diff --git a/xmlsecurity/CppunitTest_xmlsecurity_signing.mk b/xmlsecurity/CppunitTest_xmlsecurity_signing.mk
index 7339800107a7..37d1c2a7dea7 100644
--- a/xmlsecurity/CppunitTest_xmlsecurity_signing.mk
+++ b/xmlsecurity/CppunitTest_xmlsecurity_signing.mk
@@ -26,6 +26,7 @@ $(eval $(call gb_CppunitTest_use_libraries,xmlsecurity_signing, \
 	subsequenttest \
 	test \
 	tl \
+	ucbhelper \
 	unotest \
 	utl \
 	vcl \
diff --git a/xmlsecurity/qa/unit/signing/data/signature-forgery-cdh-lfh.docx b/xmlsecurity/qa/unit/signing/data/signature-forgery-cdh-lfh.docx
new file mode 100644
index 000000000000..532705ecf0b5
Binary files /dev/null and b/xmlsecurity/qa/unit/signing/data/signature-forgery-cdh-lfh.docx differ
diff --git a/xmlsecurity/qa/unit/signing/signing.cxx b/xmlsecurity/qa/unit/signing/signing.cxx
index 5646a2afa6b6..2a3819768bcd 100644
--- a/xmlsecurity/qa/unit/signing/signing.cxx
+++ b/xmlsecurity/qa/unit/signing/signing.cxx
@@ -20,6 +20,7 @@
 #include <test/unoapixml_test.hxx>
 
 #include <com/sun/star/beans/XPropertySet.hpp>
+#include <com/sun/star/document/BrokenPackageRequest.hpp>
 #include <com/sun/star/embed/XStorage.hpp>
 #include <com/sun/star/embed/XTransactedObject.hpp>
 #include <com/sun/star/security/CertificateValidity.hpp>
@@ -46,6 +47,7 @@
 #include <biginteger.hxx>
 #include <certificate.hxx>
 #include <xsecctl.hxx>
+#include <ucbhelper/interceptedinteraction.hxx>
 #include <sfx2/docfile.hxx>
 #include <sfx2/docfilt.hxx>
 #include <officecfg/Office/Common.hxx>
@@ -1243,6 +1245,31 @@ CPPUNIT_TEST_FIXTURE(SigningTest, testODFUntrustedGoodGPG)
                                  SignatureState::NOTVALIDATED, nActual);
 }
 
+CPPUNIT_TEST_FIXTURE(SigningTest, testInvalidZIP)
+{
+    // set RepairPackage via interaction handler, same as soffice does
+    // - if it's passed to load the behavior is different, oddly enough.
+    std::vector<::ucbhelper::InterceptedInteraction::InterceptedRequest> interceptions{
+        { css::uno::Any(css::document::BrokenPackageRequest()),
+          cppu::UnoType<css::task::XInteractionApprove>::get(), 0 },
+    };
+    ::rtl::Reference<ucbhelper::InterceptedInteraction> pIH(new ucbhelper::InterceptedInteraction);
+    pIH->setInterceptions(std::move(interceptions));
+
+    uno::Sequence<beans::PropertyValue> args = { comphelper::makePropertyValue(
+        u"InteractionHandler"_ustr, uno::Reference<task::XInteractionHandler>(pIH)) };
+    loadWithParams(createFileURL(u"signature-forgery-cdh-lfh.docx"), args);
+    SfxBaseModel* pBaseModel = dynamic_cast<SfxBaseModel*>(mxComponent.get());
+    CPPUNIT_ASSERT(pBaseModel);
+    SfxObjectShell* pObjectShell = pBaseModel->GetObjectShell();
+    CPPUNIT_ASSERT(pObjectShell);
+    // the problem was that the document Zip structure is interpreted
+    // misleadingly in RepairPackage case, but signature was still returned
+    // as partially valid.
+    CPPUNIT_ASSERT_EQUAL(static_cast<int>(SignatureState::BROKEN),
+                         static_cast<int>(pObjectShell->GetDocumentSignatureState()));
+}
+
 /// Test a typical broken ODF signature where one stream is corrupted.
 CPPUNIT_TEST_FIXTURE(SigningTest, testODFBrokenStreamGPG)
 {