Drop-in replacement for DSigner with hardened security. Supports all government USB tokens, PAdES/XAdES/CAdES signatures, and backward-compatible WebSocket protocol.
sudo dpkg -i govsign_*.debsudo rpm -i govsign-*.rpmGovSignAgent.exeVerify your download against SHA256SUMS.txt · Integrating an app? See the Developer Portal & code samples →
| Feature | DSigner (Radiant) | GovSign |
|---|---|---|
| Cross-platform | Windows only | ✓ macOS, Linux, Windows |
| Per-install TLS cert | ✗ Shared key | ✓ ECDSA P-256 |
| SSRF Protection | ✗ Fetches any URL | ✓ OutboundUrlGuard |
| Token drivers supported | 2 (ePass, mToken) | 24 drivers |
| PAdES-LTA (long-term archive) | ✗ Basic only | ✓ B / T / LT / LTA |
| Post-quantum ready | ✗ No | ✓ ML-DSA / Dilithium |
| Open source | ✗ Proprietary | ✓ Fully open |
| License check / phone-home | Local serial key | ✓ None — free forever |
Windows 10 (1809) or later. 64-bit. JRE bundled — no Java installation needed.
macOS 12 (Monterey) or later. Intel or Apple Silicon. First launch: right-click → Open (unsigned).
Ubuntu 22.04+ or Debian 12+. sudo dpkg -i govsign_*.deb. JRE bundled.
⚠️ Driver Note: GovSign does NOT install USB token drivers. You must install your token's PKCS#11 driver separately (from the CD or vendor website). GovSign auto-detects 24 driver types once installed.