pool/bouncycastle
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
9aec78befe
bouncycastle/bouncycastle.spec
Fridrich Strba daf896ac30 Accepting request 737444 from home:pmonrealgonzalez:branches:Java:packages 
- Version update to 1.64 [bsc#1153385, CVE-2019-17359]
  [bsc#1096291, CVE-2018-1000180][bsc#1100694, CVE-2018-1000613]
  * Security Advisory:
    - CVE-2019-17359: A change to the ASN.1 parser in 1.63 introduced
      a regression that can cause an OutOfMemoryError to occur on
      parsing ASN.1 data.
  * Defects Fixed:
    - OpenSSH: Fixed padding in generated Ed25519 private keys.
    - GOST3410-2012-512 now uses the GOST3411-2012-256 as its KDF digest.
    - Validation of headers in PemReader now looks for tailing dashes in header.
    - Some compatibility issues around the signature encryption algorithm
      field in CMS SignedData and the GOST algorithms have been addressed.
  * Additional Features and Functionality:
    - PKCS12 key stores containing only certificates can now be created
      without the need to provide passwords.
    - BCJSSE: Initial support for AlgorithmConstraints; protocol versions
      and cipher suites.
    - BCJSSE: Initial support for 'jdk.tls.disabledAlgorithms'; protocol
      versions and cipher suites.
    - BCJSSE: Add SecurityManager check to access session context.
    - BCJSSE: Improved SunJSSE compatibility of the NULL_SESSION.
    - BCJSSE: SSLContext algorithms updated for SunJSSE compatibility
      	      (default enabled protocols).
    - The digest functions Haraka-256 and Haraka-512 have been added to
      the provider and the light-weight API
    - XMSS/XMSS^MT key management now allows for allocating subsets of the
      private key space using the extraKeyShard() method. Use of
      StateAwareSignature is now deprecated.
    - Support for Java 11's NamedParameterSpec class has been added
      (using reflection) to the EC and EdEC KeyPairGenerator implementations.

OBS-URL: https://build.opensuse.org/request/show/737444
OBS-URL: https://build.opensuse.org/package/show/Java:packages/bouncycastle?expand=0&rev=51
2019-10-11 10:59:50 +00:00

216 lines
7.2 KiB
RPMSpec
Raw Blame History

#
# spec file for package bouncycastle
#
# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
%global ver 1.64
%global shortver 164
%global gittag r1rv64
%global archivever jdk15on-%{shortver}b07
%global classname org.bouncycastle.jce.provider.BouncyCastleProvider
Name: bouncycastle
Version: %{ver}
Release: 0
Summary: Bouncy Castle Cryptography APIs for Java
License: MIT AND Apache-2.0
Group: Development/Libraries/Java
URL: https://www.bouncycastle.org
Source0: https://github.com/bcgit/bc-java/archive/%{gittag}.tar.gz
# POMs from Maven Central
Source1: https://repo1.maven.org/maven2/org/%{name}/bcprov-jdk15on/%{version}/bcprov-jdk15on-%{version}.pom
Source2: https://repo1.maven.org/maven2/org/%{name}/bcpkix-jdk15on/%{version}/bcpkix-jdk15on-%{version}.pom
Source3: https://repo1.maven.org/maven2/org/%{name}/bcpg-jdk15on/%{version}/bcpg-jdk15on-%{version}.pom
Source4: https://repo1.maven.org/maven2/org/%{name}/bcmail-jdk15on/%{version}/bcmail-jdk15on-%{version}.pom
Source5: https://repo1.maven.org/maven2/org/%{name}/bctls-jdk15on/%{version}/bctls-jdk15on-%{version}.pom
Patch0: bouncycastle-javadoc.patch
BuildRequires: ant
BuildRequires: ant-junit
BuildRequires: fdupes
BuildRequires: javamail
BuildRequires: javapackages-local
Requires(post): javapackages-tools
Requires(postun): javapackages-tools
Provides: bcprov = %{version}-%{release}
BuildArch: noarch
%description
The Bouncy Castle Crypto package is a Java implementation of cryptographic
algorithms. This jar contains JCE provider and lightweight API for the
Bouncy Castle Cryptography APIs for JDK 1.5 to JDK 1.8.
%package pkix
Summary: Bouncy Castle PKIX, CMS, EAC, TSP, PKCS, OCSP, CMP, and CRMF APIs
License: MIT
Group: Development/Libraries/Java
Requires: %{name} = %{version}
%description pkix
The Bouncy Castle Java APIs for CMS, PKCS, EAC, TSP, CMP, CRMF, OCSP, and
certificate generation. This jar contains APIs for JDK 1.5 to JDK 1.8. The
APIs can be used in conjunction with a JCE/JCA provider such as the one
provided with the Bouncy Castle Cryptography APIs.
%package pg
Summary: Bouncy Castle OpenPGP API
License: MIT AND Apache-2.0
Group: Development/Libraries/Java
Requires: %{name} = %{version}
%description pg
The Bouncy Castle Java API for handling the OpenPGP protocol. This jar
contains the OpenPGP API for JDK 1.5 to JDK 1.8. The APIs can be used in
conjunction with a JCE/JCA provider such as the one provided with the
Bouncy Castle Cryptography APIs.
%package mail
Summary: Bouncy Castle S/MIME API
License: MIT
Group: Development/Libraries/Java
Requires: %{name} = %{version}
Requires: %{name}-pkix = %{version}
%description mail
The Bouncy Castle Java S/MIME APIs for handling S/MIME protocols. This jar
contains S/MIME APIs for JDK 1.5 to JDK 1.8. The APIs can be used in
conjunction with a JCE/JCA provider such as the one provided with the Bouncy
Castle Cryptography APIs. The JavaMail API and the Java activation framework
will also be needed.
%package tls
Summary: Bouncy Castle JSSE provider and TLS/DTLS API
License: MIT
Group: Development/Libraries/Java
Requires: %{name} = %{version}
%description tls
The Bouncy Castle Java APIs for TLS and DTLS, including a provider for the
JSSE.
%package javadoc
Summary: Javadoc for %{name}
License: MIT
Group: Development/Libraries/Java
%description javadoc
API documentation for the Bouncy Castle Cryptography APIs.
%prep
%setup -q -n bc-java-%{gittag}
%patch0 -p1
# Remove provided binaries
find . -type f -name "*.class" -exec rm -f {} \;
find . -type f -name "*.jar" -exec rm -f {} \;
%build
ant -f ant/jdk15+.xml \
-Dbc.javac.source=6 -Dbc.javac.target=6 \
-Djunit.jar.home=$(build-classpath junit) \
-Dmail.jar.home=$(build-classpath javax.mail) \
-Dactivation.jar.home= \
-Drelease.debug=true \
clean build-provider build
# Not shipping the "lcrypto" jar, so don't ship the javadoc for it
rm -rf build/artifacts/jdk1.5/javadoc/lcrypto
%install
install -dm 755 %{buildroot}%{_sysconfdir}/java/security/security.d
touch %{buildroot}%{_sysconfdir}/java/security/security.d/2000-%{classname}
install -dm 0755 %{buildroot}%{_javadir}
install -dm 0755 %{buildroot}%{_mavenpomdir}
for bc in bcprov bcpkix bcpg bcmail bctls ; do
install -pm 0644 build/artifacts/jdk1.5/jars/$bc-%{archivever}.jar %{buildroot}%{_javadir}/$bc.jar
install -pm 0644 %{_sourcedir}/$bc-jdk15on-%{version}.pom %{buildroot}%{_mavenpomdir}/$bc.pom
%add_maven_depmap $bc.pom $bc.jar -a "org.bouncycastle:$bc-jdk16,org.bouncycastle:$bc-jdk15" -f $bc
done
install -dm 0755 %{buildroot}%{_javadocdir}/%{name}
cp -r build/artifacts/jdk1.5/javadoc/* %{buildroot}%{_javadocdir}/%{name}/
%fdupes -s %{buildroot}%{_javadocdir}
%post
{
# Rebuild the list of security providers in classpath.security
suffix=security/classpath.security
secfiles="%{_libexecdir}/$suffix %{_libdir}/$suffix"
for secfile in $secfiles
do
# check if this classpath.security file exists
[ -f "$secfile" ] || continue
sed -i '/^security\.provider\./d' "$secfile"
count=0
for provider in $(ls %{_sysconfdir}/java/security/security.d)
do
count=$((count + 1))
echo "security.provider.${count}=${provider#*-}" >> "$secfile"
done
done
} || :
%postun
if [ $1 -eq 0 ] ; then
{
# Rebuild the list of security providers in classpath.security
suffix=security/classpath.security
secfiles="%{_libexecdir}/$suffix %{_libdir}/$suffix"
for secfile in $secfiles
do
# check if this classpath.security file exists
[ -f "$secfile" ] || continue
sed -i '/^security\.provider\./d' "$secfile"
count=0
for provider in $(ls %{_sysconfdir}/java/security/security.d)
do
count=$((count + 1))
echo "security.provider.${count}=${provider#*-}" >> "$secfile"
done
done
} || :
fi
%files -f .mfiles-bcprov
%license build/artifacts/jdk1.5/bcprov-jdk15on-*/LICENSE.html
%doc docs/ core/docs/ *.html
%config(noreplace) %{_sysconfdir}/java/security/security.d/2000-%{classname}
%files pkix -f .mfiles-bcpkix
%license build/artifacts/jdk1.5/bcpkix-jdk15on-*/LICENSE.html
%files pg -f .mfiles-bcpg
%license build/artifacts/jdk1.5/bcpg-jdk15on-*/LICENSE.html
%files mail -f .mfiles-bcmail
%license build/artifacts/jdk1.5/bcmail-jdk15on-*/LICENSE.html
%files tls -f .mfiles-bctls
%license build/artifacts/jdk1.5/bctls-jdk15on-*/LICENSE.html
%files javadoc
%{_javadocdir}/%{name}
%license LICENSE.html
%changelog
Reference in New Issue View Git Blame Copy Permalink