pool/bouncycastle
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 1094295 from Java:packages

Browse Source 
bsc#1212508

OBS-URL: https://build.opensuse.org/request/show/1094295
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/bouncycastle?expand=0&rev=39
This commit is contained in:
Dominique Leuenberger 2023-06-22 21:24:56 +00:00 committed by Git OBS Bridge
commit 4e9a124889
13 changed files with 253 additions and 64 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
bcjmail-jdk18on-1.73.pom → bcjmail-jdk18on-1.74.pom
View File

@ -5,7 +5,7 @@
<artifactId>bcjmail-jdk18on</artifactId>
<packaging>jar</packaging>
<name>Bouncy Castle Jakarta S/MIME API</name>
<version>1.73</version>
<version>1.74</version>
<description>The Bouncy Castle Java S/MIME APIs for handling S/MIME protocols. This jar contains S/MIME APIs for JDK 1.8 and up. The APIs can be used in conjunction with a JCE/JCA provider such as the one provided with the Bouncy Castle Cryptography APIs. The Jakarta Mail API and the Jakarta activation framework will also be needed.</description>
<url>https://www.bouncycastle.org/java.html</url>
<licenses>
@ -33,25 +33,20 @@
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk18on</artifactId>
<version>1.73</version>
<version>1.74</version>
<type>jar</type>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcutil-jdk18on</artifactId>
<version>1.73</version>
<version>1.74</version>
<type>jar</type>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcpkix-jdk18on</artifactId>
<version>1.73</version>
<version>1.74</version>
<type>jar</type>
</dependency>
<dependency>
<groupId>com.sun.mail</groupId>
<artifactId>jakarta.mail</artifactId>
<version>[2.0,3.0)</version>
</dependency>
</dependencies>
</project>

8
bcmail-jdk18on-1.73.pom → bcmail-jdk18on-1.74.pom
View File

@ -5,7 +5,7 @@
<artifactId>bcmail-jdk18on</artifactId>
<packaging>jar</packaging>
<name>Bouncy Castle S/MIME API</name>
<version>1.73</version>
<version>1.74</version>
<description>The Bouncy Castle Java S/MIME APIs for handling S/MIME protocols. This jar contains S/MIME APIs for JDK 1.8 and up. The APIs can be used in conjunction with a JCE/JCA provider such as the one provided with the Bouncy Castle Cryptography APIs. The JavaMail API and the Java activation framework will also be needed.</description>
<url>https://www.bouncycastle.org/java.html</url>
<licenses>
@ -33,19 +33,19 @@
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk18on</artifactId>
<version>1.73</version>
<version>1.74</version>
<type>jar</type>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcutil-jdk18on</artifactId>
<version>1.73</version>
<version>1.74</version>
<type>jar</type>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcpkix-jdk18on</artifactId>
<version>1.73</version>
<version>1.74</version>
<type>jar</type>
</dependency>
</dependencies>

4
bcpg-jdk18on-1.73.pom → bcpg-jdk18on-1.74.pom
View File

@ -5,7 +5,7 @@
<artifactId>bcpg-jdk18on</artifactId>
<packaging>jar</packaging>
<name>Bouncy Castle OpenPGP API</name>
<version>1.73</version>
<version>1.74</version>
<description>The Bouncy Castle Java API for handling the OpenPGP protocol. This jar contains the OpenPGP API for JDK 1.8 and up. The APIs can be used in conjunction with a JCE/JCA provider such as the one provided with the Bouncy Castle Cryptography APIs.</description>
<url>https://www.bouncycastle.org/java.html</url>
<licenses>
@ -38,7 +38,7 @@
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk18on</artifactId>
<version>1.73</version>
<version>1.74</version>
<type>jar</type>
</dependency>
</dependencies>

6
bcpkix-jdk18on-1.73.pom → bcpkix-jdk18on-1.74.pom
View File

@ -5,7 +5,7 @@
<artifactId>bcpkix-jdk18on</artifactId>
<packaging>jar</packaging>
<name>Bouncy Castle PKIX, CMS, EAC, TSP, PKCS, OCSP, CMP, and CRMF APIs</name>
<version>1.73</version>
<version>1.74</version>
<description>The Bouncy Castle Java APIs for CMS, PKCS, EAC, TSP, CMP, CRMF, OCSP, and certificate generation. This jar contains APIs for JDK 1.8 and up. The APIs can be used in conjunction with a JCE/JCA provider such as the one provided with the Bouncy Castle Cryptography APIs.</description>
<url>https://www.bouncycastle.org/java.html</url>
<licenses>
@ -33,13 +33,13 @@
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk18on</artifactId>
<version>1.73</version>
<version>1.74</version>
<type>jar</type>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcutil-jdk18on</artifactId>
<version>1.73</version>
<version>1.74</version>
<type>jar</type>
</dependency>
</dependencies>

2
bcprov-jdk18on-1.73.pom → bcprov-jdk18on-1.74.pom
View File

@ -5,7 +5,7 @@
<artifactId>bcprov-jdk18on</artifactId>
<packaging>jar</packaging>
<name>Bouncy Castle Provider</name>
<version>1.73</version>
<version>1.74</version>
<description>The Bouncy Castle Crypto package is a Java implementation of cryptographic algorithms. This jar contains JCE provider and lightweight API for the Bouncy Castle Cryptography APIs for JDK 1.8 and up.</description>
<url>https://www.bouncycastle.org/java.html</url>
<licenses>

6
bctls-jdk18on-1.73.pom → bctls-jdk18on-1.74.pom
View File

@ -5,7 +5,7 @@
<artifactId>bctls-jdk18on</artifactId>
<packaging>jar</packaging>
<name>Bouncy Castle JSSE provider and TLS/DTLS API</name>
<version>1.73</version>
<version>1.74</version>
<description>The Bouncy Castle Java APIs for TLS and DTLS, including a provider for the JSSE.</description>
<url>https://www.bouncycastle.org/java.html</url>
<licenses>
@ -33,13 +33,13 @@
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk18on</artifactId>
<version>1.73</version>
<version>1.74</version>
<type>jar</type>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcutil-jdk18on</artifactId>
<version>1.73</version>
<version>1.74</version>
<type>jar</type>
</dependency>
</dependencies>

4
bcutil-jdk18on-1.73.pom → bcutil-jdk18on-1.74.pom
View File

@ -5,7 +5,7 @@
<artifactId>bcutil-jdk18on</artifactId>
<packaging>jar</packaging>
<name>Bouncy Castle ASN.1 Extension and Utility APIs</name>
<version>1.73</version>
<version>1.74</version>
<description>The Bouncy Castle Java APIs for ASN.1 extension and utility APIs used to support bcpkix and bctls. This jar contains APIs for JDK 1.8 and up.</description>
<url>https://www.bouncycastle.org/java.html</url>
<licenses>
@ -33,7 +33,7 @@
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk18on</artifactId>
<version>1.73</version>
<version>1.74</version>
<type>jar</type>
</dependency>
</dependencies>

35
bouncycastle-javadoc.patch
View File

@ -1,26 +1,6 @@
Index: bc-java-r1rv72/ant/bc+-build.xml
===================================================================
--- bc-java-r1rv72.orig/ant/bc+-build.xml
+++ bc-java-r1rv72/ant/bc+-build.xml
@@ -120,7 +120,7 @@
<javac source="${bc.javac.source}" target="${bc.javac.target}"
srcdir="${artifacts.dir}/@{target}/src"
destdir="${build.dir}/@{target}/classes"
- memoryMaximumSize="512m"
+ memoryMaximumSize="512m" encoding="utf-8"
debug="${release.debug}" fork="true">
<classpath>
<path refid="project.classpath" />
@@ -157,7 +157,7 @@
<javac source="${bc.javac.source}" target="${bc.javac.target}"
srcdir="${artifacts.dir}/@{target}/src"
destdir="${build.dir}/@{target}/classes"
- memoryMaximumSize="512m"
+ memoryMaximumSize="512m" encoding="utf-8"
fork="true"
debug="${release.debug}">
<classpath>
@@ -241,8 +241,8 @@
--- bc-java-r1rv74/ant/bc+-build.xml 2023-06-20 19:05:22.282198904 +0200
+++ bc-java-r1rv74/ant/bc+-build.xml 2023-06-20 19:05:37.274299814 +0200
@@ -245,8 +245,8 @@
<element name="docElements" />
<sequential>
<mkdir dir="@{docsDir}" />
@ -31,12 +11,3 @@ Index: bc-java-r1rv72/ant/bc+-build.xml
windowtitle="Bouncy Castle Library ${release.name} API Specification"
header="&lt;b&gt;Bouncy Castle Cryptography Library ${release.name}&lt;/b&gt;">
<docElements/>
@@ -310,7 +310,7 @@
<javac source="${bc.javac.source}" target="${bc.javac.target}"
srcdir="${lcrypto.target.src.dir}"
destdir="${lcrypto.target.classes.dir}"
- memoryMaximumSize="512m"
+ memoryMaximumSize="512m" encoding="utf-8"
fork="true"
debug="${release.debug}">
<classpath>

156
bouncycastle-notests.patch Normal file
View File

@ -0,0 +1,156 @@
--- bc-java-r1rv74/ant/bc+-build.xml 2023-06-20 19:05:22.282198904 +0200
+++ bc-java-r1rv74/ant/bc+-build.xml 2023-06-20 19:18:57.087685033 +0200
@@ -280,7 +280,7 @@
</target>
- <target name="build" depends="initMacros, build-lw, build-libraries, build-test" />
+ <target name="build" depends="initMacros, build-lw, build-libraries" />
<target name="build-lw" depends="initMacros">
<!--
@@ -900,144 +900,6 @@
</target>
- <!--
- Tests
- -->
- <target name="build-test" depends="initMacros">
- <property name="test.target" value="bctest-${target.name}" />
-
- <mkdir dir="${artifacts.jars.dir}" />
-
- <property name="test.target.dir" value="${artifacts.dir}/${test.target}" />
- <property name="test.target.src.dir" value="${test.target.dir}/src" />
-
- <mkdir dir="${test.target.dir}" />
-
- <copyStandardFiles toDir="${test.target.dir}" />
-
- <copy todir="${test.target.src.dir}">
- <fileset dir="${src.dir}" includes="/org/bouncycastle/test/*.java" />
- <fileset dir="${src.dir}" includes="**/*AllTests.java" />
- <fileset dir="${src.dir}" includes="**/math/**/*Test.java" />
- <fileset dir="${src.dir}" includes="**/crypto/*/*Test.java" />
- <fileset dir="${src.dir}" includes="**/tsp/*UnitTest.java" />
- <fileset dir="${src.dir}" includes="**/utiltest/*Test.java" />
- <fileset dir="${src.dir}" includes="**/util/io/pem/*Test.java" />
- <fileset dir="${src.dir}" includes="**/test/*.java" />
- <fileset dir="${src.dir}" includes="**/test/*/*.java" />
- <fileset dir="${src.dir}" includes="**/*.asc" />
- <fileset dir="${src.dir}" includes="**/*.pem" />
- <fileset dir="${src.dir}" includes="**/*.p7m" />
- <fileset dir="${src.dir}" includes="**/*.eml" />
- <fileset dir="${src.dir}" includes="**/*.sig" />
- <fileset dir="${src.dir}" includes="**/*.data" />
- <fileset dir="${src.dir}" includes="**/*.der" />
- <fileset dir="${src.dir}" includes="**/*.crt" />
- <fileset dir="${src.dir}" includes="**/*.key" />
- <fileset dir="${src.dir}" includes="**/*.cer" />
- <fileset dir="${src.dir}" includes="**/*.bin" />
- <fileset dir="${src.dir}" includes="**/*.ers" />
- <fileset dir="${src.dir}" includes="**/*.oer" />
- <fileset dir="${src.dir}" includes="**/*.kbx" />
- <fileset dir="${src.dir}" includes="**/*.crl" />
- <fileset dir="${src.dir}" includes="**/*.csr" />
- <fileset dir="${src.dir}" includes="**/*.txt" />
- <fileset dir="${src.dir}" includes="**/*.rsp" />
- <fileset dir="${src.dir}" includes="**/*.gpg" />
- <fileset dir="${src.dir}" includes="**/*.pgp" />
- <fileset dir="${src.dir}" includes="**/*.pub" />
- <fileset dir="${src.dir}" includes="**/*.sec" />
- <fileset dir="${src.dir}" includes="**/*.cvcert" />
- <fileset dir="${src.dir}" includes="**/*.properties" />
- <fileset dir="${src.dir}" includes="**/*.message" />
- </copy>
-
- <delete file="${test.target.src.dir}/org/bouncycastle/pqc/crypto/lms/AllTests.java" />
- <delete file="${test.target.src.dir}/org/bouncycastle/x509/CertPathReviewerMessages_de.properties" />
- <delete file="${test.target.src.dir}/org/bouncycastle/x509/CertPathReviewerMessages.properties" />
-
- <compile-test target="${test.target}">
- <manifestElements>
- <attribute name="Manifest-Version" value="1.0" />
- <attribute name="Extension-Name" value="org.bouncycastle.bctest" />
- <attribute name="Specification-Vendor" value="BouncyCastle.org" />
- <attribute name="Specification-Version" value="1.1" />
- <attribute name="Implementation-Vendor-Id" value="org.bouncycastle" />
- <attribute name="Implementation-Vendor" value="BouncyCastle.org" />
- <attribute name="Implementation-Version" value="${release.version}.0" />
- <attribute name="Application-Name" value="Bouncy Castle Test Classes" />
- <attribute name="Trusted-Library" value="true" />
- <attribute name="Permissions" value="all-permissions" />
- <attribute name="Codebase" value="*" />
- <attribute name="Application-Library-Allowable-Codebase" value="*" />
- <attribute name="Caller-Allowable-Codebase" value="*" />
- </manifestElements>
- </compile-test>
- </target>
-
- <target name="test">
- <property name="test.target" value="bctest-${target.name}" />
- <property name="test.target.dir" value="${artifacts.dir}/${test.target}" />
- <property name="test.target.src.dir" value="${test.target.dir}/src" />
-
- <mkdir dir="${basedir}/${build.dir}/${target.prefix}" />
- <junit fork="yes" dir="${basedir}/${build.dir}/${target.prefix}" failureProperty="test.failed" printsummary="${junit.printsummary}">
- <classpath>
- <path refid="project.classpath" />
- <fileset dir="${artifacts.jars.dir}">
- <include name="**/*.jar" />
- <exclude name="**/bcprov-jdk*.jar" />
- <exclude name="**/bcjmail-jdk*.jar" />
- </fileset>
- </classpath>
- <sysproperty key="bc.test.data.home" value="../../core/src/test/data" />
-
- <formatter type="xml" />
- <batchtest todir="${artifacts.reports.xml.dir}" unless="testcase">
- <fileset dir="${test.target.src.dir}">
- <include name="**/AllTests.java" />
- <exclude name="${env.JUNIT_EXCLUDE_TESTS}" if="env.JUNIT_EXCLUDE_TESTS" />
- </fileset>
- </batchtest>
- </junit>
-
- <junitreport todir="${artifacts.reports.xml.dir}">
- <fileset dir="${artifacts.reports.xml.dir}">
- <include name="TEST-*.xml" />
- </fileset>
- <report format="frames" todir="${artifacts.reports.html.dir}" />
- </junitreport>
- </target>
-
- <target name="test-lw">
- <junit fork="yes" dir="${basedir}/${build.dir}/${target.prefix}" failureProperty="test.failed">
- <classpath>
- <fileset dir="${artifacts.jars.dir}">
- <include name="**/*.jar" />
- <exclude name="**/bcprov-jdk*.jar" />
- </fileset>
- </classpath>
-
- <formatter type="xml" />
- <test name="${testcase}" todir="${artifacts.reports.xml.dir}" if="testcase" />
- <batchtest todir="${artifacts.reports.xml.dir}" unless="testcase">
- <fileset dir="${src.dir}">
- <include name="**/crypto/test/AllTests.java" />
- <include name="**/asn1/test/AllTests.java" />
- <include name="**/encoders/test/AllTests.java" />
- <include name="**/ntru/**/AllTests.java" />
- </fileset>
- </batchtest>
- </junit>
-
- <junitreport todir="${artifacts.reports.xml.dir}">
- <fileset dir="${artifacts.reports.xml.dir}">
- <include name="TEST-*.xml" />
- </fileset>
- <report format="frames" todir="${artifacts.reports.html.dir}" />
- </junitreport>
- </target>
-
<target name="javadoc-libraries" depends="javadoc-util, javadoc-pkix, javadoc-mail, javadoc-jmail, javadoc-pg" />
<!--

68
bouncycastle.changes
View File

@ -1,7 +1,73 @@
-------------------------------------------------------------------
Mon Jun 19 10:26:53 UTC 2023 - Pedro Monreal <pmonreal@suse.com>
- Update to version 1.74: [bsc#1212508, CVE-2023-33201]
* Defects Fixed:
- AsconEngine: Fixed a buffering bug when decrypting across
multiple processBytes calls (ascon128a unaffected).
- Context based sanity checking on PGP signatures has been added.
- The ParallelHash clone constructor was not copying all fields.
- The maximimum number of blocks for CTR/SIC modes was 1 block
less than it should have been.
* Additional Features and Functionality:
- The PGP API now supports wildcard key IDs for public key
based data encryption.
- LMS now supports SHA256/192, SHAKE256/192, and SHAKE256/256
(the additional SP 8000-208 parameter sets).
- The PGP API now supports V5 and V6 AEAD encryption for
encrypted data packets.
- The PGP examples have been updated to reflect key size and algorithm
changes that have occurred since they were first written (10+ years...).
- (D)TLS: A new callback 'TlsPeer.notifyConnectionClosed' will be called
when the connection is closed (including by failure).
- BCJSSE: Improved logging of connection events and include unique IDs
in connection-specific log messages.
- BCJSSE: Server now logs the offered cipher suites when it fails to
select one.
- BCJSSE: Added support for SSLParameters namedGroups and
signatureSchemes properties (can also be used via BCJSSE
extension API in earlier Java versions).
- DTLS: The initial handshake re-send time is now configurable by
overriding 'TlsPeer.getHandshakeResendTimeMillis'.
- DTLS: Added support for connection IDs per RFC 9146.
- DTLS: Performance of DTLSVerifier has been improved so that it can
reasonably be used for all incoming packets.
- Initial support has been added for A Mechanism for Encoding
Differences in Paired Certificates.
- The PGP API now supports parsing, encoding, and fingerprinting
of V6 EC/EdEC keys.
- A thread safe verifier API has been added to the PGP API to support
multi-threaded verification of certifications on keys and user IDs.
- The number of keys/sub-keys in a PGPKeyRing can now be found by
calling PGPKeyRing.size().
- The PQC algorithms LMS/HSS, SPHINCS+, Dilithium, Falcon, and NTRU
are now supported directly by the BC provider.
* Notes:
- The now defunct PQC SIKE algorithm has been removed, this has also
meant the removal of its resource files so the provider is now quite
a bit smaller.
- As a precaution, HC128 now enforces a 128 bit IV, previous behaviour
for shorter IVs can be supported where required by padding the IV to
the 128 bits with zero.
- PGP encrypted data generation now uses integrity protection by default.
Previous behaviour for encrypted data can be supported where required
by calling PGPDataEncryptorBuilder.setWithIntegrityPacket(false) when
data encryption is set up.
- There are now additional sanity checks in place to prevent accidental
mis-use of PGPSignature objects. If this change causes any issues, you
might want to check what your code is up to as there is probably a bug.
* Security Advisories:
- CVE-2023-33201: this release fixes an issue with the X509LDAPCertStoreSpi
where a specially crafted certificate subject could be used to try and
extract extra information out of an LDAP server with wild-card matthing
enabled.
* Rebase bouncycastle-javadoc.patch
* Add bouncycastle-notests.patch
-------------------------------------------------------------------
Tue Apr 25 10:26:27 UTC 2023 - Pedro Monreal <pmonreal@suse.com>
- Update to version 1.73:
- Update to version 1.73: [jsc#PED-3756]
* Defects Fixed:
- BCJSSE: Instantiating a JSSE provider in some contexts could
cause an AccessControl exception.

9
bouncycastle.spec
View File

@ -17,7 +17,7 @@
%global ver_major 1
%global ver_minor 73
%global ver_minor 74
%global gittag r%{ver_major}rv%{ver_minor}
%global archivever jdk18on-%{ver_major}%{ver_minor}
%global classname org.bouncycastle.jce.provider.BouncyCastleProvider
@ -37,8 +37,11 @@ Source4: https://repo1.maven.org/maven2/org/%{name}/bcmail-jdk18on/%{vers
Source5: https://repo1.maven.org/maven2/org/%{name}/bctls-jdk18on/%{version}/bctls-jdk18on-%{version}.pom
Source6: https://repo1.maven.org/maven2/org/%{name}/bcutil-jdk18on/%{version}/bcutil-jdk18on-%{version}.pom
Source7: https://repo1.maven.org/maven2/org/%{name}/bcjmail-jdk18on/%{version}/bcjmail-jdk18on-%{version}.pom
# PATCH-FIX-OPENSUSE Fix javadoc build
Patch0: bouncycastle-javadoc.patch
# PATCH-FIX-OPENSUSE Add OSGi manifests to the distributed jars
Patch1: bouncycastle-osgi.patch
Patch2: bouncycastle-notests.patch
BuildRequires: ant
BuildRequires: ant-junit
BuildRequires: fdupes
@ -142,9 +145,7 @@ Group: Development/Libraries/Java
API documentation for the Bouncy Castle Cryptography APIs.
%prep
%setup -q -n bc-java-%{gittag}
%patch0 -p1
%patch1 -p1
%autosetup -p1 -n bc-java-%{gittag}
# Remove provided binaries
find . -type f -name "*.class" -exec rm -f {} \;

3
r1rv73.tar.gz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:d26563a1a005fc8e856545f2e90950628d724c8b444e0cbd0baf7daf907d38fb
size 20087104

BIN
r1rv74.tar.gz (Stored with Git LFS) Normal file
View File

Binary file not shown.