3.1

• Certificate files can now be used with a PKCS11 token to support OpenPGP cards unable to hold a whole certificate chain (contributed by Erwin Tratar)
• Fixed an IllegalArgumentException when parsing large entries of MSI files

3.0

• Jsign now requires Java 8 or higher
• MSI signing has been implemented
• Script signing has been implemented: PowerShell (contributed by Björn Kautler), VBScript, JScript and WSF
• The Maven plugin now uses the proxy defined in the Maven settings for the timestamping (contributed by Denny Bayer)
• The Maven plugin now accepts passwords encrypted using the Maven security settings (contributed by Denny Bayer)
• The Maven plugin is now bound by default to the package phase
• The timestamping is no longer enabled by default with the Maven plugin
• Renamed the command line tool from pesign to jsign
• Renamed the Ant task and the Gradle extension method from signexe to jsign
• SOCKS proxies are now supported
• Fixed the invalid SHA-512 signatures (contributed by Markus Kilås)
• The non-timestamped signatures are now reproducible (the signingTime attribute has been removed)
• Upgraded BouncyCastle to 1.64

2.1

• Fixed the loading of SunPKCS11 configuration files with Java 9
• SunPKCS11 configuration files can be loaded from any directory
• Maven plugin settings can now be passed on the command line (contributed by Nicolas Roduit)
• The first timestamping authority specified is no longer skipped (contributed by Thomas Atzmueller)
• Fixed the typo on the withTimestampingAuthority() methods in PESigner (contributed by Bjørn Madsen)
• Upgraded BouncyCastle to 1.60

2.0

• Jsign now requires Java 7 or higher
• Multiple signatures are now supported. New signatures can replace or be added to the previous ones.
• PKCS#11 hardware tokens are now supported.
• The signature algorithm can now be specified independently of the digest algorithm (contributed by Markus Kilås)
• Timestamping is attempted 3 times by default with a 10 seconds pause if an exception occurs (contributed by Erwin Tratar)
• Timestamping can now fail over to other services
• Private keys in PEM format are now supported (PKCS#1 and PKCS#8, encrypted or not)
• Upgraded BouncyCastle to 1.54 (contributed by Markus Kilås)
• Fixed the Accept header for RFC 3161 requests (contributed by Markus Kilås)
• Internal refactoring to share the code between the Ant task and the CLI tool (contributed by Michael Peterson)
• The code has been split into distinct modules (core, ant, cli).
• Jsign is now available as a plugin for Maven (net.jsign:jsign-maven-plugin) and Gradle
• The API can be used to sign in-memory files using a SeekableByteChannel

1.3

• The command line tool now supports HTTP proxies (contributed by Michael Szediwy)
• RFC 3161 timestamping services are now supported (contributed by Florent Daigniere)
• The digest algorithm now defaults to SHA-256
• The shaded dependencies are now relocated to avoid conflicts
• Added SHA-384 and SHA-512 checksums support
• SHA-2 is accepted as an alias for SHA-256

1.2

• Reduced the memory usage when signing large files
• Files over 2 GB are now supported
• Improved the thread safety

1.1

• Command line interface with bash completion for signing files (available as RPM and DEB packages)
• The keystore is no longer locked if the signing fails

1.0

• Initial release