Release History

From 535a04fa05f739ec16dd81666e3b0f82dfbd442d Mon Sep 17 00:00:00 2001 From: tknall Date: Wed, 9 Jan 2013 15:41:29 +0000 Subject: pdf-as-lib maven project files moved to pdf-as-lib git-svn-id: https://joinup.ec.europa.eu/svn/pdf-as/pdf-as/trunk@926 7b5415b0-85f9-ee4d-85bd-d5d0c3b42d1c --- pdf-as-lib/src/site/changes.xml | 252 +++++++++++++++++++++++++++++++++++++ pdf-as-lib/src/site/checkstyle.xml | 109 ++++++++++++++++ 2 files changed, 361 insertions(+) create mode 100644 pdf-as-lib/src/site/changes.xml create mode 100644 pdf-as-lib/src/site/checkstyle.xml (limited to 'pdf-as-lib/src/site') diff --git a/pdf-as-lib/src/site/changes.xml b/pdf-as-lib/src/site/changes.xml new file mode 100644 index 0000000..4c19e8b --- /dev/null +++ b/pdf-as-lib/src/site/changes.xml @@ -0,0 +1,252 @@ + + + + + Release History + + + + + + + + Catching OutOfMemory exceptions, returning appropriate error message/code + Binary signature: bug concerning indirect pdf objects fixed + Maven2-repository updated + pdfbox/itext projects converted to maven2 projects + pdfbox/itext maven2 artifact renamed and version added (see .pom) + old pdfbox/itext libraries removed + SignaturePositioning improved (Signature position can be declared by String which is parsed) + Some more error codes (Out of memory, Invalid signature position) + iText utility for creation of pdf files added + ConfigUtils updated (destination of configuration to be extracted can now be chosen) + PDFASUtils updated (more tools) + WebApplication: Freetext pdf creation implemented + WebApplication: XSS security updates + + + + Support for PDF signature handler. + Protection of signed documents against inadvertently modification. + Revision of configuration (backwards compatibility assured). + Minor bug concerning table format configuration fixed. + Support of arbitrary signature/hash algorithms (ACOS04/G3). + Evaluation of pdf documents for non-textual objects added. + Support for BAIK signatures. + Many minor bugfixes. + + + + WebApplication: Incompatibility to Tomcat 6.x removed. (Now quoting taglib expressions with nested scriptlets.) + + + + Bug concerning text matching algorithm fixed. + + + + Web application bug concerning text reconstruction from form fixed. + + + + New signature layout for new MOCCA bku integrated (etsi-moc-1.1). + New architecture implemented that allows different signature layouts for single types of bkus. + + + + Layout for webapplication adjusted for IE. + + + + Build script for command line version updated. + JavaDoc fixes. + Some updates for debugging messages. + Parser for MOCCA-CreateXMLSignatureResponses enhanced. + Many updates and fixes for the external web app interface. + New profile for invisible signatures added. + + + + Examples for the help screen of the commandline version corrected. + + + + Minor updates for commandline invokation. + Restored compatibility for old PdfAS.commandline(...) method invokation. This method is used by external tools (Open Office plugin for instance.) + Some more log messages (e.g. encoding related issues). + Updating web application (in external invocation mode) enhancing support for being used within an iframe. + + Two new (optional) parameters for external invocation mode: + locale: defines the locale being used for webapp (e.g. locale=de or locale=de_DE), + invoke-app-error-url: can be used to declare a callback url to the calling web application in order to transfer error messages from pdf-as. + In case of error pdf-as redirects the user to the error-page-url (if given) providing the error and the cause in url encoded parameters ("error", "cause"). + + Formatter for mocca signature params enhanced. + + + + Added signatureKeyIdentifier to SignParameters in the API, which allows to override the one specified in the profile (MOA Connector only). + Added maven assembly and batch file for BRZ distribution. + Corrected faulty mime-type argument checking in SignResult constructor. + + + + Switching to itext-2.1.5-rev3628. (itext-1.4.x is regarded as deprecated.) + itext library: minor adjustments for pdf-as + Adding new error code (103) for invalid pdfa/1b font configuration. + Minor updates for PDF/A support. + Support for local MOCCA CCS added. + + + + Multi language for web application. + Encoding issue for web application fixed by implementing an EncodingFilter. + Dynamic sign upload form implemented. + Order of input fields for dynamic upload form changed. + MOCCA logo added to sign upload form. + + + + lib-folder removed. + Maven2-repository updated. + Adding external patched itext (1.4.2 and 2.1.5) and pdfbox libraries. + Removing iText and pdfbox from sources. + Cleaning up certstore removing all certificates except MOA-certificates. + Removing deprecated templates. + Correcting default.bku.sign.detached.xml according to Security Layer spec. + + Adding DejaVuFont. + Adding DejaVuFont license. + Adding test file for PDF/A. Removing issues.txt. + Preparation for multilingual support for web application. + Minor updates of configuration. + Sitemesh updates. + Minor support for TrueType fonts in preparation for PDF/A added. + + + + Deprecated webapp-folder removed from svn repository. + New DefaultConfiguration.zip integrated in order to allow mocca signatures. + Minor bug concerning choice of cce within the web application fixed. + + + + Signature with new online bku MOCCA integrated (new signature device "moc" created). + Configuration keys for mocca added. + New error codes (371 = signature verification not supported by this connector, 372 = invalid signing time) introduced. + Optional check of the signing time for the web application implemented. At signature creation time the signing time is checked for plausibility. This is a workaround for the ITS:mac-linux signing time bug. New configuration key ("signing_time_tolerance") added (applies to web application only) to overcome invalid signing times. A signature is only accepted if its signing time is within a time frame of [current time - signing_time_tolerance, current time + signing_time_tolerance] where signing_time_tolerance is interpreted as seconds. + Bugfix: Correct extraction of signatures with wrong signing times implemented. (The order of the signatures is still invalid in case of false signing times.) + Optional override of the dynamic creation of the signature retrieval url (locrefcontent) implemented in order to overcome ssl problems (retrieve_signature_data_url_override). Note: Assure that this URL is accessible from the citizen card environment. + Download of signed pdf-file for external application interface adjusted. + Verification of mocca signed documents implemented. + Retrieval of xml response via multipart implemented (mocca strictly follows security layer spec) + + + + Parsing of PublicAuthority-Flag and PublicAuthority-Code from MOA-VerifyXMLSignatureResponses implemented. + + + + APIDemo updated. + (default) configuration updated regarding new configuration keys. + Many printStackTraces replaces with logger-messages. + Update concerting exclusion of minimal layout profiles for verification. + + Web-Application: New error code (251) introduced: Textual signature of files with no + extractable textual content (e.g. files that solely contain images) is prevented. + + + + + Configurable line break tolerance for binary signatures (line_break_tolerance). + The reserved space for a certificate withing the egiz dictionary can be configured (...phlength.certificate=xxxx). + imagescaletofit configuration parameter introduced. + + + + Detection of incremental updates updated. + Bug fixed. There was an error concerning empty HashInputData parsing a MOA CreateXMLSignatureResponse. + Demo source for API usage created. + Issue resolved: Prevent signature of empty document which leads to a meaningless error message from the bku. + + + + A new check for the existence of a configuration has been implemented. The extraction is skipped if any files or folders would be overwritten. Files like log- or temp-files may exist and do not prevent the deployment of the default configuration. + + + + Serious bug solved. Method storeCertificate tried to fetch a certificate from store before storing it. If not found (within the store resp. via ldap) the certificate was not stored!!! + + + + Manual deployment of pdf-as configuration (commandline parameter -ddc) considers the system property pdf-as.work-dir. + Internal default configuration updated. + log4.properties within the workdir is now being considered using the api. + + + + + Support of a minimal signature mark layout for binary signatures added. + + + Web-Application: Every hardcoded context "pdf-as" has been replaced. + + + Web-Application: Session is now being invalidated after download of the signed pdf file. + + + Web-Application: Configuration may be declared via system property "pdf-as.work-dir" or via Servlet-Init-Parameter "work-dir". + + + Bug fixed in RetrieveSignatureDataServlet: Response header didn't contain a content length attribute. The ITS Mac BKU rejects those requests. + + + Workaround for ITS Mac BKU integrated. A redirect via response does only work if the response contains a valid SL request (e.g. a NullOperationRequest). + + + API: The configuration folder may be omitted at instantiating the api. Configuration may be set via system property "pdf-as.work-dir". If no configuration is given at all, the current user's home directory is searched for a folder "PDF-AS". If not found a default configuration is created. + + + If the configuration is explicitely given than the temporary folder is located within the given directory otherwise within the user's temporary directory. + + + Declaring the configuration folder, replacements for system properties like "${catalina.base}/conf/pdfas" may be used. + + + + + + Bug fixed: If we have a binary signature, the + certificate is embedded. So there should be no serial + number needed within the signature block. PDF-AS stores + the certificate in the certstore but tries to load the + certificate via serialnumber and issuername from + certstore, which fails because of the missing serial + number. + + + Bug fixed: For storage of the certificate in the + certstore the issuername is taken from the certificate, + normalized and hashed. The base64 value of the hash is + used as the directory name. Loading the certificate from + the certstore, the issuername is taken from the + signature block, normalized and hashed. Some issuernames + (with rdns that are not registered) lead to two + different hash values (one at storage, another at + retrieval), which leads to a certificate not found + exception. + + + PDF-AS library version is logged in order to lighten + bugfixing. + + + + + + diff --git a/pdf-as-lib/src/site/checkstyle.xml b/pdf-as-lib/src/site/checkstyle.xml new file mode 100644 index 0000000..00ae4c9 --- /dev/null +++ b/pdf-as-lib/src/site/checkstyle.xml @@ -0,0 +1,109 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + -- cgit v1.2.3