about liberal office. So this is what I'm focusing on. Yes, I've been involved with the project since quite a number of years. It's close to 18 years by now. And I was among those people who walked away
01:24
from Oracle back in the day. And yes, other things I'm doing in my spare time like hacking and rooting for open source and open standards. So yes, I don't have to remind you of that, I guess.
01:43
I think you're all aware. 2018 and Germany is finally waking up to digitalization. I think that's my impression. So it's finally getting somewhere after just talking about that and putting that on meeting agendas for about 10 years.
02:04
So yeah, waking up. Question is, and that's why this topic is here and not on some Berlin summit with the politicians, is what the hell can we do with free software
02:21
when it comes to that whole topic like converting paper-based old school office workflows to the 21st century? First off, I will bore you a little bit
02:41
with an alphabet soup of standards and five letter acronyms. First of all, when you want to convert an office workflow
03:00
to something digital, what you really need is a way to sign stuff like the old paper-based workflows like people were signing and co-signing and signing again and bring little marks on every page so that you can't just swap the pages in a contract. So what you need to do for that,
03:21
for putting that on the computer is crypto and standards for that. And there's some European Union stuff here and some international stuff all based on this advanced electronic signature. This is X.509 standard and requirements on top of that.
03:46
That's the Wikipedia page if you are so inclined to look that up. And there's various sub-standards for PDF, for XML and for computer messages like email and other things.
04:02
So paid us, say this and say this. And the European Union, of course, couldn't stop itself from adding a bit more words to that. And they have this, you might've heard about this, this AIDAS electronic identity
04:23
digital advanced something standard. And if you want to do anything, that's admissible in a court or that you want the other side to bind yourself,
04:41
then you really want to use that for inside the European Union. And it has a number of extra features on top that I will like on top of this AIDAS that I will get to in a moment. So it's actually more than 20 years ago
05:01
that things started a little bit here in Germany with a law that codified that you actually can sign something electronically. And so that was the first time that entered into law that the recognition that there's something like an electronic signature, and it wasn't very practical.
05:22
The requirements to be able to use that were rather steep, so no one was really using it. And things started to move 2014 with this European Union level AIDAS standard that came into force in 2016 here in Germany,
05:40
two years ago, and replaced all this other nonsense. And with that, things really started to move, and people started to pick that up and use that in real life. Also with this new government ID that since 2010 gets issued,
06:02
it also has signature and encryption functionality on that. So let's say six years ago, things started to move slowly, and by now I think we're there with enough critical mass that indeed for real life and for real users out there both in government
06:23
and in the private sector, this starts to get used on a wider scale. So there's a, this AIDAS is essentially just adopted in Germany, so when you, there's not much extra law around that,
06:43
no copy, no clone of that, there's just this VDG for Traunstein's Gazette that's kind of auxiliary to that, and defines a few open questions there. And it also says a few things about like who is,
07:03
who's certified, who's allowed to issue certificates that have this, this advanced, the, a wider signature eigenschaften. So with that, those initially strict requirements
07:25
got softened a bit, and with, for example, electronic invoices, you get a PDF invoice and it is valid even without this qualified signature, which is quite helpful because,
07:41
well, usually you get a paper-based invoice and it's not hand-signed by the CEO of the company either, so that just made things much more practical for that. So on the other hand, it really helps, so the idea with the qualified signature
08:02
is like make that equivalent to your own personal handwritten signature, regardless of whether this is in front of a court or towards like partners, private business or towards the government,
08:20
whatever, sign a marriage contract or stuff like that. So there's a number of laws that put that into place and make that possible for Germany that essentially indeed finally make it equivalent
08:43
in all kinds, like for the public office, that's this, verweitungs, verfühungsgesetz, verfarenzgesetz 3R,
09:02
so that it's valid both from you writing to the government and the government writing to you, but when they electronically sign that, it's like a personal signature for the private law, civil code, this BBB, and also in front of the courts, civil process, or long.
09:22
And in front of the court, it's also helpful that the probative value of an electronic signature is equivalent to somebody signing that, which is really what people are afraid of, that they can't prove things in court if it's not all paper-based.
09:41
Okay, so with all that in place, we're in a pretty good shape. I think we're in a better shape than the US, where this is kind of underspecified, in my view. So with this qualified signature that has just a number of requirements,
10:01
you find them down there, so it needs to have a certified issuer, so not any random person can issue that. It needs to be personally identifiable, so there needs to be some proof that it's really you, a person, who signs that. And you need to have, it helps that you have exclusive access.
10:23
For example, you say, well, I lost the certificate. And you say that before somebody shows up with a signed document that would disprove, or at least very strongly hint towards a disprove that you might have signed subsequent documents.
10:42
And it needs a certified signature device, so that usually means not on a mobile phone, not on a random desktop operating system that you enter your passphrase, your PIN code, but a dedicated certified device. And then it's equivalent to a handwritten signature.
11:02
All that said, of course, this AEDAS directive says that all signatures, including those that are not among the listed ones, for example, OpenPGP-based, do have, can be admitted are admissible as proof
11:21
that just don't have such a strong probative value. So it's like a fax that also usually means that probably you did send that. It's just not as strong as a paper copy with a signature, with a handwritten signature on it.
11:42
Good, so enough of boring stuff. Let's get to the fun part. What's possible in free software land these days with, if you wanted to use all this wonderful newfangled things? First of all, you need one of those devices
12:04
to be able to sign with a qualified signature. That's one of them that has some BSI certifications, so that is admissible. Problem is, it got me that and I was very happy, and I started to use that,
12:20
and it didn't quite work on Linux, although the box checked, like, works on Linux, has drivers, but yes, it did have drivers, but they didn't work. So I went on a wild goose chase and figured out that the upstream there
12:42
is really quite a horror. There's no repositories, there's just tarball dumps that are, sometimes they are there, sometimes they seem to have been deleted, but luckily there was a guy, the Sunu JPG, who just took all the tarballs
13:01
and put them in the git repository, so that you have some sort of history there. And then there was some other helpful chap in the forum who proposed the patch to the problem that I was having, so I was just rolling another release for my favorite distro, which is OpenSUSE,
13:22
and after just the weekend of fiddling, it was working. And with that, for example, you can use this new government ID with the RFID security chip on that, and you can actually run that.
13:40
There's some open e-card Java thing that is online and that allows you to connect to, for example, if you want to check how many speeding tickets you got and how many points you have collected in Flensburg,
14:00
you can use that, it actually works. So all this, or if you want to file your taxes, all this, the government and private sector agencies that offer NPA integration actually work with Linux and this card reader.
14:21
What I didn't do, but I could do that, is you load a qualified signature on the signature card. Usually what you get is a separate card for that. So for example, all the lawyers and the doctors, they have separate signature cards,
14:42
but you could use that on your government ID if you want. And then happily do qualified signatures. Code is there, it works, even on Linux. Well, there's something that doesn't work so well, which is this BEA, but that's not a client-side problem.
15:03
That's a, I don't know, it's a kind of problem. I think it's an interpersonal problem with people not doing the right thing. Yeah, so this thing, this open e-card thing that works,
15:23
I'm not gonna demo that, I'm gonna demo liberal for stuff. Which comes now. So we had a sponsored project last year that finished right at the end of this year, and to implement open PGP support
15:44
for LibreOffice ODF documents. That got released, the last bits of that with LibreOffice 6.0, which went live in February this year. So many thanks for BSI for sponsoring that.
16:00
Very cool feature. I talked about that last year at length, so it's not gonna be, sort of gonna be a quick walkthrough to that. There is both signing and encryption possible. No timestamps yet, although that's not the open PGP feature anyway,
16:22
but it could be made to work with this X.509 PKS, timestamping TSA thing that could be just included in the signature, and then you just put some bits there, and then you sign that, that's just not implemented.
16:45
Yeah, if you try that in LibreOffice and it doesn't seem to work, you might need to set GNU PG home, depending on your platform. Encryption stuff needed some ODF extension,
17:02
because it was, signing was already been included. There was a XML D6 standard transcluded in ODF that already specified PGP markup. So for signatures, that is all valid,
17:22
strictly valid and conforming ODF 1.2. For encryption, that was not possible, so we had to extend ODF. I'm very happy to be able to tell you that this got accepted for ODF 1.3. So that's gonna be in the very next revision of ODF,
17:42
which is, I hope, live sometime next year. So the work, so the submission to that standard is already closed since July, and work is now ongoing to draft the first version of that.
18:01
It only works for ODF documents for obvious reasons. We have, as a project, LibreOffice has very little control over other document standards like OXML, although in theory, it would be possible to add it there. The problem is that I'm not sure how the uptake
18:23
would be with other consumers of that standard. So that, for example, would be nice then if Microsoft Office would implement that as well, which I don't know about anything. So yeah, that's this proof. Here, it resolved and targets 1.3.
18:43
Quick walkthrough to that. Why open PGP with all this nice X.509 and AIDA stuff that I was talking about? So this is particularly nice for something
19:00
like distributed organizations like free software projects or NGOs or other activities, other groups that perhaps are worldwide distributed and have no way or don't want any central authority to issue certificates to issue crypto.
19:24
So with that, GPG is really lovely because it doesn't need any central authority. It just needs the web of trust, and there you go. And especially in the free software land, lots of people already have this web of trust and they use GPG.
19:43
It's heavily used also in just for land to sign packages. So it's a very small step usually for most people then also to use that if it works, to use that for documents. And it's very useful to use for documents because usually the document lives outside an email
20:03
once you have send it. And it would be good then to make sure it's not been tampered with and also would be good for certain documents that not everybody can read that if it's on a file share or if you lose a disc or USB key.
20:21
So yeah, this is stuff from last year. Let's skip through that. So we use this GPG-ME, which was kind of a API towards GPG. It's cross platform, and it's pretty much just handing over the data
20:42
to this GPG-ME and telling it, encrypt that for this target keys and sign it, sign the data with that key and everything else happens inside that. So the good thing there, there's two upsides to that. One is we don't have to do all the hard crypto
21:03
inside LibreOffice, which is perhaps would be a bit scary with the 8 million lines of code and doing crypto and trusting that with my passphrase. And secondly, the code was already there. So we could reuse it and focus on UI features.
21:21
It also has a drawback, quite a large one, which was massively painful to build on Windows. So that was a bit of a struggle to get that going. So Linux was easy, Mac was moderately easy
21:40
and we only were able to ship the Windows support for the signature stuff with LibreOffice 6.0, whereas Linux support was already in half a year earlier. So yeah, that's what happens. You can also get the key manager up.
22:03
We added some nice UI so that you can actually see that your signature is valid or invalid because previously the only indication of validity
22:20
was this icon here. So if the signature was broken, which is probably what you really want to know about, there was a tiny status bar icon. I don't know about you, but I never looked at the status bar. I mean, this is the bottom right. So this is the worst place
22:40
to put anything to get attention. And it's tiny with current display. So we added this, the status bar thing also was a helpful button that you can press, that you can check, edit the trust level for that signature.
23:01
I think I lost sound, so I'll just speak up. Right, so this is the list of keys. So usually the idea behind that was since GPG is sometimes a bit rough at the edges, like the tools is like for people
23:21
who love the command line and if they don't use the command line, then they still want all available information there. So if you look at Cleopatra or other key management solution, it's rather, I would say, power user level, not necessarily suitable for the random office end user.
23:44
So we were trying to put everything that you really need to do with OpenPGP inside LibreOffice UI. So kind of cut down functionality bare bones, but usually what you need just to make it like easy to take that up.
24:05
So yeah, and then we defer to platform stuff for all the more advanced things like Seahorse, Cleopatra, also just pin entry thing. This is like, there's never any key material
24:20
nor password entering LibreOffice process at no time. At least not for OpenPGP. For X.509, it's all different. This is all down. So markup there, maybe we can skip that as well.
24:40
So it's XML desig based. So you have a little XML file and some hashes over all the ODF screens, like content, styles, whatever there is. And then some signature just over this signature markup that includes all the digest values from the substream.
25:03
That's broadly how it works. Encryption also works. Started with, we shipped that with LibreOffice 6.0, which is now at a very useful and stable version.
25:20
So if you're using LibreOffice in a distro or on Windows probably you have the 6.0, so that's all there, you can use that. For Windows, you will need to install GPG for Win. For Mac, you will need to install GPG tools. For Linux, I'm pretty sure you will, depending on your distro,
25:40
but Ubuntu and Debian will have that out of the box. That's all there. So you just need the GPG binary, but that should be there. And then you have this little checkbox there when you save, and you can say encrypt with GPG, which is really lovely because the only thing, the only way to encrypt documents before
26:02
ever in LibreOffice was by using a password. So there was no X.509, no, there was just no crypto except for just entering a password to encrypt your documents. And it was, when we were talking about that
26:20
some two years ago, two and a half years ago, I was quite surprised that there was, because this is really not usable. I mean, if you, this is perhaps useful for your own documents, but it's never useful to share documents with that, but because you always need a way to transfer, to send the passphrase by a secure channel.
26:41
So it's just not useful. Right, and you can combine that with signing, of course. So you can encrypt and then you can say, okay, the encrypted content, I will sign that to provide authenticity, that it was really me who sent that,
27:02
and that all the macros that are inside are not, well, if they kill your cat and destroy your computer, then you can clearly blame that on me because I signed it. Right, so then you can pick it, just with email, you pick a list of recipient.
27:21
There's bits of, it's a bit less convenient. Email is just, it's clear from an email, who's the recipient for an office document, you need to manually multi-select here. You can pre-select your own keys so that you can always encrypt yourself.
27:41
That's under tools, options and LibreOffice. And what we did there again, we were reusing code that was already there. So there was already AES-based encryption, but the key for that AES cipher was used,
28:01
what was generated by this passphrase. So what we did, we were just taking a proper random 64 characters passphrase, and we were using that and we were encrypting like this hybrid encryption, exactly like mail works with GPG.
28:20
So there's a session, there's a session key and this is a symmetric encryption and the GPG public key cryptography is only used to encrypt the session key. And that's exactly the same here. And again, there was code already there in LibreOffice and the only thing we added
28:41
is the GPG connection, the implementation and passing it. So we're back to GPGME and getting the encrypted key back. And some meter data, so we're also passing the public key that was used to encrypt that
29:03
and some other key infos. And this stuff is, you see that namespace here is LOX. So right now what you're writing is an extension to ODF. This is not, this is valid ODF 1.2, but extended conformance, it's not strictly valid
29:23
because for that you must not use any extension namespaces. Coming ODF 1.3, this is gonna be in the office namespace. And that's already code in LibreOffice 6.1 that shipped from some three weeks ago, I think that can read that.
29:42
And we will switch that to writing that once this is the ODF 1.3 is published. So X.509, this has been inside LibreOffice since many years, I think since 2006, seven around that time,
30:03
implemented by Sun Microsystems back in the day, it's available both for ODF and OXML. And it's available for the built-in PDF export. So you can, when you export to PDF, you can say, I want to sign while I'm exporting.
30:21
So click demo, it's probably hard to see,
30:45
but there's a digital signature tab page and the PDF options where you can select the key and provide various other like, why are you signing that and stuff. So when this, and this is, of course,
31:02
that remembers what you do there, then you say export, and it's gonna ask you for the Mozilla certificate store or on the windows for your windows crypto store password. And then you have it all signed at the moment it gets exported.
31:29
Where's my slides.
31:49
Stay with me for a second. I'm almost there. Yeah, for Linux, if you don't see any certificates,
32:01
you might want to set the, this environment variable Mozilla certificate folder. You can also point that at the Thunderbird. If you have email, if you have X.509 email certificates, you can point it there and it will find it. So for Linux, LibreOffice has no own store for certificates.
32:25
It's not yet using, although it could, the GPGME interface for that. That's one, that will be one useful addition. Problem with X.509 was that for Linux, there was never any dedicated central authority
32:43
in the system that was storing those certificates. Just usually people had Mozilla installed and were putting their certificates there. For Windows and Mac, that's just using the operating system crypto store.
33:04
PDF also allows time stamping. So that is a, there's a number of services that provide digitally signed timestamps. So you just add a number of servers, timestamp authorities that you can later pick on
33:23
during PDF export. And it's like not only a signature, but it's also a trusted date, when the date, whenever the date is relevant, like time when contract enters into force. So that works as well.
33:41
That does not work for neither ODF nor OXML. So if you need timestamps there for your signatures, then, did I mention we're always looking for sponsors? And we're always looking for projects to make it even better.
34:02
So there will be one useful addition to add timestamps to the document form. It's not, PDF is more like a printed paper. This is like immutable thing that you don't want to change anymore. And if you want to sign a document,
34:23
because for example, you want to sign off on a revision and the date is somehow relevant, and you need to prove that you signed at a certain date, that will be quite useful, but it doesn't work yet.
34:41
What else do we have? We have another wonderful project. In this case, that was funded by the city of Munich, the Limox project and wait for it, it is signature lines.
35:05
So I don't know if you might have seen that in PDF, that's when you digitally sign a document, there's an option that you get this sort of facsimile signature. It's just an image and has some meter data associated.
35:23
So you can add a comment that usually gets a date and your name there. And that's been available for Microsoft Office documents since a while that was not implemented in LibreOffice. There's no provision for that in ODF,
35:44
but for obvious reasons, that's a useful feature, especially if you want to replace paper-based workflows and you want users to kind of have a familiar experience. So they're kind of used to at the end of the document to see a physical signature
36:01
and perhaps they feel the urge to then print the document and then it still has a sign that it was signed before. So there was requirement to implement that. And so we did 6.0 earlier this year, added the import for XML 6.1,
36:23
which was out, as I said, three weeks ago, has the full round trip for our works and has ODF support, initial ODF support. Again, this is not standardized. So this is an ODF extension.
36:42
So yeah, that needs some work there on the TC. So that's not gonna make ODF 1.3 simply because the sun has already set on submissions for that standard. Oh yeah, and 6.1 also added the actual interesting part,
37:01
which is that not only does the nice image that you signed this document, but you actually signed the document with a digital signature. Which, as I was preparing this talk, I realized that for 6.1, that works wonderfully for X.509, but it's a little bug still for GPG.
37:23
So it does sign that, but it modifies the document after the signing, so then the signature becomes invalid. But that's probably a very easy fix. That's how it looks. So pretty much like in Word,
37:40
pretty much like in PDF, you get this little X thing, like sign here, and then you put your signature there. Usually that's gonna be your name. What's not yet implemented, that's planned for LibreOffice 6.2, is having an actual facsimile image of your signature,
38:03
some scan of your signature. That's, it's just a implementation detail so that the data is there. The OXML standard provides that. It just needs extracting and then implementing that.
38:26
So let me just try and play a bit with that, so that you, how are we looking time-wise? Maybe some quick demo.
38:48
So first of all, this is some Windows VM here. And some text, and you save that.
39:16
Is that visible or is that too small?
39:30
A little bit larger. So then you go here, and you go there, and then you go and get this list of signatures.
39:44
Obviously there is none, because I just created the document. Then you go here, and then you get this integrated view of all the key materials that you have, which is in this case, one X.509 key and one OpenPGP key.
40:01
And then you say, why did I sign this? It's a demo. Then you get the key entry, which as I said, no key material ever enters
40:23
the LibreOffice process. It's even better. No key material ever leaves the GPG for win. And now we have the signature. You see there's some, hopefully you see that it's this little CL image here. So the signature is valid,
40:42
and you can look at that. There's not much information, just the validity. And when you say close, then you get this nice blue, calming, wonderful line that says everything as well. Signature is there, and it's also valid.
41:07
Same story for encryption. So whenever I save, that's another thing that perhaps a lot of improvement could get into for LibreOffice.
41:23
Whenever I save a document that has a signature, the signature gets removed. When I change the document, this is inevitable, because I changed the document. And I just save it unmodified somewhere else. Perhaps that could be kept,
41:41
but right now it ain't. So I check this box, and I get me some recipients. This is a slightly different list
42:00
that does not give any X.509 certificates simply because that's not used for encryption. And of course, it's not the ones that I have secret keys for, but all the ones I have in my key store.
42:20
Okay, now it's encrypted. Now I can optionally sign the newly encrypted document. Let's do that. You notice there's no pin entry, so that just simply because it's using
42:41
the one from GPG4Win, there's a timeout, so I have to think it expires after 20 minutes per default. It's also very useful to be able to do that in day-to-day life, not to have to enter your passphrase constantly.
43:01
And it's signed and encrypted. So if you want to check that, it's really encrypted. We could open the...
43:52
So all the streams are encrypted except for one,
44:01
no, except for two, which is the first is the manifest that says what's there and how to decrypt that. And the second one is the signatures, which just signs the container. So just to wrap around that.
44:22
Okay, enough of a demo. For the Userland tools, simply because liberal office sometimes is with bare bones.
44:43
And also what I'm interested in really to have a free software desktop that is able, with that you're able to participate in digital workflows and digital office workflows. So quite important is how to check digital signatures.
45:02
For ODF or XML, just load the bloody file. The liberal office, it will tell you with this status bar for PDF, same story. You can also just load that in liberal office and it will also tell you whether the signature is valid or you go to the command line.
45:23
There is a part of popular, there's PDF sick tool and you go and run it and it will tell you whether it's valid or not.
45:51
So in this case for that document, it's valid, but certificate has expired. It would also,
46:01
no, what it's not doing is it's not really telling you anything about TSAs. If you need that, there's another tool I will get to that in a second. What's missing here simply because this is already popular. So this is already what everybody's using anyway in events in ocular.
46:22
Any hooking that up to the UI that will be quite useful then if the PDF viewer would also tell you anything about the signatures. So yeah, that's really nice.
46:41
I just figured that out while preparing for the talk. There's an official digital signature service European Union project that's apparently funded by European Union money. And it's open source, it's LGPL. That's the URL. That's the GitHub repo. And there's even a ready-made Maven bundle
47:03
for the web service. So if you don't want to use this demo site here to throw your private content at you just host that internally and you will get nice reports like this one. So that says basic signature is valid.
47:24
Timestamp has a problem because I was using some free service and the signature has expired. So this is the most verbose and most complete output that I found you can get with free software for PDF signatures.
47:49
Okay. And that gets me pretty much to the end of the talk. A bit of roadmap. I was mentioning a few things,
48:00
a few obvious improvements that we could do. That started with liberal office 5.4 with the signing. We're now at 6.1. We have pretty much everything in place for basic support for both X.509 and open PGP.
48:24
There's obvious improvements that can be done that I don't have except for the signature line stuff which is ongoing that will be finished for 6.2. I don't have any current funding for that. So if anybody has any hints or knows anyone
48:42
or can propose something, I would be very happy because this is important stuff. I'd really love to continue improving the open source desktop there when it comes to encryption and signature workflows.
49:02
Yeah, and the, well, the ODF, of course that's another area that needs work. So that's probably gonna end up in 1.4 if we have that or in ODF 2.0, depending on how the standard sanitization work is going there.
49:23
Other than that, what's really nice with liberal office is that there's other governments, other people working on that. There's been funding from the Dutch government, especially in the PDF area. There's been a crowdfunding in Switzerland to improve that.
49:48
There's countries like interestingly Hungary and other than the Baltic States who are much, much further along with digitalization who are interested in at least provide
50:02
smaller improvements and bug fixing. And as of course always the problem that stuff breaks as I just experienced with a card reader. So having people actually using that in day-to-day life would be also quite helpful so that we don't accidentally break stuff from that stack.
50:25
And other than that, I'm pretty happy, pretty confident that the state of F-Harris is pretty decent and some small things missing, but I think we're almost there to have a proper
50:41
on a level of Microsoft Office workflow for digital signing and encryption in an office setup. Okay, and with that, I'd like to thank you very much for your attention and would like to open for questions
51:01
if there's any, there must be questions.
51:23
Hello, thanks for your talk. I wanted to ask about usability for non-tech users. Is there a documentation or is it still waiting for that site? Yes, there is documentation. Documentation unfortunately is sometimes trailing a bit behind because with the release cadence
51:44
for LibreOffice every half a year, it usually takes another half a year for the documentation to catch up for the signature stuff. There is documentation for the signature line stuff. I think it's just in the works,
52:01
but you will find that in the LibreOffice help, there's brief, there's some brief entry, but there's also the box for LibreOffice. So, and I think the last release was 4660. I think, correct me if I'm wrong.
52:32
So I just got confirmation that there's a help page because Bubli wrote some.
52:40
I couldn't read all the things there, but as I understand, the XML frame remains if you have an encrypted document and just the text itself is encrypted inside of this XML frame. Yes, yes. So the structure of the ODF package, which is just a zip archive with a number of files inside
53:01
that remains, that stays the same, but each individual file then gets encrypted. And if a signed document is converted, exported as a PDF, does it have to be signed again or is the signature maintained?
53:21
No, it has to be signed again because it's a different, so you change a single bit in the signed document and the signature becomes invalid. Otherwise, there won't be any point in signing if you could tamper with the content. And if you want to resign, you then again need authorization.
53:42
So you need to ask the user for the passphrase or hand it over to the GPGME, which again then implies some authorization. So a new representation, it's like photocopying a piece of paper. There's then the photocopy of the signature,
54:02
but it won't be valid. So you need to sign it again. The same story is pretty much the same. The same concept was there with PDF. But I mean, perhaps the question behind that, of course, it could be, the user could be prompted with a dialogue to sign
54:22
when liberal office detects that it's a signed document. Whether that is always useful. There's about a million useful improvements, especially when it comes to usability for that.
54:40
It's pretty, especially the encryption stuff is pretty new. I would still label that experimental, although I use that in production. But just from a mere usability, like there's things that you don't want to tell liberal office every single time. You don't want to tell liberal office every single time. And yes, I want those 10 people
55:01
to be able to read the document. Right now you have to do that and many other things. It's a question, it's more concerning the future.
55:24
And it's not to this specific subject, but could you tell us something whether you and your team are also thinking there's of course, let's say secret services, and they are always trying to crack this end to end
55:40
encrypting by tracking exactly what you're typing. So could you just tell us one or two sentences whether you and your team or other colleagues are also working on this subject? No, I don't think this falls into at least not my personal area of expertise. And that's why I was so happy to use
56:03
the GPGME for the OpenPGP stuff. Because this is one very small piece of code that does this pin entry thing, and it's a separate process and it's much more so effort, money, whatever, code reviews, auditors, it's spent much better on that
56:24
rather than having to audit 10, 8 million lines user facing applications like liberal office. So the way we deal with that problem is that we say it's somebody else's problem, but in a good way. So we use something that is designed
56:40
to be as secure as possible. And not, so again, the key materials, the key ring, the secret key, liberal office never sees that liberal office just hands over the data and lets new PG do all the hard stuff. And regarding, I mean, preventing a key logger
57:03
to see key inputs, I think it's an entirely different class of problems than that I'm solving here. So I'm happy that other people do that and I don't have to.
57:21
That said, I mean, so the broader picture of course is to make it hard to read documents. And the encryption support is one piece of the puzzle there because suddenly stuff is encrypted on disk. So data in transit, data in an email, data on an HTTPS stream these days usually is encrypted.
57:44
That's people, the NSA, Snowden after that, people make damn sure that data in transit is encrypted at all times. But data addressed, data on your disk, data on the file share, data on a USB key usually is not.
58:03
And with that, making it very easy and very transparent to use crypto with liberal office for documents is one piece and the puzzle to make that, to tackle that sort of problem so that the users doesn't have to think, it's just encrypted at all times,
58:21
at least if it's a sensitive material. Probably you don't want to do that for your 50 megabyte spreadsheet because it just gets a bit slower. But for, or but if you have, well, if you're working in some NGO, if you really have sensitive content
58:42
that you don't want people to easily read, then just go for that so that you don't accidentally have it sitting unencrypted anywhere. Five minutes left, I see maybe one last question.
59:06
I'm wondering once the signature was created, will it be encrypted immediately or user can choose to encrypt it or not?
59:20
And if it's not encrypted immediately, how do we protect that the signature cannot be created by other users or like others cannot fake another signature? Okay, so first of all, there's signing and encryption.
59:41
That's kind of two sides of the different, like you still use crypto for both, but it's one, make sure that the document is not tampered with and the other make sure that nobody can read the document except the people who have the private keys. So you can use both. As I showed you.
01:00:00
So you first encrypt it, then you say, okay, now it's encrypted, now I want to sign it, I want to like validate it, make sure that this document was created by me and has not been tampered with. The trust that you put on a signature
01:00:21
depends on many things. So for the classic X.509 certificates, it's just trusting the route of the trust chain, that the route of the issuer of the certificate signs your version of it. So if you don't trust the issuer,
01:00:41
you shouldn't trust the certificate. If you trust that the government probably checked your identity before issuing you the certificate, then you can probably trust it. For OpenPGPG, it's the web of trust. So it's just, okay, you see your 10 best friends have signed this key from that person,
01:01:00
so probably it's really that one. And then you check, is the signature valid? Do you trust the certificate? Do you trust the key? And is it still valid? And if all three are true, then very likely it's authentic. Okay, so that gets us right there,
01:01:25
sharp at the end of the talks. Thank you very much indeed. Enjoy the rest of the FrostCon. See you.