From 82d69959662ed034fd7b3c7de65609926128e157 Mon Sep 17 00:00:00 2001 From: Rainer Villido Date: Mon, 1 Feb 2016 11:49:51 +0200 Subject: [PATCH] Release 1.0.2 Beta 2 release notes --- RELEASE-NOTES.txt | 2 +- build.properties | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/RELEASE-NOTES.txt b/RELEASE-NOTES.txt index a58c01509..e277e6ffe 100644 --- a/RELEASE-NOTES.txt +++ b/RELEASE-NOTES.txt @@ -1 +1 @@ -DigiDoc4J Java library release notes ------------------------------------ Release 1.0.1 BETA1 ------------------- Changes ------- - Fixed: BDoc signing should fail when OCSP response is not received #108065658 - Fixed showing correct library version in OCSP and Timestamp request headers #107212346 - Added showing version information with the utility tool #107212346 - Added data file extraction to the utility program #108605834 - Confirmed Canonical XML v1.1 support #74213104 Known issues ------------ - 2 unit tests are temporarily failing - Norwegian TSL can not be validated successfully - Validation of signatures with older Estonian ID-card certificates produces warning: "The certificate is not qualified!" #105471148 Release 1.0.0 ------------------- Changes ------- - Fixed forwarding OCSP signing configuration values to jdigidoc (DDoc containers) #108021558 - Hiding bloated TSL validation errors (Norwegian TSL is invalid) #108066580 - Fixed loading TSL validation keystore from a jar file. Known issues ------------ - 2 unit tests are temporarily failing - Many of the DSS unit tests are broken because OCSP response is required in BDOC - Norwegian TSL can not be validated successfully - Validation of signatures with older Estonian ID-card certificates produces warning: "The certificate is not qualified!" #105471148 Release 1.0.0.RC ------------------- Changes ------- - Fixed checking certificate validation when the signer's certificate is expired at the signing time (#86092592, #98721424) - Added TSL signature validation (#98727714) - Added possibility to enable/disable OCSP request signing Known issues ------------ - 2 unit tests are temporarily failing - Many of the DSS unit tests are broken because OCSP response is required in BDOC - Norwegian TSL can not be validated successfully Release 0.3.0 BETA6 ------------------- Changes ------- - Added validation for checking if signature timestamp certificate is in TSL #83689768 - Generating nonce as "non-critical" in OCSP request for TS signature #105450476 - Made DDocContainer configuration thread safe #86696334 - Updated test TSL for a new one #101881124 - Fixed RSA signature digest algorithm prefixes #101138690 - Made logger declarations consistent - Fixed signing existing DDoc container with the utility tool Known issues ------------ - 2 unit tests are temporarily failing - Many of the DSS unit tests are broken because OCSP response is required in BDOC Release 0.3.0 BETA5 ------------------- Changes ------- - Added validation for matching time-stamp with signature #98722280 - Added validation for the case when two data files are with same name and only one is signed #105211272 - Added including OCSP confirmation for DDoc LT_TM signatures #103395848 - Added validation check that OCSP response should be after time-stamp for BDoc containers #84683484 - Fixed removing signatures from the container #91601974 - Extracted BDoc container validation code into smaller classes. - Fixed couple of failing unit tests Known issues ------------ - 2 unit tests are temporarily failing - Many of the DSS unit tests are broken because OCSP response is required in BDOC Release 0.3.0 BETA4 ------------------- Changes ------- - Updated Javadoc according to the new API [#103766598] - Added validation support for RSA 2047 bit keys [#100938144] - Fixed duplicate signature xml file exception when adding signatures to jDigiDoc container [#105288968] - Renamed Signature.getRawSignature to getAdESSignature - Improved logging - Improved handling of empty OCSP response Known issues ------------ - 7 unit tests are temporarily failing - Many of the DSS unit tests are broken because OCSP response is required in BDOC - DigiDoc4j UriEncodingTest and MultiSignatureThreadSafetyTest are broken because test signing certificate is expired Release 0.3.0 BETA3 ------------------- Changes ------- Fixed NullPointerException that occurred on DDoc containers when SignatureProductionPlace data was not provided API improvements #102993198 - Container builder accepts DataFile objects - Deleted DigestInfoPrefix class, moved prefixes to DigestAlgorithm enum - Removed Container dependency from SignatureParameters class. - Renamed Signature.getSigningTime to getClaimedSigningTime - Renamed SignatureBuilder.withDigestAlgorithm to withSignatureDigestAlgorithm - Removed Validating signature by validation type - Signature.validate(Validate validationType) - Removed Signature.setCertificate - Removed getting private key from signature token - Added getting trusted signing time to the Signature interface Known issues ------------ 7 unit tests are temporarily failing Many of the DSS unit tests are broken because OCSP response is required in BDOC DigiDoc4j UriEncodingTest and MultiSignatureThreadSafetyTest are broken because test signing certificate is expired ------------------------------------ Release 0.3.0 BETA2 ------------------- Changes ------- The new API is more backward compatible with the old API. Creating and opening containers is not backward compatible. Added support for adding new container implementations in runtime Changed test OCSP url Updated unit tests with the new API Reduced unnecessary logging a little bit Known issues ------------ 7 unit tests are temporarily failing Many of the DSS unit tests are broken because OCSP response is required in BDOC DigiDoc4j UriEncodingTest and MultiSignatureThreadSafetyTest are broken because test signing certificate is expired Release 0.3.0 BETA ------------------ Changes ------- Refactored API interface #102001330 Restored Logback logger configuration xml file #100946538 Fixed the bug when data files go missing in action when container contains more than two data files #100660808 Known issues ------------ API is not backwards compatible. Using it requires some changes to code. 9 unit tests are temporarily failing Many of the DSS unit tests are broken because OCSP response is required in BDOC DigiDoc4j UriEncodingTest and MultiSignatureThreadSafetyTest are broken because test signing certificate is expired Release 0.2.20 BETA2 -------------------- Changes ------- Fixed the interoperability problem with jDigiDoc: OSCP certificate tag has RESPONDER_CERT id Included Nortal DDS team pull request to DSS and DigiDoc4j. Updated DSS libraries Known issues ------------- Many of the DSS unit tests are broken because OCSP response is required in BDOC DigiDoc4j UriEncodingTest and MultiSignatureThreadSafetyTest are broken because test signing certificate is expired IntelliJ IDEA project files are out of sync Some files (DSSSignedInfo.java and DSSXMLSignature.java) were leftover after merging the pull request with DSS refactered code. Hopefully nobody will miss them Interoperability with JDigiDoc: BDOC-TM (time-mark) files created with DigiDoc4j library can be validated with JDigiDoc version 3.10 or newer. Release 0.2.20 BETA ------------------- Changes ------- DSS has been updated to version 4.4.RC1 DSS did a major refactoring of modules and some changes to API Fixed unit tests and code that broke because of DSS rafactoring Known issues ------------ Interoperability problems with jDigiDoc: - OSCP certificate tag is missing RESPONDER_CERT id in signatures.xml file when BDOC is created with DigiDoc4j, but jDigiDoc requires that ID to be present. Note that RESPONDER_CERT id is not required by the BDOC standard. - BDOC-TM (time-mark) files created with DigiDoc4j library can be validated with JDigiDoc version 3.10 or newer. Release 0.2.18 --------------- New --- It is possible to set TSL loading connection timeout Signing certificate digest method is SHA256 instead SHA1 Generates random nonce for OCSP request for TS signature Fixes ------ Bad error message (No revocation data for the certificate) for revoked OCSP replaced with "The certificate is revoked" Now is restricted to add 2 data files with same name from stream. Known issues ------------- Interoperability with JDigiDoc: BDOC-TM (time-mark) files created with DigiDoc4j library can be validated with JDigiDoc version 3.10 or newer. Release 0.2.17 --------------- New ---- Verifies that the signature contains one signed properties reference Supports signing with ECC signature Fixes ------ Signer's certificate validity now checked at OCSP response's produced at time Revoked certificate now returns correct error message Known issues ------------ Interoperability with JDigiDoc: BDOC-TM (time-mark) files created with DigiDoc4j library can be validated with JDigiDoc version 3.10 or newer. Release 0.2.16 --------------------- - Support for handling ASiC-E XAdES (BDOC 2.1) digital signatures with time-stamps (denoted as LT level) and time-marks (denoted as LT-TM level). - Support for handling DDOC (DIGIDOC-XML 1.3) digital signature formats. - Support for using TSL (Trust service Status Lists) for obtaining trust anchor information. - Possibility to create signatures with PKCS#12 tokens and add signature values that are calculated in external systems. e.g. via browser plug-in. - Support for using RSA algorithm for cryptographic operations. ECDSA algorithm support will be added with the next iterations. - ASiC-E LT-TM signatures (BDOC 2.1 with time-mark) that are created with DigiDoc4J library are not compatible with JDigiDoc library's versions 3.9 and earlier. - Information about further developments can be found from Pivotal: https://www.pivotaltracker.com/n/projects/1110130. The library's API may be changed in the course of future developments according to feedback from users. \ No newline at end of file +DigiDoc4J Java library release notes ------------------------------------ Release 1.0.2 Beta 1 -------------------- Changes ----------- * Moved Asic-e container manipulation from DSS to DigiDoc4j [#111598972] * Added support for saving and opening containers without signatures [#74201980] * Added support for setting signature encryption algorithm (e.g. ECC) in the signature builder [#110239246] * The library version information is added for each file within the BDoc container as a zip comment [#74203294] * Optimized the speed of signature creation [#84912270] * Signatures can be created in parallel and added to the container later [#101575340] * Fixed tsl scheme territory Known issues ------------ * Serializing BDoc containers is not supported * Extending BDoc container signature profile is not supported fully * BDoc container validation report in XML format is not available * The BDoc container is created from the scratch when saving an existing container (instead of just adding the newly added signature to the existing container) * Default signature id is randomly generated by DSS (probably not a bug but a feature) * European TSL validation is failing [#112406999] * 22 unit tests are temporarily failing (mostly covering the known issues) Release 1.0.2 Beta 1 -------------------- Changes ------- - Fixed an error when OCSP response was missing - Fixed handling OCSP revocation when reason is not given - Fixed getting signature profile correctly for BDoc-TM signatures #104878462, #84684252 - Fixed TSL loading for test certificates - using country scheme 'EE' instead of 'EU' - Fixed some unit tests - Added missing dependency to the utility jar Known issues ------------ - 2 unit tests are temporarily failing Release 1.0.2 Alpha2 -------------------- Changes ------- - Fixed 4.6RC1 upgrade problems #100649370 - Added validation if OCSP response is included after signing - Validating BDoc-TM OCSP nonce - BDoc-TM signatures without timestamp are also considered to have XAdES_BASELINE_LT level - Validating OCSP production time and timestamp delta - Adding library version as zip comment on BDoc containers - Parsing BDoc manifest file - Setting TSL socket timeout and handling LOTL loading exception - Fixed signing with ecc signatures Known issues ------------ - BDoc validation may not find all the errors - 3 unit tests are temporarily failing - Norwegian TSL can not be validated successfully Release 1.0.2 Alpha1 -------------------- Changes ------- - Upgraded DSS to version 4.6RC1 #100649370 Known issues ------------ - BDoc validation does not find all the errors - BDoc container is missing zip comment with version info - Not possible to sign with ECC certificate - Clearing TSL cache does not work - 35 unit tests are temporarily failing - Many of the DSS unit tests are broken because OCSP response is required in BDOC - Norwegian TSL can not be validated successfully Release 1.0.1 BETA1 ------------------- Changes ------- - Fixed: BDoc signing should fail when OCSP response is not received #108065658 - Fixed showing correct library version in OCSP and Timestamp request headers #107212346 - Added showing version information with the utility tool #107212346 - Added data file extraction to the utility program #108605834 - Confirmed Canonical XML v1.1 support #74213104 Known issues ------------ - 2 unit tests are temporarily failing - Norwegian TSL can not be validated successfully - Validation of signatures with older Estonian ID-card certificates produces warning: "The certificate is not qualified!" #105471148 Release 1.0.0 ------------------- Changes ------- - Fixed forwarding OCSP signing configuration values to jdigidoc (DDoc containers) #108021558 - Hiding bloated TSL validation errors (Norwegian TSL is invalid) #108066580 - Fixed loading TSL validation keystore from a jar file. Known issues ------------ - 2 unit tests are temporarily failing - Many of the DSS unit tests are broken because OCSP response is required in BDOC - Norwegian TSL can not be validated successfully - Validation of signatures with older Estonian ID-card certificates produces warning: "The certificate is not qualified!" #105471148 Release 1.0.0.RC ------------------- Changes ------- - Fixed checking certificate validation when the signer's certificate is expired at the signing time (#86092592, #98721424) - Added TSL signature validation (#98727714) - Added possibility to enable/disable OCSP request signing Known issues ------------ - 2 unit tests are temporarily failing - Many of the DSS unit tests are broken because OCSP response is required in BDOC - Norwegian TSL can not be validated successfully Release 0.3.0 BETA6 ------------------- Changes ------- - Added validation for checking if signature timestamp certificate is in TSL #83689768 - Generating nonce as "non-critical" in OCSP request for TS signature #105450476 - Made DDocContainer configuration thread safe #86696334 - Updated test TSL for a new one #101881124 - Fixed RSA signature digest algorithm prefixes #101138690 - Made logger declarations consistent - Fixed signing existing DDoc container with the utility tool Known issues ------------ - 2 unit tests are temporarily failing - Many of the DSS unit tests are broken because OCSP response is required in BDOC Release 0.3.0 BETA5 ------------------- Changes ------- - Added validation for matching time-stamp with signature #98722280 - Added validation for the case when two data files are with same name and only one is signed #105211272 - Added including OCSP confirmation for DDoc LT_TM signatures #103395848 - Added validation check that OCSP response should be after time-stamp for BDoc containers #84683484 - Fixed removing signatures from the container #91601974 - Extracted BDoc container validation code into smaller classes. - Fixed couple of failing unit tests Known issues ------------ - 2 unit tests are temporarily failing - Many of the DSS unit tests are broken because OCSP response is required in BDOC Release 0.3.0 BETA4 ------------------- Changes ------- - Updated Javadoc according to the new API [#103766598] - Added validation support for RSA 2047 bit keys [#100938144] - Fixed duplicate signature xml file exception when adding signatures to jDigiDoc container [#105288968] - Renamed Signature.getRawSignature to getAdESSignature - Improved logging - Improved handling of empty OCSP response Known issues ------------ - 7 unit tests are temporarily failing - Many of the DSS unit tests are broken because OCSP response is required in BDOC - DigiDoc4j UriEncodingTest and MultiSignatureThreadSafetyTest are broken because test signing certificate is expired Release 0.3.0 BETA3 ------------------- Changes ------- Fixed NullPointerException that occurred on DDoc containers when SignatureProductionPlace data was not provided API improvements #102993198 - Container builder accepts DataFile objects - Deleted DigestInfoPrefix class, moved prefixes to DigestAlgorithm enum - Removed Container dependency from SignatureParameters class. - Renamed Signature.getSigningTime to getClaimedSigningTime - Renamed SignatureBuilder.withDigestAlgorithm to withSignatureDigestAlgorithm - Removed Validating signature by validation type - Signature.validate(Validate validationType) - Removed Signature.setCertificate - Removed getting private key from signature token - Added getting trusted signing time to the Signature interface Known issues ------------ 7 unit tests are temporarily failing Many of the DSS unit tests are broken because OCSP response is required in BDOC DigiDoc4j UriEncodingTest and MultiSignatureThreadSafetyTest are broken because test signing certificate is expired ------------------------------------ Release 0.3.0 BETA2 ------------------- Changes ------- The new API is more backward compatible with the old API. Creating and opening containers is not backward compatible. Added support for adding new container implementations in runtime Changed test OCSP url Updated unit tests with the new API Reduced unnecessary logging a little bit Known issues ------------ 7 unit tests are temporarily failing Many of the DSS unit tests are broken because OCSP response is required in BDOC DigiDoc4j UriEncodingTest and MultiSignatureThreadSafetyTest are broken because test signing certificate is expired Release 0.3.0 BETA ------------------ Changes ------- Refactored API interface #102001330 Restored Logback logger configuration xml file #100946538 Fixed the bug when data files go missing in action when container contains more than two data files #100660808 Known issues ------------ API is not backwards compatible. Using it requires some changes to code. 9 unit tests are temporarily failing Many of the DSS unit tests are broken because OCSP response is required in BDOC DigiDoc4j UriEncodingTest and MultiSignatureThreadSafetyTest are broken because test signing certificate is expired Release 0.2.20 BETA2 -------------------- Changes ------- Fixed the interoperability problem with jDigiDoc: OSCP certificate tag has RESPONDER_CERT id Included Nortal DDS team pull request to DSS and DigiDoc4j. Updated DSS libraries Known issues ------------- Many of the DSS unit tests are broken because OCSP response is required in BDOC DigiDoc4j UriEncodingTest and MultiSignatureThreadSafetyTest are broken because test signing certificate is expired IntelliJ IDEA project files are out of sync Some files (DSSSignedInfo.java and DSSXMLSignature.java) were leftover after merging the pull request with DSS refactered code. Hopefully nobody will miss them Interoperability with JDigiDoc: BDOC-TM (time-mark) files created with DigiDoc4j library can be validated with JDigiDoc version 3.10 or newer. Release 0.2.20 BETA ------------------- Changes ------- DSS has been updated to version 4.4.RC1 DSS did a major refactoring of modules and some changes to API Fixed unit tests and code that broke because of DSS rafactoring Known issues ------------ Interoperability problems with jDigiDoc: - OSCP certificate tag is missing RESPONDER_CERT id in signatures.xml file when BDOC is created with DigiDoc4j, but jDigiDoc requires that ID to be present. Note that RESPONDER_CERT id is not required by the BDOC standard. - BDOC-TM (time-mark) files created with DigiDoc4j library can be validated with JDigiDoc version 3.10 or newer. Release 0.2.18 --------------- New --- It is possible to set TSL loading connection timeout Signing certificate digest method is SHA256 instead SHA1 Generates random nonce for OCSP request for TS signature Fixes ------ Bad error message (No revocation data for the certificate) for revoked OCSP replaced with "The certificate is revoked" Now is restricted to add 2 data files with same name from stream. Known issues ------------- Interoperability with JDigiDoc: BDOC-TM (time-mark) files created with DigiDoc4j library can be validated with JDigiDoc version 3.10 or newer. Release 0.2.17 --------------- New ---- Verifies that the signature contains one signed properties reference Supports signing with ECC signature Fixes ------ Signer's certificate validity now checked at OCSP response's produced at time Revoked certificate now returns correct error message Known issues ------------ Interoperability with JDigiDoc: BDOC-TM (time-mark) files created with DigiDoc4j library can be validated with JDigiDoc version 3.10 or newer. Release 0.2.16 --------------------- - Support for handling ASiC-E XAdES (BDOC 2.1) digital signatures with time-stamps (denoted as LT level) and time-marks (denoted as LT-TM level). - Support for handling DDOC (DIGIDOC-XML 1.3) digital signature formats. - Support for using TSL (Trust service Status Lists) for obtaining trust anchor information. - Possibility to create signatures with PKCS#12 tokens and add signature values that are calculated in external systems. e.g. via browser plug-in. - Support for using RSA algorithm for cryptographic operations. ECDSA algorithm support will be added with the next iterations. - ASiC-E LT-TM signatures (BDOC 2.1 with time-mark) that are created with DigiDoc4J library are not compatible with JDigiDoc library's versions 3.9 and earlier. - Information about further developments can be found from Pivotal: https://www.pivotaltracker.com/n/projects/1110130. The library's API may be changed in the course of future developments according to feedback from users. \ No newline at end of file diff --git a/build.properties b/build.properties index f16a50769..ea19f2fdc 100644 --- a/build.properties +++ b/build.properties @@ -1 +1 @@ -publish.version=1.0.1-beta1 \ No newline at end of file +publish.version=1.0.2-beta2 \ No newline at end of file