New Releases of all SetaPDF Components - 2020-07-23 ▷ setasign.com

New Releases of all SetaPDF Components2020-07-23

We released all SetaPDF components in new minor versions!

This release was pushed by several updates, improvements and bugfixes in the SetaPDF-Signer component.

It especially fixes an annoying bug which landed in the SetaPDF-Signer component two releases ago: We were using a fixed signature algorithm identifier without using the algorithm information of the public key in our CMS and PAdES signature modules. Because of this an invalid signature algorithm identifier was used if a key with ECDSA or DSA was used (RSA was fine throughout). We fixed this with this release and also prepared the support for keys with RSASSA-PSS keys if your OpenSSL version (>= 1.1.1) supports it.

If you use foreign or non RSA keys, please upgrade as soon as possible!
The affected versions are 2.33.0.1425 and 2.34.0.1487.

There were also some improvements in the SetaPDF-Core component which made it into all other components as well.

Check the release notes of the components below.
Log in to download the latest version of the related packages!

switch product

Version 2.35.0.1507

Release date: 2020-07-23

Release Notes

SetaPDF-Core Component

Feature

Added Stream writer class and refactored File writer to extend it.
Added simple implementation of SASLprep (RFC 4013) for handling of unicode passwords in standard AES256 security handler.

Tweak

Ignore annotation objects with invalid data in SetaPDF_Core_Document_Page_Annotations::getAll() method.
Added $encoding parameter to SetaPDF_Core_SecHandler_Standard::auth*() methods.
Added $passwordEncoding parameter to all standard security factory()-methods.

Version 2.35.0.1507

Release date: 2020-07-23

Release Notes

SetaPDF-Core Component

Feature

Added Stream writer class and refactored File writer to extend it.
Added simple implementation of SASLprep (RFC 4013) for handling of unicode passwords in standard AES256 security handler.

Tweak

Ignore annotation objects with invalid data in SetaPDF_Core_Document_Page_Annotations::getAll() method.
Added $encoding parameter to SetaPDF_Core_SecHandler_Standard::auth*() methods.
Added $passwordEncoding parameter to all standard security factory()-methods.

Version 2.35.0.1507

Release date: 2020-07-23

Release Notes

SetaPDF-Core Component

Feature

Added Stream writer class and refactored File writer to extend it.
Added simple implementation of SASLprep (RFC 4013) for handling of unicode passwords in standard AES256 security handler.

Tweak

Ignore annotation objects with invalid data in SetaPDF_Core_Document_Page_Annotations::getAll() method.
Added $encoding parameter to SetaPDF_Core_SecHandler_Standard::auth*() methods.
Added $passwordEncoding parameter to all standard security factory()-methods.

Version 2.35.0.1507

Release date: 2020-07-23

Release Notes

SetaPDF-Core Component

Feature

Added Stream writer class and refactored File writer to extend it.
Added simple implementation of SASLprep (RFC 4013) for handling of unicode passwords in standard AES256 security handler.

Tweak

Ignore annotation objects with invalid data in SetaPDF_Core_Document_Page_Annotations::getAll() method.
Added $encoding parameter to SetaPDF_Core_SecHandler_Standard::auth*() methods.
Added $passwordEncoding parameter to all standard security factory()-methods.

Version 2.35.0.1507

Release date: 2020-07-23

Release Notes

SetaPDF-Core Component

Feature

Added Stream writer class and refactored File writer to extend it.
Added simple implementation of SASLprep (RFC 4013) for handling of unicode passwords in standard AES256 security handler.

Tweak

Ignore annotation objects with invalid data in SetaPDF_Core_Document_Page_Annotations::getAll() method.
Added $encoding parameter to SetaPDF_Core_SecHandler_Standard::auth*() methods.
Added $passwordEncoding parameter to all standard security factory()-methods.

Version 2.35.0.1507

Release date: 2020-07-23

Release Notes

SetaPDF-Signer Component

Feature

Added support for validation of signatures with DSA/ECDSA/RSASSA-PSS (if supported by OpenSSL) keys in SetaPDF_Signer_Asn1_Signed class.
Added support for RSASSA-PSS signature scheme if PHP is compiled with a supporting OpenSSL version (>= 1.1.1; scheme needs to be determinable by the SubjectPublicKeyInfo of the signing certificate).
Added setKeyOption() and getKeyOptions() methods in SetaPDF_Signer_Signature_Module_OpenSslCliCms to e.g. support RSASSA-PSS signature scheme.

Bugfix

Allow independent order of private key and certificate in PEM files if they are used to initiate Certificate instance.
Use signature algorithm from SubjectPublicKeyInfo in SetaPDF_Signer_Signature_Module_Cms and SetaPDF_Signer_Signature_Module_Pades modules again instead of fixed "RSASSA-PKCS1-v1_5" algorithm identifier.

Tweak

Optimized creation of nonce value in RFC 3161 timestamp module.
Increased default signature content length value.
Throw exception if no PEM encoded data were found in SetaPDF_Signer_Pem::extract().
Removed SetaPDF_Signer_Digest::getOpenSslInt() method.
Added SetaPDF_Signer_Signature_Module_OpenSslCli::_createCommand() method to allow extending classes to modify the final command.

Demo

Added some code for creating the signature field names in demo for several signatures.
Added Fortify demo that uses the new web-component and Verify.ink.

SetaPDF-Core Component

Feature

Added Stream writer class and refactored File writer to extend it.
Added simple implementation of SASLprep (RFC 4013) for handling of unicode passwords in standard AES256 security handler.

Tweak

Ignore annotation objects with invalid data in SetaPDF_Core_Document_Page_Annotations::getAll() method.
Added $encoding parameter to SetaPDF_Core_SecHandler_Standard::auth*() methods.
Added $passwordEncoding parameter to all standard security factory()-methods.

Version 2.35.0.1507

Release date: 2020-07-23

Release Notes

SetaPDF-Core Component

Feature

Added Stream writer class and refactored File writer to extend it.
Added simple implementation of SASLprep (RFC 4013) for handling of unicode passwords in standard AES256 security handler.

Tweak

Ignore annotation objects with invalid data in SetaPDF_Core_Document_Page_Annotations::getAll() method.
Added $encoding parameter to SetaPDF_Core_SecHandler_Standard::auth*() methods.
Added $passwordEncoding parameter to all standard security factory()-methods.

Older Newer