Releases: open-eid/digidoc4j
Releases · open-eid/digidoc4j
Release 3.1.1
Summary of the major changes since 3.1.0
- Performance improvement
- New LOTL signer certs added to truststore
Bug fixes (inconclusive list):
- Fix for BDOC/ASIC-E container detection - NB! it is not possible to add LT_TM (TimeMark) signatures to ASIC-E container (container that contains only Time Stamp based signatures).
- Fix for not able to remove signatures from ASIC-E container
Known issues
While upgrading, be sure that your integration :
- doesn't use Xalan or XercesImpl dependencies
- uses a patched Java version (JDK7u40+, JDK8 or higher)
Xalan and XercesImpl were used to patch XML vulnerabilities in older java versions. They should be discarded with higher versions because they override default Java XML security.
If it is not possible to remove Xalan, then you can set your system property to override TransformerFactory : System.setProperty("javax.xml.transform.TransformerFactory","com.sun.org.apache.xalan.internal.xsltc.trax.TransformerFactoryImpl");
3.1.0
Changes
- Started to use DSS version 5.4 (sd-dss.5.4.d4j.1)
- AIA OCSP usage for ASIC-E containers
- Upgrade of dependencies
Bug fixes (inconclusive list):
- PDF validation fix
- ASIC-S container creation fix
- JAVA 7 support for truststore
- TimeStamp url logging fix
- Fixes in DD4J utility for PDF validation
Known issues
We have noticed a decrease in performance with new DSS 5.4 version. Performance test results can be found here.
While upgrading from version older than 2.1.1 be sure that your integration :
- doesn't use Xalan or XercesImpl dependencies
- uses a patched Java version (JDK7u40+, JDK8 or higher)
Xalan and XercesImpl were used to patch XML vulnerabilities in older java versions. They should be discarded with higher versions because they override default Java XML security.
If it is not possible to remove Xalan, then you can set your system property to override TransformerFactory : System.setProperty("javax.xml.transform.TransformerFactory","com.sun.org.apache.xalan.internal.xsltc.trax.TransformerFactoryImpl");
Release 3.0.0
Summary of the major changes since 2.1.1
- Refactor of jDigidoc into DDOC4J module. Only DDOC validation is now supported, other functionality removed!
- PKCS11 slot selection with label
- Possibility to sign and validate detached XAdES signatures
- OCSP check for TM suitability
- Enabling LOTL validation constraints
Bug fixes (inconclusive list):
- Fix for loosing configuration during serialization/deserialization
- Changes in DDOC error handling
- Support for old DDOC formats (1.0, 1.1)
- Fixes in digidoc4j utility
Known issues
- PDF validation always returns invalid status
- Creating ASIC-S containers produces non standard containers
- AIA OCSP usage not supported
While upgrading, be sure that your integration :
- doesn't use Xalan or XercesImpl dependencies
- uses a patched Java version (JDK7u40+, JDK8 or higher)
Xalan and XercesImpl were used to patch XML vulnerabilities in older java versions. They should be discarded with higher versions because they override default Java XML security.
If it is not possible to remove Xalan, then you can set your system property to override TransformerFactory : System.setProperty("javax.xml.transform.TransformerFactory","com.sun.org.apache.xalan.internal.xsltc.trax.TransformerFactoryImpl");
Release 2.1.1
Summary of the major changes since 2.1.0
- Updated dependency libraries to latest versions for security purposes
- Started to use DSS version 5.2.1 (sd-dss.5.2.d4j.4)
Known issues
While upgrading, be sure that your integration :
- doesn't use Xalan or XercesImpl dependencies
- uses a patched Java version (JDK7u40+, JDK8 or higher)
Xalan and XercesImpl were used to patch XML vulnerabilities in older java versions. They should be discarded with higher versions because they override default Java XML security.
If it is not possible to remove Xalan, then you can set your system property to override TransformerFactory : System.setProperty("javax.xml.transform.TransformerFactory","com.sun.org.apache.xalan.internal.xsltc.trax.TransformerFactoryImpl");
Release 2.1.0
Summary of the major changes since 2.1.0.RC.1
- Corrected validation of ASiC-E with implicit signature policy and TimeStamp
- Corrected error messages for integration tests
- Corrected support for trusted lists eIDAS parameters (TLWellSigned etc)
- Ensured that signature will not contain empty SignerRole tag
Release 2.1.0 RC.2
Please note that this is an eID software release candidate version.
The software may not work properly and some faults may occur.
Summary of the major changes since 2.1.0.RC.1
- Corrected validation of ASiC-E with implicit signature policy and TimeStamp
- Corrected error messages for integration tests
- Corrected support for trusted lists eIDAS parameters (TLWellSigned etc)
- Ensured that signature will not contain empty SignerRole tag
Release 2.1.0 RC.1
Please note that this is an eID software release candidate version.
The software may not work properly and some faults may occur.
Summary of the major changes since 2.0.1
- Started to use DSS version 5.2 (sd-dss.5.2.d4j.3).
- Support to validate user certificate via OCSP has been added
Release 2.0.1
Summary of the major changes since 2.0.0
- In unit-tests the expired keys are replaced
- Unit-test for digidoc4j-util are fixed
- Added external signing functionality for digidoc4j-util for testing purposes only
Release 2.0.0
Summary of the major changes since 2.0.0.RC.2
- Unit-test are refactored.
Release 2.0.0 RC.2
Please note that this is an eID software release candidate version.
The software may not work properly and some faults may occur.
Summary of the major changes since 2.0.0.RC.1
- Added support for TLWellSigned parameter.
- Some refctoring in Signature classes and utilities.