From 129b616253dcbeeea26aabd46664f244c7e9bfa3340189ccba674b7e564a80c6 Mon Sep 17 00:00:00 2001
From: Gus Kenion <gus.kenion@suse.com>
Date: Mon, 29 Apr 2024 08:01:56 +0000
Subject: [PATCH 1/2] Accepting request 1170680 from
 home:pmonrealgonzalez:branches:Java:packages

- Update to version 1.78: [bsc#1223252, CVE-2024-30171]
  * Security Advisories.
    - CVE-2024-29857: Importing an EC certificate with specially crafted
      F2m parameters can cause high CPU usage during parameter evaluation.
    - CVE-2024-30171: Possible timing based leakage in RSA based handshakes
      due to exception processing eliminated.
    - CVE-2024-30172: Crafted signature and public key can be used to
      trigger an infinite loop in the Ed25519 verification code.
    - CVE-2024-301XX: When endpoint identification is enabled in the BCJSSE
      and an SSL socket is not created with an explicit hostname (as happens
      with HttpsURLConnection), hostname verification could be performed
      against a DNS-resolved IP address. This has been fixed.
  * Defects Fixed:
    - Issues with a dangling weak reference causing intermittent
      NullPointerExceptions in the OcspCache have been fixed.
    - Issues with non-constant time RSA operations in TLS handshakes.
    - Issue with Ed25519, Ed448 signature verification causing intermittent
      infinite loop have been fixed.
    - Issues with non-constant time ML-KEM implementation ("Kyber Slash").
    - Align ML-KEM input validation with FIPS 203 IPD requirements.
    - Make PEM parsing more forgiving of whitespace to align with RFC 7468.
    - Fix CCM length checks with large nonce sizes (n=12, n=13).
    - EAC: Fixed the CertificateBody ASN.1 type to support an optional
      Certification Authority Reference in a Certificate Request.
    - ASN.1: ObjectIdentifier (also Relative OID) parsing has been optimized
      and the contents octets for both types are now limited to 4096 bytes.
    - BCJSSE: Fixed a missing null check on the result of PrivateKey.getEncoded(),
      which could cause issues for HSM RSA keys.
    - BCJSSE: When endpoint identification is enabled and an SSL socket is not
      created with an explicit hostname (as happens with HttpsURLConnection),

OBS-URL: https://build.opensuse.org/request/show/1170680
OBS-URL: https://build.opensuse.org/package/show/Java:packages/bouncycastle?expand=0&rev=103
---
 ...k18on-1.77.pom => bcjmail-jdk18on-1.78.pom |  8 +--
 ...dk18on-1.77.pom => bcmail-jdk18on-1.78.pom |  8 +--
 ...-jdk18on-1.77.pom => bcpg-jdk18on-1.78.pom |  4 +-
 ...dk18on-1.77.pom => bcpkix-jdk18on-1.78.pom |  6 +-
 ...dk18on-1.77.pom => bcprov-jdk18on-1.78.pom |  2 +-
 ...jdk18on-1.77.pom => bctls-jdk18on-1.78.pom |  6 +-
 ...dk18on-1.77.pom => bcutil-jdk18on-1.78.pom |  4 +-
 bouncycastle-notests.patch                    | 11 ++--
 bouncycastle.changes                          | 66 +++++++++++++++++++
 bouncycastle.spec                             |  6 +-
 r1rv77.tar.gz                                 |  3 -
 r1rv78.tar.gz                                 |  3 +
 12 files changed, 98 insertions(+), 29 deletions(-)
 rename bcjmail-jdk18on-1.77.pom => bcjmail-jdk18on-1.78.pom (93%)
 rename bcmail-jdk18on-1.77.pom => bcmail-jdk18on-1.78.pom (93%)
 rename bcpg-jdk18on-1.77.pom => bcpg-jdk18on-1.78.pom (96%)
 rename bcpkix-jdk18on-1.77.pom => bcpkix-jdk18on-1.78.pom (94%)
 rename bcprov-jdk18on-1.77.pom => bcprov-jdk18on-1.78.pom (97%)
 rename bctls-jdk18on-1.77.pom => bctls-jdk18on-1.78.pom (93%)
 rename bcutil-jdk18on-1.77.pom => bcutil-jdk18on-1.78.pom (95%)
 delete mode 100644 r1rv77.tar.gz
 create mode 100644 r1rv78.tar.gz

diff --git a/bcjmail-jdk18on-1.77.pom b/bcjmail-jdk18on-1.78.pom
similarity index 93%
rename from bcjmail-jdk18on-1.77.pom
rename to bcjmail-jdk18on-1.78.pom
index 293c17b..9ad38c4 100644
--- a/bcjmail-jdk18on-1.77.pom
+++ b/bcjmail-jdk18on-1.78.pom
@@ -5,7 +5,7 @@
   <artifactId>bcjmail-jdk18on</artifactId>
   <packaging>jar</packaging>
   <name>Bouncy Castle Jakarta S/MIME API</name>
-  <version>1.77</version>
+  <version>1.78</version>
   <description>The Bouncy Castle Java S/MIME APIs for handling S/MIME protocols. This jar contains S/MIME APIs for JDK 1.8 and up. The APIs can be used in conjunction with a JCE/JCA provider such as the one provided with the Bouncy Castle Cryptography APIs. The Jakarta Mail API and the Jakarta activation framework will also be needed.</description>
   <url>https://www.bouncycastle.org/java.html</url>
   <licenses>
@@ -33,19 +33,19 @@
     <dependency>
       <groupId>org.bouncycastle</groupId>
       <artifactId>bcprov-jdk18on</artifactId>
-      <version>1.77</version>
+      <version>1.78</version>
       <type>jar</type>
     </dependency>
     <dependency>
       <groupId>org.bouncycastle</groupId>
       <artifactId>bcutil-jdk18on</artifactId>
-      <version>1.77</version>
+      <version>1.78</version>
       <type>jar</type>
     </dependency>
     <dependency>
       <groupId>org.bouncycastle</groupId>
       <artifactId>bcpkix-jdk18on</artifactId>
-      <version>1.77</version>
+      <version>1.78</version>
       <type>jar</type>
     </dependency>
   </dependencies>
diff --git a/bcmail-jdk18on-1.77.pom b/bcmail-jdk18on-1.78.pom
similarity index 93%
rename from bcmail-jdk18on-1.77.pom
rename to bcmail-jdk18on-1.78.pom
index 612b59e..cb66c87 100644
--- a/bcmail-jdk18on-1.77.pom
+++ b/bcmail-jdk18on-1.78.pom
@@ -5,7 +5,7 @@
   <artifactId>bcmail-jdk18on</artifactId>
   <packaging>jar</packaging>
   <name>Bouncy Castle S/MIME API</name>
-  <version>1.77</version>
+  <version>1.78</version>
   <description>The Bouncy Castle Java S/MIME APIs for handling S/MIME protocols. This jar contains S/MIME APIs for JDK 1.8 and up. The APIs can be used in conjunction with a JCE/JCA provider such as the one provided with the Bouncy Castle Cryptography APIs. The JavaMail API and the Java activation framework will also be needed.</description>
   <url>https://www.bouncycastle.org/java.html</url>
   <licenses>
@@ -33,19 +33,19 @@
     <dependency>
       <groupId>org.bouncycastle</groupId>
       <artifactId>bcprov-jdk18on</artifactId>
-      <version>1.77</version>
+      <version>1.78</version>
       <type>jar</type>
     </dependency>
     <dependency>
       <groupId>org.bouncycastle</groupId>
       <artifactId>bcutil-jdk18on</artifactId>
-      <version>1.77</version>
+      <version>1.78</version>
       <type>jar</type>
     </dependency>
     <dependency>
       <groupId>org.bouncycastle</groupId>
       <artifactId>bcpkix-jdk18on</artifactId>
-      <version>1.77</version>
+      <version>1.78</version>
       <type>jar</type>
     </dependency>
   </dependencies>
diff --git a/bcpg-jdk18on-1.77.pom b/bcpg-jdk18on-1.78.pom
similarity index 96%
rename from bcpg-jdk18on-1.77.pom
rename to bcpg-jdk18on-1.78.pom
index a571e39..ec72cb4 100644
--- a/bcpg-jdk18on-1.77.pom
+++ b/bcpg-jdk18on-1.78.pom
@@ -5,7 +5,7 @@
   <artifactId>bcpg-jdk18on</artifactId>
   <packaging>jar</packaging>
   <name>Bouncy Castle OpenPGP API</name>
-  <version>1.77</version>
+  <version>1.78</version>
   <description>The Bouncy Castle Java API for handling the OpenPGP protocol. This jar contains the OpenPGP API for JDK 1.8 and up. The APIs can be used in conjunction with a JCE/JCA provider such as the one provided with the Bouncy Castle Cryptography APIs.</description>
   <url>https://www.bouncycastle.org/java.html</url>
   <licenses>
@@ -38,7 +38,7 @@
     <dependency>
       <groupId>org.bouncycastle</groupId>
       <artifactId>bcprov-jdk18on</artifactId>
-      <version>1.77</version>
+      <version>1.78</version>
       <type>jar</type>
     </dependency>
   </dependencies>
diff --git a/bcpkix-jdk18on-1.77.pom b/bcpkix-jdk18on-1.78.pom
similarity index 94%
rename from bcpkix-jdk18on-1.77.pom
rename to bcpkix-jdk18on-1.78.pom
index 226fc51..e0b1b9c 100644
--- a/bcpkix-jdk18on-1.77.pom
+++ b/bcpkix-jdk18on-1.78.pom
@@ -5,7 +5,7 @@
   <artifactId>bcpkix-jdk18on</artifactId>
   <packaging>jar</packaging>
   <name>Bouncy Castle PKIX, CMS, EAC, TSP, PKCS, OCSP, CMP, and CRMF APIs</name>
-  <version>1.77</version>
+  <version>1.78</version>
   <description>The Bouncy Castle Java APIs for CMS, PKCS, EAC, TSP, CMP, CRMF, OCSP, and certificate generation. This jar contains APIs for JDK 1.8 and up. The APIs can be used in conjunction with a JCE/JCA provider such as the one provided with the Bouncy Castle Cryptography APIs.</description>
   <url>https://www.bouncycastle.org/java.html</url>
   <licenses>
@@ -33,13 +33,13 @@
     <dependency>
       <groupId>org.bouncycastle</groupId>
       <artifactId>bcprov-jdk18on</artifactId>
-      <version>1.77</version>
+      <version>1.78</version>
       <type>jar</type>
     </dependency>
     <dependency>
       <groupId>org.bouncycastle</groupId>
       <artifactId>bcutil-jdk18on</artifactId>
-      <version>1.77</version>
+      <version>1.78</version>
       <type>jar</type>
     </dependency>
   </dependencies>
diff --git a/bcprov-jdk18on-1.77.pom b/bcprov-jdk18on-1.78.pom
similarity index 97%
rename from bcprov-jdk18on-1.77.pom
rename to bcprov-jdk18on-1.78.pom
index fa057b9..88ff6d3 100644
--- a/bcprov-jdk18on-1.77.pom
+++ b/bcprov-jdk18on-1.78.pom
@@ -5,7 +5,7 @@
   <artifactId>bcprov-jdk18on</artifactId>
   <packaging>jar</packaging>
   <name>Bouncy Castle Provider</name>
-  <version>1.77</version>
+  <version>1.78</version>
   <description>The Bouncy Castle Crypto package is a Java implementation of cryptographic algorithms. This jar contains JCE provider and lightweight API for the Bouncy Castle Cryptography APIs for JDK 1.8 and up.</description>
   <url>https://www.bouncycastle.org/java.html</url>
   <licenses>
diff --git a/bctls-jdk18on-1.77.pom b/bctls-jdk18on-1.78.pom
similarity index 93%
rename from bctls-jdk18on-1.77.pom
rename to bctls-jdk18on-1.78.pom
index 6f82a4d..3b5ab46 100644
--- a/bctls-jdk18on-1.77.pom
+++ b/bctls-jdk18on-1.78.pom
@@ -5,7 +5,7 @@
   <artifactId>bctls-jdk18on</artifactId>
   <packaging>jar</packaging>
   <name>Bouncy Castle JSSE provider and TLS/DTLS API</name>
-  <version>1.77</version>
+  <version>1.78</version>
   <description>The Bouncy Castle Java APIs for TLS and DTLS, including a provider for the JSSE.</description>
   <url>https://www.bouncycastle.org/java.html</url>
   <licenses>
@@ -33,13 +33,13 @@
     <dependency>
       <groupId>org.bouncycastle</groupId>
       <artifactId>bcprov-jdk18on</artifactId>
-      <version>1.77</version>
+      <version>1.78</version>
       <type>jar</type>
     </dependency>
     <dependency>
       <groupId>org.bouncycastle</groupId>
       <artifactId>bcutil-jdk18on</artifactId>
-      <version>1.77</version>
+      <version>1.78</version>
       <type>jar</type>
     </dependency>
   </dependencies>
diff --git a/bcutil-jdk18on-1.77.pom b/bcutil-jdk18on-1.78.pom
similarity index 95%
rename from bcutil-jdk18on-1.77.pom
rename to bcutil-jdk18on-1.78.pom
index 477c5e5..9023e8b 100644
--- a/bcutil-jdk18on-1.77.pom
+++ b/bcutil-jdk18on-1.78.pom
@@ -5,7 +5,7 @@
   <artifactId>bcutil-jdk18on</artifactId>
   <packaging>jar</packaging>
   <name>Bouncy Castle ASN.1 Extension and Utility APIs</name>
-  <version>1.77</version>
+  <version>1.78</version>
   <description>The Bouncy Castle Java APIs for ASN.1 extension and utility APIs used to support bcpkix and bctls. This jar contains APIs for JDK 1.8 and up.</description>
   <url>https://www.bouncycastle.org/java.html</url>
   <licenses>
@@ -33,7 +33,7 @@
     <dependency>
       <groupId>org.bouncycastle</groupId>
       <artifactId>bcprov-jdk18on</artifactId>
-      <version>1.77</version>
+      <version>1.78</version>
       <type>jar</type>
     </dependency>
   </dependencies>
diff --git a/bouncycastle-notests.patch b/bouncycastle-notests.patch
index 38fd088..154e219 100644
--- a/bouncycastle-notests.patch
+++ b/bouncycastle-notests.patch
@@ -1,7 +1,7 @@
-Index: bc-java-r1rv76/ant/bc+-build.xml
+Index: bc-java-r1rv78/ant/bc+-build.xml
 ===================================================================
---- bc-java-r1rv76.orig/ant/bc+-build.xml
-+++ bc-java-r1rv76/ant/bc+-build.xml
+--- bc-java-r1rv78.orig/ant/bc+-build.xml
++++ bc-java-r1rv78/ant/bc+-build.xml
 @@ -280,7 +280,7 @@
  
      </target>
@@ -11,7 +11,7 @@ Index: bc-java-r1rv76/ant/bc+-build.xml
  
      <target name="build-lw" depends="initMacros">
          <!--
-@@ -935,146 +935,6 @@
+@@ -935,149 +935,6 @@
  
      </target>
  
@@ -38,6 +38,7 @@ Index: bc-java-r1rv76/ant/bc+-build.xml
 -             <fileset dir="${src.dir}" includes="**/tsp/*UnitTest.java" />
 -             <fileset dir="${src.dir}" includes="**/utiltest/*Test.java" />
 -             <fileset dir="${src.dir}" includes="**/util/io/pem/*Test.java" />
+-             <fileset dir="${src.dir}" includes="**/keybox/*Test.java" />
 -             <fileset dir="${src.dir}" includes="**/test/*.java" />
 -             <fileset dir="${src.dir}" includes="**/test/*/*.java" />
 -             <fileset dir="${src.dir}" includes="**/*.asc" />
@@ -68,6 +69,7 @@ Index: bc-java-r1rv76/ant/bc+-build.xml
 -        </copy>
 -
 -        <delete file="${test.target.src.dir}/org/bouncycastle/pqc/crypto/lms/AllTests.java" />
+-        <delete file="${test.target.src.dir}/org/bouncycastle/gpg/keybox/AllTests.java" />
 -        <delete file="${test.target.src.dir}/org/bouncycastle/x509/CertPathReviewerMessages_de.properties" />
 -        <delete file="${test.target.src.dir}/org/bouncycastle/x509/CertPathReviewerMessages.properties" />
 -
@@ -106,6 +108,7 @@ Index: bc-java-r1rv76/ant/bc+-build.xml
 -                </fileset>
 -            </classpath>
 -            <sysproperty key="bc.test.data.home" value="../../core/src/test/data" />
+-            <sysproperty key="test.java.version.prefix" value="${env.JAVA_VERSION_PREFIX}" />
 -
 -            <formatter type="xml" />
 -            <batchtest todir="${artifacts.reports.xml.dir}" unless="testcase">
diff --git a/bouncycastle.changes b/bouncycastle.changes
index 120a605..8e47059 100644
--- a/bouncycastle.changes
+++ b/bouncycastle.changes
@@ -1,3 +1,69 @@
+-------------------------------------------------------------------
+Mon Apr 29 06:39:43 UTC 2024 - Pedro Monreal <pmonreal@suse.com>
+
+- Update to version 1.78: [bsc#1223252, CVE-2024-30171]
+  * Security Advisories.
+    - CVE-2024-29857: Importing an EC certificate with specially crafted
+      F2m parameters can cause high CPU usage during parameter evaluation.
+    - CVE-2024-30171: Possible timing based leakage in RSA based handshakes
+      due to exception processing eliminated.
+    - CVE-2024-30172: Crafted signature and public key can be used to
+      trigger an infinite loop in the Ed25519 verification code.
+    - CVE-2024-301XX: When endpoint identification is enabled in the BCJSSE
+      and an SSL socket is not created with an explicit hostname (as happens
+      with HttpsURLConnection), hostname verification could be performed
+      against a DNS-resolved IP address. This has been fixed.
+  * Defects Fixed:
+    - Issues with a dangling weak reference causing intermittent
+      NullPointerExceptions in the OcspCache have been fixed.
+    - Issues with non-constant time RSA operations in TLS handshakes.
+    - Issue with Ed25519, Ed448 signature verification causing intermittent
+      infinite loop have been fixed.
+    - Issues with non-constant time ML-KEM implementation ("Kyber Slash").
+    - Align ML-KEM input validation with FIPS 203 IPD requirements.
+    - Make PEM parsing more forgiving of whitespace to align with RFC 7468.
+    - Fix CCM length checks with large nonce sizes (n=12, n=13).
+    - EAC: Fixed the CertificateBody ASN.1 type to support an optional
+      Certification Authority Reference in a Certificate Request.
+    - ASN.1: ObjectIdentifier (also Relative OID) parsing has been optimized
+      and the contents octets for both types are now limited to 4096 bytes.
+    - BCJSSE: Fixed a missing null check on the result of PrivateKey.getEncoded(),
+      which could cause issues for HSM RSA keys.
+    - BCJSSE: When endpoint identification is enabled and an SSL socket is not
+      created with an explicit hostname (as happens with HttpsURLConnection),
+      hostname verification could be performed against a DNS-resolved IP address.
+    - The missing module import of java.logging to the provider module has been added.
+    - GOST ASN.1 public key alg parameters are now compliant with RFC 9215.
+    - An off-by-one error in the encoding for EccP256CurvePoint for ITS.
+    - PEM Parser now enforces PEM headers to start at the beginning of the line
+      to be meaningful.
+  * Additional Features and Functionality.
+    - An implementation of MLS (RFC 9420 - The Messaging Layer Security Protocol)
+      has been added as a new module.
+    - NTRU now supports NTRU-HPS4096-1229 and NTRU-HRSS-1373.
+    - Improvements to PGP support, including Camellia key wrapping and Curve25519,
+      Curve448 key types (including XDH with HKDF).
+    - Added initial support for ML-KEM in TLS.
+    - Added XWing hybrid KEM construction (X25519 + ML-KEM-768).
+    - Introduced initial KEMSpi support (NTRU, SNTRU Prime) for JDK 21+.
+    - Introduced initial composite signature support for X509 Certificates.
+    - PKCS#12 now supports PKCS12-AES256-AES128, PKCS12-AES256-AES128-GCM,
+      PKCS12-DEF-AES256-AES128, and PKCS12-DEF-AES256-AES128-GCM.
+    - The default type for the KeyStore.getInstance("PKCS12", "BC") can now be set
+      using the org.bouncycastle.pkcs12.default system/security property.
+    - The PGP SExpParser will now handle Ed25519 and Ed448 keys.
+    - Dilithium and Kyber key encoding updated to latest Draft RFCs
+      (draft-ietf-lamps-dilithium-certificates and draft-ietf-lamps-kyber-certificates)
+    - Support has been added for encryption key derivation using HKDF in CMS, see
+      draft-housley-lamps-cms-cek-hkdf-sha256.
+    - X500Name now recognises jurisdiction{C,ST,L} DNs.
+    - CertPathValidationContext and CertificatePoliciesValidation now include
+      implementations of Memoable.
+    - The Composite post-quantum signatures implementation has been updated to the
+      latest draft draft-ounsworth-pq-composite-sigs.
+  * Full release notes: bouncycastle.org/releasenotes.html#r1rv78
+  * Rebase bouncycastle-notests.patch
+
 -------------------------------------------------------------------
 Mon Dec  4 13:44:16 UTC 2023 - Pedro Monreal <pmonreal@suse.com>
 
diff --git a/bouncycastle.spec b/bouncycastle.spec
index bb21533..1367fb3 100644
--- a/bouncycastle.spec
+++ b/bouncycastle.spec
@@ -1,7 +1,7 @@
 #
 # spec file for package bouncycastle
 #
-# Copyright (c) 2023 SUSE LLC
+# Copyright (c) 2024 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -17,7 +17,7 @@
 
 
 %global ver_major 1
-%global ver_minor 77
+%global ver_minor 78
 %global gittag r%{ver_major}rv%{ver_minor}
 %global archivever jdk18on-%{ver_major}%{ver_minor}
 %global classname org.bouncycastle.jce.provider.BouncyCastleProvider
@@ -51,7 +51,7 @@ BuildRequires:  jakarta-mail
 BuildRequires:  javamail
 BuildRequires:  javapackages-local >= 6
 Requires(post): javapackages-tools
-Requires(postun):javapackages-tools
+Requires(postun): javapackages-tools
 Provides:       bcprov = %{version}-%{release}
 BuildArch:      noarch
 
diff --git a/r1rv77.tar.gz b/r1rv77.tar.gz
deleted file mode 100644
index b265c86..0000000
--- a/r1rv77.tar.gz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:09659ee93ba2143d0db9107ddf515142f1d90e03d82d3e46a16e21e9eafeba84
-size 31402744
diff --git a/r1rv78.tar.gz b/r1rv78.tar.gz
new file mode 100644
index 0000000..ce8db39
--- /dev/null
+++ b/r1rv78.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:6eb33f05248aa74a7927435d364c5fbeb3f3885e476f36e1ee36ff58f4db49e4
+size 47211676

From 42b5e0dd79f150482d84f719d9d11d4a95c253a11177fd37cad9d06ff22dec18 Mon Sep 17 00:00:00 2001
From: Fridrich Strba <fstrba@suse.com>
Date: Mon, 29 Apr 2024 16:11:19 +0000
Subject: [PATCH 2/2] OBS-URL:
 https://build.opensuse.org/package/show/Java:packages/bouncycastle?expand=0&rev=104

---
 ...jdk18on-1.78.pom => bcjmail-jdk18on-1.78.1.pom |  8 ++++----
 ...-jdk18on-1.78.pom => bcmail-jdk18on-1.78.1.pom |  8 ++++----
 bcpg-jdk18on-1.78.pom => bcpg-jdk18on-1.78.1.pom  | 10 ++++++++--
 ...-jdk18on-1.78.pom => bcpkix-jdk18on-1.78.1.pom |  6 +++---
 ...-jdk18on-1.78.pom => bcprov-jdk18on-1.78.1.pom |  2 +-
 ...s-jdk18on-1.78.pom => bctls-jdk18on-1.78.1.pom |  6 +++---
 ...-jdk18on-1.78.pom => bcutil-jdk18on-1.78.1.pom |  4 ++--
 bouncycastle.changes                              | 15 +++++++++++++++
 bouncycastle.spec                                 |  7 ++++---
 r1rv78.tar.gz                                     |  3 ---
 r1rv78v1.tar.gz                                   |  3 +++
 11 files changed, 47 insertions(+), 25 deletions(-)
 rename bcjmail-jdk18on-1.78.pom => bcjmail-jdk18on-1.78.1.pom (93%)
 rename bcmail-jdk18on-1.78.pom => bcmail-jdk18on-1.78.1.pom (93%)
 rename bcpg-jdk18on-1.78.pom => bcpg-jdk18on-1.78.1.pom (86%)
 rename bcpkix-jdk18on-1.78.pom => bcpkix-jdk18on-1.78.1.pom (94%)
 rename bcprov-jdk18on-1.78.pom => bcprov-jdk18on-1.78.1.pom (97%)
 rename bctls-jdk18on-1.78.pom => bctls-jdk18on-1.78.1.pom (93%)
 rename bcutil-jdk18on-1.78.pom => bcutil-jdk18on-1.78.1.pom (95%)
 delete mode 100644 r1rv78.tar.gz
 create mode 100644 r1rv78v1.tar.gz

diff --git a/bcjmail-jdk18on-1.78.pom b/bcjmail-jdk18on-1.78.1.pom
similarity index 93%
rename from bcjmail-jdk18on-1.78.pom
rename to bcjmail-jdk18on-1.78.1.pom
index 9ad38c4..ae8ec03 100644
--- a/bcjmail-jdk18on-1.78.pom
+++ b/bcjmail-jdk18on-1.78.1.pom
@@ -5,7 +5,7 @@
   <artifactId>bcjmail-jdk18on</artifactId>
   <packaging>jar</packaging>
   <name>Bouncy Castle Jakarta S/MIME API</name>
-  <version>1.78</version>
+  <version>1.78.1</version>
   <description>The Bouncy Castle Java S/MIME APIs for handling S/MIME protocols. This jar contains S/MIME APIs for JDK 1.8 and up. The APIs can be used in conjunction with a JCE/JCA provider such as the one provided with the Bouncy Castle Cryptography APIs. The Jakarta Mail API and the Jakarta activation framework will also be needed.</description>
   <url>https://www.bouncycastle.org/java.html</url>
   <licenses>
@@ -33,19 +33,19 @@
     <dependency>
       <groupId>org.bouncycastle</groupId>
       <artifactId>bcprov-jdk18on</artifactId>
-      <version>1.78</version>
+      <version>1.78.1</version>
       <type>jar</type>
     </dependency>
     <dependency>
       <groupId>org.bouncycastle</groupId>
       <artifactId>bcutil-jdk18on</artifactId>
-      <version>1.78</version>
+      <version>1.78.1</version>
       <type>jar</type>
     </dependency>
     <dependency>
       <groupId>org.bouncycastle</groupId>
       <artifactId>bcpkix-jdk18on</artifactId>
-      <version>1.78</version>
+      <version>1.78.1</version>
       <type>jar</type>
     </dependency>
   </dependencies>
diff --git a/bcmail-jdk18on-1.78.pom b/bcmail-jdk18on-1.78.1.pom
similarity index 93%
rename from bcmail-jdk18on-1.78.pom
rename to bcmail-jdk18on-1.78.1.pom
index cb66c87..9827da9 100644
--- a/bcmail-jdk18on-1.78.pom
+++ b/bcmail-jdk18on-1.78.1.pom
@@ -5,7 +5,7 @@
   <artifactId>bcmail-jdk18on</artifactId>
   <packaging>jar</packaging>
   <name>Bouncy Castle S/MIME API</name>
-  <version>1.78</version>
+  <version>1.78.1</version>
   <description>The Bouncy Castle Java S/MIME APIs for handling S/MIME protocols. This jar contains S/MIME APIs for JDK 1.8 and up. The APIs can be used in conjunction with a JCE/JCA provider such as the one provided with the Bouncy Castle Cryptography APIs. The JavaMail API and the Java activation framework will also be needed.</description>
   <url>https://www.bouncycastle.org/java.html</url>
   <licenses>
@@ -33,19 +33,19 @@
     <dependency>
       <groupId>org.bouncycastle</groupId>
       <artifactId>bcprov-jdk18on</artifactId>
-      <version>1.78</version>
+      <version>1.78.1</version>
       <type>jar</type>
     </dependency>
     <dependency>
       <groupId>org.bouncycastle</groupId>
       <artifactId>bcutil-jdk18on</artifactId>
-      <version>1.78</version>
+      <version>1.78.1</version>
       <type>jar</type>
     </dependency>
     <dependency>
       <groupId>org.bouncycastle</groupId>
       <artifactId>bcpkix-jdk18on</artifactId>
-      <version>1.78</version>
+      <version>1.78.1</version>
       <type>jar</type>
     </dependency>
   </dependencies>
diff --git a/bcpg-jdk18on-1.78.pom b/bcpg-jdk18on-1.78.1.pom
similarity index 86%
rename from bcpg-jdk18on-1.78.pom
rename to bcpg-jdk18on-1.78.1.pom
index ec72cb4..fcc5540 100644
--- a/bcpg-jdk18on-1.78.pom
+++ b/bcpg-jdk18on-1.78.1.pom
@@ -5,7 +5,7 @@
   <artifactId>bcpg-jdk18on</artifactId>
   <packaging>jar</packaging>
   <name>Bouncy Castle OpenPGP API</name>
-  <version>1.78</version>
+  <version>1.78.1</version>
   <description>The Bouncy Castle Java API for handling the OpenPGP protocol. This jar contains the OpenPGP API for JDK 1.8 and up. The APIs can be used in conjunction with a JCE/JCA provider such as the one provided with the Bouncy Castle Cryptography APIs.</description>
   <url>https://www.bouncycastle.org/java.html</url>
   <licenses>
@@ -38,7 +38,13 @@
     <dependency>
       <groupId>org.bouncycastle</groupId>
       <artifactId>bcprov-jdk18on</artifactId>
-      <version>1.78</version>
+      <version>1.78.1</version>
+      <type>jar</type>
+    </dependency>
+    <dependency>
+      <groupId>org.bouncycastle</groupId>
+      <artifactId>bcutil-jdk18on</artifactId>
+      <version>1.78.1</version>
       <type>jar</type>
     </dependency>
   </dependencies>
diff --git a/bcpkix-jdk18on-1.78.pom b/bcpkix-jdk18on-1.78.1.pom
similarity index 94%
rename from bcpkix-jdk18on-1.78.pom
rename to bcpkix-jdk18on-1.78.1.pom
index e0b1b9c..4ad75b0 100644
--- a/bcpkix-jdk18on-1.78.pom
+++ b/bcpkix-jdk18on-1.78.1.pom
@@ -5,7 +5,7 @@
   <artifactId>bcpkix-jdk18on</artifactId>
   <packaging>jar</packaging>
   <name>Bouncy Castle PKIX, CMS, EAC, TSP, PKCS, OCSP, CMP, and CRMF APIs</name>
-  <version>1.78</version>
+  <version>1.78.1</version>
   <description>The Bouncy Castle Java APIs for CMS, PKCS, EAC, TSP, CMP, CRMF, OCSP, and certificate generation. This jar contains APIs for JDK 1.8 and up. The APIs can be used in conjunction with a JCE/JCA provider such as the one provided with the Bouncy Castle Cryptography APIs.</description>
   <url>https://www.bouncycastle.org/java.html</url>
   <licenses>
@@ -33,13 +33,13 @@
     <dependency>
       <groupId>org.bouncycastle</groupId>
       <artifactId>bcprov-jdk18on</artifactId>
-      <version>1.78</version>
+      <version>1.78.1</version>
       <type>jar</type>
     </dependency>
     <dependency>
       <groupId>org.bouncycastle</groupId>
       <artifactId>bcutil-jdk18on</artifactId>
-      <version>1.78</version>
+      <version>1.78.1</version>
       <type>jar</type>
     </dependency>
   </dependencies>
diff --git a/bcprov-jdk18on-1.78.pom b/bcprov-jdk18on-1.78.1.pom
similarity index 97%
rename from bcprov-jdk18on-1.78.pom
rename to bcprov-jdk18on-1.78.1.pom
index 88ff6d3..75c464e 100644
--- a/bcprov-jdk18on-1.78.pom
+++ b/bcprov-jdk18on-1.78.1.pom
@@ -5,7 +5,7 @@
   <artifactId>bcprov-jdk18on</artifactId>
   <packaging>jar</packaging>
   <name>Bouncy Castle Provider</name>
-  <version>1.78</version>
+  <version>1.78.1</version>
   <description>The Bouncy Castle Crypto package is a Java implementation of cryptographic algorithms. This jar contains JCE provider and lightweight API for the Bouncy Castle Cryptography APIs for JDK 1.8 and up.</description>
   <url>https://www.bouncycastle.org/java.html</url>
   <licenses>
diff --git a/bctls-jdk18on-1.78.pom b/bctls-jdk18on-1.78.1.pom
similarity index 93%
rename from bctls-jdk18on-1.78.pom
rename to bctls-jdk18on-1.78.1.pom
index 3b5ab46..8c4df42 100644
--- a/bctls-jdk18on-1.78.pom
+++ b/bctls-jdk18on-1.78.1.pom
@@ -5,7 +5,7 @@
   <artifactId>bctls-jdk18on</artifactId>
   <packaging>jar</packaging>
   <name>Bouncy Castle JSSE provider and TLS/DTLS API</name>
-  <version>1.78</version>
+  <version>1.78.1</version>
   <description>The Bouncy Castle Java APIs for TLS and DTLS, including a provider for the JSSE.</description>
   <url>https://www.bouncycastle.org/java.html</url>
   <licenses>
@@ -33,13 +33,13 @@
     <dependency>
       <groupId>org.bouncycastle</groupId>
       <artifactId>bcprov-jdk18on</artifactId>
-      <version>1.78</version>
+      <version>1.78.1</version>
       <type>jar</type>
     </dependency>
     <dependency>
       <groupId>org.bouncycastle</groupId>
       <artifactId>bcutil-jdk18on</artifactId>
-      <version>1.78</version>
+      <version>1.78.1</version>
       <type>jar</type>
     </dependency>
   </dependencies>
diff --git a/bcutil-jdk18on-1.78.pom b/bcutil-jdk18on-1.78.1.pom
similarity index 95%
rename from bcutil-jdk18on-1.78.pom
rename to bcutil-jdk18on-1.78.1.pom
index 9023e8b..306de61 100644
--- a/bcutil-jdk18on-1.78.pom
+++ b/bcutil-jdk18on-1.78.1.pom
@@ -5,7 +5,7 @@
   <artifactId>bcutil-jdk18on</artifactId>
   <packaging>jar</packaging>
   <name>Bouncy Castle ASN.1 Extension and Utility APIs</name>
-  <version>1.78</version>
+  <version>1.78.1</version>
   <description>The Bouncy Castle Java APIs for ASN.1 extension and utility APIs used to support bcpkix and bctls. This jar contains APIs for JDK 1.8 and up.</description>
   <url>https://www.bouncycastle.org/java.html</url>
   <licenses>
@@ -33,7 +33,7 @@
     <dependency>
       <groupId>org.bouncycastle</groupId>
       <artifactId>bcprov-jdk18on</artifactId>
-      <version>1.78</version>
+      <version>1.78.1</version>
       <type>jar</type>
     </dependency>
   </dependencies>
diff --git a/bouncycastle.changes b/bouncycastle.changes
index 8e47059..6f94975 100644
--- a/bouncycastle.changes
+++ b/bouncycastle.changes
@@ -1,3 +1,18 @@
+-------------------------------------------------------------------
+Mon Apr 29 16:07:27 UTC 2024 - Fridrich Strba <fstrba@suse.com>
+
+- Update to version 1.78.1
+  * Defects Fixed:
+    - The new dependency of the the PGP API on the bcutil jar was
+      missing from the module jar, the OSGi manifest, and the Maven
+      POM. This has been fixed.
+    - Missing exports and duplicate imports have been added/removed
+      from the OSGi manifests.
+    - The OSGi manifests now have the same bundle IDs as 1.77 and
+      lock down dependencies to the equivalent variations
+    - A check in the X.509 Extensions class preventing the parsing
+      of empty extensions has been removed.
+
 -------------------------------------------------------------------
 Mon Apr 29 06:39:43 UTC 2024 - Pedro Monreal <pmonreal@suse.com>
 
diff --git a/bouncycastle.spec b/bouncycastle.spec
index 1367fb3..4709b90 100644
--- a/bouncycastle.spec
+++ b/bouncycastle.spec
@@ -18,11 +18,12 @@
 
 %global ver_major 1
 %global ver_minor 78
-%global gittag r%{ver_major}rv%{ver_minor}
-%global archivever jdk18on-%{ver_major}%{ver_minor}
+%global ver_micro 1
+%global gittag r%{ver_major}rv%{ver_minor}%{?ver_micro:v%{ver_micro}}
+%global archivever jdk18on-%{ver_major}%{ver_minor}%{?ver_micro:0%{ver_micro}}
 %global classname org.bouncycastle.jce.provider.BouncyCastleProvider
 Name:           bouncycastle
-Version:        %{ver_major}.%{ver_minor}
+Version:        %{ver_major}.%{ver_minor}%{?ver_micro:.%{ver_micro}}
 Release:        0
 Summary:        Bouncy Castle Cryptography APIs for Java
 License:        Apache-2.0 AND MIT
diff --git a/r1rv78.tar.gz b/r1rv78.tar.gz
deleted file mode 100644
index ce8db39..0000000
--- a/r1rv78.tar.gz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:6eb33f05248aa74a7927435d364c5fbeb3f3885e476f36e1ee36ff58f4db49e4
-size 47211676
diff --git a/r1rv78v1.tar.gz b/r1rv78v1.tar.gz
new file mode 100644
index 0000000..afa8b0c
--- /dev/null
+++ b/r1rv78v1.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:6b7368098763457885a936de8689d15d63cec3c9568252c5ddb0857dfd382926
+size 47211344