Description of problem: The old DigiDoc3 software doesn't work anymore. I have updated needed parts of the software and have done some tests on my own system to confirm that things seem to work as they should. Suggested advisory: ======================== DigiDoc3 cannot be used for signing documents from 1 January 2019 due to outdated software; neither will it support the new ID-card to be issued at the end of 2018 or the beginning of 2019. This update adds DigiDoc4 client and updates other related components to make the ID software work again. References: https://www.ria.ee/en/information-system-authority/announcements/new-id-card-software-digidoc4-available.html ======================== Updated/added packages in core/updates_testing: ======================== chrome-token-signing-1.0.8-1.mga6 libdigidocpp-3.13.8-1.mga6 lib(64)digidocpp1-3.13.8-1.mga6 qdigidoc4-4.2.0-2.mga6 qdigidoc4-nautilus-4.2.0-2.mga6 task-esteid-4.2.0-1.mga6 Source RPMs: chrome-token-signing-1.0.8-1.mga6.src.rpm libdigidocpp-3.13.8-1.mga6.src.rpm qdigidoc4-4.2.0-2.mga6.src.rpm task-esteid-4.2.0-1.mga6.src.rpm
1. In up-to-date Mageia 6 drakrpm enabled core/updates_testing repository. 2. Refreshed repositories and opened upgradeable packages. 3. Marked for upgrade packages: - chrome-token-signing-1.0.8-1.mga6.x86_64 - lib64digidocpp1-3.13.8-1.mga6.x86_64 - lib64opensc6-0.19.0-1.mga6.x86_64 - libdigidocpp-3.13.8-1.mga6.x86_64 - opensc-0.19.0-1.mga6.x86_64 4. Searched for and marked for installation the package: - qdigidoc4-4.2.0-2.mga6.x86_64 - that causes the removal of (previous) qdigidoc package. 5. Performed upgrade/install of marked packages. 6. Tested chrome-token-signing by logging into my internet bank account using PIN1 and made a transfer by signing it with PIN2. 7. Launched qdigidoc4, was able to load my photo after insering PIN1, checked my ID card certificates, opened existing digitally signed documents and created and signed a new document. 8. Everything that was tested worked as expected.
CC: (none) => jyri2000
MGA6-32 MATE on IBM Thinkpad R50e Installation issue: When selecting task-esteid-4.2.0-1.mga6 in MCC it draws in qdigidoc-3.16.xxx and selecting then qdigidoc4-4.2.0-2.mga6 is refused because of incompatibility with the older version. After installing all packages under test, but thus the older versions of qdigidoc4, I could then upgrade to qdigidoc4-4.2.0-2.mga6.x86_64 which removes the older version. I obviously have no Estonian id card, but I made sure it does not affect reading my Belgian eid. That is OK.
CC: (none) => herman.viaene
@Jüri Ivask, thank you for your careful, comprehensive and and well documented test. -------------- Trying M6/64 BEFORE update, I tried to install the pkgs cited in comment 0, but could not find qdigidoc4 qdigidoc4-nautilus However, 'task-esteid' pulled in also 'qdigidoc' & 'qdigidoc-nautilus'. Here are the relevant pkgs installed (x = not in the c0 update list): x ccid-1.4.24-1.mga6.x86_64 - chrome-token-signing-1.0.6-1.mga6.x86_64 x esteidcerts-3.8.0-5.mga6.noarch x lib64digidoc2-3.10.2-2.mga6.x86_64 - lib64digidocpp1-3.13.2-1.mga6.x86_64 x lib64nautilus-gir3.0-3.24.1-1.mga6.x86_64 x lib64opensc6-0.19.0-1.mga6.x86_64 x libdigidoc-3.10.2-2.mga6.x86_64 - libdigidocpp-3.13.2-1.mga6.x86_64 x locales-et-2.22-7.mga6.x86_64 x mozilla-esteid-3.12.0-2.mga6.noarch x nautilus-python-1.1-9.mga6.x86_64 x opensc-0.19.0-1.mga6.x86_64 x pcsc-lite-1.8.20-1.mga6.x86_64 - qdigidoc-3.13.6-1.mga6.x86_64 - qdigidoc-nautilus-3.13.6-1.mga6.x86_64 x qesteidutil-3.12.7-2.mga6.x86_64 - task-esteid-3.13.3-1.mga6.noarch x xml-security-c-1.7.3-2.1.mga6.x86_64 Complicated! Found DigiDoc3 Client & Crypto in Office sub-menu, started the former, clicked things, it looked good. Changed the languages. BUT Settings-Server Access Certificate said "Valid to 03/01/2019 (expired)". Crypto looked equally good. ============================ UPDATE Referencing Updates_Testing, qdigidoc4 qdigidoc4-nautilus were *not* listed by MCC-Update System. These are all I could find: - chrome-token-signing-1.0.8-1.mga6.x86_64 - lib64digidocpp1-3.13.8-1.mga6.x86_64 - libdigidocpp-3.13.8-1.mga6.x86_64 - task-esteid-4.2.0-1.mga6.noarch which were updated OK. The last did *not* pull in the 2 missing pkgs. As did others, I manually installed: # urpmi qdigidoc4 which uninstalled 'qdigidoc-3.13.6-1.mga6.x86_64' because of conflict with 'qdigidoc4-4.2.0-2.mga6.x86_64'; and 'qdigidoc-nautilus-3.13.6-1.mga6.x86_64' because it wanted, unsatisfied, 'qdigidoc == 3.13.6-1.mga6'. /core/updates_testing/qdigidoc4-4.2.0-2.mga6.x86_64.rpm was installed. qdigidoc-nautilus-3.13.6-1.mga6.x86_64 & qdigidoc-3.13.6-1.mga6.x86_64. were uninstalled. # urpmi qdigidoc4-nautilus .../core/updates_testing/qdigidoc4-nautilus-4.2.0-2.mga6.x86_64.rpm was installed. Complicated again! In the Office sub-menu, DigiDoc Crypto has gone, only DigiDoc4 Client remains. This looks radically different, but OK, and nominally works. So the end result of this update is *good*, and warrants OKs. Doubt: ------------------------------------------------------------------- @Sander: the business of qdigidoc[-nautilus] -> qdigidoc4[-nautilus] is iffy. It does not look (I may be wrong) that it would happen automatically by a system update. We all had to fiddle manually. Can you comment on this? Should the two pkgs be made dependancies of task-esteid (which they were before, because that is how I got them installed)?
CC: (none) => lewyssmithKeywords: (none) => feedback
DigiDoc4 includes multiple applications in one, so it's OK if DigiDoc Crypto is gone after installing DigiDoc4. The update is not meant to install DigiDoc4 automatically. People have to do it before or after the update manually and this will remove DigiDoc3. It's a bit messy and maybe I'll figure out something better if I'm forced to push another mandatory update but right now I'd let it be as it is. It's better than having just DigiDoc3 which can't be used to sign new documents anymore.
Keywords: feedback => (none)
Thank you for the quick response. It does look a question of dependencies; '--requires' alone does not show it, so it must be one of the other directly dependant packages: BEFORE: task-esteid-3.13.3-1.mga6 $ urpmq --requires-recursive task-esteid | grep qdigidoc qdigidoc qdigidoc-nautilus AFTER: task-esteid-4.2.0-1.mga6 $ urpmq --media 'updates testing' --requires-recursive task-esteid | grep qdigidoc $ BTAIM, to get this out ASAP, could we mention in the advisory (which I could do): - That you will need to install manually the 'qdigidoc4' and 'qdigidoc4-nautilus' packages after the update? - That old separate DigiDoc3 Client & Crypto are replaced by new DigiDoc4 Client.
Keywords: (none) => feedback
Because this is urgent, I am sending this update on its way, with the additions I noted in c5 added to the advisory from comment 0 (+ bug title).
Whiteboard: (none) => MGA6-32-OK MGA6-64-OKKeywords: feedback => advisory, validated_updateCC: (none) => sysadmin-bugs
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGAA-2019-0005.html
Status: NEW => RESOLVEDResolution: (none) => FIXED
I had a really busy day, but thanks for pushing the update. I agree with the updated advisory :)