[
https://issues.apache.org/jira/browse/NIFI-1324?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15118205#comment-15118205
]
ASF subversion and git services commented on NIFI-1324:
-------------------------------------------------------
Commit 93aac8cff38741454211c331451372b68b745148 in nifi's branch
refs/heads/master from [~alopresto]
[ https://git-wip-us.apache.org/repos/asf?p=nifi.git;h=93aac8c ]
NIFI-1365
Added Groovy support for unit tests to pom with skeleton test.
Added Groovy unit tests for OCSPCertificateValidator.
Implemented positive & negative unit tests with cache injection for
valid/revoked OCSP certificate.
Modified pom.xml to support Groovy unit tests with custom variable.
mvn clean test -Dgroovy=test
Added local cache injection into Groovy tests for OCSP certificate validation
(see NIFI-1324 and NIFI-1364).
Set Java version to 1.7 for Groovy test src/target.
Moved Groovy unit test profile from nifi-web-security to root pom.
Added null check for algorithm argument in PGPUtil.
Changed buffer length check from ">= 0" to "> -1" because it was confusing
other developers.
Resolved contrib-check line length issues.
Fixed contrib-check issues in OpenPGPKeyBasedEncryptorTest.
This closes #163
Signed-off-by: Matt Gilman <[email protected]>
> Upgrade to correct version of BouncyCastle
> ------------------------------------------
>
> Key: NIFI-1324
> URL: https://issues.apache.org/jira/browse/NIFI-1324
> Project: Apache NiFi
> Issue Type: Task
> Components: Core Framework
> Affects Versions: 0.4.1
> Reporter: Andy LoPresto
> Assignee: Andy LoPresto
> Labels: dependencies, security
> Fix For: 0.5.0
>
>
> The existing Maven dependencies are for
> {{org.bouncycastle:bcprov-jdk16:1.46}} and
> {{org.bouncycastle:bcpg-jdk16:1.46}}. While {{jdk16}} looks "newer" than
> {{jdk15on}}, this was actually a legacy mistake on the part of BouncyCastle
> versioning. The correct and current version of BouncyCastle is {{jdk15on}},
> as evidenced by the age of the releases:
> * jdk15on: 03/2012 - 10/2015 "The Bouncy Castle Crypto package is a Java
> implementation of cryptographic algorithms. This jar contains JCE provider
> and lightweight API for the Bouncy Castle Cryptography APIs for JDK 1.5 to
> JDK 1.8." (http://mvnrepository.com/artifact/org.bouncycastle/bcprov-jdk15on)
> * jdk16: 11/2007 - 02/2011 "The Bouncy Castle Crypto package is a Java
> implementation of cryptographic algorithms. This jar contains JCE provider
> and lightweight API for the Bouncy Castle Cryptography APIs for JDK 1.6."
> (http://mvnrepository.com/artifact/org.bouncycastle/bcprov-jdk16)
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
