Accepting request 732999 from Java:packages

Build the bouncycastle signer plugin

OBS-URL: https://build.opensuse.org/request/show/732999
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/apache-ivy?expand=0&rev=18
This commit is contained in:
Dominique Leuenberger 2019-09-30 13:52:51 +00:00 committed by Git OBS Bridge
commit 102b3eaace
3 changed files with 106 additions and 6 deletions

View File

@ -1,3 +1,11 @@
-------------------------------------------------------------------
Tue Sep 24 16:08:31 UTC 2019 - Fridrich Strba <fstrba@suse.com>
- Build the bouncycastle signer plugin since bcpg is now present
- Added patch:
* port-to-bc-1.52.patch
+ Allow building the signer plugin against bouncycastle >= 1.52
-------------------------------------------------------------------
Tue Jul 2 09:22:21 UTC 2019 - Fridrich Strba <fstrba@suse.com>

View File

@ -30,8 +30,9 @@ Source1: ivy.1
Source2: http://repo1.maven.org/maven2/org/apache/ivy/ivy/%{version}/ivy-%{version}.pom
Patch0: apache-ivy-2.4.0-jdk9.patch
Patch1: apache-ivy-global-settings.patch
Patch2: port-to-bc-1.52.patch
BuildRequires: ant
BuildRequires: bouncycastle
BuildRequires: bouncycastle-pg
BuildRequires: commons-httpclient
BuildRequires: fdupes
BuildRequires: java-devel >= 1.8
@ -69,14 +70,12 @@ JavaDoc documentation for %{name}
%setup -q
%patch0 -p1
%patch1 -p1
%patch2 -p1
cp %{SOURCE2} pom.xml
%pom_remove_parent .
#TODO: return back when bouncycastle-pgp will be available
rm -fr src/java/org/apache/ivy/plugins/signer/bouncycastle
# Remove prebuilt documentation
rm -rf doc build/doc
@ -99,8 +98,8 @@ rm src/java/org/apache/ivy/plugins/resolver/*{Ssh,SFTP}*.java
%build
# Craft class path
mkdir -p lib
build-jar-repository lib ant ant/ant-nodeps oro jsch commons-httpclient
export CLASSPATH=$(build-classpath ant ant/ant-nodeps oro jsch commons-httpclient)
build-jar-repository lib ant ant/ant-nodeps oro jsch commons-httpclient bcprov bcpg
export CLASSPATH=$(build-classpath ant ant/ant-nodeps oro jsch commons-httpclient bcprov bcpg)
%if %{with vfs}
build-jar-repository lib commons-vfs2
export CLASSPATH=${CLASSPATH}:$(build-classpath commons-vfs2)

93
port-to-bc-1.52.patch Normal file
View File

@ -0,0 +1,93 @@
diff --git a/ivy.xml b/ivy.xml
index d448897..7d8896a 100644
--- a/ivy.xml
+++ b/ivy.xml
@@ -50,8 +50,8 @@
<dependency org="com.jcraft" name="jsch.agentproxy" rev="0.0.6" conf="default,sftp->default"/>
<dependency org="com.jcraft" name="jsch.agentproxy.connector-factory" rev="0.0.6" conf="default,sftp->default"/>
<dependency org="com.jcraft" name="jsch.agentproxy.jsch" rev="0.0.6" conf="default,sftp->default"/>
- <dependency org="org.bouncycastle" name="bcpg-jdk14" rev="1.45" conf="default"/>
- <dependency org="org.bouncycastle" name="bcprov-jdk14" rev="1.45" conf="default"/>
+ <dependency org="org.bouncycastle" name="bcpg-jdk15on" rev="1.52" conf="default"/>
+ <dependency org="org.bouncycastle" name="bcprov-jdk15on" rev="1.52" conf="default"/>
<!-- Test dependencies -->
<dependency org="junit" name="junit" rev="3.8.2" conf="test->default"/>
diff --git a/src/java/org/apache/ivy/plugins/signer/bouncycastle/OpenPGPSignatureGenerator.java b/src/java/org/apache/ivy/plugins/signer/bouncycastle/OpenPGPSignatureGenerator.java
index af7beae..bec8ae4 100644
--- a/src/java/org/apache/ivy/plugins/signer/bouncycastle/OpenPGPSignatureGenerator.java
+++ b/src/java/org/apache/ivy/plugins/signer/bouncycastle/OpenPGPSignatureGenerator.java
@@ -23,16 +23,18 @@ import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
import java.security.Security;
-import java.security.SignatureException;
import java.util.Iterator;
import org.apache.ivy.plugins.signer.SignatureGenerator;
import org.bouncycastle.bcpg.ArmoredOutputStream;
import org.bouncycastle.bcpg.BCPGOutputStream;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
+import org.bouncycastle.openpgp.operator.PBESecretKeyDecryptor;
+import org.bouncycastle.openpgp.operator.bc.BcKeyFingerprintCalculator;
+import org.bouncycastle.openpgp.operator.bc.BcPBESecretKeyDecryptorBuilder;
+import org.bouncycastle.openpgp.operator.bc.BcPGPContentSignerBuilder;
+import org.bouncycastle.openpgp.operator.bc.BcPGPDigestCalculatorProvider;
import org.bouncycastle.openpgp.PGPException;
import org.bouncycastle.openpgp.PGPPrivateKey;
import org.bouncycastle.openpgp.PGPSecretKey;
@@ -101,11 +103,13 @@ public class OpenPGPSignatureGenerator implements SignatureGenerator {
pgpSec = readSecretKey(keyIn);
}
- PGPPrivateKey pgpPrivKey = pgpSec.extractPrivateKey(password.toCharArray(),
- BouncyCastleProvider.PROVIDER_NAME);
- PGPSignatureGenerator sGen = new PGPSignatureGenerator(pgpSec.getPublicKey()
- .getAlgorithm(), PGPUtil.SHA1, BouncyCastleProvider.PROVIDER_NAME);
- sGen.initSign(PGPSignature.BINARY_DOCUMENT, pgpPrivKey);
+ PBESecretKeyDecryptor decryptor = new BcPBESecretKeyDecryptorBuilder(
+ new BcPGPDigestCalculatorProvider()).build(password.toCharArray());
+ PGPPrivateKey pgpPrivKey = pgpSec.extractPrivateKey(decryptor);
+ PGPSignatureGenerator sGen = new PGPSignatureGenerator(
+ new BcPGPContentSignerBuilder(pgpSec.getPublicKey()
+ .getAlgorithm(), PGPUtil.SHA1));
+ sGen.init(PGPSignature.BINARY_DOCUMENT, pgpPrivKey);
in = new FileInputStream(src);
out = new BCPGOutputStream(new ArmoredOutputStream(new FileOutputStream(dest)));
@@ -116,22 +120,10 @@ public class OpenPGPSignatureGenerator implements SignatureGenerator {
}
sGen.generate().encode(out);
- } catch (SignatureException e) {
- IOException ioexc = new IOException();
- ioexc.initCause(e);
- throw ioexc;
} catch (PGPException e) {
IOException ioexc = new IOException();
ioexc.initCause(e);
throw ioexc;
- } catch (NoSuchAlgorithmException e) {
- IOException ioexc = new IOException();
- ioexc.initCause(e);
- throw ioexc;
- } catch (NoSuchProviderException e) {
- IOException ioexc = new IOException();
- ioexc.initCause(e);
- throw ioexc;
} finally {
if (out != null) {
try {
@@ -156,7 +148,8 @@ public class OpenPGPSignatureGenerator implements SignatureGenerator {
private PGPSecretKey readSecretKey(InputStream in) throws IOException, PGPException {
in = PGPUtil.getDecoderStream(in);
- PGPSecretKeyRingCollection pgpSec = new PGPSecretKeyRingCollection(in);
+ PGPSecretKeyRingCollection pgpSec = new PGPSecretKeyRingCollection(in,
+ new BcKeyFingerprintCalculator());
PGPSecretKey key = null;
for (Iterator it = pgpSec.getKeyRings(); key == null && it.hasNext();) {