diff --git a/apache-ivy.changes b/apache-ivy.changes index 3d4b395..0c1693b 100644 --- a/apache-ivy.changes +++ b/apache-ivy.changes @@ -1,3 +1,11 @@ +------------------------------------------------------------------- +Tue Sep 24 16:08:31 UTC 2019 - Fridrich Strba + +- Build the bouncycastle signer plugin since bcpg is now present +- Added patch: + * port-to-bc-1.52.patch + + Allow building the signer plugin against bouncycastle >= 1.52 + ------------------------------------------------------------------- Tue Jul 2 09:22:21 UTC 2019 - Fridrich Strba diff --git a/apache-ivy.spec b/apache-ivy.spec index 1189b90..ad9a312 100644 --- a/apache-ivy.spec +++ b/apache-ivy.spec @@ -30,8 +30,10 @@ Source1: ivy.1 Source2: http://repo1.maven.org/maven2/org/apache/ivy/ivy/%{version}/ivy-%{version}.pom Patch0: apache-ivy-2.4.0-jdk9.patch Patch1: apache-ivy-global-settings.patch +Patch2: port-to-bc-1.52.patch BuildRequires: ant BuildRequires: bouncycastle +BuildRequires: bouncycastle-pg BuildRequires: commons-httpclient BuildRequires: fdupes BuildRequires: java-devel >= 1.8 @@ -69,14 +71,12 @@ JavaDoc documentation for %{name} %setup -q %patch0 -p1 %patch1 -p1 +%patch2 -p1 cp %{SOURCE2} pom.xml %pom_remove_parent . -#TODO: return back when bouncycastle-pgp will be available -rm -fr src/java/org/apache/ivy/plugins/signer/bouncycastle - # Remove prebuilt documentation rm -rf doc build/doc @@ -99,8 +99,8 @@ rm src/java/org/apache/ivy/plugins/resolver/*{Ssh,SFTP}*.java %build # Craft class path mkdir -p lib -build-jar-repository lib ant ant/ant-nodeps oro jsch commons-httpclient -export CLASSPATH=$(build-classpath ant ant/ant-nodeps oro jsch commons-httpclient) +build-jar-repository lib ant ant/ant-nodeps oro jsch commons-httpclient bcprov bcpg +export CLASSPATH=$(build-classpath ant ant/ant-nodeps oro jsch commons-httpclient bcprov bcpg) %if %{with vfs} build-jar-repository lib commons-vfs2 export CLASSPATH=${CLASSPATH}:$(build-classpath commons-vfs2) diff --git a/port-to-bc-1.52.patch b/port-to-bc-1.52.patch new file mode 100644 index 0000000..7b73be3 --- /dev/null +++ b/port-to-bc-1.52.patch @@ -0,0 +1,93 @@ +diff --git a/ivy.xml b/ivy.xml +index d448897..7d8896a 100644 +--- a/ivy.xml ++++ b/ivy.xml +@@ -50,8 +50,8 @@ + + + +- +- ++ ++ + + + +diff --git a/src/java/org/apache/ivy/plugins/signer/bouncycastle/OpenPGPSignatureGenerator.java b/src/java/org/apache/ivy/plugins/signer/bouncycastle/OpenPGPSignatureGenerator.java +index af7beae..bec8ae4 100644 +--- a/src/java/org/apache/ivy/plugins/signer/bouncycastle/OpenPGPSignatureGenerator.java ++++ b/src/java/org/apache/ivy/plugins/signer/bouncycastle/OpenPGPSignatureGenerator.java +@@ -23,16 +23,18 @@ import java.io.FileOutputStream; + import java.io.IOException; + import java.io.InputStream; + import java.io.OutputStream; +-import java.security.NoSuchAlgorithmException; +-import java.security.NoSuchProviderException; + import java.security.Security; +-import java.security.SignatureException; + import java.util.Iterator; + + import org.apache.ivy.plugins.signer.SignatureGenerator; + import org.bouncycastle.bcpg.ArmoredOutputStream; + import org.bouncycastle.bcpg.BCPGOutputStream; + import org.bouncycastle.jce.provider.BouncyCastleProvider; ++import org.bouncycastle.openpgp.operator.PBESecretKeyDecryptor; ++import org.bouncycastle.openpgp.operator.bc.BcKeyFingerprintCalculator; ++import org.bouncycastle.openpgp.operator.bc.BcPBESecretKeyDecryptorBuilder; ++import org.bouncycastle.openpgp.operator.bc.BcPGPContentSignerBuilder; ++import org.bouncycastle.openpgp.operator.bc.BcPGPDigestCalculatorProvider; + import org.bouncycastle.openpgp.PGPException; + import org.bouncycastle.openpgp.PGPPrivateKey; + import org.bouncycastle.openpgp.PGPSecretKey; +@@ -101,11 +103,13 @@ public class OpenPGPSignatureGenerator implements SignatureGenerator { + pgpSec = readSecretKey(keyIn); + } + +- PGPPrivateKey pgpPrivKey = pgpSec.extractPrivateKey(password.toCharArray(), +- BouncyCastleProvider.PROVIDER_NAME); +- PGPSignatureGenerator sGen = new PGPSignatureGenerator(pgpSec.getPublicKey() +- .getAlgorithm(), PGPUtil.SHA1, BouncyCastleProvider.PROVIDER_NAME); +- sGen.initSign(PGPSignature.BINARY_DOCUMENT, pgpPrivKey); ++ PBESecretKeyDecryptor decryptor = new BcPBESecretKeyDecryptorBuilder( ++ new BcPGPDigestCalculatorProvider()).build(password.toCharArray()); ++ PGPPrivateKey pgpPrivKey = pgpSec.extractPrivateKey(decryptor); ++ PGPSignatureGenerator sGen = new PGPSignatureGenerator( ++ new BcPGPContentSignerBuilder(pgpSec.getPublicKey() ++ .getAlgorithm(), PGPUtil.SHA1)); ++ sGen.init(PGPSignature.BINARY_DOCUMENT, pgpPrivKey); + + in = new FileInputStream(src); + out = new BCPGOutputStream(new ArmoredOutputStream(new FileOutputStream(dest))); +@@ -116,22 +120,10 @@ public class OpenPGPSignatureGenerator implements SignatureGenerator { + } + + sGen.generate().encode(out); +- } catch (SignatureException e) { +- IOException ioexc = new IOException(); +- ioexc.initCause(e); +- throw ioexc; + } catch (PGPException e) { + IOException ioexc = new IOException(); + ioexc.initCause(e); + throw ioexc; +- } catch (NoSuchAlgorithmException e) { +- IOException ioexc = new IOException(); +- ioexc.initCause(e); +- throw ioexc; +- } catch (NoSuchProviderException e) { +- IOException ioexc = new IOException(); +- ioexc.initCause(e); +- throw ioexc; + } finally { + if (out != null) { + try { +@@ -156,7 +148,8 @@ public class OpenPGPSignatureGenerator implements SignatureGenerator { + + private PGPSecretKey readSecretKey(InputStream in) throws IOException, PGPException { + in = PGPUtil.getDecoderStream(in); +- PGPSecretKeyRingCollection pgpSec = new PGPSecretKeyRingCollection(in); ++ PGPSecretKeyRingCollection pgpSec = new PGPSecretKeyRingCollection(in, ++ new BcKeyFingerprintCalculator()); + + PGPSecretKey key = null; + for (Iterator it = pgpSec.getKeyRings(); key == null && it.hasNext();) {