pool/bouncycastle
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 1030002 from home:pmonrealgonzalez:branches:Java:packages

Browse Source 
- Update to version 1.72:
  * Defects Fixed:
    - There were parameter errors in XMSS^MT OIDs for
      XMSSMT_SHA2_40/4_256 and XMSSMT_SHA2_60/3_256. These have
      been fixed.
    - There was an error in Merkle tree construction for the
      Evidence Records (ERS) implementation which could result in
      invalid roots been timestamped. ERS now produces an
      ArchiveTimeStamp for each data object/group with an associated
      reduced hash tree. The reduced hash tree is now calculated as
      a simple path to the root of the tree for each record.
    - OpenPGP will now ignore signatures marked as non-exportable
      on encoding.
    - A tagging calculation error in GCMSIV which could result in
      incorrect tags has been fixed.
    - Issues around Java 17 which could result in failing tests
      have been addressed.
  * Additional Features and Functionality:
    - BCJSSE: TLS 1.3 is now enabled by default where no explicit
      protocols are supplied (e.g. "TLS" or "Default" SSLContext
      algorithms, or SSLContext.getDefault() method).
    - BCJSSE: Rewrite SSLEngine implementation to improve compatibility
      with SunJSSE.
    - BCJSSE: Support export of keying material via extension API.
    - (D)TLS: Add support for 'tls-exporter' channel binding per RFC 9266.
    - (D)TLS (low-level API): By default, only (D)TLS 1.2 and TLS 1.3 are
      offered now. Earlier versions are still supported if explicitly
      enabled. Users may need to check they are offering suitable
      cipher suites for TLS 1.3.
    - (D)TLS (low-level API): Add support for raw public keys per RFC 7250.

OBS-URL: https://build.opensuse.org/request/show/1030002
OBS-URL: https://build.opensuse.org/package/show/Java:packages/bouncycastle?expand=0&rev=87
This commit is contained in:
Fridrich Strba 2022-10-20 06:34:10 +00:00 committed by Git OBS Bridge
parent 92805dd9df
commit ae79d27cb1
12 changed files with 121 additions and 39 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
bcjmail-jdk18on-1.71.pom → bcjmail-jdk18on-1.72.pom
View File

@ -5,7 +5,7 @@
<artifactId>bcjmail-jdk18on</artifactId>
<packaging>jar</packaging>
<name>Bouncy Castle Jakarta S/MIME API</name>
<version>1.71</version>
<version>1.72</version>
<description>The Bouncy Castle Java S/MIME APIs for handling S/MIME protocols. This jar contains S/MIME APIs for JDK 1.8 and up. The APIs can be used in conjunction with a JCE/JCA provider such as the one provided with the Bouncy Castle Cryptography APIs. The Jakarta Mail API and the Jakarta activation framework will also be needed.</description>
<url>https://www.bouncycastle.org/java.html</url>
<licenses>
@ -33,29 +33,24 @@
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk18on</artifactId>
<version>1.71</version>
<version>1.72</version>
<type>jar</type>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcutil-jdk18on</artifactId>
<version>1.71</version>
<version>1.72</version>
<type>jar</type>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcpkix-jdk18on</artifactId>
<version>1.71</version>
<version>1.72</version>
<type>jar</type>
</dependency>
<dependency>
<groupId>jakarta.mail</groupId>
<artifactId>jakarta.mail-api</artifactId>
<version>[2.0,3.0)</version>
</dependency>
<dependency>
<groupId>jakarta.activation</groupId>
<artifactId>jakarta.activation-api</artifactId>
<groupId>com.sun.mail</groupId>
<artifactId>jakarta.mail</artifactId>
<version>[2.0,3.0)</version>
</dependency>
</dependencies>

8
bcmail-jdk18on-1.71.pom → bcmail-jdk18on-1.72.pom
View File

@ -5,7 +5,7 @@
<artifactId>bcmail-jdk18on</artifactId>
<packaging>jar</packaging>
<name>Bouncy Castle S/MIME API</name>
<version>1.71</version>
<version>1.72</version>
<description>The Bouncy Castle Java S/MIME APIs for handling S/MIME protocols. This jar contains S/MIME APIs for JDK 1.8 and up. The APIs can be used in conjunction with a JCE/JCA provider such as the one provided with the Bouncy Castle Cryptography APIs. The JavaMail API and the Java activation framework will also be needed.</description>
<url>https://www.bouncycastle.org/java.html</url>
<licenses>
@ -33,19 +33,19 @@
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk18on</artifactId>
<version>1.71</version>
<version>1.72</version>
<type>jar</type>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcutil-jdk18on</artifactId>
<version>1.71</version>
<version>1.72</version>
<type>jar</type>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcpkix-jdk18on</artifactId>
<version>1.71</version>
<version>1.72</version>
<type>jar</type>
</dependency>
</dependencies>

8
bcpg-jdk18on-1.71.pom → bcpg-jdk18on-1.72.pom
View File

@ -5,7 +5,7 @@
<artifactId>bcpg-jdk18on</artifactId>
<packaging>jar</packaging>
<name>Bouncy Castle OpenPGP API</name>
<version>1.71</version>
<version>1.72</version>
<description>The Bouncy Castle Java API for handling the OpenPGP protocol. This jar contains the OpenPGP API for JDK 1.8 and up. The APIs can be used in conjunction with a JCE/JCA provider such as the one provided with the Bouncy Castle Cryptography APIs.</description>
<url>https://www.bouncycastle.org/java.html</url>
<licenses>
@ -15,8 +15,8 @@
<distribution>repo</distribution>
</license>
<license>
<name>Apache Software License, Version 1.1</name>
<url>https://www.apache.org/licenses/LICENSE-1.1</url>
<name>Apache Software License, Version 2.0</name>
<url>https://www.apache.org/licenses/LICENSE-2.0</url>
<distribution>repo</distribution>
</license>
</licenses>
@ -38,7 +38,7 @@
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk18on</artifactId>
<version>1.71</version>
<version>1.72</version>
<type>jar</type>
</dependency>
</dependencies>

6
bcpkix-jdk18on-1.71.pom → bcpkix-jdk18on-1.72.pom
View File

@ -5,7 +5,7 @@
<artifactId>bcpkix-jdk18on</artifactId>
<packaging>jar</packaging>
<name>Bouncy Castle PKIX, CMS, EAC, TSP, PKCS, OCSP, CMP, and CRMF APIs</name>
<version>1.71</version>
<version>1.72</version>
<description>The Bouncy Castle Java APIs for CMS, PKCS, EAC, TSP, CMP, CRMF, OCSP, and certificate generation. This jar contains APIs for JDK 1.8 and up. The APIs can be used in conjunction with a JCE/JCA provider such as the one provided with the Bouncy Castle Cryptography APIs.</description>
<url>https://www.bouncycastle.org/java.html</url>
<licenses>
@ -33,13 +33,13 @@
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk18on</artifactId>
<version>1.71</version>
<version>1.72</version>
<type>jar</type>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcutil-jdk18on</artifactId>
<version>1.71</version>
<version>1.72</version>
<type>jar</type>
</dependency>
</dependencies>

2
bcprov-jdk18on-1.71.pom → bcprov-jdk18on-1.72.pom
View File

@ -5,7 +5,7 @@
<artifactId>bcprov-jdk18on</artifactId>
<packaging>jar</packaging>
<name>Bouncy Castle Provider</name>
<version>1.71</version>
<version>1.72</version>
<description>The Bouncy Castle Crypto package is a Java implementation of cryptographic algorithms. This jar contains JCE provider and lightweight API for the Bouncy Castle Cryptography APIs for JDK 1.8 and up.</description>
<url>https://www.bouncycastle.org/java.html</url>
<licenses>

6
bctls-jdk18on-1.71.pom → bctls-jdk18on-1.72.pom
View File

@ -5,7 +5,7 @@
<artifactId>bctls-jdk18on</artifactId>
<packaging>jar</packaging>
<name>Bouncy Castle JSSE provider and TLS/DTLS API</name>
<version>1.71</version>
<version>1.72</version>
<description>The Bouncy Castle Java APIs for TLS and DTLS, including a provider for the JSSE.</description>
<url>https://www.bouncycastle.org/java.html</url>
<licenses>
@ -33,13 +33,13 @@
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk18on</artifactId>
<version>1.71</version>
<version>1.72</version>
<type>jar</type>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcutil-jdk18on</artifactId>
<version>1.71</version>
<version>1.72</version>
<type>jar</type>
</dependency>
</dependencies>

4
bcutil-jdk18on-1.71.pom → bcutil-jdk18on-1.72.pom
View File

@ -5,7 +5,7 @@
<artifactId>bcutil-jdk18on</artifactId>
<packaging>jar</packaging>
<name>Bouncy Castle ASN.1 Extension and Utility APIs</name>
<version>1.71</version>
<version>1.72</version>
<description>The Bouncy Castle Java APIs for ASN.1 extension and utility APIs used to support bcpkix and bctls. This jar contains APIs for JDK 1.8 and up.</description>
<url>https://www.bouncycastle.org/java.html</url>
<licenses>
@ -33,7 +33,7 @@
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk18on</artifactId>
<version>1.71</version>
<version>1.72</version>
<type>jar</type>
</dependency>
</dependencies>

16
bouncycastle-javadoc.patch
View File

@ -1,6 +1,8 @@
--- bc-java-r1v60/ant/bc+-build.xml 2018-07-02 00:14:10.000000000 +0200
+++ bc-java-r1v60/ant/bc+-build.xml 2018-11-19 18:49:26.961265967 +0100
@@ -106,7 +106,7 @@
Index: bc-java-r1rv72/ant/bc+-build.xml
===================================================================
--- bc-java-r1rv72.orig/ant/bc+-build.xml
+++ bc-java-r1rv72/ant/bc+-build.xml
@@ -120,7 +120,7 @@
<javac source="${bc.javac.source}" target="${bc.javac.target}"
srcdir="${artifacts.dir}/@{target}/src"
destdir="${build.dir}/@{target}/classes"
@ -9,16 +11,16 @@
debug="${release.debug}" fork="true">
<classpath>
<path refid="project.classpath" />
@@ -143,7 +143,7 @@
@@ -157,7 +157,7 @@
<javac source="${bc.javac.source}" target="${bc.javac.target}"
srcdir="${artifacts.dir}/@{target}/src"
destdir="${build.dir}/@{target}/classes"
- memoryMaximumSize="512m"
+ memoryMaximumSize="512m" encoding="utf-8"
fork="true"
debug="${release.debug}">
<classpath>
<path refid="project.classpath" />
@@ -219,8 +219,8 @@
@@ -241,8 +241,8 @@
<element name="docElements" />
<sequential>
<mkdir dir="@{docsDir}" />
@ -29,7 +31,7 @@
windowtitle="Bouncy Castle Library ${release.name} API Specification"
header="&lt;b&gt;Bouncy Castle Cryptography Library ${release.name}&lt;/b&gt;">
<docElements/>
@@ -284,7 +284,7 @@
@@ -310,7 +310,7 @@
<javac source="${bc.javac.source}" target="${bc.javac.target}"
srcdir="${lcrypto.target.src.dir}"
destdir="${lcrypto.target.classes.dir}"

85
bouncycastle.changes
View File

@ -1,3 +1,88 @@
-------------------------------------------------------------------
Wed Oct 19 12:09:48 UTC 2022 - Pedro Monreal <pmonreal@suse.com>
- Update to version 1.72:
* Defects Fixed:
- There were parameter errors in XMSS^MT OIDs for
XMSSMT_SHA2_40/4_256 and XMSSMT_SHA2_60/3_256. These have
been fixed.
- There was an error in Merkle tree construction for the
Evidence Records (ERS) implementation which could result in
invalid roots been timestamped. ERS now produces an
ArchiveTimeStamp for each data object/group with an associated
reduced hash tree. The reduced hash tree is now calculated as
a simple path to the root of the tree for each record.
- OpenPGP will now ignore signatures marked as non-exportable
on encoding.
- A tagging calculation error in GCMSIV which could result in
incorrect tags has been fixed.
- Issues around Java 17 which could result in failing tests
have been addressed.
* Additional Features and Functionality:
- BCJSSE: TLS 1.3 is now enabled by default where no explicit
protocols are supplied (e.g. "TLS" or "Default" SSLContext
algorithms, or SSLContext.getDefault() method).
- BCJSSE: Rewrite SSLEngine implementation to improve compatibility
with SunJSSE.
- BCJSSE: Support export of keying material via extension API.
- (D)TLS: Add support for 'tls-exporter' channel binding per RFC 9266.
- (D)TLS (low-level API): By default, only (D)TLS 1.2 and TLS 1.3 are
offered now. Earlier versions are still supported if explicitly
enabled. Users may need to check they are offering suitable
cipher suites for TLS 1.3.
- (D)TLS (low-level API): Add support for raw public keys per RFC 7250.
- CryptoServicesRegistrar now has a setServicesConstraints() method
on it which can be used to selectively turn off algorithms.
- The NIST PQC Alternate Candidate, Picnic, has been added to the low
level API and the BCPQC provider.
- SPHINCS+ has been upgraded to the latest submission, SPHINCS+ 3.1
and support for Haraka has been added.
- Evidence records now support timestamp renewal and hash renewal.
- The SIKE Alternative Candidate NIST Post Quantum Algorithm has
been added to the low-level PQC API.
- The NTRU Round 3 Finalist Candidate NIST Post Quantum Algorithm
has been added to the low-level API and the BCPQC provider.
- The Falcon Finalist NIST Post Quantum Algorithm has been added to
the low-level API and the BCPQC provider.
- The CRYSTALS-Kyber Finalist NIST Post Quantum Algorithm has been
added to the low-level API and the BCPQC provider.
- Argon2 Support has been added to the OpenPGP API.
- XDH IES has now been added to the BC provider.
- The OpenPGP API now supports AEAD encryption and decryption.
- The NTRU Prime Alternative Candidate NIST Post Quantum Algorithms
have been added to the low-level API and the BCPQC provider.
- The CRYSTALS-Dilithium Finalist NIST Post Quantum Algorithm has
been added to the low-level API and the BCPQC provider.
- The BIKE NIST Post Quantum Alternative/Round-4 Candidate has been
added to the low-level API and the BCPQC provider.
- The HQC NIST Post Quantum Alternative/Round-4 Candidate has been
added to the low-level API and the BCPQC provider.
- Grain128AEAD has been added to the lightweight API.
- A fast version of CRC24 has been added for use with the PGP API.
- Some additional methods and fields have been exposed in the
PGPOnePassSignature class to (hopefully) make it easier to
deal with nested signatures.
- CMP support classes have been updated to reflect the latest
editions to the the draft RFC "Lightweight Certificate Management
Protocol (CMP) Profile".
- Support has been added to the PKCS#12 implementation for the
Oracle trusted certificate attribute.
- Performance of our BZIP2 classes has been improved.
* Notes:
- Keep in mind the PQC algorithms are still under development and
we are still at least a year and a half away from published standards.
This means the algorithms may still change so by all means experiment,
but do not use the PQC algoritms for anything long term.
- The legacy "Rainbow" and "McEliece" implementations have been
removed from the BCPQC provider. The underlying classes are
still present if required. Other legacy algorithm implementations
can be found under the org.bouncycastle.pqc.legacy package.
* Security Notes:
- The PQC SIKE algorithm is provided for research purposes only.
It should now be regarded as broken. The SIKE implementation
will be withdrawn in BC 1.73.
* Rebase bouncycastle-javadoc.patch
-------------------------------------------------------------------
Fri Apr 22 21:24:48 UTC 2022 - Anton Shvetz <shvetz.anton@gmail.com>

2
bouncycastle.spec
View File

@ -17,7 +17,7 @@
%global ver_major 1
%global ver_minor 71
%global ver_minor 72
%global gittag r%{ver_major}rv%{ver_minor}
%global archivever jdk18on-%{ver_major}%{ver_minor}
%global classname org.bouncycastle.jce.provider.BouncyCastleProvider

3
r1rv71.tar.gz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:820a26bef40a3f402b55f94d51b85b33384268fb4235ad8f907ab09e0b840747
size 117684695

3
r1rv72.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:4c8062c5b5f6d9e19f1fc21ceb20f8fe0170fdb4c135051c82faa5ef5b7cb00b
size 380374879