1.0.1 BETA1 release notes

RELEASE-NOTES.txt

@@ -1 +1 @@
-DigiDoc4J Java library release notes------------------------------------Release 1.0.0.RC2-------------------Changes-------- Fixed forwarding OCSP signing configuration values to jdigidoc (DDoc containers) #108021558- Hiding bloated TSL validation errors (Norwegian TSL is invalid) #108066580- Fixed loading TSL validation keystore from a jar file.Known issues------------- 2 unit tests are temporarily failing- Many of the DSS unit tests are broken because OCSP response is required in BDOC- Norwegian TSL can not be validated successfully- Validation of signatures with older Estonian ID-card certificates produces warning: "The certificate is not qualified!" #105471148Release 1.0.0.RC-------------------Changes-------- Fixed checking certificate validation when the signer's certificate is expired at the signing time (#86092592, #98721424)- Added TSL signature validation (#98727714)- Added possibility to enable/disable OCSP request signingKnown issues------------- 2 unit tests are temporarily failing- Many of the DSS unit tests are broken because OCSP response is required in BDOC- Norwegian TSL can not be validated successfullyRelease 0.3.0 BETA6-------------------Changes-------- Added validation for checking if signature timestamp certificate is in TSL #83689768- Generating nonce as "non-critical" in OCSP request for TS signature #105450476- Made DDocContainer configuration thread safe #86696334- Updated test TSL for a new one #101881124- Fixed RSA signature digest algorithm prefixes #101138690- Made logger declarations consistent- Fixed signing existing DDoc container with the utility toolKnown issues------------- 2 unit tests are temporarily failing- Many of the DSS unit tests are broken because OCSP response is required in BDOCRelease 0.3.0 BETA5-------------------Changes-------- Added validation for matching time-stamp with signature #98722280- Added validation for the case when two data files are with same name and only one is signed #105211272- Added including OCSP confirmation for DDoc LT_TM signatures #103395848- Added validation check that OCSP response should be after time-stamp for BDoc containers #84683484- Fixed removing signatures from the container #91601974- Extracted BDoc container validation code into smaller classes.- Fixed couple of failing unit testsKnown issues------------- 2 unit tests are temporarily failing- Many of the DSS unit tests are broken because OCSP response is required in BDOCRelease 0.3.0 BETA4-------------------Changes-------- Updated Javadoc according to the new API [#103766598]- Added validation support for RSA 2047 bit keys [#100938144]- Fixed duplicate signature xml file exception when adding signatures to jDigiDoc container [#105288968]- Renamed Signature.getRawSignature to getAdESSignature- Improved logging- Improved handling of empty OCSP responseKnown issues------------- 7 unit tests are temporarily failing- Many of the DSS unit tests are broken because OCSP response is required in BDOC- DigiDoc4j UriEncodingTest and MultiSignatureThreadSafetyTest are broken because test signing certificate is expiredRelease 0.3.0 BETA3-------------------Changes-------Fixed NullPointerException that occurred on DDoc containers when SignatureProductionPlace data was not providedAPI improvements #102993198- Container builder accepts DataFile objects- Deleted DigestInfoPrefix class, moved prefixes to DigestAlgorithm enum- Removed Container dependency from SignatureParameters class.- Renamed Signature.getSigningTime to getClaimedSigningTime- Renamed SignatureBuilder.withDigestAlgorithm to withSignatureDigestAlgorithm- Removed Validating signature by validation type - Signature.validate(Validate validationType)- Removed Signature.setCertificate- Removed getting private key from signature token- Added getting trusted signing time to the Signature interfaceKnown issues------------7 unit tests are temporarily failingMany of the DSS unit tests are broken because OCSP response is required in BDOCDigiDoc4j UriEncodingTest and MultiSignatureThreadSafetyTest are broken because test signing certificate is expired------------------------------------Release 0.3.0 BETA2-------------------Changes-------The new API is more backward compatible with the old API. Creating and opening containers is not backward compatible.Added support for adding new container implementations in runtimeChanged test OCSP urlUpdated unit tests with the new APIReduced unnecessary logging a little bitKnown issues------------7 unit tests are temporarily failingMany of the DSS unit tests are broken because OCSP response is required in BDOCDigiDoc4j UriEncodingTest and MultiSignatureThreadSafetyTest are broken because test signing certificate is expiredRelease 0.3.0 BETA------------------Changes-------Refactored API interface #102001330Restored Logback logger configuration xml file #100946538Fixed the bug when data files go missing in action when container contains more than two data files #100660808Known issues------------API is not backwards compatible. Using it requires some changes to code.9 unit tests are temporarily failingMany of the DSS unit tests are broken because OCSP response is required in BDOCDigiDoc4j UriEncodingTest and MultiSignatureThreadSafetyTest are broken because test signing certificate is expiredRelease 0.2.20 BETA2--------------------Changes-------Fixed the interoperability problem with jDigiDoc: OSCP certificate tag has RESPONDER_CERT idIncluded Nortal DDS team pull request to DSS and DigiDoc4j. Updated DSS librariesKnown issues-------------Many of the DSS unit tests are broken because OCSP response is required in BDOCDigiDoc4j UriEncodingTest and MultiSignatureThreadSafetyTest are broken because test signing certificate is expiredIntelliJ IDEA project files are out of syncSome files (DSSSignedInfo.java and DSSXMLSignature.java) were leftover after merging the pull request with DSS refactered code. Hopefully nobody will miss themInteroperability with JDigiDoc: BDOC-TM (time-mark) files created with DigiDoc4j library can be validated with JDigiDoc version 3.10 or newer.Release 0.2.20 BETA-------------------Changes-------DSS has been updated to version 4.4.RC1DSS did a major refactoring of modules and some changes to APIFixed unit tests and code that broke because of DSS rafactoringKnown issues------------Interoperability problems with jDigiDoc:- OSCP certificate tag is missing RESPONDER_CERT id in signatures.xml file when BDOC is created with DigiDoc4j, but jDigiDoc requires that ID to be present. Note that RESPONDER_CERT id is not required by the BDOC standard.- BDOC-TM (time-mark) files created with DigiDoc4j library can be validated with JDigiDoc version 3.10 or newer.Release 0.2.18---------------New---It is possible to set TSL loading connection timeoutSigning certificate digest method is SHA256 instead SHA1Generates random nonce for OCSP request for TS signatureFixes------Bad error message (No revocation data for the certificate) for revoked OCSP replaced with "The certificate is revoked"Now is restricted to add 2 data files with same name from stream.Known issues-------------Interoperability with JDigiDoc: BDOC-TM (time-mark) files created with DigiDoc4j library can be validated with JDigiDoc version 3.10 or newer.Release 0.2.17---------------New----Verifies that the signature contains one signed properties referenceSupports signing with ECC signatureFixes------Signer's certificate validity now checked at OCSP response's produced at timeRevoked certificate now returns correct error messageKnown issues------------Interoperability with JDigiDoc: BDOC-TM (time-mark) files created with DigiDoc4j library can be validated with JDigiDoc version 3.10 or newer.Release 0.2.16 ---------------------- Support for handling ASiC-E XAdES (BDOC 2.1) digital signatures with time-stamps (denoted as LT level) and time-marks (denoted as LT-TM level).- Support for handling DDOC (DIGIDOC-XML 1.3) digital signature formats. - Support for using TSL (Trust service Status Lists) for obtaining trust anchor information.- Possibility to create signatures with PKCS#12 tokens and add signature values that are calculated in external systems. e.g. via browser plug-in. - Support for using RSA algorithm for cryptographic operations. ECDSA algorithm support will be added with the next iterations.- ASiC-E LT-TM signatures (BDOC 2.1 with time-mark) that are created with DigiDoc4J library are not compatible with JDigiDoc library's versions 3.9 and earlier.- Information about further developments can be found from Pivotal: https://www.pivotaltracker.com/n/projects/1110130. The library's API may be changed in the course of future developments according to feedback from users. 
+DigiDoc4J Java library release notes------------------------------------Release 1.0.1 BETA1-------------------Changes-------- Fixed: BDoc signing should fail when OCSP response is not received #108065658- Fixed showing correct library version in OCSP and Timestamp request headers #107212346- Added showing version information with the utility tool #107212346- Added data file extraction to the utility program #108605834- Confirmed Canonical XML v1.1 support #74213104Known issues------------- 2 unit tests are temporarily failing- Norwegian TSL can not be validated successfully- Validation of signatures with older Estonian ID-card certificates produces warning: "The certificate is not qualified!" #105471148Release 1.0.0-------------------Changes-------- Fixed forwarding OCSP signing configuration values to jdigidoc (DDoc containers) #108021558- Hiding bloated TSL validation errors (Norwegian TSL is invalid) #108066580- Fixed loading TSL validation keystore from a jar file.Known issues------------- 2 unit tests are temporarily failing- Many of the DSS unit tests are broken because OCSP response is required in BDOC- Norwegian TSL can not be validated successfully- Validation of signatures with older Estonian ID-card certificates produces warning: "The certificate is not qualified!" #105471148Release 1.0.0.RC-------------------Changes-------- Fixed checking certificate validation when the signer's certificate is expired at the signing time (#86092592, #98721424)- Added TSL signature validation (#98727714)- Added possibility to enable/disable OCSP request signingKnown issues------------- 2 unit tests are temporarily failing- Many of the DSS unit tests are broken because OCSP response is required in BDOC- Norwegian TSL can not be validated successfullyRelease 0.3.0 BETA6-------------------Changes-------- Added validation for checking if signature timestamp certificate is in TSL #83689768- Generating nonce as "non-critical" in OCSP request for TS signature #105450476- Made DDocContainer configuration thread safe #86696334- Updated test TSL for a new one #101881124- Fixed RSA signature digest algorithm prefixes #101138690- Made logger declarations consistent- Fixed signing existing DDoc container with the utility toolKnown issues------------- 2 unit tests are temporarily failing- Many of the DSS unit tests are broken because OCSP response is required in BDOCRelease 0.3.0 BETA5-------------------Changes-------- Added validation for matching time-stamp with signature #98722280- Added validation for the case when two data files are with same name and only one is signed #105211272- Added including OCSP confirmation for DDoc LT_TM signatures #103395848- Added validation check that OCSP response should be after time-stamp for BDoc containers #84683484- Fixed removing signatures from the container #91601974- Extracted BDoc container validation code into smaller classes.- Fixed couple of failing unit testsKnown issues------------- 2 unit tests are temporarily failing- Many of the DSS unit tests are broken because OCSP response is required in BDOCRelease 0.3.0 BETA4-------------------Changes-------- Updated Javadoc according to the new API [#103766598]- Added validation support for RSA 2047 bit keys [#100938144]- Fixed duplicate signature xml file exception when adding signatures to jDigiDoc container [#105288968]- Renamed Signature.getRawSignature to getAdESSignature- Improved logging- Improved handling of empty OCSP responseKnown issues------------- 7 unit tests are temporarily failing- Many of the DSS unit tests are broken because OCSP response is required in BDOC- DigiDoc4j UriEncodingTest and MultiSignatureThreadSafetyTest are broken because test signing certificate is expiredRelease 0.3.0 BETA3-------------------Changes-------Fixed NullPointerException that occurred on DDoc containers when SignatureProductionPlace data was not providedAPI improvements #102993198- Container builder accepts DataFile objects- Deleted DigestInfoPrefix class, moved prefixes to DigestAlgorithm enum- Removed Container dependency from SignatureParameters class.- Renamed Signature.getSigningTime to getClaimedSigningTime- Renamed SignatureBuilder.withDigestAlgorithm to withSignatureDigestAlgorithm- Removed Validating signature by validation type - Signature.validate(Validate validationType)- Removed Signature.setCertificate- Removed getting private key from signature token- Added getting trusted signing time to the Signature interfaceKnown issues------------7 unit tests are temporarily failingMany of the DSS unit tests are broken because OCSP response is required in BDOCDigiDoc4j UriEncodingTest and MultiSignatureThreadSafetyTest are broken because test signing certificate is expired------------------------------------Release 0.3.0 BETA2-------------------Changes-------The new API is more backward compatible with the old API. Creating and opening containers is not backward compatible.Added support for adding new container implementations in runtimeChanged test OCSP urlUpdated unit tests with the new APIReduced unnecessary logging a little bitKnown issues------------7 unit tests are temporarily failingMany of the DSS unit tests are broken because OCSP response is required in BDOCDigiDoc4j UriEncodingTest and MultiSignatureThreadSafetyTest are broken because test signing certificate is expiredRelease 0.3.0 BETA------------------Changes-------Refactored API interface #102001330Restored Logback logger configuration xml file #100946538Fixed the bug when data files go missing in action when container contains more than two data files #100660808Known issues------------API is not backwards compatible. Using it requires some changes to code.9 unit tests are temporarily failingMany of the DSS unit tests are broken because OCSP response is required in BDOCDigiDoc4j UriEncodingTest and MultiSignatureThreadSafetyTest are broken because test signing certificate is expiredRelease 0.2.20 BETA2--------------------Changes-------Fixed the interoperability problem with jDigiDoc: OSCP certificate tag has RESPONDER_CERT idIncluded Nortal DDS team pull request to DSS and DigiDoc4j. Updated DSS librariesKnown issues-------------Many of the DSS unit tests are broken because OCSP response is required in BDOCDigiDoc4j UriEncodingTest and MultiSignatureThreadSafetyTest are broken because test signing certificate is expiredIntelliJ IDEA project files are out of syncSome files (DSSSignedInfo.java and DSSXMLSignature.java) were leftover after merging the pull request with DSS refactered code. Hopefully nobody will miss themInteroperability with JDigiDoc: BDOC-TM (time-mark) files created with DigiDoc4j library can be validated with JDigiDoc version 3.10 or newer.Release 0.2.20 BETA-------------------Changes-------DSS has been updated to version 4.4.RC1DSS did a major refactoring of modules and some changes to APIFixed unit tests and code that broke because of DSS rafactoringKnown issues------------Interoperability problems with jDigiDoc:- OSCP certificate tag is missing RESPONDER_CERT id in signatures.xml file when BDOC is created with DigiDoc4j, but jDigiDoc requires that ID to be present. Note that RESPONDER_CERT id is not required by the BDOC standard.- BDOC-TM (time-mark) files created with DigiDoc4j library can be validated with JDigiDoc version 3.10 or newer.Release 0.2.18---------------New---It is possible to set TSL loading connection timeoutSigning certificate digest method is SHA256 instead SHA1Generates random nonce for OCSP request for TS signatureFixes------Bad error message (No revocation data for the certificate) for revoked OCSP replaced with "The certificate is revoked"Now is restricted to add 2 data files with same name from stream.Known issues-------------Interoperability with JDigiDoc: BDOC-TM (time-mark) files created with DigiDoc4j library can be validated with JDigiDoc version 3.10 or newer.Release 0.2.17---------------New----Verifies that the signature contains one signed properties referenceSupports signing with ECC signatureFixes------Signer's certificate validity now checked at OCSP response's produced at timeRevoked certificate now returns correct error messageKnown issues------------Interoperability with JDigiDoc: BDOC-TM (time-mark) files created with DigiDoc4j library can be validated with JDigiDoc version 3.10 or newer.Release 0.2.16 ---------------------- Support for handling ASiC-E XAdES (BDOC 2.1) digital signatures with time-stamps (denoted as LT level) and time-marks (denoted as LT-TM level).- Support for handling DDOC (DIGIDOC-XML 1.3) digital signature formats. - Support for using TSL (Trust service Status Lists) for obtaining trust anchor information.- Possibility to create signatures with PKCS#12 tokens and add signature values that are calculated in external systems. e.g. via browser plug-in. - Support for using RSA algorithm for cryptographic operations. ECDSA algorithm support will be added with the next iterations.- ASiC-E LT-TM signatures (BDOC 2.1 with time-mark) that are created with DigiDoc4J library are not compatible with JDigiDoc library's versions 3.9 and earlier.- Information about further developments can be found from Pivotal: https://www.pivotaltracker.com/n/projects/1110130. The library's API may be changed in the course of future developments according to feedback from users.