Accepting request 1118619 from Java:packages

- Update to version 1.76: * Defects Fixed: - Service allocation in the provider could fail due to the lack of a permission block. This has been fixed. - JceKeyFingerPrintCalculator has been generalised for different providers by using "SHA-256" for the algorithm string. - BCJSSE: Fixed a regression in 1.74 (NullPointerException) that prevents a BCJSSE server from negotiating TLSv1.1 or earlier. - DTLS: Fixed server support for client_certificate_type extension. - Cipher.unwrap() for HQC could fail due to a miscalculation of the length of the KEM packet. This has been fixed. - There was exposure to a Java 7 method in the Java 5 to Java 8 BCTLS jar which could cause issues with some TLS 1.2 cipher suites running on older JVMs. This is now fixed. * Additional Features and Functionality: - BCJSSE: Following OpenJDK, finalizers have been removed from SSLSocket subclasses. Applications should close sockets and not rely on garbage collection. - BCJSSE: Added support for boolean system property "jdk.tls.client.useCompatibilityMode" (default "true"). - DTLS: Added server support for session resumption. - JcaPKCS10CertificationRequest will now work with EC on the OpenJDK provider. - TimeStamp generation now supports the SHA3 algorithm set. - The SPHINCS+ simple parameters are now fully supported in the BCPQC provider. - Kyber, Classic McEliece, HQC, and Bike now supported by the CRMF/CMS/CMP APIs. - Builder classes have been add for PGP ASCII Armored streams allowing CRCs and versions to now be optional. - An UnknownPacket type has been added to the PGP APIs to allow for forwards compatibility with upcoming revisions to the standard. * Rebase patch bouncycastle-notests.patch - Update to version 1.75: * Defects Fixed: - Several Java 8 method calls were accidentally introduced in the Java 5 to Java 8 build. The affected classes have been refactored to remove this. - (D)TLS: renegotiation after resumption now fixed to avoid breaking connection. * Notes: - The ASN.1 core package has had some dead and retired methods cleaned up and removed. OBS-URL: https://build.opensuse.org/request/show/1118619 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/bouncycastle?expand=0&rev=40
2023-10-19 20:47:25 +00:00 · 2023-10-19 20:47:25 +00:00 · 8308376e86
commit 8308376e86
parent 4e9a124889 95b48a5fba
12 changed files with 80 additions and 41 deletions
--- a/bcjmail-jdk18on-1.76.pom
+++ b/bcjmail-jdk18on-1.76.pom
@ -5,7 +5,7 @@
  <artifactId>bcjmail-jdk18on</artifactId>
  <packaging>jar</packaging>
  <name>Bouncy Castle Jakarta S/MIME API</name>
-  <version>1.74</version>
+  <version>1.76</version>
  <description>The Bouncy Castle Java S/MIME APIs for handling S/MIME protocols. This jar contains S/MIME APIs for JDK 1.8 and up. The APIs can be used in conjunction with a JCE/JCA provider such as the one provided with the Bouncy Castle Cryptography APIs. The Jakarta Mail API and the Jakarta activation framework will also be needed.</description>
  <url>https://www.bouncycastle.org/java.html</url>
  <licenses>
@ -33,19 +33,19 @@
    <dependency>
      <groupId>org.bouncycastle</groupId>
      <artifactId>bcprov-jdk18on</artifactId>
-      <version>1.74</version>
+      <version>1.76</version>
      <type>jar</type>
    </dependency>
    <dependency>
      <groupId>org.bouncycastle</groupId>
      <artifactId>bcutil-jdk18on</artifactId>
-      <version>1.74</version>
+      <version>1.76</version>
      <type>jar</type>
    </dependency>
    <dependency>
      <groupId>org.bouncycastle</groupId>
      <artifactId>bcpkix-jdk18on</artifactId>
-      <version>1.74</version>
+      <version>1.76</version>
      <type>jar</type>
    </dependency>
  </dependencies>
--- a/bcmail-jdk18on-1.76.pom
+++ b/bcmail-jdk18on-1.76.pom
@ -5,7 +5,7 @@
  <artifactId>bcmail-jdk18on</artifactId>
  <packaging>jar</packaging>
  <name>Bouncy Castle S/MIME API</name>
-  <version>1.74</version>
+  <version>1.76</version>
  <description>The Bouncy Castle Java S/MIME APIs for handling S/MIME protocols. This jar contains S/MIME APIs for JDK 1.8 and up. The APIs can be used in conjunction with a JCE/JCA provider such as the one provided with the Bouncy Castle Cryptography APIs. The JavaMail API and the Java activation framework will also be needed.</description>
  <url>https://www.bouncycastle.org/java.html</url>
  <licenses>
@ -33,19 +33,19 @@
    <dependency>
      <groupId>org.bouncycastle</groupId>
      <artifactId>bcprov-jdk18on</artifactId>
-      <version>1.74</version>
+      <version>1.76</version>
      <type>jar</type>
    </dependency>
    <dependency>
      <groupId>org.bouncycastle</groupId>
      <artifactId>bcutil-jdk18on</artifactId>
-      <version>1.74</version>
+      <version>1.76</version>
      <type>jar</type>
    </dependency>
    <dependency>
      <groupId>org.bouncycastle</groupId>
      <artifactId>bcpkix-jdk18on</artifactId>
-      <version>1.74</version>
+      <version>1.76</version>
      <type>jar</type>
    </dependency>
  </dependencies>
--- a/bcpg-jdk18on-1.76.pom
+++ b/bcpg-jdk18on-1.76.pom
@ -5,7 +5,7 @@
  <artifactId>bcpg-jdk18on</artifactId>
  <packaging>jar</packaging>
  <name>Bouncy Castle OpenPGP API</name>
-  <version>1.74</version>
+  <version>1.76</version>
  <description>The Bouncy Castle Java API for handling the OpenPGP protocol. This jar contains the OpenPGP API for JDK 1.8 and up. The APIs can be used in conjunction with a JCE/JCA provider such as the one provided with the Bouncy Castle Cryptography APIs.</description>
  <url>https://www.bouncycastle.org/java.html</url>
  <licenses>
@ -38,7 +38,7 @@
    <dependency>
      <groupId>org.bouncycastle</groupId>
      <artifactId>bcprov-jdk18on</artifactId>
-      <version>1.74</version>
+      <version>1.76</version>
      <type>jar</type>
    </dependency>
  </dependencies>
--- a/bcpkix-jdk18on-1.76.pom
+++ b/bcpkix-jdk18on-1.76.pom
@ -5,7 +5,7 @@
  <artifactId>bcpkix-jdk18on</artifactId>
  <packaging>jar</packaging>
  <name>Bouncy Castle PKIX, CMS, EAC, TSP, PKCS, OCSP, CMP, and CRMF APIs</name>
-  <version>1.74</version>
+  <version>1.76</version>
  <description>The Bouncy Castle Java APIs for CMS, PKCS, EAC, TSP, CMP, CRMF, OCSP, and certificate generation. This jar contains APIs for JDK 1.8 and up. The APIs can be used in conjunction with a JCE/JCA provider such as the one provided with the Bouncy Castle Cryptography APIs.</description>
  <url>https://www.bouncycastle.org/java.html</url>
  <licenses>
@ -33,13 +33,13 @@
    <dependency>
      <groupId>org.bouncycastle</groupId>
      <artifactId>bcprov-jdk18on</artifactId>
-      <version>1.74</version>
+      <version>1.76</version>
      <type>jar</type>
    </dependency>
    <dependency>
      <groupId>org.bouncycastle</groupId>
      <artifactId>bcutil-jdk18on</artifactId>
-      <version>1.74</version>
+      <version>1.76</version>
      <type>jar</type>
    </dependency>
  </dependencies>
--- a/bcprov-jdk18on-1.76.pom
+++ b/bcprov-jdk18on-1.76.pom
@ -5,7 +5,7 @@
  <artifactId>bcprov-jdk18on</artifactId>
  <packaging>jar</packaging>
  <name>Bouncy Castle Provider</name>
-  <version>1.74</version>
+  <version>1.76</version>
  <description>The Bouncy Castle Crypto package is a Java implementation of cryptographic algorithms. This jar contains JCE provider and lightweight API for the Bouncy Castle Cryptography APIs for JDK 1.8 and up.</description>
  <url>https://www.bouncycastle.org/java.html</url>
  <licenses>
--- a/bctls-jdk18on-1.76.pom
+++ b/bctls-jdk18on-1.76.pom
@ -5,7 +5,7 @@
  <artifactId>bctls-jdk18on</artifactId>
  <packaging>jar</packaging>
  <name>Bouncy Castle JSSE provider and TLS/DTLS API</name>
-  <version>1.74</version>
+  <version>1.76</version>
  <description>The Bouncy Castle Java APIs for TLS and DTLS, including a provider for the JSSE.</description>
  <url>https://www.bouncycastle.org/java.html</url>
  <licenses>
@ -33,13 +33,13 @@
    <dependency>
      <groupId>org.bouncycastle</groupId>
      <artifactId>bcprov-jdk18on</artifactId>
-      <version>1.74</version>
+      <version>1.76</version>
      <type>jar</type>
    </dependency>
    <dependency>
      <groupId>org.bouncycastle</groupId>
      <artifactId>bcutil-jdk18on</artifactId>
-      <version>1.74</version>
+      <version>1.76</version>
      <type>jar</type>
    </dependency>
  </dependencies>
--- a/bcutil-jdk18on-1.76.pom
+++ b/bcutil-jdk18on-1.76.pom
@ -5,7 +5,7 @@
  <artifactId>bcutil-jdk18on</artifactId>
  <packaging>jar</packaging>
  <name>Bouncy Castle ASN.1 Extension and Utility APIs</name>
-  <version>1.74</version>
+  <version>1.76</version>
  <description>The Bouncy Castle Java APIs for ASN.1 extension and utility APIs used to support bcpkix and bctls. This jar contains APIs for JDK 1.8 and up.</description>
  <url>https://www.bouncycastle.org/java.html</url>
  <licenses>
@ -33,7 +33,7 @@
    <dependency>
      <groupId>org.bouncycastle</groupId>
      <artifactId>bcprov-jdk18on</artifactId>
-      <version>1.74</version>
+      <version>1.76</version>
      <type>jar</type>
    </dependency>
  </dependencies>
--- a/bouncycastle-notests.patch
+++ b/bouncycastle-notests.patch
@ -1,5 +1,7 @@
--- bc-java-r1rv74/ant/bc+-build.xml	2023-06-20 19:05:22.282198904 +0200
-+++ bc-java-r1rv74/ant/bc+-build.xml	2023-06-20 19:18:57.087685033 +0200
+Index: bc-java-r1rv76/ant/bc+-build.xml
+===================================================================
+--- bc-java-r1rv76.orig/ant/bc+-build.xml
+++ bc-java-r1rv76/ant/bc+-build.xml
@@ -280,7 +280,7 @@
 
     </target>
@ -9,7 +11,7 @@
 
     <target name="build-lw" depends="initMacros">
         <!--
-@@ -900,144 +900,6 @@
+@@ -935,146 +935,6 @@
 
     </target>
 
@ -120,6 +122,8 @@
 -            </fileset>
 -            <report format="frames" todir="${artifacts.reports.html.dir}" />
 -        </junitreport>
+-
+-        <fail if="test.failed"/>
 -    </target>
 -
 -    <target name="test-lw">
--- a/bouncycastle.changes
+++ b/bouncycastle.changes
@ -1,3 +1,51 @@
+-------------------------------------------------------------------
+Wed Oct 18 13:28:47 UTC 2023 - Pedro Monreal <pmonreal@suse.com>
+
+- Update to version 1.76:
+  * Defects Fixed:
+    - Service allocation in the provider could fail due to the lack
+      of a permission block. This has been fixed.
+    - JceKeyFingerPrintCalculator has been generalised for different
+      providers by using "SHA-256" for the algorithm string.
+    - BCJSSE: Fixed a regression in 1.74 (NullPointerException) that
+      prevents a BCJSSE server from negotiating TLSv1.1 or earlier.
+    - DTLS: Fixed server support for client_certificate_type extension.
+    - Cipher.unwrap() for HQC could fail due to a miscalculation of
+      the length of the KEM packet. This has been fixed.
+    - There was exposure to a Java 7 method in the Java 5 to Java 8
+      BCTLS jar which could cause issues with some TLS 1.2 cipher
+      suites running on older JVMs. This is now fixed.
+  * Additional Features and Functionality:
+    - BCJSSE: Following OpenJDK, finalizers have been removed from
+      SSLSocket subclasses. Applications should close sockets and
+      not rely on garbage collection.
+    - BCJSSE: Added support for boolean system property
+      "jdk.tls.client.useCompatibilityMode" (default "true").
+    - DTLS: Added server support for session resumption.
+    - JcaPKCS10CertificationRequest will now work with EC on the
+      OpenJDK provider.
+    - TimeStamp generation now supports the SHA3 algorithm set.
+    - The SPHINCS+ simple parameters are now fully supported in the
+      BCPQC provider.
+    - Kyber, Classic McEliece, HQC, and Bike now supported by the
+      CRMF/CMS/CMP APIs.
+    - Builder classes have been add for PGP ASCII Armored streams
+      allowing CRCs and versions to now be optional.
+    - An UnknownPacket type has been added to the PGP APIs to allow
+      for forwards compatibility with upcoming revisions to the standard.
+  * Rebase patch bouncycastle-notests.patch
+
+- Update to version 1.75:
+  * Defects Fixed:
+    - Several Java 8 method calls were accidentally introduced in
+      the Java 5 to Java 8 build. The affected classes have been
+      refactored to remove this.
+    - (D)TLS: renegotiation after resumption now fixed to avoid
+      breaking connection.
+  * Notes:
+    - The ASN.1 core package has had some dead and retired methods
+      cleaned up and removed.
+
 -------------------------------------------------------------------
 Mon Jun 19 10:26:53 UTC 2023 - Pedro Monreal <pmonreal@suse.com>

--- a/bouncycastle.spec
+++ b/bouncycastle.spec
@ -17,7 +17,7 @@


 %global ver_major 1
-%global ver_minor 74
+%global ver_minor 76
 %global gittag r%{ver_major}rv%{ver_minor}
 %global archivever jdk18on-%{ver_major}%{ver_minor}
 %global classname org.bouncycastle.jce.provider.BouncyCastleProvider
@ -49,7 +49,7 @@ BuildRequires:  glassfish-activation-api
 BuildRequires:  jakarta-activation
 BuildRequires:  jakarta-mail
 BuildRequires:  javamail
-BuildRequires:  javapackages-local
+BuildRequires:  javapackages-local >= 6
 Requires(post): javapackages-tools
 Requires(postun):javapackages-tools
 Provides:       bcprov = %{version}-%{release}
@ -64,8 +64,6 @@ Bouncy Castle Cryptography APIs for JDK 1.5 to JDK 1.8.
 Summary:        Bouncy Castle PKIX, CMS, EAC, TSP, PKCS, OCSP, CMP, and CRMF APIs
 License:        MIT
 Group:          Development/Libraries/Java
-Requires:       %{name} = %{version}
-Requires:       %{name}-util = %{version}

 %description pkix
 The Bouncy Castle Java APIs for CMS, PKCS, EAC, TSP, CMP, CRMF, OCSP, and
@ -77,7 +75,6 @@ provided with the Bouncy Castle Cryptography APIs.
 Summary:        Bouncy Castle OpenPGP API
 License:        Apache-2.0 AND MIT
 Group:          Development/Libraries/Java
-Requires:       %{name} = %{version}

 %description pg
 The Bouncy Castle Java API for handling the OpenPGP protocol.The APIs can be
@ -88,9 +85,6 @@ Bouncy Castle Cryptography APIs.
 Summary:        Bouncy Castle S/MIME API
 License:        MIT
 Group:          Development/Libraries/Java
-Requires:       %{name} = %{version}
-Requires:       %{name}-pkix = %{version}
-Requires:       %{name}-util = %{version}

 %description mail
 The Bouncy Castle Java S/MIME APIs for handling S/MIME protocols. The APIs can
@ -103,10 +97,6 @@ Summary:        Bouncy Castle Jakarta S/MIME API
 License:        MIT
 Group:          Development/Libraries/Java
 Requires:       %{name} = %{version}
-Requires:       %{name}-pkix = %{version}
-Requires:       %{name}-util = %{version}
-Requires:       jakarta-activation
-Requires:       jakarta-mail

 %description jmail
 The Bouncy Castle Java S/MIME APIs for handling S/MIME protocols. This jar
@ -119,8 +109,6 @@ will also be needed.
 Summary:        Bouncy Castle JSSE provider and TLS/DTLS API
 License:        MIT
 Group:          Development/Libraries/Java
-Requires:       %{name} = %{version}
-Requires:       %{name}-util = %{version}

 %description tls
 The Bouncy Castle Java APIs for TLS and DTLS, including a provider for the
@ -130,7 +118,6 @@ JSSE.
 Summary:        Bouncy Castle ASN.1 Extension and Utility APIs
 License:        MIT
 Group:          Development/Libraries/Java
-Requires:       %{name} = %{version}

 %description util
 The Bouncy Castle Java APIs for ASN.1 extension and utility APIs used to
@ -175,7 +162,7 @@ install -dm 0755 %{buildroot}%{_javadir}
 install -dm 0755 %{buildroot}%{_mavenpomdir}
 for bc in bcprov bcpkix bcpg bcmail bctls bcutil bcjmail ; do
  install -pm 0644 build/artifacts/jdk1.8/jars/$bc-%{archivever}.jar %{buildroot}%{_javadir}/$bc.jar
-  install -pm 0644 %{_sourcedir}/$bc-jdk18on-%{version}.pom %{buildroot}%{_mavenpomdir}/$bc.pom
+  %{mvn_install_pom} %{_sourcedir}/$bc-jdk18on-%{version}.pom %{buildroot}%{_mavenpomdir}/$bc.pom
  %add_maven_depmap $bc.pom $bc.jar -a "org.bouncycastle:$bc-jdk18,org.bouncycastle:$bc-jdk16,org.bouncycastle:$bc-jdk15on,org.bouncycastle:$bc-jdk15,org.bouncycastle:$bc-jdk15to18" -f $bc
 done

--- a/r1rv74.tar.gz
+++ b/r1rv74.tar.gz
--- a/r1rv76.tar.gz
+++ b/r1rv76.tar.gz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:20524a31378291def8e2d7d387550f4f70f34590e431a425d29b64bd57159866
+size 31256952