Digital

Page tree

European Commission Digital


DSS v5.7

Back to the overview

DSS v5.7



Download DSS v5.7

Here, you can download the latest version of the Digital Signature Services open-source library released in August 2020. You can read more about DSS and how it can help you here.

Source code is available in .zip and tar.gz

Release Note - Version 5.7

  • [DSS-1616] - XAdES Signature validation systematically result in HASH_FAILURE because of TransformerException in digest calcul.
  • [DSS-1918] - Validator does not recognize OpenDocument files created with LibreOffice 6.3
  • [DSS-1943] - Not consistent revocation data is not skipped in ValidationContext
  • [DSS-1955] - UnsupportedOperationException in getSignerRoles
  • [DSS-1956] - ClassCastException in DSSASN1Utils.getCertificatesHashIndex
  • [DSS-1957] - IllegalArgumentException in DSSASN1Utils.getTimeStampToken
  • [DSS-1958] - Infinite loop on CRL streaming
  • [DSS-1960] - DSS Demonstration displays TL as EXPIRED
  • [DSS-1962] - Signature of owner password-protected PDF is invalid
  • [DSS-1972] - Error validating PAdES with multiple document time-stamps
  • [DSS-1977] - NULL character break the diagnostic data generation
  • [DSS-1978] - Uncatched exception in case of wrong date format
  • [DSS-1980] - Error extending to LT/LTA CAdES detached signatures with content time-stamp
  • [DSS-1981] - DSS demonstration webapp: wrong label
  • [DSS-1983] - Incorrect POE reference for ValidationDataObject of type signedData in PAdES LTA
  • [DSS-1984] - Incorrect POE reference for ValidationDataObject of type signedData in ASiC-E and ASiC-S LTA with CAdES
  • [DSS-1986] - Empty SignatureProductionPlaceV2 element in XAdES signatures created with the standalone application
  • [DSS-1987] - MIssing POE reference in BestSignatureTime validating signatures with an AllDataObjectTimestamp
  • [DSS-1988] - Possible POE incoherence in validation report of some T/LT SHA1 signatures
  • [DSS-1997] - Validation fails if X509Certificate cannot be generated from the provided binaries
  • [DSS-2006] - Wrong positioning of visual signature with pdf rotated document
  • [DSS-2007] - Undeterministic validation behaviour in 5.6
  • [DSS-2018] - Avoid to raise an exception in case of non-conformant mime-type
  • [DSS-2021] - XAdES: SignatureScope in Diagnostic contains provided wrong files
  • [DSS-2023] - Uncatched exception "key too small for specified hash and salt lengths"
  • [DSS-2033] - XAdES : incorrect canonicalization usage
  • [DSS-2038] - Improve CA/QC trust service consistency check
  • [DSS-2039] - DSSException: Unable to convert X509CRL to X509CRLHolder on CAdES sign
  • [DSS-2048] - Error "Missing Basic Building Blocks" with validation level "Basic Signatures" and T/LT/LTA signature
  • [DSS-2043] - Revocation Information usage in signature validation
  • [DSS-2045] - SoapDocumentValidationService not fully working after Tomcat restart
  • [DSS-2049] - TL validity does not impact on signature qualification level
  • [DSS-2057] - XAdES: Default canonicalization algorithm
  • [DSS-2059] - LTA-extension using DSS 5.5 of a CAdES signature extended using ATSv2 does not include certificate and revocation values
  • [DSS-2060] - CAdES : validation data is not added on old signature extension
  • [DSS-2061] - CAdES : missing validation data on LTA signature extension
  • [DSS-2070] - OUT_OF_BOUNDS_NOT_REVOKED from the "Validation process for Signatures with Time and Signatures with Long-Term Validation Material"

Bug

  • [DSS-1900] - Unable to init SunPKCS11 with Java 9+
  • [DSS-2090] - PAdES visual signature always has whitespace above text
  • [DSS-2106] - Demo WebApp 5.7.RC1 fixes
  • [DSS-2118] - ASiC containers generation not working
  • [DSS-2148] - OfflineRevocationSource : use RevocationTokenRefMatcher for references and identifiers comparision
  • [DSS-2149] - Extending LTA signatures adds unnecessary revocation info objects
  • [DSS-2150] - Incorrect ats-hash-index-v3 creation extending a signature with two archive time-stamps
  • [DSS-2156] - X.509 Validation Constraints shall return INDETERMINATE/CHAIN_CONSTRAINTS_FAILURE
  • [DSS-2160] - DSS includes manifest entries in the scope when detached documents are not provided

Improvement / New feature

  • [DSS-1646] - Unable to sign large files
  • [DSS-1852] - include signature expiry date in validation output
  • [DSS-1854] - Add support for Ed25519 signatures
  • [DSS-1872] - OpenPDF update
  • [DSS-1935] - Add extracted certificates / revocation data / refs in the DiagnosticData for timestamp tokens
  • [DSS-1953] - Improve PDF reports
  • [DSS-1954] - Demo : add a warning in case of unsupported SubtleCrypto
  • [DSS-1961] - Visual representation of a signature history
  • [DSS-1969] - Confusing message in the validation report
  • [DSS-1976] - Revocation tokens must embed certificate sources
  • [DSS-1979] - CommitmentType refactoring
  • [DSS-1995] - Support of ETSI TS 119 495
  • [DSS-1996] - Review Alert/Detection/Handler
  • [DSS-1998] - Upgrade OpenPdf
  • [DSS-1999] - URL qwac validator
  • [DSS-2000] - Refactoring CMS/CAdES/PAdES certificate sources
  • [DSS-2002] - Display name of attributes and not only OIDs
  • [DSS-2003] - Collect all revocation data from offline sources
  • [DSS-2004] - Use PdfBox classes to calculate text size in Native PdfBox Drawer
  • [DSS-2008] - Add check for unicity of the SigningCertificate attribute
  • [DSS-2009] - Check the coverage in TimestampCoherenceOrderCheck
  • [DSS-2010] - XAdES: AttrAuthoritiesCertValues must be added to timestamped references
  • [DSS-2014] - CertificateSource review
  • [DSS-2019] - Wrong condition in DSS cookbook example CreateKeyStoreApp.java?
  • [DSS-2020] - Documentation : add build procedures
  • [DSS-2022] - Replace the CertificatePool with a ListCertificateSource
  • [DSS-2025] - Review SigningCertificate in the diagnostic data
  • [DSS-2030] - Lazy initialize field 'javaFont' in DSSFileFont
  • [DSS-2034] - Support of visual signature creation with REST/SOAP web services
  • [DSS-2036] - Perfomance : review isDataForSignatureLevelPresent methods
  • [DSS-2044] - CommonCertificateVerifier setTrustedCertSource change undocumented
  • [DSS-2046] - Comparison with tradename
  • [DSS-2056] - Check presence of OCSP certHash attribute in RevocationAcceptanceChecker
  • [DSS-2062] - Ability to parse email attribute from signing X509 certificate
  • [DSS-2063] - Add SAML assertion support
  • [DSS-2064] - DiagnosticData : Include cross-certificates information
  • [DSS-2065] - Add support of Semantics identifiers
  • [DSS-2069] - Excessive exception stack trace logging for some valid signatures when DEBUG level is enabled
  • [DSS-2084] - ASiC : add check for signed document(s) existence
  • [DSS-2088] - XAdES Enveloped signature : use XPath2Filter by default
  • [DSS-2091] - Add semantics in the reports for Indications / SubIndications
  • [DSS-2100] - Improve DetailedReport wrapper
  • [DSS-2101] - DSS-Demo - TL flags vs country codes
  • [DSS-2121] - Add a constructor to OnlineOCSPSource that receives a DataLoader
  • [DSS-2123] - OCSPCertificateSource : add a method to retrieve the signing certificate(s) based on the ResponderId

Task

  • [DSS-1959] - PAdES : validate files by revisions instead of lists of signatures/timestamps
  • [DSS-1973] - Migrate API dependencies to Jakarta EE
  • [DSS-1990] - Upgrade PDFBox
  • [DSS-1992] - Upgrade jackson dependencies
  • [DSS-2013] - Review unit tests
  • [DSS-2026] - Update Bouncycastle dependency
  • [DSS-2082] - Upgrade PDFBox
  • [DSS-2085] - Documentation : update the cookbook
  • [DSS-2087] - Sonar review
  • [DSS-2093] - dss-test module should be used as test-jar

Support

  • [DSS-1519] - DSS DomUtils.getSecureTransformerFactory error
  • [DSS-2005] - Build instructions
  • [DSS-2011] - Different results for detached LT and LTA without provided detached files