Open-XML-SDK

Open-XML-SDK copied to clipboard

Describe the bug Validating a SpreadsheetDocument using OpenXmlValidator breaks digital signatures.

Screenshots

To Reproduce

using var document = SpreadsheetDocument.Open("valid.xlsx", isEditable: true);
var validator = new OpenXmlValidator();
// This line breaks the signatures
validator.Validate(document);
document.Dispose();

Steps to reproduce the behavior: Create .xlsx file using Microsoft Excel and add digital signature or signature line and sign it.

Observed behavior Some parts (styles.xml and workbook.xml) get modified, which breaks digital signatures.

Expected behavior No changes should happen when simply validating a package.

Desktop (please complete the following information):

• OS: Windows
• .NET Target: net6.0
• DocumentFormat.OpenXml Version: 2.19.0

Additional context When the document is loaded with the isEditable:false option, the issue does not occur.

Is there a scenario where you need to pass isEditable:true but don't want to change it?

We can investigate what is changing here, but if the flag is being passed as isEditable=true, then you're opting into things potentially changing, which would break any digital signature. It may be an interesting exercise to understand what is changing, but I'm not sure this is unexpected given that you're opting into things changing.

I am appending a co-signature or prolonging the previous signature and aiming to authenticate the package prior to saving it. The addition or extension of signatures does not invalidate the preceding signature.

@petarpetrovt In case this is still blocking you... As a workaround, you could make the changes, clone the changed package, validate the clone and then save the original. I tried this approach and it appears to work. After validation, the clone does have some minor changes but the original is intact.