From 620f4f25941188360f64447b9d773a310866f70b Mon Sep 17 00:00:00 2001
From: tknall <tknall@7b5415b0-85f9-ee4d-85bd-d5d0c3b42d1c>
Date: Thu, 24 Apr 2008 10:34:17 +0000
Subject: Two bug fixed: 1) Unable to find certificate if binary signature does
 not contain the serial number; 2) Certificates thoese issuer names contain
 certain RDNs (e.g. EMAILADDRESS) could not be retrieved from certstore.
 PDF-AS library version is logged in order to lighten bugfixing.

git-svn-id: https://joinup.ec.europa.eu/svn/pdf-as/trunk@258 7b5415b0-85f9-ee4d-85bd-d5d0c3b42d1c
---
 src/site/changes.xml | 61 +++++++++++++++++++++-------------------------------
 1 file changed, 25 insertions(+), 36 deletions(-)

(limited to 'src/site')

diff --git a/src/site/changes.xml b/src/site/changes.xml
index 488d468..9410600 100644
--- a/src/site/changes.xml
+++ b/src/site/changes.xml
@@ -6,50 +6,39 @@
 	</properties>
 
 	<body>
-	
+
 		<!-- 
 			<release version="major.minor" date="yyyy-MM-dd" description="foo">
-				<action dev="foo" type="add|update|fix|remove">foo</action>
+			<action dev="foo" type="add|update|fix|remove">foo</action>
 			</release>
 		-->
 
-		<release version="2.34" date="2007-01-10" description="subsequent release">
-			<action dev="tknall" type="add">
-				QualifiedCertificate property (moa/bku) is now being evaluated
-			</action>
-		</release>
-
-		<release version="2.33" date="2006-12-14" description="subsequent release">
-			<action dev="tknall" type="update">
-				basic authentication for logging disabled
-			</action>
-		</release>
-
-		<release version="2.32" date="2006-12-13" description="subsequent release">
-			<action dev="tknall" type="add">
-				LDAP support added
+		<release version="3.0.4" date="2008-04-24"
+			description="first release">
+			<action dev="tknall" type="fix">
+				Bug fixed: If we have a binary signature, the
+				certificate is embedded. So there should be no serial
+				number needed within the signature block. PDF-AS stores
+				the certificate in the certstore but tries to load the
+				certificate via serialnumber and issuername from
+				certstore, which fails because of the missing serial
+				number.
 			</action>
-		</release>
-
-		<release version="2.31" date="2006-12-07" description="subsequent release">
-			<action dev="wlackner" type="fix">
-				some bugs fixed, algorithms adjusted
+			<action dev="tknall" type="fix">
+				Bug fixed: For storage of the certificate in the
+				certstore the issuername is taken from the certificate,
+				normalized and hashed. The base64 value of the hash is
+				used as the directory name. Loading the certificate from
+				the certstore, the issuername is taken from the
+				signature block, normalized and hashed. Some issuernames
+				(with rdns that are not registered) lead to two
+				different hash values (one at storage, another at
+				retrieval), which leads to a certificate not found
+				exception.
 			</action>
-		</release>
-
-		<release version="2.3" date="2006-12-01" description="subsequent release">
 			<action dev="tknall" type="add">
-				interface for LDAP-API added;
-				implementing class is declared by system property
-				at.knowcenter.wag.egov.egiz.sig.LDAPAPI.SYS_PROP_IMPLEMENTATION ("pdfas.ldapapi.impl");
-				previous implementation DummyLDAPAPI serves as failback implementation if system
-				property is not set, so version 2.3 provides backward compatibility to version 2.2
-			</action>
-		</release>
-
-		<release version="2.2" date="2006-09-29" description="first release">
-			<action dev="wlackner" type="add">
-				first release of PDF-AS
+				PDF-AS library version is logged in order to lighten
+				bugfixing.
 			</action>
 		</release>
 
-- 
cgit v1.2.3