Update BouncyCastle to 1.64 (#52185) (#52464)

This commit upgrades the bouncycastle dependency from 1.61 to 1.64.
This commit is contained in:
Ioannis Kakavas 2020-02-18 14:11:34 +02:00 committed by GitHub
parent 9c49868bc5
commit d9ce0e6733
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
14 changed files with 19 additions and 11 deletions

View File

@ -29,7 +29,7 @@ joda = 2.10.4
# - plugins/ingest-attachment (transitive dependency, check the upstream POM)
# - distribution/tools/plugin-cli
# - x-pack/plugin/security
bouncycastle = 1.61
bouncycastle=1.64
# test dependencies
randomizedrunner = 2.7.1
junit = 4.12

View File

@ -1 +0,0 @@
69a1ea4bead1baadd1a1e00526de050c62ea7d82

View File

@ -0,0 +1 @@
7a2601f0a1d336966cca03edb04a69ba0f5f25d9

View File

@ -1 +0,0 @@
89bb3aa5b98b48e584eee2a7401b7682a46779b4

View File

@ -0,0 +1 @@
3dac163e20110817d850d17e0444852a6d7d0bd7

View File

@ -1 +0,0 @@
00df4b474e71be02c1349c3292d98886f888d1f7

View File

@ -0,0 +1 @@
1467dac1b787b5ad2a18201c0c281df69882259e

View File

@ -24,6 +24,14 @@ forbiddenPatterns {
exclude '**/*.jks'
}
thirdPartyAudit {
ignoreMissingClasses(
// Used in org.bouncycastle.pqc.crypto.qtesla.QTeslaKeyEncodingTests
'junit.framework.Assert',
'junit.framework.TestCase'
)
}
if (BuildParams.inFipsJvm) {
test.enabled = false
jarHell.enabled = false

View File

@ -1 +0,0 @@
89bb3aa5b98b48e584eee2a7401b7682a46779b4

View File

@ -0,0 +1 @@
3dac163e20110817d850d17e0444852a6d7d0bd7

View File

@ -1 +0,0 @@
00df4b474e71be02c1349c3292d98886f888d1f7

View File

@ -0,0 +1 @@
1467dac1b787b5ad2a18201c0c281df69882259e

View File

@ -7,12 +7,12 @@ package org.elasticsearch.xpack.security.cli;
import com.google.common.jimfs.Configuration;
import com.google.common.jimfs.Jimfs;
import org.bouncycastle.asn1.DLTaggedObject;
import org.elasticsearch.core.internal.io.IOUtils;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.ASN1String;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.DERTaggedObject;
import org.bouncycastle.asn1.pkcs.Attribute;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.asn1.x509.Extension;
@ -489,8 +489,8 @@ public class CertificateGenerateToolTests extends ESTestCase {
assertThat(seq.size(), equalTo(2));
assertThat(seq.getObjectAt(0), instanceOf(ASN1ObjectIdentifier.class));
assertThat(seq.getObjectAt(0).toString(), equalTo(CN_OID));
assertThat(seq.getObjectAt(1), instanceOf(DERTaggedObject.class));
DERTaggedObject taggedName = (DERTaggedObject) seq.getObjectAt(1);
assertThat(seq.getObjectAt(1), instanceOf(DLTaggedObject.class));
DLTaggedObject taggedName = (DLTaggedObject) seq.getObjectAt(1);
assertThat(taggedName.getTagNo(), equalTo(0));
assertThat(taggedName.getObject(), instanceOf(ASN1String.class));
assertThat(taggedName.getObject().toString(), Matchers.isIn(certInfo.commonNames));

View File

@ -11,7 +11,7 @@ import com.google.common.jimfs.Jimfs;
import joptsimple.OptionSet;
import org.bouncycastle.asn1.DERIA5String;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.asn1.DLSequence;
import org.bouncycastle.asn1.pkcs.Attribute;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.asn1.x509.Extension;
@ -606,7 +606,7 @@ public class HttpCertificateCommandTests extends ESTestCase {
final Attribute[] extensionAttributes = csr.getAttributes(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest);
assertThat(extensionAttributes, arrayWithSize(1));
assertThat(extensionAttributes[0].getAttributeValues(), arrayWithSize(1));
assertThat(extensionAttributes[0].getAttributeValues()[0], instanceOf(DERSequence.class));
assertThat(extensionAttributes[0].getAttributeValues()[0], instanceOf(DLSequence.class));
// We register 1 extension - the subject alternative names
final Extensions extensions = Extensions.getInstance(extensionAttributes[0].getAttributeValues()[0]);