pool/bouncycastle
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
factory
bouncycastle/bouncycastle-notests.patch
Gus Kenion 129b616253 Accepting request 1170680 from home:pmonrealgonzalez:branches:Java:packages 
- Update to version 1.78: [bsc#1223252, CVE-2024-30171]
  * Security Advisories.
    - CVE-2024-29857: Importing an EC certificate with specially crafted
      F2m parameters can cause high CPU usage during parameter evaluation.
    - CVE-2024-30171: Possible timing based leakage in RSA based handshakes
      due to exception processing eliminated.
    - CVE-2024-30172: Crafted signature and public key can be used to
      trigger an infinite loop in the Ed25519 verification code.
    - CVE-2024-301XX: When endpoint identification is enabled in the BCJSSE
      and an SSL socket is not created with an explicit hostname (as happens
      with HttpsURLConnection), hostname verification could be performed
      against a DNS-resolved IP address. This has been fixed.
  * Defects Fixed:
    - Issues with a dangling weak reference causing intermittent
      NullPointerExceptions in the OcspCache have been fixed.
    - Issues with non-constant time RSA operations in TLS handshakes.
    - Issue with Ed25519, Ed448 signature verification causing intermittent
      infinite loop have been fixed.
    - Issues with non-constant time ML-KEM implementation ("Kyber Slash").
    - Align ML-KEM input validation with FIPS 203 IPD requirements.
    - Make PEM parsing more forgiving of whitespace to align with RFC 7468.
    - Fix CCM length checks with large nonce sizes (n=12, n=13).
    - EAC: Fixed the CertificateBody ASN.1 type to support an optional
      Certification Authority Reference in a Certificate Request.
    - ASN.1: ObjectIdentifier (also Relative OID) parsing has been optimized
      and the contents octets for both types are now limited to 4096 bytes.
    - BCJSSE: Fixed a missing null check on the result of PrivateKey.getEncoded(),
      which could cause issues for HSM RSA keys.
    - BCJSSE: When endpoint identification is enabled and an SSL socket is not
      created with an explicit hostname (as happens with HttpsURLConnection),

OBS-URL: https://build.opensuse.org/request/show/1170680
OBS-URL: https://build.opensuse.org/package/show/Java:packages/bouncycastle?expand=0&rev=103
2024-04-29 08:01:56 +00:00

164 lines
8.0 KiB
Diff
Raw Permalink Blame History

Index: bc-java-r1rv78/ant/bc+-build.xml
===================================================================
--- bc-java-r1rv78.orig/ant/bc+-build.xml
+++ bc-java-r1rv78/ant/bc+-build.xml
@@ -280,7 +280,7 @@
</target>
- <target name="build" depends="initMacros, build-lw, build-libraries, build-test" />
+ <target name="build" depends="initMacros, build-lw, build-libraries" />
<target name="build-lw" depends="initMacros">
<!--
@@ -935,149 +935,6 @@
</target>
- <!--
- Tests
- -->
- <target name="build-test" depends="initMacros">
- <property name="test.target" value="bctest-${target.name}" />
-
- <mkdir dir="${artifacts.jars.dir}" />
-
- <property name="test.target.dir" value="${artifacts.dir}/${test.target}" />
- <property name="test.target.src.dir" value="${test.target.dir}/src" />
-
- <mkdir dir="${test.target.dir}" />
-
- <copyStandardFiles toDir="${test.target.dir}" />
-
- <copy todir="${test.target.src.dir}">
- <fileset dir="${src.dir}" includes="/org/bouncycastle/test/*.java" />
- <fileset dir="${src.dir}" includes="**/*AllTests.java" />
- <fileset dir="${src.dir}" includes="**/math/**/*Test.java" />
- <fileset dir="${src.dir}" includes="**/crypto/*/*Test.java" />
- <fileset dir="${src.dir}" includes="**/tsp/*UnitTest.java" />
- <fileset dir="${src.dir}" includes="**/utiltest/*Test.java" />
- <fileset dir="${src.dir}" includes="**/util/io/pem/*Test.java" />
- <fileset dir="${src.dir}" includes="**/keybox/*Test.java" />
- <fileset dir="${src.dir}" includes="**/test/*.java" />
- <fileset dir="${src.dir}" includes="**/test/*/*.java" />
- <fileset dir="${src.dir}" includes="**/*.asc" />
- <fileset dir="${src.dir}" includes="**/*.pem" />
- <fileset dir="${src.dir}" includes="**/*.p7m" />
- <fileset dir="${src.dir}" includes="**/*.eml" />
- <fileset dir="${src.dir}" includes="**/*.sig" />
- <fileset dir="${src.dir}" includes="**/*.data" />
- <fileset dir="${src.dir}" includes="**/*.der" />
- <fileset dir="${src.dir}" includes="**/*.crt" />
- <fileset dir="${src.dir}" includes="**/*.key" />
- <fileset dir="${src.dir}" includes="**/*.cer" />
- <fileset dir="${src.dir}" includes="**/*.bin" />
- <fileset dir="${src.dir}" includes="**/*.ers" />
- <fileset dir="${src.dir}" includes="**/*.oer" />
- <fileset dir="${src.dir}" includes="**/*.kbx" />
- <fileset dir="${src.dir}" includes="**/*.crl" />
- <fileset dir="${src.dir}" includes="**/*.csr" />
- <fileset dir="${src.dir}" includes="**/*.txt" />
- <fileset dir="${src.dir}" includes="**/*.rsp" />
- <fileset dir="${src.dir}" includes="**/*.gpg" />
- <fileset dir="${src.dir}" includes="**/*.pgp" />
- <fileset dir="${src.dir}" includes="**/*.pub" />
- <fileset dir="${src.dir}" includes="**/*.sec" />
- <fileset dir="${src.dir}" includes="**/*.cvcert" />
- <fileset dir="${src.dir}" includes="**/*.properties" />
- <fileset dir="${src.dir}" includes="**/*.message" />
- </copy>
-
- <delete file="${test.target.src.dir}/org/bouncycastle/pqc/crypto/lms/AllTests.java" />
- <delete file="${test.target.src.dir}/org/bouncycastle/gpg/keybox/AllTests.java" />
- <delete file="${test.target.src.dir}/org/bouncycastle/x509/CertPathReviewerMessages_de.properties" />
- <delete file="${test.target.src.dir}/org/bouncycastle/x509/CertPathReviewerMessages.properties" />
-
- <compile-test target="${test.target}">
- <manifestElements>
- <attribute name="Manifest-Version" value="1.0" />
- <attribute name="Extension-Name" value="org.bouncycastle.bctest" />
- <attribute name="Specification-Vendor" value="BouncyCastle.org" />
- <attribute name="Specification-Version" value="1.1" />
- <attribute name="Implementation-Vendor-Id" value="org.bouncycastle" />
- <attribute name="Implementation-Vendor" value="BouncyCastle.org" />
- <attribute name="Implementation-Version" value="${release.version}.0" />
- <attribute name="Application-Name" value="Bouncy Castle Test Classes" />
- <attribute name="Trusted-Library" value="true" />
- <attribute name="Permissions" value="all-permissions" />
- <attribute name="Codebase" value="*" />
- <attribute name="Application-Library-Allowable-Codebase" value="*" />
- <attribute name="Caller-Allowable-Codebase" value="*" />
- </manifestElements>
- </compile-test>
- </target>
-
- <target name="test">
- <property name="test.target" value="bctest-${target.name}" />
- <property name="test.target.dir" value="${artifacts.dir}/${test.target}" />
- <property name="test.target.src.dir" value="${test.target.dir}/src" />
-
- <mkdir dir="${basedir}/${build.dir}/${target.prefix}" />
- <junit fork="yes" dir="${basedir}/${build.dir}/${target.prefix}" failureProperty="test.failed" printsummary="${junit.printsummary}">
- <classpath>
- <path refid="project.classpath" />
- <fileset dir="${artifacts.jars.dir}">
- <include name="**/*.jar" />
- <exclude name="**/bcprov-jdk*.jar" />
- <exclude name="**/bcjmail-jdk*.jar" />
- </fileset>
- </classpath>
- <sysproperty key="bc.test.data.home" value="../../core/src/test/data" />
- <sysproperty key="test.java.version.prefix" value="${env.JAVA_VERSION_PREFIX}" />
-
- <formatter type="xml" />
- <batchtest todir="${artifacts.reports.xml.dir}" unless="testcase">
- <fileset dir="${test.target.src.dir}">
- <include name="**/AllTests.java" />
- <exclude name="${env.JUNIT_EXCLUDE_TESTS}" if="env.JUNIT_EXCLUDE_TESTS" />
- </fileset>
- </batchtest>
- </junit>
-
- <junitreport todir="${artifacts.reports.xml.dir}">
- <fileset dir="${artifacts.reports.xml.dir}">
- <include name="TEST-*.xml" />
- </fileset>
- <report format="frames" todir="${artifacts.reports.html.dir}" />
- </junitreport>
-
- <fail if="test.failed"/>
- </target>
-
- <target name="test-lw">
- <junit fork="yes" dir="${basedir}/${build.dir}/${target.prefix}" failureProperty="test.failed">
- <classpath>
- <fileset dir="${artifacts.jars.dir}">
- <include name="**/*.jar" />
- <exclude name="**/bcprov-jdk*.jar" />
- </fileset>
- </classpath>
-
- <formatter type="xml" />
- <test name="${testcase}" todir="${artifacts.reports.xml.dir}" if="testcase" />
- <batchtest todir="${artifacts.reports.xml.dir}" unless="testcase">
- <fileset dir="${src.dir}">
- <include name="**/crypto/test/AllTests.java" />
- <include name="**/asn1/test/AllTests.java" />
- <include name="**/encoders/test/AllTests.java" />
- <include name="**/ntru/**/AllTests.java" />
- </fileset>
- </batchtest>
- </junit>
-
- <junitreport todir="${artifacts.reports.xml.dir}">
- <fileset dir="${artifacts.reports.xml.dir}">
- <include name="TEST-*.xml" />
- </fileset>
- <report format="frames" todir="${artifacts.reports.html.dir}" />
- </junitreport>
- </target>
-
<target name="javadoc-libraries" depends="javadoc-util, javadoc-pkix, javadoc-mail, javadoc-jmail, javadoc-pg" />
<!--
Reference in New Issue View Git Blame Copy Permalink