Gus Kenion
129b616253
- Update to version 1.78: [bsc#1223252, CVE-2024-30171] * Security Advisories. - CVE-2024-29857: Importing an EC certificate with specially crafted F2m parameters can cause high CPU usage during parameter evaluation. - CVE-2024-30171: Possible timing based leakage in RSA based handshakes due to exception processing eliminated. - CVE-2024-30172: Crafted signature and public key can be used to trigger an infinite loop in the Ed25519 verification code. - CVE-2024-301XX: When endpoint identification is enabled in the BCJSSE and an SSL socket is not created with an explicit hostname (as happens with HttpsURLConnection), hostname verification could be performed against a DNS-resolved IP address. This has been fixed. * Defects Fixed: - Issues with a dangling weak reference causing intermittent NullPointerExceptions in the OcspCache have been fixed. - Issues with non-constant time RSA operations in TLS handshakes. - Issue with Ed25519, Ed448 signature verification causing intermittent infinite loop have been fixed. - Issues with non-constant time ML-KEM implementation ("Kyber Slash"). - Align ML-KEM input validation with FIPS 203 IPD requirements. - Make PEM parsing more forgiving of whitespace to align with RFC 7468. - Fix CCM length checks with large nonce sizes (n=12, n=13). - EAC: Fixed the CertificateBody ASN.1 type to support an optional Certification Authority Reference in a Certificate Request. - ASN.1: ObjectIdentifier (also Relative OID) parsing has been optimized and the contents octets for both types are now limited to 4096 bytes. - BCJSSE: Fixed a missing null check on the result of PrivateKey.getEncoded(), which could cause issues for HSM RSA keys. - BCJSSE: When endpoint identification is enabled and an SSL socket is not created with an explicit hostname (as happens with HttpsURLConnection), OBS-URL: https://build.opensuse.org/request/show/1170680 OBS-URL: https://build.opensuse.org/package/show/Java:packages/bouncycastle?expand=0&rev=103
164 lines
8.0 KiB
Diff
164 lines
8.0 KiB
Diff
Index: bc-java-r1rv78/ant/bc+-build.xml
|
|
===================================================================
|
|
--- bc-java-r1rv78.orig/ant/bc+-build.xml
|
|
+++ bc-java-r1rv78/ant/bc+-build.xml
|
|
@@ -280,7 +280,7 @@
|
|
|
|
</target>
|
|
|
|
- <target name="build" depends="initMacros, build-lw, build-libraries, build-test" />
|
|
+ <target name="build" depends="initMacros, build-lw, build-libraries" />
|
|
|
|
<target name="build-lw" depends="initMacros">
|
|
<!--
|
|
@@ -935,149 +935,6 @@
|
|
|
|
</target>
|
|
|
|
- <!--
|
|
- Tests
|
|
- -->
|
|
- <target name="build-test" depends="initMacros">
|
|
- <property name="test.target" value="bctest-${target.name}" />
|
|
-
|
|
- <mkdir dir="${artifacts.jars.dir}" />
|
|
-
|
|
- <property name="test.target.dir" value="${artifacts.dir}/${test.target}" />
|
|
- <property name="test.target.src.dir" value="${test.target.dir}/src" />
|
|
-
|
|
- <mkdir dir="${test.target.dir}" />
|
|
-
|
|
- <copyStandardFiles toDir="${test.target.dir}" />
|
|
-
|
|
- <copy todir="${test.target.src.dir}">
|
|
- <fileset dir="${src.dir}" includes="/org/bouncycastle/test/*.java" />
|
|
- <fileset dir="${src.dir}" includes="**/*AllTests.java" />
|
|
- <fileset dir="${src.dir}" includes="**/math/**/*Test.java" />
|
|
- <fileset dir="${src.dir}" includes="**/crypto/*/*Test.java" />
|
|
- <fileset dir="${src.dir}" includes="**/tsp/*UnitTest.java" />
|
|
- <fileset dir="${src.dir}" includes="**/utiltest/*Test.java" />
|
|
- <fileset dir="${src.dir}" includes="**/util/io/pem/*Test.java" />
|
|
- <fileset dir="${src.dir}" includes="**/keybox/*Test.java" />
|
|
- <fileset dir="${src.dir}" includes="**/test/*.java" />
|
|
- <fileset dir="${src.dir}" includes="**/test/*/*.java" />
|
|
- <fileset dir="${src.dir}" includes="**/*.asc" />
|
|
- <fileset dir="${src.dir}" includes="**/*.pem" />
|
|
- <fileset dir="${src.dir}" includes="**/*.p7m" />
|
|
- <fileset dir="${src.dir}" includes="**/*.eml" />
|
|
- <fileset dir="${src.dir}" includes="**/*.sig" />
|
|
- <fileset dir="${src.dir}" includes="**/*.data" />
|
|
- <fileset dir="${src.dir}" includes="**/*.der" />
|
|
- <fileset dir="${src.dir}" includes="**/*.crt" />
|
|
- <fileset dir="${src.dir}" includes="**/*.key" />
|
|
- <fileset dir="${src.dir}" includes="**/*.cer" />
|
|
- <fileset dir="${src.dir}" includes="**/*.bin" />
|
|
- <fileset dir="${src.dir}" includes="**/*.ers" />
|
|
- <fileset dir="${src.dir}" includes="**/*.oer" />
|
|
- <fileset dir="${src.dir}" includes="**/*.kbx" />
|
|
- <fileset dir="${src.dir}" includes="**/*.crl" />
|
|
- <fileset dir="${src.dir}" includes="**/*.csr" />
|
|
- <fileset dir="${src.dir}" includes="**/*.txt" />
|
|
- <fileset dir="${src.dir}" includes="**/*.rsp" />
|
|
- <fileset dir="${src.dir}" includes="**/*.gpg" />
|
|
- <fileset dir="${src.dir}" includes="**/*.pgp" />
|
|
- <fileset dir="${src.dir}" includes="**/*.pub" />
|
|
- <fileset dir="${src.dir}" includes="**/*.sec" />
|
|
- <fileset dir="${src.dir}" includes="**/*.cvcert" />
|
|
- <fileset dir="${src.dir}" includes="**/*.properties" />
|
|
- <fileset dir="${src.dir}" includes="**/*.message" />
|
|
- </copy>
|
|
-
|
|
- <delete file="${test.target.src.dir}/org/bouncycastle/pqc/crypto/lms/AllTests.java" />
|
|
- <delete file="${test.target.src.dir}/org/bouncycastle/gpg/keybox/AllTests.java" />
|
|
- <delete file="${test.target.src.dir}/org/bouncycastle/x509/CertPathReviewerMessages_de.properties" />
|
|
- <delete file="${test.target.src.dir}/org/bouncycastle/x509/CertPathReviewerMessages.properties" />
|
|
-
|
|
- <compile-test target="${test.target}">
|
|
- <manifestElements>
|
|
- <attribute name="Manifest-Version" value="1.0" />
|
|
- <attribute name="Extension-Name" value="org.bouncycastle.bctest" />
|
|
- <attribute name="Specification-Vendor" value="BouncyCastle.org" />
|
|
- <attribute name="Specification-Version" value="1.1" />
|
|
- <attribute name="Implementation-Vendor-Id" value="org.bouncycastle" />
|
|
- <attribute name="Implementation-Vendor" value="BouncyCastle.org" />
|
|
- <attribute name="Implementation-Version" value="${release.version}.0" />
|
|
- <attribute name="Application-Name" value="Bouncy Castle Test Classes" />
|
|
- <attribute name="Trusted-Library" value="true" />
|
|
- <attribute name="Permissions" value="all-permissions" />
|
|
- <attribute name="Codebase" value="*" />
|
|
- <attribute name="Application-Library-Allowable-Codebase" value="*" />
|
|
- <attribute name="Caller-Allowable-Codebase" value="*" />
|
|
- </manifestElements>
|
|
- </compile-test>
|
|
- </target>
|
|
-
|
|
- <target name="test">
|
|
- <property name="test.target" value="bctest-${target.name}" />
|
|
- <property name="test.target.dir" value="${artifacts.dir}/${test.target}" />
|
|
- <property name="test.target.src.dir" value="${test.target.dir}/src" />
|
|
-
|
|
- <mkdir dir="${basedir}/${build.dir}/${target.prefix}" />
|
|
- <junit fork="yes" dir="${basedir}/${build.dir}/${target.prefix}" failureProperty="test.failed" printsummary="${junit.printsummary}">
|
|
- <classpath>
|
|
- <path refid="project.classpath" />
|
|
- <fileset dir="${artifacts.jars.dir}">
|
|
- <include name="**/*.jar" />
|
|
- <exclude name="**/bcprov-jdk*.jar" />
|
|
- <exclude name="**/bcjmail-jdk*.jar" />
|
|
- </fileset>
|
|
- </classpath>
|
|
- <sysproperty key="bc.test.data.home" value="../../core/src/test/data" />
|
|
- <sysproperty key="test.java.version.prefix" value="${env.JAVA_VERSION_PREFIX}" />
|
|
-
|
|
- <formatter type="xml" />
|
|
- <batchtest todir="${artifacts.reports.xml.dir}" unless="testcase">
|
|
- <fileset dir="${test.target.src.dir}">
|
|
- <include name="**/AllTests.java" />
|
|
- <exclude name="${env.JUNIT_EXCLUDE_TESTS}" if="env.JUNIT_EXCLUDE_TESTS" />
|
|
- </fileset>
|
|
- </batchtest>
|
|
- </junit>
|
|
-
|
|
- <junitreport todir="${artifacts.reports.xml.dir}">
|
|
- <fileset dir="${artifacts.reports.xml.dir}">
|
|
- <include name="TEST-*.xml" />
|
|
- </fileset>
|
|
- <report format="frames" todir="${artifacts.reports.html.dir}" />
|
|
- </junitreport>
|
|
-
|
|
- <fail if="test.failed"/>
|
|
- </target>
|
|
-
|
|
- <target name="test-lw">
|
|
- <junit fork="yes" dir="${basedir}/${build.dir}/${target.prefix}" failureProperty="test.failed">
|
|
- <classpath>
|
|
- <fileset dir="${artifacts.jars.dir}">
|
|
- <include name="**/*.jar" />
|
|
- <exclude name="**/bcprov-jdk*.jar" />
|
|
- </fileset>
|
|
- </classpath>
|
|
-
|
|
- <formatter type="xml" />
|
|
- <test name="${testcase}" todir="${artifacts.reports.xml.dir}" if="testcase" />
|
|
- <batchtest todir="${artifacts.reports.xml.dir}" unless="testcase">
|
|
- <fileset dir="${src.dir}">
|
|
- <include name="**/crypto/test/AllTests.java" />
|
|
- <include name="**/asn1/test/AllTests.java" />
|
|
- <include name="**/encoders/test/AllTests.java" />
|
|
- <include name="**/ntru/**/AllTests.java" />
|
|
- </fileset>
|
|
- </batchtest>
|
|
- </junit>
|
|
-
|
|
- <junitreport todir="${artifacts.reports.xml.dir}">
|
|
- <fileset dir="${artifacts.reports.xml.dir}">
|
|
- <include name="TEST-*.xml" />
|
|
- </fileset>
|
|
- <report format="frames" todir="${artifacts.reports.html.dir}" />
|
|
- </junitreport>
|
|
- </target>
|
|
-
|
|
<target name="javadoc-libraries" depends="javadoc-util, javadoc-pkix, javadoc-mail, javadoc-jmail, javadoc-pg" />
|
|
|
|
<!--
|