Skip to content

Commit

Permalink
libs: update bouncycastle to 1.77, canl to 2.8.3
Browse files Browse the repository at this point in the history 
Motivation:
dCache uses quite old version of bouncycastle, which is always a bad
idea for security related libraries.

Modification:
bump bouncycastle to 1.77. Ensure, that older versions are not pulled as
transient dependencies.

Result:
up-to-date bouncycastle

Acked-by: Lea Morschel
Target: master
Require-book: no
Require-notes: yes
  • Loading branch information
@kofemann
kofemann committed Apr 8, 2024
1 parent b03dd5a commit daae5d5
Showing 1 changed file with 30 additions and 28 deletions.
58 changes: 30 additions & 28 deletions pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -91,34 +91,10 @@
<version.spring_kafka>2.9.11</version.spring_kafka>
<version.kafka>3.1.0</version.kafka>

<!-- BouncyCastle seems to change the naming convention of
their ArtifactId fairly often. Here is a summary of
information gathered so far.
<bouncycastle.bcprov>bcprov-jdk18on</bouncycastle.bcprov>
<bouncycastle.bcpkix>bcpkix-jdk18on</bouncycastle.bcpkix>
<bouncycastle.version>1.77</bouncycastle.version>

Note that each ArtifactId has two flavours: 'bcprov-nnn'
and 'bcprov-ext-nnn'. The '-ext-' flavour includes "the
IDEA implementation as well as NTRU" which is missing
from the non '-ext-' version. These features were
removed since v1.40 "at the request of a number of
users".
Version ArtifactId Notes:
1.47 bcprov-jdk15on JDK v1.5 and later
1.46 bcprov-jdk15+ JDK v1.5 (and later?), the '+'
seems to confuse maven.
1.46 bcprov-jdk15 JDK v1.5
1.46 bcprov-jdk16 JDK v1.6
1.45 bcprov-jdk16 JDK v1.6; used by JGlobus-2.x
1.43 bcprov-jdk16 JDK v1.6; used by JGlobus-1.8.x
-->
<bouncycastle.bcprov>bcprov-jdk15on</bouncycastle.bcprov>
<bouncycastle.bcpkix>bcpkix-jdk15on</bouncycastle.bcpkix>
<bouncycastle.version>1.67</bouncycastle.version>
<datanucleus-core.version>6.0.6</datanucleus-core.version>
<datanucleus.plugin.version>6.0.0-release</datanucleus.plugin.version>
<asm.version>9.5</asm.version>
Expand Down Expand Up @@ -262,12 +238,26 @@
<dependency>
<groupId>eu.eu-emi.security</groupId>
<artifactId>canl</artifactId>
<version>2.6.0</version>
<version>2.8.3</version>
</dependency>
<dependency>
<groupId>org.italiangrid</groupId>
<artifactId>voms-api-java</artifactId>
<version>3.3.0</version>
<exclusions>
<exclusion>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>
</exclusion>
<exclusion>
<groupId>org.bouncycastle</groupId>
<artifactId>bcpkix-jdk15on</artifactId>
</exclusion>
<exclusion>
<groupId>eu.eu-emi.security</groupId>
<artifactId>canl</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.glite.authz</groupId>
Expand Down Expand Up @@ -713,6 +703,12 @@
<groupId>org.dcache</groupId>
<artifactId>xrootd4j-gsi</artifactId>
<version>${version.xrootd4j}</version>
<exclusions>
<exclusion>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.dcache</groupId>
Expand All @@ -733,6 +729,12 @@
<groupId>org.dcache</groupId>
<artifactId>xrootd4j-authz-plugin-alice</artifactId>
<version>1.2.0</version>
<exclusions>
<exclusion>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>
</exclusion>
</exclusions>
</dependency>

<dependency>
Expand Down

0 comments on commit daae5d5

Please sign in to comment.