github esig/dss 5.6.RC1
Release Notes - eSignature DSS - Version 5.6.RC1
on GitHub

latest releases: 6.0, 5.13, 5.13.RC1...
pre-release4 years ago

The main points for this release are :

  • Complete rewriting of the TL/LOTL loading with :
    • online / offline refresh
    • 3 caches (download / parse / validate)
    • multiple LOTL support
    • multiple TL support (not linked to a LOTL)
    • Pivot LOTL support
    • Synchronization strategy (eg : expired TL/LOTL are rejected/accepted)
    • multi-lingual support (trust service matching)
    • alerting (eg : LOTL/OJ location desynchronization,...)
    • complete reporting (summary of download / parsing / validation)
  • Independant timestamp creation and validation (not linked to a signature, with ASiC and PDF)
  • Timestamp qualification
  • Internationalization of the validation reports
  • Multiple Trusted Sources support
  • XAdES support of different prefixes / versions

    Release Notes - eSignature DSS - Version 5.6.RC1

    Bug

    • [DSS-1140] - XAdES build break too easily in apply transformations (+XSLT)
    • [DSS-1531] - XAdES 1.2.2 extension
    • [DSS-1568] - PDFObjFactory.setInstance does not properly restore default behaviour
    • [DSS-1612] - Missing signer for LOTL results in TOTAL_PASSED certificate validation
    • [DSS-1674] - Trusted certificate and trust service matches
    • [DSS-1684] - No DataLoader defined to load Certificates from AIA extension
    • [DSS-1754] - Invalid signature on LOTL does not prevent DSS from using corresponding trust anchors in validation process
    • [DSS-1755] - After TSLValidationJob.refresh the new state is not always used
    • [DSS-1756] - Incorrect signing algorithm in diagnostic time stamp basic signature
    • [DSS-1765] - XAdES level T with a self-signed certificate ends with an error in 5.5.RC1
    • [DSS-1767] - JdbcRevocationSource - drop table not working
    • [DSS-1768] - PLAIN-ECDSA Cryptographic check fails...
    • [DSS-1770] - Enveloped XaDES scope validation issue
    • [DSS-1788] - XAdES: PublicKey only validation is not handled correctly
    • [DSS-1789] - Cannot sign DocumentDigest with CAdES Baseline LT ou LTA
    • [DSS-1791] - Handling of unknown key sizes (algorithm expiration date not found)
    • [DSS-1792] - ASiC validator doesn't consider files within /META-INF as signed data objects
    • [DSS-1794] - Embedded CRL's in PDF not found by DSS Validator.
    • [DSS-1809] - ASiC-E with CAdES : Validation of archive manifest files
    • [DSS-1801] - ETSI VR misspelled SignatureValidationProcessID URI
    • [DSS-1802] - ETSI VR RevocationValues for CAdES Signatures
    • [DSS-1803] - Standalone demostration app error configuring mock TSA keystore
    • [DSS-1804] - Rootfile attribute missing when a new ASiCArchiveManifest is added to ASIC-E with CAdES container
    • [DSS-1805] - ASiC-E: Adding the revocation data for a previous ArchiveTimeStamp modifies the CAdES signature file
    • [DSS-1806] - Wrong information added to XAdES TimeStampValidationData
    • [DSS-1807] - ETSI VR Certificate Chain - Intermediate certificate
    • [DSS-1811] - XAdES : incorrect digest algorithm used for detached references (DigestDocument)
    • [DSS-1838] - NullPointerException when trying to sign a DETACHED CAdES pkcs7 signature file with DETACHED CAdES
    • [DSS-1842] - Issue with validation with external certificate submission
    • [DSS-1867] - Removed empty-check for policyDigestMethodString in XAdESSignature breaks validation of XAdES Signatures
    • [DSS-1869] - Bad URI encoding in ASiCManifest.xml in CAdES signature containers
    • [DSS-1881] - WebServices : unable to create a RSASSA-PSS signature
    • [DSS-1886] - NullPointerException during XAdES verification
    • [DSS-1888] - PdfBoxSignatureService logs personal data
    • [DSS-1889] - CommonsDataLoader does not allow loading SSL truststores from the classpath
    • [DSS-1892] - Verifying multiple Counter Signatures
    • [DSS-1896] - Validator skips online requested OCSPs on VTS process
    • [DSS-1912] - Method getTimestampList returns timestamp without signing certificate (while using getTimestampIdsList does not)
    • [DSS-1920] - Certificates in CertificateValues should be considered as candidates for signing certificates
    • [DSS-1931] - New default OCSP certID hashalg SHA-256 leads to problems with PKIs
    • [DSS-1932] - Revocation consistency check fails if certificate and CRL were generated at the same second
    • [DSS-1936] - Validating signature generated with 2047 RSA key fails
    • [DSS-1937] - Failed validation of XAdES signatures with more than one XML Element with ID=""
    • [DSS-1942] - JdbcRevocationSource : unable to store a CRL with particular signature algorithms

    New Feature / Improvement

    • [DSS-1309] - Validate against custom XSD
    • [DSS-1414] - Ability to locally specify an PdfObjFactory instance
    • [DSS-1494] - Improve OpenDocument support
    • [DSS-1525] - The parameter signatureName in PAdESSignatureParameters
    • [DSS-1595] - Support for Pivot in cache
    • [DSS-1631] - Provide OpenAPI v3 spec for REST API
    • [DSS-1727] - Add webService for TimeStamp creation
    • [DSS-1746] - Parameterizable xades version in XAdESSignatureBuilder
    • [DSS-1750] - XAdES : review XPath expression generation
    • [DSS-1751] - XAdES : customizable prefixes
    • [DSS-1752] - Allows to configure several TrustedCertificateSources
    • [DSS-1766] - PAdES : possibility to deleguate the CMS creation
    • [DSS-1769] - Add a spec module for ASiCManifest
    • [DSS-1790] - Enforce null check for signature parameters on creation/extension
    • [DSS-1798] - Demonstration Webapp : signature from a digest
    • [DSS-1799] - Upgrade BouncyCastle (1.63)
    • [DSS-1815] - Upgrade PDFBox
    • [DSS-1816] - EU-Hackathon 2019: Timestamp only validation
    • [DSS-1819] - EU-Hackathon 2019: Review exceptions
    • [DSS-1820] - EU-Hackathon 2019: Timestamp qualification verification
    • [DSS-1829] - Upgrade BouncyCastle (1.64)
    • [DSS-1837] - Allow to configure the reserved space for PAdES extension (/DocTimestamp)
    • [DSS-1848] - Standalone application : download LOTL/TL on request
    • [DSS-1855] - TL-Loading : review dates usage
    • [DSS-1864] - Unclear wording in detail report
    • [DSS-1866] - Missing i18n for verification result - class eu.europa.esig.dss.validation.process.MessageTag
    • [DSS-1887] - Report the presence of extra SignerInfos in PDF signature CMS containers
    • [DSS-1890] - Allow to create timestamped ASiC S/E
    • [DSS-1907] - Demonstration Webapp : Add a page to timestamp document(s)
    • [DSS-1915] - Demonstration Webapp : allow to validate detached signatures from digest(s)
    • [DSS-1921] - Internationalization of the detailed report
    • [DSS-1923] - Create a DocumentValidatorFactory for the DetachedTimestampValidator
    • [DSS-1925] - Expose the timestamp method with SOAP/REST
    • [DSS-1926] - Demo : possibility to provide Base64 certificate
    • [DSS-1933] - Jacoco : migration to XML report
    • [DSS-1938] - Refactor ValidationProcessForTimeStamp
    • [DSS-1941] - Demo / Reports : replace icons
    • [DSS-1948] - PKCS11 : add the possibility to specify the slotListIndex
    • [DSS-1949] - Complete the bootstrap 4 migration

    Task

    • [DSS-1739] - Migration JUnit 5
    • [DSS-1775] - TL Loading rewriting (Part 1)
    • [DSS-1800] - TL Loading rewriting (Part 2)
    • [DSS-1832] - Signature placement in XAdES according to OASIS DSS standard
    • [DSS-1883] - Update Webapp with new TL-Loading dates
    • [DSS-1922] - Module-info review
    • [DSS-1924] - Update cookbook
    • [DSS-1939] - Demo : Upgrade CXF

    Sub-task

    • [DSS-1782] - Introduce a state-machine to control the cache transitions
    • [DSS-1793] - Create the TLValidationJob
    • [DSS-1812] - Enforce revocation data update for non-timestamp certificate chains
    • [DSS-1813] - Signing of LTA ASiC-E CAdES removes archive timestamp from the container
    • [DSS-1825] - Add the possibility to alert from the TL Loading
    • [DSS-1827] - Demonstration Webapp : Improve the Trusted Lists webpage
    • [DSS-1828] - Demonstration Webapp : Add a webpage with the pivot changes
    • [DSS-1830] - Diagnostic-data : support of multiple LOTL
    • [DSS-1836] - Introduce a synchronization strategy
    • [DSS-1856] - Orphan revocation data present in two signatures causes marshalling error
    • [DSS-1857] - RefsOnlyTimestamp has duplicated timestamped objects in DiagnosticData
    • [DSS-1858] - Algorithm expiration date is wrong in the Validation Report
    • [DSS-1859] - XAdES : avoid stacktrace in case of null IssuerSerial
    • [DSS-1860] - CAdES: support of ats-hash-index-v3
    • [DSS-1861] - TimestampCoherenceOrderCheck improvement
    • [DSS-1870] - Handle zero policy hash value
    • [DSS-1871] - CAdES : ContentHints extraction fails with IllegalArgumentException
    • [DSS-1895] - PAdES : handle a signature referenced from multiple fields
    • [DSS-1899] - PAdES : Detect a timestamp based on the type of a dictionary
    • [DSS-1902] - ETSI VR : add basic building block details for timestamp/revocation
    • [DSS-1903] - X.509 Certificate Validation prioritized on Cryptographic Verification
    • [DSS-1904] - Fail signature validation if a provided file contains a signature's duplicate
    • [DSS-1905] - Filter revocation data on X.509 certificate validation
    • [DSS-1917] - Revocation cryptographic constraints not met due to OCSP SHA1

    Support

    • [DSS-1491] - TSL loading/parsing reports
    • [DSS-1559] - Support for custom trustbase
    • [DSS-1597] - isSignatureValid() return false
    • [DSS-1605] - TL freshness check
    • [DSS-1850] - DiagnosticDataBuilder trustedCertificateSource silently ignoring sources
    • [DSS-1876] - Class MessageTag is not internationalizable
    • [DSS-1909] - Simple BES XAdES signature validation not passed. But in many verifiers is ok.
Check out latest releases or
releases around esig/dss 5.6.RC1

Don't miss a new dss release

NewReleases is sending notifications on new releases.

Get notifications