Digital

Page tree

European Commission Digital


DSS v5.8.RC1

Back to the overview

DSS v5.8.RC1 



Download DSS v5.8.RC1 (pre-release)

Here, you can download the latest version of the Digital Signature Services open-source library released in December 2020. You can read more about DSS and how it can help you here.

Source code is available in .zip and tar.gz

Release note

Bug

  • [DSS-1900] - Unable to init SunPKCS11 with Java 9+ since DSS 5.5
  • [DSS-2055] - XAdES Enveloping - Content timestamp not working with Embed XML option
  • [DSS-2090] - PAdES visual signature always has whitespace above text
  • [DSS-2112] - JAdES : Support of Content Tst with Detached Signature
  • [DSS-2116] - ETSI VR: DTBSR in Signature Identification Element
  • [DSS-2145] - MessageTag shouldn't contain arguments
  • [DSS-2148] - OfflineRevocationSource : use RevocationTokenRefMatcher for references and identifiers comparision
  • [DSS-2149] - Extending LTA signatures adds unnecessary revacation info objects
  • [DSS-2150] - Incorrect ats-hash-index-v3 creation extending a signature with two archive time-stamps
  • [DSS-2156] - X.509 Validation Constraints shall return INDETERMINATE/CHAIN_CONSTRAINTS_FAILURE
  • [DSS-2160] - DSS includes manifest entries in the scope when detached documents are not provided
  • [DSS-2162] - Extract LevelContraints based on a Context
  • [DSS-2186] - XAdES Enveloped Second Signature with LT or LTA and Content Timestamp fails
  • [DSS-2190] - XAdES : ArchiveTimeStamp inclusive canonicalization does not include parent namespaces
  • [DSS-2199] - Error validating Docusign document on LONG_TERM_DATA level after extending to PAdES_BASELINE_LT
  • [DSS-2214] - NPE in the ValidationProcessUtils.getLatestAcceptableRevocationData
  • [DSS-2216] - DigestMatcher does not find data for an EnvelopingCountersignature
  • [DSS-2227] - Native PDFBox drawer : wrong text position with a custom SignerTextPosition
  • [DSS-2228] - The font color is not being applied correctly in the OpenPDF implementation
  • [DSS-2239] - PAdES : conflict between signature parameters
  • [DSS-2251] - CaDES-LTA signature cannot be applied to document previously signed with CAdES baseline B
  • [DSS-2256] - Fails XAdESLevelTIndividualDataObjectTimeStampTest
  • [DSS-2257] - The revocation data is not updated for signatures with no timestamps
  • [DSS-2279] - XAdES : counter signature serialization issue with JDK 8
  • [DSS-2293] - Extraction of signed data fails for xades enveloping signature
  • [DSS-2294] - PAdES : level detection issue
  • [DSS-2301] - Incorrect warning when both ESSCertID and ESSCertIDv2 are present in QTSA

New Feature

  • [DSS-1964] - Implementation of JAdES (part 1)
  • [DSS-2075] - JAdES : creation with Complete JWS Serialization format
  • [DSS-2076] - JAdES : parallel signature support with JWS JSON Serialization
  • [DSS-2077] - JAdES : implementation of unsigned properties (Baseline-T)
  • [DSS-2078] - JAdES : Detached signature implementation ('sigD' element)
  • [DSS-2079] - DSS-2075 JAdES : creation with Flattened JWS Serialization format
  • [DSS-2102] - Introduce JAdES in the webapp
  • [DSS-2107] - JAdES : implementation of unsigned properties (Baseline-LT)
  • [DSS-2108] - JAdES : implementation of unsigned properties (Baseline-LTA)
  • [DSS-2109] - Introduce JAdES in the dss-standalone (JavaFX)
  • [DSS-2110] - JAdES : provide converter from JWS Compact Serialization to JSON (Flattened) Serialization format
  • [DSS-2111] - Introduce JAdES in the Webservices (REST/SOAP)
  • [DSS-2114] - XAdES : support of SignaturePolicyStore
  • [DSS-2125] - JAdES : introduce a KidCertificateSource
  • [DSS-2137] - Demonstration : add the possibility to provide signing/adjunct certificate(s) to the validation
  • [DSS-2164] - JAdES : support of SignaturePolicyStore
  • [DSS-2165] - JAdES : add unit tests for requirements
  • [DSS-2167] - JAdES : support counter-signature
  • [DSS-2172] - CAdES : support of SignaturePolicyStore
  • [DSS-2173] - SignaturePolicyStore validation
  • [DSS-2174] - Validate a SignatureValue against a ToBeSigned object and a certificate
  • [DSS-2177] - XAdES : counter signature creation
  • [DSS-2178] - CAdES : counter signature creation
  • [DSS-2187] - Demonstration : add webpage to produce counter-signatures
  • [DSS-2188] - Webservices : add methods to produce counter-signatures
  • [DSS-2204] - ASiC : add counter-signature creation
  • [DSS-2205] - ASiC : support of SignaturePolicyStore (creation)
  • [DSS-2266] - Add a check for OCSP Responder recursion into the validation process

Improvement

  • [DSS-1966] - Include a JSON validator
  • [DSS-2095] - Transformations on signature policy files
  • [DSS-2101] - DSS-Demo - TL flags vs country codes
  • [DSS-2113] - JAdES : expand DigestMatcher type check
  • [DSS-2115] - SAV : add a check of signing certificate reference constraint
  • [DSS-2120] - Use JVM's standard system properties for proxy configuration in CommonsDataLoader
  • [DSS-2123] - OCSPCertificateSource : add a method to retrieve the signing certificate(s) based on the ResponderId
  • [DSS-2124] - CandidatesForSigningCertificate check move to abstract
  • [DSS-2126] - Improve the message "The algorithm is no longer considered reliable!"
  • [DSS-2127] - DetailedReport : include the final conclusion and the semantics
  • [DSS-2128] - JAdES : support of sigRTst / rfsTst
  • [DSS-2133] - Replace SignedDocumentValidator.defineSigningCertificate(CertificateToken) for multiple signatures
  • [DSS-2134] - JAdES : Support of base64Url encoded "etsiU" components
  • [DSS-2135] - Cookbook : include information about ServiceLoader implementations management
  • [DSS-2136] - Validation process : review CryptographicVerification and FormatChecking building blocks
  • [DSS-2140] - OnlineOCSPSource : discard unusable OCSP responses
  • [DSS-2141] - Review AbstractTimestampSource / JAdESTimestampSource
  • [DSS-2146] - CryptographicCheck : add check on the different digest matchers
  • [DSS-2154] - Error generating XAdES LTA from a digest
  • [DSS-2157] - Remove unused MessageTags
  • [DSS-2163] - Report (html) : add anchor links between RAC, RFC and related checks
  • [DSS-2166] - Unit tests : replace Thread.sleep() with awaitility
  • [DSS-2168] - XAdES : introduce a distinction for SignatureProperties in the report
  • [DSS-2179] - Add validation data for counter signatures on a signature augmentation
  • [DSS-2180] - Extract TimestampedReferences from counter signatures
  • [DSS-2184] - Review SignaturePolicy processing
  • [DSS-2189] - WS : include a signatureFieldId into RemoteSignatureParameters
  • [DSS-2192] - Improve the Javadoc
  • [DSS-2193] - Review SignatureIdentifiers
  • [DSS-2194] - AdvancedSignature shall take only one manifest file
  • [DSS-2200] - Create transformations on signature policy files
  • [DSS-2201] - Specify if a reference is duplicated
  • [DSS-2206] - Hide complexity of TL Signature configuration
  • [DSS-2207] - CAdESTimestampSource : retrieve timestampedReferences based on archive timestamp type
  • [DSS-2208] - XAdES Timestamps : use Inclusive canonicalization by default
  • [DSS-2230] - XAdES : forbid multiple signing for signatures with an enveloped transform
  • [DSS-2232] - PDF Shadow attack : prevent visible signature overlap (PDFBox)
  • [DSS-2233] - PDF Shadow attack : prevent visible signature overlap (OpenPDF)
  • [DSS-2236] - PDF Shadow attack : visual change detection (PDFBox)
  • [DSS-2237] - PDF Shadow attack : visual change extraction (PDFBox)
  • [DSS-2242] - JAdES : align the code with draft 0.0.4
  • [DSS-2245] - Larger ASiC files cannot be read by the DSS Signature Validator
  • [DSS-2249] - DiagnosticDataBuilder refactoring
  • [DSS-2252] - ASiC Detached Countersignature Issue
  • [DSS-2254] - Default behavior of RevocationFreshness constraint not clear
  • [DSS-2258] - ETSI Validation Report : improve SignatureProductionPlace element
  • [DSS-2263] - PdfBox: use NativePdfBoxVisibleSignatureDrawer by default
  • [DSS-2268] - Review JPMS
  • [DSS-2269] - Improve XML Schema validation
  • [DSS-2270] - Upgrade CXF
  • [DSS-2278] - XAdES : allow validation of multiple timestamps from a single element
  • [DSS-2280] - Update BouncyCastle
  • [DSS-2284] - QCStatement QC_LIMIT_VALUE MonetaryValue structure not found
  • [DSS-2285] - XAdES : perform canonicalization only when the Reference output is a node-set
  • [DSS-2288] - XAdES : canonicalize octets when ds:Reference transforms result to an XML nodeset
  • [DSS-2295] - JAdES : align the code with draft 0.0.5
  • [DSS-2297] - Add the Title attribute to a certificate in DiagnosticData
  • [DSS-2304] - Update the cookbook
  • [DSS-2310] - WebApp : add base64Url encoded EtsiU option to JAdES creation page
  • [DSS-2313] - JAdES : align the code with draft 0.0.6
  • [DSS-2315] - WebApp : improve the error message
  • [DSS-2323] - PAdES B-LTA not recognised in some PDFs

Task