import org.elasticsearch.gradle.info.BuildParams /* * Licensed to Elasticsearch under one or more contributor * license agreements. See the NOTICE file distributed with * this work for additional information regarding copyright * ownership. Elasticsearch licenses this file to you under * the Apache License, Version 2.0 (the "License"); you may * not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, * software distributed under the License is distributed on an * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY * KIND, either express or implied. See the License for the * specific language governing permissions and limitations * under the License. */ apply plugin: 'elasticsearch.build' archivesBaseName = 'elasticsearch-plugin-cli' dependencies { compileOnly project(":server") compileOnly project(":libs:elasticsearch-cli") compile "org.bouncycastle:bcpg-fips:1.0.3" compile "org.bouncycastle:bc-fips:1.0.1" testCompile project(":test:framework") testCompile 'com.google.jimfs:jimfs:1.1' testCompile 'com.google.guava:guava:18.0' } dependencyLicenses { mapping from: /bc.*/, to: 'bouncycastle' } test { // TODO: find a way to add permissions for the tests in this module systemProperty 'tests.security.manager', 'false' } thirdPartyAudit.onlyIf { // FIPS JVM includes manny classes from bouncycastle which count as jar hell for the third party audit, // rather than provide a long list of exclusions, disable the check on FIPS. BuildParams.inFipsJvm == false } /* * these two classes intentionally use the following JDK internal APIs in order to offer the necessary * functionality * * sun.security.internal.spec.TlsKeyMaterialParameterSpec * sun.security.internal.spec.TlsKeyMaterialSpec * sun.security.internal.spec.TlsMasterSecretParameterSpec * sun.security.internal.spec.TlsPrfParameterSpec * sun.security.internal.spec.TlsRsaPremasterSecretParameterSpec * sun.security.provider.SecureRandom * */ thirdPartyAudit.ignoreViolations( 'org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider$CoreSecureRandom', 'org.bouncycastle.jcajce.provider.ProvSunTLSKDF', 'org.bouncycastle.jcajce.provider.ProvSunTLSKDF$BaseTLSKeyGeneratorSpi', 'org.bouncycastle.jcajce.provider.ProvSunTLSKDF$TLSKeyMaterialGenerator', 'org.bouncycastle.jcajce.provider.ProvSunTLSKDF$TLSKeyMaterialGenerator$2', 'org.bouncycastle.jcajce.provider.ProvSunTLSKDF$TLSMasterSecretGenerator', 'org.bouncycastle.jcajce.provider.ProvSunTLSKDF$TLSMasterSecretGenerator$2', 'org.bouncycastle.jcajce.provider.ProvSunTLSKDF$TLSPRFKeyGenerator', 'org.bouncycastle.jcajce.provider.ProvSunTLSKDF$TLSRsaPreMasterSecretGenerator', 'org.bouncycastle.jcajce.provider.ProvSunTLSKDF$TLSRsaPreMasterSecretGenerator$2' )