From 46c89f006d16e5b36dedd9ff36651ea4efa3a557 Mon Sep 17 00:00:00 2001 From: Robert Muir Date: Tue, 7 Jul 2015 17:43:35 -0400 Subject: [PATCH] Allow use of bouncycastle --- core/src/main/java/org/elasticsearch/bootstrap/Security.java | 1 + .../resources/org/elasticsearch/bootstrap/security.policy | 5 +++++ 2 files changed, 6 insertions(+) diff --git a/core/src/main/java/org/elasticsearch/bootstrap/Security.java b/core/src/main/java/org/elasticsearch/bootstrap/Security.java index 4c0cde1389e..4d91341296a 100644 --- a/core/src/main/java/org/elasticsearch/bootstrap/Security.java +++ b/core/src/main/java/org/elasticsearch/bootstrap/Security.java @@ -80,6 +80,7 @@ final class Security { m.put(Pattern.compile(".*lucene-core-.*\\.jar$"), "es.security.jar.lucene.core"); m.put(Pattern.compile(".*jsr166e-.*\\.jar$"), "es.security.jar.twitter.jsr166e"); m.put(Pattern.compile(".*securemock-.*\\.jar$"), "es.security.jar.elasticsearch.securemock"); + m.put(Pattern.compile(".*bcprov-.*\\.jar$"), "es.security.jar.bouncycastle.bcprov"); SPECIAL_JARS = Collections.unmodifiableMap(m); } diff --git a/core/src/main/resources/org/elasticsearch/bootstrap/security.policy b/core/src/main/resources/org/elasticsearch/bootstrap/security.policy index 0434bf5be31..157c3cffeb0 100644 --- a/core/src/main/resources/org/elasticsearch/bootstrap/security.policy +++ b/core/src/main/resources/org/elasticsearch/bootstrap/security.policy @@ -47,6 +47,11 @@ grant codeBase "${es.security.jar.elasticsearch.securemock}" { permission java.lang.RuntimePermission "reflectionFactoryAccess"; }; +grant codeBase "${es.security.jar.bouncycastle.bcprov}" { + // needed to allow installation of bouncycastle crypto provider + permission java.security.SecurityPermission "putProviderProperty.BC"; +}; + //// Everything else: grant {