/* * SPDX-License-Identifier: Apache-2.0 * * The OpenSearch Contributors require contributions made to * this file be licensed under the Apache-2.0 license or a * compatible open source license. * * Modifications Copyright OpenSearch Contributors. See * GitHub history for details. */ /* * Licensed to Elasticsearch under one or more contributor * license agreements. See the NOTICE file distributed with * this work for additional information regarding copyright * ownership. Elasticsearch licenses this file to you under * the Apache License, Version 2.0 (the "License"); you may * not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, * software distributed under the License is distributed on an * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY * KIND, either express or implied. See the License for the * specific language governing permissions and limitations * under the License. */ apply plugin: 'opensearch.build' archivesBaseName = 'opensearch-plugin-cli' dependencies { compileOnly project(":server") compileOnly project(":libs:opensearch-cli") api "org.bouncycastle:bcpg-fips:1.0.4" api "org.bouncycastle:bc-fips:1.0.2" testImplementation project(":test:framework") testImplementation 'com.google.jimfs:jimfs:1.1' testRuntimeOnly 'com.google.guava:guava:30.1.1-jre' } tasks.named("dependencyLicenses").configure { mapping from: /bc.*/, to: 'bouncycastle' } test { // TODO: find a way to add permissions for the tests in this module systemProperty 'tests.security.manager', 'false' jvmArgs += [ "-Djava.security.egd=file:/dev/urandom" ] } /* * these two classes intentionally use the following JDK internal APIs in order to offer the necessary * functionality * * sun.security.internal.spec.TlsKeyMaterialParameterSpec * sun.security.internal.spec.TlsKeyMaterialSpec * sun.security.internal.spec.TlsMasterSecretParameterSpec * sun.security.internal.spec.TlsPrfParameterSpec * sun.security.internal.spec.TlsRsaPremasterSecretParameterSpec * sun.security.provider.SecureRandom * */ thirdPartyAudit.ignoreViolations( 'org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider$CoreSecureRandom', 'org.bouncycastle.jcajce.provider.ProvSunTLSKDF', 'org.bouncycastle.jcajce.provider.ProvSunTLSKDF$BaseTLSKeyGeneratorSpi', 'org.bouncycastle.jcajce.provider.ProvSunTLSKDF$TLSKeyMaterialGenerator', 'org.bouncycastle.jcajce.provider.ProvSunTLSKDF$TLSKeyMaterialGenerator$2', 'org.bouncycastle.jcajce.provider.ProvSunTLSKDF$TLSMasterSecretGenerator', 'org.bouncycastle.jcajce.provider.ProvSunTLSKDF$TLSMasterSecretGenerator$2', 'org.bouncycastle.jcajce.provider.ProvSunTLSKDF$TLSPRFKeyGenerator', 'org.bouncycastle.jcajce.provider.ProvSunTLSKDF$TLSRsaPreMasterSecretGenerator', 'org.bouncycastle.jcajce.provider.ProvSunTLSKDF$TLSRsaPreMasterSecretGenerator$2', 'org.bouncycastle.jcajce.provider.ProvSunTLSKDF$TLSExtendedMasterSecretGenerator', 'org.bouncycastle.jcajce.provider.ProvSunTLSKDF$TLSExtendedMasterSecretGenerator$2' )