<?xml version="1.0" encoding="UTF-8"?> <document> <properties> <title>Release History</title> </properties> <body> <!-- <release version="major.minor" date="yyyy-MM-dd" description="foo"> <action dev="foo" type="add|update|fix|remove">foo</action> </release> --> <release version="3.1.1-snapshot" date="2010-03-16" description="add"> <action dev="tknall" type="add">Catching OutOfMemory exceptions, returning appropriate error message/code</action> <action dev="tknall" type="fix">Binary signature: bug concerning indirect pdf objects fixed</action> <action dev="tknall" type="update">Maven2-repository updated</action> <action dev="tknall" type="update">pdfbox/itext projects converted to maven2 projects</action> <action dev="tknall" type="update">pdfbox/itext maven2 artifact renamed and version added (see .pom)</action> <action dev="tknall" type="remove">old pdfbox/itext libraries removed</action> <action dev="tknall" type="add">SignaturePositioning improved (Signature position can be declared by String which is parsed)</action> <action dev="tknall" type="add">Some more error codes (Out of memory, Invalid signature position)</action> <action dev="tknall" type="add">iText utility for creation of pdf files added</action> <action dev="tknall" type="update">ConfigUtils updated (destination of configuration to be extracted can now be chosen)</action> <action dev="tknall" type="update">PDFASUtils updated (more tools)</action> <action dev="tknall" type="add">WebApplication: Freetext pdf creation implemented</action> <action dev="tknall" type="fix">WebApplication: XSS security updates</action> </release> <release version="3.1" date="2010-01-18" description="add"> <action dev="tknall" type="add">Support for PDF signature handler.</action> <action dev="tknall" type="add">Protection of signed documents against inadvertently modification.</action> <action dev="tknall" type="update">Revision of configuration (backwards compatibility assured).</action> <action dev="tknall" type="fix">Minor bug concerning table format configuration fixed.</action> <action dev="tknall" type="add">Support of arbitrary signature/hash algorithms (ACOS04/G3).</action> <action dev="tknall" type="add">Evaluation of pdf documents for non-textual objects added.</action> <action dev="tknall" type="add">Support for BAIK signatures.</action> <action dev="tknall" type="fix">Many minor bugfixes.</action> </release> <release version="3.0.9-20090929" date="2009-10-01" description="bugfix"> <action dev="tknall" type="fix">WebApplication: Incompatibility to Tomcat 6.x removed. (Now quoting taglib expressions with nested scriptlets.)</action> </release> <release version="3.0.9-20090929" date="2009-09-29" description="bugfix"> <action dev="tknall" type="fix">Bug concerning text matching algorithm fixed.</action> </release> <release version="3.0.9-20090417" date="2009-05-08" description="subsequent release"> <action dev="tknall" type="fix">Web application bug concerning text reconstruction from form fixed.</action> </release> <release version="3.0.9-20090417" date="2009-04-17" description="subsequent release"> <action dev="tknall" type="add">New signature layout for new MOCCA bku integrated (etsi-moc-1.1).</action> <action dev="tknall" type="add">New architecture implemented that allows different signature layouts for single types of bkus.</action> </release> <release version="3.0.9-20090319" date="2009-03-26" description="subsequent release"> <action dev="tknall" type="update">Layout for webapplication adjusted for IE.</action> </release> <release version="3.0.9-20090319" date="2009-03-19" description="subsequent release"> <action dev="tknall" type="update">Build script for command line version updated.</action> <action dev="tknall" type="fix">JavaDoc fixes.</action> <action dev="tknall" type="update">Some updates for debugging messages.</action> <action dev="tknall" type="update">Parser for MOCCA-CreateXMLSignatureResponses enhanced.</action> <action dev="tknall" type="update">Many updates and fixes for the external web app interface.</action> <action dev="tknall" type="add">New profile for invisible signatures added.</action> </release> <release version="3.0.9-20090206" date="2009-02-04" description="subsequent release"> <action dev="tknall" type="fix">Examples for the help screen of the commandline version corrected.</action> </release> <release version="3.0.9-20090203" date="2009-02-04" description="subsequent release"> <action dev="tknall" type="fix">Minor updates for commandline invokation.</action> <action dev="tknall" type="fix">Restored compatibility for old PdfAS.commandline(...) method invokation. This method is used by external tools (Open Office plugin for instance.)</action> <action dev="tknall" type="add">Some more log messages (e.g. encoding related issues).</action> <action dev="tknall" type="update">Updating web application (in external invocation mode) enhancing support for being used within an iframe.</action> <action dev="tknall" type="add"> Two new (optional) parameters for external invocation mode: locale: defines the locale being used for webapp (e.g. locale=de or locale=de_DE), invoke-app-error-url: can be used to declare a callback url to the calling web application in order to transfer error messages from pdf-as. In case of error pdf-as redirects the user to the error-page-url (if given) providing the error and the cause in url encoded parameters ("error", "cause"). </action> <action dev="tknall" type="update">Formatter for mocca signature params enhanced.</action> </release> <release version="3.0.9-20090129" date="2009-01-29" description="BRZ release"> <action dev="wprinz" type="add">Added signatureKeyIdentifier to SignParameters in the API, which allows to override the one specified in the profile (MOA Connector only).</action> <action dev="wprinz" type="add">Added maven assembly and batch file for BRZ distribution.</action> <action dev="wprinz" type="fix">Corrected faulty mime-type argument checking in SignResult constructor.</action> </release> <release version="3.0.8-20090113" date="2009-01-13" description="subsequent release"> <action dev="tknall" type="update">Switching to itext-2.1.5-rev3628. (itext-1.4.x is regarded as deprecated.)</action> <action dev="gfliess" type="update">itext library: minor adjustments for pdf-as</action> <action dev="tknall" type="add">Adding new error code (103) for invalid pdfa/1b font configuration.</action> <action dev="gfliess" type="update">Minor updates for PDF/A support.</action> <action dev="tknall" type="add">Support for local MOCCA CCS added.</action> </release> <release version="3.0.8-20081126" date="2008-11-26" description="subsequent release"> <action dev="tknall" type="add">Multi language for web application.</action> <action dev="tknall" type="fix">Encoding issue for web application fixed by implementing an EncodingFilter.</action> <action dev="tknall" type="update">Dynamic sign upload form implemented.</action> <action dev="tknall" type="update">Order of input fields for dynamic upload form changed.</action> <action dev="tknall" type="add">MOCCA logo added to sign upload form.</action> </release> <release version="3.0.8-20081119" date="2008-09-19" description="subsequent release"> <action dev="tknall" type="remove">lib-folder removed.</action> <action dev="tknall" type="update">Maven2-repository updated.</action> <action dev="tknall" type="add">Adding external patched itext (1.4.2 and 2.1.5) and pdfbox libraries.</action> <action dev="tknall" type="remove">Removing iText and pdfbox from sources.</action> <action dev="tknall" type="remove">Cleaning up certstore removing all certificates except MOA-certificates.</action> <action dev="tknall" type="remove">Removing deprecated templates.</action> <action dev="tknall" type="update">Correcting default.bku.sign.detached.xml according to Security Layer spec.</action> <action dev="tknall" type="update"></action> <action dev="tknall" type="add">Adding DejaVuFont.</action> <action dev="tknall" type="add">Adding DejaVuFont license.</action> <action dev="tknall" type="update">Adding test file for PDF/A. Removing issues.txt.</action> <action dev="tknall" type="add">Preparation for multilingual support for web application.</action> <action dev="tknall" type="update">Minor updates of configuration.</action> <action dev="tknall" type="update">Sitemesh updates.</action> <action dev="tknall" type="add">Minor support for TrueType fonts in preparation for PDF/A added.</action> </release> <release version="3.0.7-20080923" date="2008-09-23" description="subsequent release"> <action dev="tknall" type="remove">Deprecated webapp-folder removed from svn repository.</action> <action dev="tknall" type="add">New DefaultConfiguration.zip integrated in order to allow mocca signatures.</action> <action dev="tknall" type="fix">Minor bug concerning choice of cce within the web application fixed.</action> </release> <release version="3.0.7-20080916" date="2008-09-16" description="subsequent release"> <action dev="tknall" type="add">Signature with new online bku MOCCA integrated (new signature device "moc" created).</action> <action dev="tknall" type="add">Configuration keys for mocca added.</action> <action dev="tknall" type="add">New error codes (371 = signature verification not supported by this connector, 372 = invalid signing time) introduced.</action> <action dev="tknall" type="add">Optional check of the signing time for the web application implemented. At signature creation time the signing time is checked for plausibility. This is a workaround for the ITS:mac-linux signing time bug. New configuration key ("signing_time_tolerance") added (applies to web application only) to overcome invalid signing times. A signature is only accepted if its signing time is within a time frame of [current time - signing_time_tolerance, current time + signing_time_tolerance] where signing_time_tolerance is interpreted as seconds.</action> <action dev="tzefferer" type="fix">Bugfix: Correct extraction of signatures with wrong signing times implemented. (The order of the signatures is still invalid in case of false signing times.)</action> <action dev="tknall" type="add">Optional override of the dynamic creation of the signature retrieval url (locrefcontent) implemented in order to overcome ssl problems (retrieve_signature_data_url_override). Note: Assure that this URL is accessible from the citizen card environment.</action> <action dev="tknall" type="fix">Download of signed pdf-file for external application interface adjusted.</action> <action dev="tknall" type="add">Verification of mocca signed documents implemented.</action> <action dev="tknall" type="add">Retrieval of xml response via multipart implemented (mocca strictly follows security layer spec)</action> </release> <release version="3.0.6-20080715" date="2008-07-15" description="subsequent release"> <action dev="tknall" type="update">Parsing of PublicAuthority-Flag and PublicAuthority-Code from MOA-VerifyXMLSignatureResponses implemented.</action> </release> <release version="3.0.6-20080616" date="2008-06-16" description="subsequent release"> <action dev="tknall" type="update">APIDemo updated.</action> <action dev="tknall" type="update">(default) configuration updated regarding new configuration keys.</action> <action dev="tknall" type="update">Many printStackTraces replaces with logger-messages.</action> <action dev="tknall" type="update">Update concerting exclusion of minimal layout profiles for verification.</action> <action dev="tknall" type="update"> Web-Application: New error code (251) introduced: Textual signature of files with no extractable textual content (e.g. files that solely contain images) is prevented. </action> </release> <release version="3.0.6" date="2008-06-16" description="subsequent release"> <action dev="wprinz" type="add">Configurable line break tolerance for binary signatures (line_break_tolerance).</action> <action dev="wprinz" type="add">The reserved space for a certificate withing the egiz dictionary can be configured (...phlength.certificate=xxxx).</action> <action dev="wprinz" type="add">imagescaletofit configuration parameter introduced.</action> </release> <release version="3.0.5" date="2008-06-13" description="subsequent release"> <action dev="tzefferer" type="update">Detection of incremental updates updated.</action> <action dev="tknall" type="fix">Bug fixed. There was an error concerning empty HashInputData parsing a MOA CreateXMLSignatureResponse.</action> <action dev="tknall" type="add">Demo source for API usage created.</action> <action dev="tknall" type="update">Issue resolved: Prevent signature of empty document which leads to a meaningless error message from the bku.</action> </release> <release version="3.0.5" date="2008-06-12" description="subsequent release"> <action dev="tknall" type="update">A new check for the existence of a configuration has been implemented. The extraction is skipped if any files or folders would be overwritten. Files like log- or temp-files may exist and do not prevent the deployment of the default configuration.</action> </release> <release version="3.0.5" date="2008-06-11" description="subsequent release"> <action dev="tknall" type="fix">Serious bug solved. Method storeCertificate tried to fetch a certificate from store before storing it. If not found (within the store resp. via ldap) the certificate was not stored!!!</action> </release> <release version="3.0.5" date="2008-06-10" description="subsequent release"> <action dev="tknall" type="update">Manual deployment of pdf-as configuration (commandline parameter -ddc) considers the system property pdf-as.work-dir.</action> <action dev="tknall" type="update">Internal default configuration updated.</action> <action dev="tknall" type="fix">log4.properties within the workdir is now being considered using the api.</action> </release> <release version="3.0.5" date="2008-06-03" description="subsequent release"> <action dev="wprinz" type="add"> Support of a minimal signature mark layout for binary signatures added. </action> <action dev="tknall" type="add"> Web-Application: Every hardcoded context "pdf-as" has been replaced. </action> <action dev="tknall" type="add"> Web-Application: Session is now being invalidated after download of the signed pdf file. </action> <action dev="tknall" type="add"> Web-Application: Configuration may be declared via system property "pdf-as.work-dir" or via Servlet-Init-Parameter "work-dir". </action> <action dev="tknall" type="fix"> Bug fixed in RetrieveSignatureDataServlet: Response header didn't contain a content length attribute. The ITS Mac BKU rejects those requests. </action> <action dev="tknall" type="fix"> Workaround for ITS Mac BKU integrated. A redirect via response does only work if the response contains a valid SL request (e.g. a NullOperationRequest). </action> <action dev="tknall" type="add"> API: The configuration folder may be omitted at instantiating the api. Configuration may be set via system property "pdf-as.work-dir". If no configuration is given at all, the current user's home directory is searched for a folder "PDF-AS". If not found a default configuration is created. </action> <action dev="tknall" type="add"> If the configuration is explicitely given than the temporary folder is located within the given directory otherwise within the user's temporary directory. </action> <action dev="tknall" type="add"> Declaring the configuration folder, replacements for system properties like "${catalina.base}/conf/pdfas" may be used. </action> </release> <release version="3.0.4" date="2008-04-24" description="first release"> <action dev="tknall" type="fix"> Bug fixed: If we have a binary signature, the certificate is embedded. So there should be no serial number needed within the signature block. PDF-AS stores the certificate in the certstore but tries to load the certificate via serialnumber and issuername from certstore, which fails because of the missing serial number. </action> <action dev="tknall" type="fix"> Bug fixed: For storage of the certificate in the certstore the issuername is taken from the certificate, normalized and hashed. The base64 value of the hash is used as the directory name. Loading the certificate from the certstore, the issuername is taken from the signature block, normalized and hashed. Some issuernames (with rdns that are not registered) lead to two different hash values (one at storage, another at retrieval), which leads to a certificate not found exception. </action> <action dev="tknall" type="add"> PDF-AS library version is logged in order to lighten bugfixing. </action> </release> </body> </document>