Page tree

European Commission Digital

DSS v5.3

Following a security assessment from the Ruhr-Universität Bochum, we are delivering security patches for DSS versions 5.2 and 5.3.

Delivered patches are:

(warning) Please consider that use of older versions should be discouraged. (warning)

Download DSS v5.3

Here, you can download the latest version of the Digital Signature Services open-source library released in May 2018. You can read more about DSS and how it can help you here.

Source code is available in .zip and tar.gz


The first pre-release version of DSS 5.3 comes with a number of improvements and bug fixes. The main new features include:

  • certificate validation
  • content-timestamps generation
  • SHA-3 support
  • non-EU trusted list(s) support
  • integration of the last version of MOCCA

Release Note

Bugs, issues or suggestions? Report it on JIRA


  • [DSS-1177] - ASiCUtils.isASiCContainer fails when signing a MS Office document (xlsx, docx) with ASiCWithXAdESService
  • [DSS-1257] - Remove signature from xades and cades
  • [DSS-1267] - Validation - Policy proccesing error
  • [DSS-1271] - Wrong/misleading error message when trying to create XAdES_BASELINE_T signature with a self-signed certificate with DSS 5.2.RC1
  • [DSS-1290] - Detached XAdES extension fails if no file name is provided in DSSDocument even if it is the only detached document
  • [DSS-1304] - dss-service depends on jcl-over-slf4j
  • [DSS-1329] - DSS 5.0 - XPointer problem in validation
  • [DSS-1332] - XAdES extension to XAdES_BASELINE_T fails with DSS 5.2
  • [DSS-1334] - Detached XAdES signing produces broken signatures (or fails) if no file name is provided in DSSDocument
  • [DSS-1335] - CAdES: SigningCerficiateV2 attribute is badly DER encoded when using sha256. CAdES signatures are incorrect.
  • [DSS-1338] - DSS 5.0 VALIDATION - XADES ENVELOPING problem in output file
  • [DSS-1348] - OCSP Response : ArchiveCutOff extension is badly supported
  • [DSS-1349] - DSSXMLUtils.serializeNode modifies and invalidates a XML/HTML content with latin1 encoding
  • [DSS-1359] - XAdES signature is not correct when adding more than one commitmentTypeIndication
  • [DSS-1371] - PAdES : IO issue while extending a signature
  • [DSS-1376] - PAdES - difference between the validator.getOriginal and the original doc
  • [DSS-1377] - ASiC SOAP (and possible REST) document validation fails with explicit mimetype in request
  • [DSS-1381] - Validator getOriginalDocuments problem
  • [DSS-1384] - NullPointerException in OnlineTSPSource if server responds with HTTP error
  • [DSS-1385] - XMLDocumentValidator should use the MimeType from the document
  • [DSS-1391] - Pkcs11SignatureToken returns same keys for different slots
  • [DSS-1395] - DSS Demo : startsWith (JS) is not supported in IE11
  • [DSS-1397] - CAdES: Incorrect RoleSyntax encoding when adding claimed signer attributes
  • [DSS-1398] - NullPointerException with CAdESSignatureExtension (PADES or CADES signature)


  • [DSS-1202] - Unable to download javadoc
  • [DSS-1207] - Allows to validate certificates
  • [DSS-1265] - Add SHA3 support
  • [DSS-1266] - ECC based on brainpool not supported
  • [DSS-1278] - Add a composite TSPSource
  • [DSS-1292] - Add optional support of X509SubjectName
  • [DSS-1294] - Add javadoc and graphs in the bundle
  • [DSS-1295] - Upgrade MOCCA integration
  • [DSS-1301] - Ability to programmatically specify an PdfObjFactory instance
  • [DSS-1307] - AdvancedSignature.getSignatureForm() returns PAdES for a PKCS#7 signed file
  • [DSS-1314] - CAdES : create detached signature with only the digest
  • [DSS-1340] - SOAP/REST Services : allows to sign/extend/validate digest documents
  • [DSS-1352] - Add the "best signature time" in the simple report
  • [DSS-1353] - Support of the swedish design
  • [DSS-1357] - Add support for non EU trusted lists
  • [DSS-1360] - XAdESSignatureBuilder incorporateXXX methods don't follow XAdES hierarchy of nodes
  • [DSS-1370] - XAdES : improve support of AllDataObjectsTimeStamp / IndividualDataObjectsTimeStamp
  • [DSS-1380] - Add method to compute content-timestamp
  • [DSS-1383] - Validation : add constraint on self-signed
  • [DSS-1387] - XAdES : allow to sign more than one object (enveloping)
  • [DSS-1394] - Update the cookbook
  • [DSS-1401] - CAdES archive timestamp v2

eSignature standards
Digital Signature Services (DSS)
List of Trusted Lists
Trusted List Browser
ETSI Signature Conformance Checker
Service Desk
What is an electronic signature?
Start using DSS
Apply for eSignature grants