From f0ff290cc3ae151e2a1f79cf46c2eb7623b14a199952bcaacf3e79a770cad609 Mon Sep 17 00:00:00 2001
From: Fridrich Strba <fstrba@suse.com>
Date: Tue, 24 Sep 2019 16:11:56 +0000
Subject: [PATCH] OBS-URL:
 https://build.opensuse.org/package/show/Java:packages/apache-ivy?expand=0&rev=56

---
 apache-ivy.changes    |  8 ++++
 apache-ivy.spec       | 10 ++---
 port-to-bc-1.52.patch | 93 +++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 106 insertions(+), 5 deletions(-)
 create mode 100644 port-to-bc-1.52.patch

diff --git a/apache-ivy.changes b/apache-ivy.changes
index 3d4b395..0c1693b 100644
--- a/apache-ivy.changes
+++ b/apache-ivy.changes
@@ -1,3 +1,11 @@
+-------------------------------------------------------------------
+Tue Sep 24 16:08:31 UTC 2019 - Fridrich Strba <fstrba@suse.com>
+
+- Build the bouncycastle signer plugin since bcpg is now present
+- Added patch:
+  * port-to-bc-1.52.patch
+    + Allow building the signer plugin against bouncycastle >= 1.52
+
 -------------------------------------------------------------------
 Tue Jul  2 09:22:21 UTC 2019 - Fridrich Strba <fstrba@suse.com>
 
diff --git a/apache-ivy.spec b/apache-ivy.spec
index 1189b90..ad9a312 100644
--- a/apache-ivy.spec
+++ b/apache-ivy.spec
@@ -30,8 +30,10 @@ Source1:        ivy.1
 Source2:        http://repo1.maven.org/maven2/org/apache/ivy/ivy/%{version}/ivy-%{version}.pom
 Patch0:         apache-ivy-2.4.0-jdk9.patch
 Patch1:         apache-ivy-global-settings.patch
+Patch2:         port-to-bc-1.52.patch
 BuildRequires:  ant
 BuildRequires:  bouncycastle
+BuildRequires:  bouncycastle-pg
 BuildRequires:  commons-httpclient
 BuildRequires:  fdupes
 BuildRequires:  java-devel >= 1.8
@@ -69,14 +71,12 @@ JavaDoc documentation for %{name}
 %setup -q
 %patch0 -p1
 %patch1 -p1
+%patch2 -p1
 
 cp %{SOURCE2} pom.xml
 
 %pom_remove_parent .
 
-#TODO: return back when bouncycastle-pgp will be available
-rm -fr src/java/org/apache/ivy/plugins/signer/bouncycastle
-
 # Remove prebuilt documentation
 rm -rf doc build/doc
 
@@ -99,8 +99,8 @@ rm src/java/org/apache/ivy/plugins/resolver/*{Ssh,SFTP}*.java
 %build
 # Craft class path
 mkdir -p lib
-build-jar-repository lib ant ant/ant-nodeps oro jsch commons-httpclient
-export CLASSPATH=$(build-classpath ant ant/ant-nodeps oro jsch commons-httpclient)
+build-jar-repository lib ant ant/ant-nodeps oro jsch commons-httpclient bcprov bcpg
+export CLASSPATH=$(build-classpath ant ant/ant-nodeps oro jsch commons-httpclient bcprov bcpg)
 %if %{with vfs}
 build-jar-repository lib commons-vfs2
 export CLASSPATH=${CLASSPATH}:$(build-classpath commons-vfs2)
diff --git a/port-to-bc-1.52.patch b/port-to-bc-1.52.patch
new file mode 100644
index 0000000..7b73be3
--- /dev/null
+++ b/port-to-bc-1.52.patch
@@ -0,0 +1,93 @@
+diff --git a/ivy.xml b/ivy.xml
+index d448897..7d8896a 100644
+--- a/ivy.xml
++++ b/ivy.xml
+@@ -50,8 +50,8 @@
+ 		<dependency org="com.jcraft" name="jsch.agentproxy" rev="0.0.6" conf="default,sftp->default"/>
+ 		<dependency org="com.jcraft" name="jsch.agentproxy.connector-factory" rev="0.0.6" conf="default,sftp->default"/>
+ 		<dependency org="com.jcraft" name="jsch.agentproxy.jsch" rev="0.0.6" conf="default,sftp->default"/>
+-		<dependency org="org.bouncycastle" name="bcpg-jdk14" rev="1.45" conf="default"/>
+-        <dependency org="org.bouncycastle" name="bcprov-jdk14" rev="1.45" conf="default"/>
++		<dependency org="org.bouncycastle" name="bcpg-jdk15on" rev="1.52" conf="default"/>
++        <dependency org="org.bouncycastle" name="bcprov-jdk15on" rev="1.52" conf="default"/>
+ 
+ 		<!-- Test dependencies -->
+ 		<dependency org="junit" name="junit" rev="3.8.2" conf="test->default"/>
+diff --git a/src/java/org/apache/ivy/plugins/signer/bouncycastle/OpenPGPSignatureGenerator.java b/src/java/org/apache/ivy/plugins/signer/bouncycastle/OpenPGPSignatureGenerator.java
+index af7beae..bec8ae4 100644
+--- a/src/java/org/apache/ivy/plugins/signer/bouncycastle/OpenPGPSignatureGenerator.java
++++ b/src/java/org/apache/ivy/plugins/signer/bouncycastle/OpenPGPSignatureGenerator.java
+@@ -23,16 +23,18 @@ import java.io.FileOutputStream;
+ import java.io.IOException;
+ import java.io.InputStream;
+ import java.io.OutputStream;
+-import java.security.NoSuchAlgorithmException;
+-import java.security.NoSuchProviderException;
+ import java.security.Security;
+-import java.security.SignatureException;
+ import java.util.Iterator;
+ 
+ import org.apache.ivy.plugins.signer.SignatureGenerator;
+ import org.bouncycastle.bcpg.ArmoredOutputStream;
+ import org.bouncycastle.bcpg.BCPGOutputStream;
+ import org.bouncycastle.jce.provider.BouncyCastleProvider;
++import org.bouncycastle.openpgp.operator.PBESecretKeyDecryptor;
++import org.bouncycastle.openpgp.operator.bc.BcKeyFingerprintCalculator;
++import org.bouncycastle.openpgp.operator.bc.BcPBESecretKeyDecryptorBuilder;
++import org.bouncycastle.openpgp.operator.bc.BcPGPContentSignerBuilder;
++import org.bouncycastle.openpgp.operator.bc.BcPGPDigestCalculatorProvider;
+ import org.bouncycastle.openpgp.PGPException;
+ import org.bouncycastle.openpgp.PGPPrivateKey;
+ import org.bouncycastle.openpgp.PGPSecretKey;
+@@ -101,11 +103,13 @@ public class OpenPGPSignatureGenerator implements SignatureGenerator {
+                 pgpSec = readSecretKey(keyIn);
+             }
+ 
+-            PGPPrivateKey pgpPrivKey = pgpSec.extractPrivateKey(password.toCharArray(),
+-                BouncyCastleProvider.PROVIDER_NAME);
+-            PGPSignatureGenerator sGen = new PGPSignatureGenerator(pgpSec.getPublicKey()
+-                    .getAlgorithm(), PGPUtil.SHA1, BouncyCastleProvider.PROVIDER_NAME);
+-            sGen.initSign(PGPSignature.BINARY_DOCUMENT, pgpPrivKey);
++            PBESecretKeyDecryptor decryptor = new BcPBESecretKeyDecryptorBuilder(
++                new BcPGPDigestCalculatorProvider()).build(password.toCharArray());
++            PGPPrivateKey pgpPrivKey = pgpSec.extractPrivateKey(decryptor);
++            PGPSignatureGenerator sGen = new PGPSignatureGenerator(
++                new BcPGPContentSignerBuilder(pgpSec.getPublicKey()
++                    .getAlgorithm(), PGPUtil.SHA1));
++            sGen.init(PGPSignature.BINARY_DOCUMENT, pgpPrivKey);
+ 
+             in = new FileInputStream(src);
+             out = new BCPGOutputStream(new ArmoredOutputStream(new FileOutputStream(dest)));
+@@ -116,22 +120,10 @@ public class OpenPGPSignatureGenerator implements SignatureGenerator {
+             }
+ 
+             sGen.generate().encode(out);
+-        } catch (SignatureException e) {
+-            IOException ioexc = new IOException();
+-            ioexc.initCause(e);
+-            throw ioexc;
+         } catch (PGPException e) {
+             IOException ioexc = new IOException();
+             ioexc.initCause(e);
+             throw ioexc;
+-        } catch (NoSuchAlgorithmException e) {
+-            IOException ioexc = new IOException();
+-            ioexc.initCause(e);
+-            throw ioexc;
+-        } catch (NoSuchProviderException e) {
+-            IOException ioexc = new IOException();
+-            ioexc.initCause(e);
+-            throw ioexc;
+         } finally {
+             if (out != null) {
+                 try {
+@@ -156,7 +148,8 @@ public class OpenPGPSignatureGenerator implements SignatureGenerator {
+ 
+     private PGPSecretKey readSecretKey(InputStream in) throws IOException, PGPException {
+         in = PGPUtil.getDecoderStream(in);
+-        PGPSecretKeyRingCollection pgpSec = new PGPSecretKeyRingCollection(in);
++        PGPSecretKeyRingCollection pgpSec = new PGPSecretKeyRingCollection(in,
++            new BcKeyFingerprintCalculator());
+ 
+         PGPSecretKey key = null;
+         for (Iterator it = pgpSec.getKeyRings(); key == null && it.hasNext();) {