• Warning! Malware detected. Download at your own risk.
Download Latest Version Release Notes - eSignature DSS - Version 6.3.RC1 source code.tar.gz (135.7 MB)
Email in envelope

Get an email when there's a new version of DSS

Home / 6.3.RC1
Name Modified Size InfoDownloads / Week
Parent folder
README.md 2025-06-12 7.8 kB
Release Notes - eSignature DSS - Version 6.3.RC1 source code.tar.gz 2025-06-12 135.7 MB
Release Notes - eSignature DSS - Version 6.3.RC1 source code.zip 2025-06-12 145.3 MB
Totals: 3 Items   281.0 MB 1

New features

  • [DSS-3180] Add support of embedded evidence records validation
  • [DSS-3500] Add support of machine-readable ETSI TS 119 312 cryptographic suite schemas
  • [DSS-3527] Add validation constraint for TL Structure
  • [DSS-3548] Add possibility to configure list of verified host name for LDAP get request
  • [DSS-3556] Add embedding of Evidence Records in existing signatures
  • [DSS-3589] ASiC filename adherence check
  • [DSS-3609] Add encapsulation of existing evidence records in ASiC containers

Improvements

  • [DSS-2665] Expose RevocationConsistentCheck to new validation checks
  • [DSS-3387] CAdES : add possibility of signing large documents
  • [DSS-3525] Use lax validation on TL Parsing
  • [DSS-3543] ASiC : verify presence of /META-INF folder to run a validator
  • [DSS-3569] Include signature expiration date in the simple report xslt/pdf templates
  • [DSS-3591] XMLCanonicalizer : add method to canonicalize with provided OutputStream
  • [DSS-3598] Support configurable LDAP context environment
  • [DSS-3607] Improve logs in case of a missed OCSP location URL
  • [DSS-3610] Forbid invalid signature creation/augmentation based on the ER presence

Bug fixes / Issues

  • [DSS-3521] CMS signing-time is returned when multiple times are defined
  • [DSS-3530] RevocationIssuerNotExpired policy constraint is not used during LTV process
  • [DSS-3551] xVals entries are not considered as candidates for a signing certificate for JAdES signature
  • [DSS-3567] Incorrect identification of "undefined object modification" on signature verification
  • [DSS-3570] CRL is retrieved instead of OCSP when delegated OCSP responder requires revocation check
  • [DSS-3575] Improve CryptoInformation element within ETSI VR for multiple signing-certificate references
  • [DSS-3577] Error on permitted annotation modifications
  • [DSS-3579] Issues with DiagnosticData Serialization/Deserialization
  • [DSS-3586] DSS fails to read FieldMDP or Lock dictionary when defined as indirect reference
  • [DSS-3587] Certificate Synchronization Issue with TLValidationJob
  • [DSS-3592] PAdES augmentation fails for some documents with multiple signatures
  • [DSS-3595] HashMap containsKey() method evaluated as false after calling getDigest(DigestAlgorithm.SHA256) method on document
  • [DSS-3606] DSS fails to create a visual signature field for a PDF page with negative coordinates
  • [DSS-3613] JPMS Module Issue with dss-validation

Tasks / Other

  • [DSS-3534] Introduce dss-cms-object and dss-cms-stream modules
  • [DSS-3614] Upgrade to BouncyCastle v1.81
  • [DSS-3615] Upgrade to Apache Santuario v3.0.6
  • [DSS-3616] Upgrade to PdfBox v3.0.5
  • [DSS-3618] Introduce profile for tests execution on large files

Migration

NOTE: This release includes breaking changes, impacting some functionalities, please see below:

  • If you use a default validation process or provide a custom XML Validation Policy, the corresponding module should be added to the list of dependencies used within your project:

    <dependencies> ... <dependency> <groupId>eu.europa.ec.joinup.sd-dss</groupId> <artifactId>dss-policy-jaxb</artifactId> </dependency> ... </dependencies>

  • Two alternative implementations for CMS processing have been introduced, impacting various modules such as dss-cades, dss-pades and dss-asic-cades:

  • dss-cms-object - Uses in-memory handling of CMS objects based on BouncyCastle classes. This implementation provides the "old" behavior familiar from previous versions of DSS. In order to use the module, it should be added to the list of dependencies as demonstrated below:

    <dependencies> ... <dependency> <groupId>eu.europa.ec.joinup.sd-dss</groupId> <artifactId>dss-cms-object</artifactId> </dependency> ... </dependencies>

  • dss-cms-stream - An experimental implementation providing CMS reading and writing functionalities based on Streams. This implementation provides a possibility to sign and validate large documents, but the creation of CMS documents is limited to only BER coding format.

NOTE: Only one of the dss-cms-object or dss-cms-stream dependencies shall be used.

For more information about code changes and migration process, please refer to the Migration Guide in documentation.

Source: README.md, updated 2025-06-12