pool/bouncycastle
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 1221260 from Java:packages

Browse Source 
1.79

OBS-URL: https://build.opensuse.org/request/show/1221260
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/bouncycastle?expand=0&rev=43
This commit is contained in:
Ana Guerrero 2024-11-05 14:39:37 +00:00 committed by Git OBS Bridge
commit 5bdffb3b27
12 changed files with 101 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
bcjmail-jdk18on-1.78.1.pom → bcjmail-jdk18on-1.79.pom
View File

@ -5,7 +5,7 @@
<artifactId>bcjmail-jdk18on</artifactId>
<packaging>jar</packaging>
<name>Bouncy Castle Jakarta S/MIME API</name>
<version>1.78.1</version>
<version>1.79</version>
<description>The Bouncy Castle Java S/MIME APIs for handling S/MIME protocols. This jar contains S/MIME APIs for JDK 1.8 and up. The APIs can be used in conjunction with a JCE/JCA provider such as the one provided with the Bouncy Castle Cryptography APIs. The Jakarta Mail API and the Jakarta activation framework will also be needed.</description>
<url>https://www.bouncycastle.org/java.html</url>
<licenses>
@ -33,19 +33,19 @@
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk18on</artifactId>
<version>1.78.1</version>
<version>1.79</version>
<type>jar</type>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcutil-jdk18on</artifactId>
<version>1.78.1</version>
<version>1.79</version>
<type>jar</type>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcpkix-jdk18on</artifactId>
<version>1.78.1</version>
<version>1.79</version>
<type>jar</type>
</dependency>
</dependencies>

8
bcmail-jdk18on-1.78.1.pom → bcmail-jdk18on-1.79.pom
View File

@ -5,7 +5,7 @@
<artifactId>bcmail-jdk18on</artifactId>
<packaging>jar</packaging>
<name>Bouncy Castle S/MIME API</name>
<version>1.78.1</version>
<version>1.79</version>
<description>The Bouncy Castle Java S/MIME APIs for handling S/MIME protocols. This jar contains S/MIME APIs for JDK 1.8 and up. The APIs can be used in conjunction with a JCE/JCA provider such as the one provided with the Bouncy Castle Cryptography APIs. The JavaMail API and the Java activation framework will also be needed.</description>
<url>https://www.bouncycastle.org/java.html</url>
<licenses>
@ -33,19 +33,19 @@
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk18on</artifactId>
<version>1.78.1</version>
<version>1.79</version>
<type>jar</type>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcutil-jdk18on</artifactId>
<version>1.78.1</version>
<version>1.79</version>
<type>jar</type>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcpkix-jdk18on</artifactId>
<version>1.78.1</version>
<version>1.79</version>
<type>jar</type>
</dependency>
</dependencies>

6
bcpg-jdk18on-1.78.1.pom → bcpg-jdk18on-1.79.pom
View File

@ -5,7 +5,7 @@
<artifactId>bcpg-jdk18on</artifactId>
<packaging>jar</packaging>
<name>Bouncy Castle OpenPGP API</name>
<version>1.78.1</version>
<version>1.79</version>
<description>The Bouncy Castle Java API for handling the OpenPGP protocol. This jar contains the OpenPGP API for JDK 1.8 and up. The APIs can be used in conjunction with a JCE/JCA provider such as the one provided with the Bouncy Castle Cryptography APIs.</description>
<url>https://www.bouncycastle.org/java.html</url>
<licenses>
@ -38,13 +38,13 @@
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk18on</artifactId>
<version>1.78.1</version>
<version>1.79</version>
<type>jar</type>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcutil-jdk18on</artifactId>
<version>1.78.1</version>
<version>1.79</version>
<type>jar</type>
</dependency>
</dependencies>

6
bcpkix-jdk18on-1.78.1.pom → bcpkix-jdk18on-1.79.pom
View File

@ -5,7 +5,7 @@
<artifactId>bcpkix-jdk18on</artifactId>
<packaging>jar</packaging>
<name>Bouncy Castle PKIX, CMS, EAC, TSP, PKCS, OCSP, CMP, and CRMF APIs</name>
<version>1.78.1</version>
<version>1.79</version>
<description>The Bouncy Castle Java APIs for CMS, PKCS, EAC, TSP, CMP, CRMF, OCSP, and certificate generation. This jar contains APIs for JDK 1.8 and up. The APIs can be used in conjunction with a JCE/JCA provider such as the one provided with the Bouncy Castle Cryptography APIs.</description>
<url>https://www.bouncycastle.org/java.html</url>
<licenses>
@ -33,13 +33,13 @@
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk18on</artifactId>
<version>1.78.1</version>
<version>1.79</version>
<type>jar</type>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcutil-jdk18on</artifactId>
<version>1.78.1</version>
<version>1.79</version>
<type>jar</type>
</dependency>
</dependencies>

2
bcprov-jdk18on-1.78.1.pom → bcprov-jdk18on-1.79.pom
View File

@ -5,7 +5,7 @@
<artifactId>bcprov-jdk18on</artifactId>
<packaging>jar</packaging>
<name>Bouncy Castle Provider</name>
<version>1.78.1</version>
<version>1.79</version>
<description>The Bouncy Castle Crypto package is a Java implementation of cryptographic algorithms. This jar contains JCE provider and lightweight API for the Bouncy Castle Cryptography APIs for JDK 1.8 and up.</description>
<url>https://www.bouncycastle.org/java.html</url>
<licenses>

6
bctls-jdk18on-1.78.1.pom → bctls-jdk18on-1.79.pom
View File

@ -5,7 +5,7 @@
<artifactId>bctls-jdk18on</artifactId>
<packaging>jar</packaging>
<name>Bouncy Castle JSSE provider and TLS/DTLS API</name>
<version>1.78.1</version>
<version>1.79</version>
<description>The Bouncy Castle Java APIs for TLS and DTLS, including a provider for the JSSE.</description>
<url>https://www.bouncycastle.org/java.html</url>
<licenses>
@ -33,13 +33,13 @@
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk18on</artifactId>
<version>1.78.1</version>
<version>1.79</version>
<type>jar</type>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcutil-jdk18on</artifactId>
<version>1.78.1</version>
<version>1.79</version>
<type>jar</type>
</dependency>
</dependencies>

4
bcutil-jdk18on-1.78.1.pom → bcutil-jdk18on-1.79.pom
View File

@ -5,7 +5,7 @@
<artifactId>bcutil-jdk18on</artifactId>
<packaging>jar</packaging>
<name>Bouncy Castle ASN.1 Extension and Utility APIs</name>
<version>1.78.1</version>
<version>1.79</version>
<description>The Bouncy Castle Java APIs for ASN.1 extension and utility APIs used to support bcpkix and bctls. This jar contains APIs for JDK 1.8 and up.</description>
<url>https://www.bouncycastle.org/java.html</url>
<licenses>
@ -33,7 +33,7 @@
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk18on</artifactId>
<version>1.78.1</version>
<version>1.79</version>
<type>jar</type>
</dependency>
</dependencies>

13
bouncycastle-notests.patch
View File

@ -1,7 +1,7 @@
Index: bc-java-r1rv78/ant/bc+-build.xml
Index: bc-java-r1rv79/ant/bc+-build.xml
===================================================================
--- bc-java-r1rv78.orig/ant/bc+-build.xml
+++ bc-java-r1rv78/ant/bc+-build.xml
--- bc-java-r1rv79.orig/ant/bc+-build.xml
+++ bc-java-r1rv79/ant/bc+-build.xml
@@ -280,7 +280,7 @@
</target>
@ -11,7 +11,7 @@ Index: bc-java-r1rv78/ant/bc+-build.xml
<target name="build-lw" depends="initMacros">
<!--
@@ -935,149 +935,6 @@
@@ -964,148 +964,6 @@
</target>
@ -98,7 +98,7 @@ Index: bc-java-r1rv78/ant/bc+-build.xml
- <property name="test.target.src.dir" value="${test.target.dir}/src" />
-
- <mkdir dir="${basedir}/${build.dir}/${target.prefix}" />
- <junit fork="yes" dir="${basedir}/${build.dir}/${target.prefix}" failureProperty="test.failed" printsummary="${junit.printsummary}">
- <junit fork="yes" dir="${basedir}/${build.dir}/${target.prefix}" failureProperty="test.failed" printsummary="${junit.printsummary}" maxmemory="${junit.maxmemory}">
- <classpath>
- <path refid="project.classpath" />
- <fileset dir="${artifacts.jars.dir}">
@ -157,7 +157,6 @@ Index: bc-java-r1rv78/ant/bc+-build.xml
- <report format="frames" todir="${artifacts.reports.html.dir}" />
- </junitreport>
- </target>
-
<target name="javadoc-libraries" depends="javadoc-util, javadoc-pkix, javadoc-mail, javadoc-jmail, javadoc-pg" />
<!--

68
bouncycastle.changes
View File

@ -1,3 +1,70 @@
-------------------------------------------------------------------
Mon Nov 4 10:49:54 UTC 2024 - Pedro Monreal <pmonreal@suse.com>
- Update to 1.79:
* Defects Fixed:
- Leading zeroes were sometimes dropped from Ed25519 signatures
leading to verification errors in the PGP API.
- Default version string for Armored Output is now set correctly in 18on build.
- The Elephant cipher would fail on large messages.
- CMSSignedData.replaceSigners() would re-encode the digest algorithms
block, occassionally dropping ones where NULL had been previously
added as an algorithm parameter. The method now attempts to only use
the original digest algorithm identifiers.
- ERSInputStreamData would fail to generate the correct hash if
called a second time with a different hash algorithm.
- A downcast in the CrlCache which would cause FTP based CRLs to fail
to load has been removed.
- ECUtil.getNamedCurveOid() now trims curve names of excess space
before look up.
- The PhotonBeetle and Xoodyak digests did not reset properly after
a doFinal() call.
- Malformed AlgorithmIdentifiers in CertIDs could cause caching
issues in the OCSP cache.
- With Java 21 a provider service class will now be returned with
a null class name where previously a null would have been returned
for a service. This can cause a NullPointerException to be thrown
by the BC provider if a non-existant service is requested.
- CMS: OtherKeyAttribute.keyAttr now treated as optional.
- CMS: EnvelopedData and AuthEnvelopedData could calculate the wrong versions.
- The default version header for PGP armored output did not carry
the correct version string.
- In some situations the algorithm lookup for creating PGPDigestCalculators
would fail due to truncation of the algorithm name.
* Additional Features and Functionality:
- Object Identifiers have been added for ML-KEM, ML-DSA, and SLH-DSA.
- The PQC algorithms, ML-KEM, ML-DSA (including pre-hash), and SLH-DSA
(including pre-hash) have been added to the BC provider and the lightweight API.
- A new spec, ContextParameterSpec, has been added to support
signature contexts for ML-DSA and SLH-DSA.
- BCJSSE: Added support for security property
"jdk.tls.server.defaultDHEParameters" (disabled in FIPS mode).
- BCJSSE: Added support for signature_algorithms_cert configuration via
"org.bouncycastle.jsse.client.SignatureSchemesCert" and
"org.bouncycastle.jsse.server.SignatureSchemesCert" system properties
or BCSSLParameters property "SignatureSchemesCert".
- BCJSSE: Added support for boolean system property
"org.bouncycastle.jsse.fips.allowGCMCiphersIn12" (false by default).
- (D)TLS: Remove redundant verification of self-generated RSA signatures.
- CompositePrivateKeys now support the latest revision of the composite
signature draft.
- Delta Certificates now support the latest revision of the delta
certificate extension draft.
- A general KeyIdentifier class, encapsulating both PGP KeyID and the
PGP key fingerprint has been added to the PGP API.
- Support for the LibrePGP PreferredEncryptionModes signature subpacket
has been added to the PGP API.
- Support for Version 6 signatures, including salts, has been added to the PGP API.
- Support for the PreferredKeyServer signature supacket has been added to the PGP API.
- Support for RFC 9269, "Using KEMs in Cryptographic Message Syntax (CMS)",
has been added to the CMS API.
- Support for the Argon2 S2K has been added to the PGP API.
- The system property "org.bouncycastle.pemreader.lax" has been introduced
for situations where the BC PEM parsing is now too strict.
- The system property "org.bouncycastle.ec.disable_f2m" has been introduced
to allow F2m EC support to be disabled.
* Rebase bouncycastle-notests.patch
-------------------------------------------------------------------
Mon Apr 29 16:07:27 UTC 2024 - Fridrich Strba <fstrba@suse.com>
@ -17,6 +84,7 @@ Mon Apr 29 16:07:27 UTC 2024 - Fridrich Strba <fstrba@suse.com>
Mon Apr 29 06:39:43 UTC 2024 - Pedro Monreal <pmonreal@suse.com>
- Update to version 1.78: [bsc#1223252, CVE-2024-30171]
[bsc#1224304, CVE-2024-30172] [bsc#1224299, CVE-2024-29857]
* Security Advisories.
- CVE-2024-29857: Importing an EC certificate with specially crafted
F2m parameters can cause high CPU usage during parameter evaluation.

7
bouncycastle.spec
View File

@ -17,10 +17,10 @@
%global ver_major 1
%global ver_minor 78
%global ver_micro 1
%global ver_minor 79
#%%global ver_micro 1
%global gittag r%{ver_major}rv%{ver_minor}%{?ver_micro:v%{ver_micro}}
%global archivever jdk18on-%{ver_major}%{ver_minor}%{?ver_micro:0%{ver_micro}}
%global archivever jdk18on-%{ver_major}.%{ver_minor}%{?ver_micro:0%{ver_micro}}
%global classname org.bouncycastle.jce.provider.BouncyCastleProvider
Name: bouncycastle
Version: %{ver_major}.%{ver_minor}%{?ver_micro:.%{ver_micro}}
@ -161,6 +161,7 @@ touch %{buildroot}%{_sysconfdir}/java/security/security.d/2000-%{classname}
install -dm 0755 %{buildroot}%{_javadir}
install -dm 0755 %{buildroot}%{_mavenpomdir}
for bc in bcprov bcpkix bcpg bcmail bctls bcutil bcjmail ; do
install -pm 0644 build/artifacts/jdk1.8/jars/$bc-%{archivever}.jar %{buildroot}%{_javadir}/$bc.jar
%{mvn_install_pom} %{_sourcedir}/$bc-jdk18on-%{version}.pom %{buildroot}%{_mavenpomdir}/$bc.pom

BIN
r1rv78v1.tar.gz (Stored with Git LFS)
View File

Binary file not shown.

3
r1rv79.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:d9da71f958e1779a396407a24e607036a19e5c482d385cadfe0455e21ac35055
size 47563177