DigiDoc libraries – C++ library – libdigidocpp

As of ID-software version 3.8, an additional multi-platform libdigidocpp library was added to the libraries designed for developers and integrators.

This library is to replace the libdigidoc C-library used since 2002 and the Windows COM library, the independent use support of which was discontinued in 2015. The Libdigidocpp library has been used in the ID-software since 2010, but to date, it could not be integrated with third-party applications and information systems.

Libdigidocpp library supports:

  • ASiC-E XAdES, i.e. BDOC 2.1 signature format, incl. a format with both a timestamp and time-mark
  • DDOC (wrapper using the SiVa validation service)

Libdigidocpp library  documentation .HTML

Start of support period End of new developments End of support period Extended support period
12.2013 - - - More info

Libdigidocpp library version updates:

Version Published Information on changes Download End of support period
3.14.11.1432 16.12.2022 List of changes (in English) Download
3.14.10.1429 21.07.2022 List of changes (in English) Download
3.14.9.1426 21.07.2022 List of changes (in English) Download
3.14.8.1420 15.03.2022 List of changes (in English) Download
3.14.7.1413 14.07.2021 List of changes (in English) Download 15.03.2022
3.14.6.1410 08.04.2021 List of changes (in English) Download 14.07.2021 
3.14.5.1404 25.02.2021 List of changes (in English) Download 08.04.2021 
3.14.4.1401 06.10.2020 List of changes (in English) Download 25.02.2021 
3.14.3.1399 19.06.2020 List of changes (in English) Download 06.10.2020 
3.14.2.1391 31.01.2020 List of changes (in English) Download 19.06.2020 
3.14.1.1389 05.11.2019 List of changes (in English) Download 31.01.2020 
3.13.9.1387 21.08.2019 List of changes(in English) Download 05.11.2019 
3.13.9.1386 08.04.2019 List of changes (in English) Download 21.08.2019 
3.13.8.1379 03.12.2018 List of changes (in English) Download 08.04.2019 
3.13.7.1377 24.10.2018 List of changes (in English) Download  03.12.2018 
3.13.6.1371 12.06.2018 List of changes (in English) Download  24.10.2018 
3.13.5.1369 06.04.2018 List of changes (in English) Download  03.12.2018 
3.13.4.1366 26.02.2018 List of changes (in English) Download  24.10.2018 
3.13.3.1365 21.12.2017 List of changes (in English) Download  12.06.2018 
3.13.2.1360 24.10.2017 List of changes (in English) Download  06.04.2018 
3.13.1.1353 16.06.2017 List of changes (in English) Download  26.02.2018 
3.13.0.1351 07.06.2017 List of changes (in English) N/A  21.12.2017 
3.12.3.1341 14.02.2017 List of changes (in English) N/A  24.10.2017 
3.12.2.1329 07.07.2016 List of changes (in English) N/A  16.06.2017 
3.12.1.1322 03.05.2016 List of changes (in English) N/A  07.06.2017 
3.12.0.1317 29.02.2016 List of changes (in English) N/A  14.02.2017 
3.11.1.1306 09.09.2015 List of changes (in English) N/A  07.07.2016 
3.11.0.1296 13.08.2015 List of changes (in English) N/A  03.05.2016 
3.10.0.1279 09.02.2015 List of changes (in English) N/A  29.02.2016 
3.9.0.1248 01.07.2014
  • Support for creating and validating BDOC signatures with timestamps (BDOC-TS profile) added.
    • No timestamping service support has been configured by default.
    • A new variable “ts.url” was added to the digidocpp.conf file, which specifies the timestamping service used upon creating a signature.
    • Support for BDoc::ASIC_TS_PROFILE profile value for Container::sign(Signer *signer, const string &profile) method added when creating BDCO-TS signature via API.
    • Timestamp (TS) profile support for digidoc-tool utility program's “open” and “create” commands added. The TS profile can be specified with the “--profile=TS” variable.
    • The signature creation time of a BDOC-TS signature is the timestamp creation time (in the case of signatures with time-marks, the OCSP validity confirmation creation time is the signing time).
    • A check for difference between OCSP validity confirmation creation time and timestamp creation time added to the BDOC-TS signature validation process. If the OCSP validity confirmation time is earlier than the timestamp time, an exception is returned. If the OCSP validity confirmation time is more than 15 minutes later than the timestamp time, a warning is returned. If the difference is more than 24 hours, an exception is returned.
  • Support for using a TSL (Trusted Service List) as a trust anchor added when checking certificates' trustworthiness during signature creation and validation.
    • The European Commission TSL list (https://ec.europa.eu/information_society/policy/esignature/trusted-list/tl-mp.xml) is used as a source for finding country-specific TSL lists by default. The national TSLs of Finland, Estonia, Latvia and Lithuania are used by default.
    • TSL usage configuration possibilities added to digidocpp.conf file. You can use “tsl.autoupdate”, “tsl.cache”, “tsl.cert” and “tsl.url” variables to change the default TSL settings.
    • The command “tsl” added to the digidoc-tool utility; the command displays TSL diagnostics and validates the TSL.
    • Possibility of disabling the TSL functionality in the library by setting CMake USE_TSL variable to “false” when building the library added.
    • The class XmlConfV2 added, which should be used instead of XmlConf class if there is a need to configure timestamp and TSL configuration parameters.
  • The possibility to add a OCSP confirmation to a signature if the signatory’s certificate is issued by “VRK CA for Qualified Certificates - G2” or “VRK Gov. CA for Citizen Qualified Certificates - G2” added.
  • Validation of BDOC documents improved. It is now checked that the data file mime-type value in manifest.xml file and the respective value in signatures*.xml file in element are the same.
  • “--mime=” variable added to digidoc-tool utility program's “create” command. The variable can be used together with the “--file=” variable to set the value of the data file’s mime-type. If the value is not set, the default value “application/octet-stream” is used.
  • BDOC document validation improved and a check for weak hash algorithm (SHA-1) use for ECDSA signatures added.
  • BDOC signatures*.xml file's XML structure validation improved. The file is now additionally checked for unsupported elements, such as CounterSignature, CompleteCertificateRefs, CompleteRevocationRefs, AttributeCertificateRefs, AttributeRevocationRefs, SigAndRefsTimeStamp, RefsOnlyTimeStamp, AttrAuthoritiesCertValues, AttributeRevocationValues, CommitmentTypeIndicationType, AllDataObjectsTimeStamp and IndividualDataObjectsTimeStampType.
  • Processing of special characters in URI attribute values according to RFC3986 improved. Special characters in URI are percent-encoded, except unreserved characters and delimiters. Both percent-encoded and non-percent-encoded characters are supported upon signature validation. It should be noted that files that include special characters in URI values and are created with a version 3.9 library may not be compatible with library version 3.8.
  • A problem that caused erroneous signatures if the data file's name contained a colon has been fixed.
  • The digidoc-tool utility program “extract” command's “--extractAll” parameter functionality has been fixed.  If the variable is used in extraction but the catalogue is not specified, files are extracted in the working directory.
  • A digidoc-tool utility program error that caused the program to close unexpectedly when trying to create or sign a DDOC file has been fixed.
  • Libdigidoc wrapper changed to fix an error that occurred when parsing a DDOC document's data file name containing some specific special characters. Previously, the special characters were erroneously displayed in escaped form.
  • A problem in Libdigidoc wrapper when calculating a data file's size upon parsing a DDOC file has been fixed. Previously, a wrong data file size was occasionally returned.
  • XAdESv141.xsd schema support added for implementing BDOC archive timestamp profile in the future.
  • The libc++ library adopted instead of libstdc++ on OSX platform. Libc++ ensures full c++11 support.
  • All Libdigidocpp documentation is now available in HTML format (see /documentation/html/index.html in the base directory). The existing HTML-based API documentation was updated and the contents of “Libdigidocpp Programmer's Guide” PDF/Word document was transferred to HTML format. Previously used PDF/Word documents were removed.
  • The coverity.com static analysis tool was used to identify source code errors and vulnerabilities.
N/A  09.09.2015 
3.8.0.1209 18.12.2013 The first release of the library as a separate package. The library’s API has been updated and is not compatible with version 3.7 if this library was only used by DigiDoc3 client software. 
 
Known issues:
  • If a data file with a colon in its name is added to a BDOC container, the signature created will be erroneous.
N/A  13.08.2015