Skip to content

Release Notes - eSignature DSS - Version 6.1.RC1

Pre-release
Pre-release
Compare
Choose a tag to compare
@bsanchezb bsanchezb released this 11 Jul 12:21
· 497 commits to master since this release

New features

  • [DSS-3006] Warn the user if the PDF contains annotations done after the signature
  • [DSS-3124] Add policy constraints for certificate attributes
  • [DSS-3181] Add support of ASN.1 Evidence records
  • [DSS-3238] DSS Demos: add configuration of TrustAllStrategy on TL loading
  • [DSS-3240] Add configuration of revocation skip condition in validation policy
  • [DSS-3248] Introduce Document Digest Generator for Evidence Record creation and validation
  • [DSS-3278] Improve cache handling of LOTL/TLs with sha2 files
  • [DSS-3283] Create Document Digest Generator for ASiC containers
  • [DSS-3289] Add a possibility to specify a signature field for a visual time-stamp
  • [DSS-3301] Create Document Digest Generator for Evidence Record renewal
  • [DSS-3315] JAdES : add support of RFC 7519 'iat' header
  • [DSS-3344] Introduce TimestampTokenVerifier
  • [DSS-3364] DSS Demonstrations : add property to configure maximum number of XML manifest references
  • [DSS-3372] Allow partial documents validation within an XML Manifest
  • [DSS-3373] Add JAdES base64url signature parameters to signature creation endpoints

Improvements

  • [DSS-2322] Allow to configure alerts in CertificateVerifier for the signature validation
  • [DSS-2392] Add developer extension augmented documents
  • [DSS-2751] Use CertificateVerifier to enforce certificate validation on signature creation
  • [DSS-2935] Support for ISO 32001 and ISO 32002
  • [DSS-3025] Placing LT signature on document containing LTA signature
  • [DSS-3108] Differentiate RSA and RSA-PSS and validation policy
  • [DSS-3123] PAdESService : verify if the provided document is a PDF file
  • [DSS-3125] Custom CertificateSource implementations for trusted lists certificate sources
  • [DSS-3204] Align Id attributes produced for XAdES timestamps
  • [DSS-3223] Add support of Evidence Records on standalone time-stamps
  • [DSS-3226] Detection of numeric object modification faulty/dubious
  • [DSS-3235] ASN.1 Evidence Records : add verification of digest algorithm
  • [DSS-3236] Merge reference digest algorithm cryptographic validation block
  • [DSS-3242] XAdES: Cannot sign multiple times with Enveloped transform
  • [DSS-3279] DSSDocument.getDigest should return byte array
  • [DSS-3297] ASiC merger : add handling of evidence records
  • [DSS-3298] Configurable revocation update based on maximum revocation freshness constraint
  • [DSS-3326] Ease requirements for JAdES protected headers within 'crit'
  • [DSS-3331] dss-demo - add config property to load Java default proxy settings
  • [DSS-3338] Skip .sha2 file verification for LOTL Pivots
  • [DSS-3367] Allow ASiC signature of 2GB+ documents

Bug fixes / Issues

  • [DSS-2730] Revocation data not considered fresh in LTA with qualified timestamp
  • [DSS-2805] Validation result depends on signature certificate validity
  • [DSS-3053] SVG : notBefore/notAfter dates displayed on hover are duplicated between all certificates
  • [DSS-3191] DSS does not detect duplicated signing-certificate attributes in CMS
  • [DSS-3192] NOT_YET_VALID certificate passes validation when basic validation process returns REVOCATION_OUT_OF_BOUNDS_NO_POE
  • [DSS-3221] Different validation outcomes in two logically identical scenarios
  • [DSS-3228] NPE when two equivalent evidence records with the same filename provided to validation
  • [DSS-3233] ER ArchiveTimeStampSequence time-stamp's validation does not ensure all original documents are covered
  • [DSS-3234] Fix Dockerfile in master
  • [DSS-3239] PdfByteRangeDocument cannot be used on document validation
  • [DSS-3241] Inconsistencies in handling the signature policy ID in XAdESSignature::buildSignaturePolicy
  • [DSS-3269] Double signature annotation when open action is set with destination array targeting the first page
  • [DSS-3271] Cannot compile Transformer for Simple Report PDF when using Saxon-HE 12.4
  • [DSS-3281] DiagnosticDataBuilder fails on evidence record covering an orphan reference
  • [DSS-3323] Wrong timestamp order returned from unsigned properties (BC 1.78+)
  • [DSS-3330] ASiC-E with CAdES validation : ASICManifest documents get duplicated in the report
  • [DSS-3336] QCForLegalPerson qualifier is not processed correctly
  • [DSS-3342] Cryptographic constraint shall be applied at current time for X509 certificate validation
  • [DSS-3348] Possible memory leak in XAdESSignature on Santuario signature creation
  • [DSS-3349] xades signature with empty namespace prefix
  • [DSS-3356] Validation fails when SigningCertificateDigestAlgorithm constraint level is higher than failed Cryptographic level
  • [DSS-3365] DSS returns XAdES-BASELINE-* for a signature without signing-certificate in KeyInfo
  • [DSS-3375] One of the validation-policy tests fails on installation

Tasks / Other

  • [DSS-3008] Replace everit-json-schema for JSON schema validation
  • [DSS-3208] Update BouncyCastle 1.78.1
  • [DSS-3282] Upgrade to PdfBox 2.0.31
  • [DSS-3314] EN 319 102-1 v1.4.0 implementation
  • [DSS-3318] Update default cryptographic algorithms
  • [DSS-3324] Move CMS specific methods form DSSASN1Utils to CMSUtils
  • [DSS-3328] Upgrade to maven-download-plugin 1.9.0
  • [DSS-3329] Deprecate use of MaskGenerationFunction
  • [DSS-3340] Move xml definitions to directly dependent modules