Repository: ant-ivy Updated Branches: refs/heads/master 12e1aaf5f -> bb3ddfe42
IVY-1521: Update bouncycastle to 1.52 Thanks to Michal Srb Project: http://git-wip-us.apache.org/repos/asf/ant-ivy/repo Commit: http://git-wip-us.apache.org/repos/asf/ant-ivy/commit/bb3ddfe4 Tree: http://git-wip-us.apache.org/repos/asf/ant-ivy/tree/bb3ddfe4 Diff: http://git-wip-us.apache.org/repos/asf/ant-ivy/diff/bb3ddfe4 Branch: refs/heads/master Commit: bb3ddfe426cf4ff5390f742d35bdba02a4ce7624 Parents: 12e1aaf Author: Nicolas Lalevée <[email protected]> Authored: Sun Sep 6 17:50:14 2015 +0200 Committer: Nicolas Lalevée <[email protected]> Committed: Sun Sep 6 17:50:14 2015 +0200 ---------------------------------------------------------------------- .classpath.default | 90 ++++++++++---------- doc/release-notes.html | 3 + ivy.xml | 4 +- .../bouncycastle/OpenPGPSignatureGenerator.java | 43 ++++------ 4 files changed, 68 insertions(+), 72 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/ant-ivy/blob/bb3ddfe4/.classpath.default ---------------------------------------------------------------------- diff --git a/.classpath.default b/.classpath.default index 24d26f5..d60d9a6 100644 --- a/.classpath.default +++ b/.classpath.default @@ -1,45 +1,45 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!-- - Licensed to the Apache Software Foundation (ASF) under one - or more contributor license agreements. See the NOTICE file - distributed with this work for additional information - regarding copyright ownership. The ASF licenses this file - to you under the Apache License, Version 2.0 (the - "License"); you may not use this file except in compliance - with the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, - software distributed under the License is distributed on an - "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - KIND, either express or implied. See the License for the - specific language governing permissions and limitations - under the License. ---> -<classpath> - <classpathentry kind="src" path="src/java"/> - <classpathentry kind="src" path="test/java"/> - <classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER"/> - <classpathentry kind="lib" path="lib/ant.jar"/> - <classpathentry kind="lib" path="lib/ant-testutil.jar"/> - <classpathentry kind="lib" path="lib/commons-codec.jar"/> - <classpathentry kind="lib" path="lib/commons-httpclient.jar"/> - <classpathentry kind="lib" path="lib/commons-lang.jar"/> - <classpathentry kind="lib" path="lib/commons-logging.jar"/> - <classpathentry kind="lib" path="lib/commons-vfs.jar"/> - <classpathentry kind="lib" path="lib/jsch.jar"/> - <classpathentry kind="lib" path="lib/junit.jar"/> - <classpathentry kind="lib" path="lib/xmlunit.jar"/> - <classpathentry kind="lib" path="lib/oro.jar"/> - <classpathentry kind="lib" path="lib/bcpg-jdk14.jar"/> - <classpathentry kind="lib" path="lib/bcprov-jdk14.jar"/> - <classpathentry kind="lib" path="lib/jsch.agentproxy.connector-factory.jar"/> - <classpathentry kind="lib" path="lib/jsch.agentproxy.core.jar"/> - <classpathentry kind="lib" path="lib/jsch.agentproxy.jsch.jar"/> - <classpathentry kind="lib" path="lib/jsch.agentproxy.pageant.jar"/> - <classpathentry kind="lib" path="lib/jsch.agentproxy.sshagent.jar"/> - <classpathentry kind="lib" path="lib/jsch.agentproxy.usocket-jna.jar"/> - <classpathentry kind="lib" path="lib/jsch.agentproxy.usocket-nc.jar"/> - <classpathentry kind="output" path="bin"/> -</classpath> +<?xml version="1.0" encoding="UTF-8"?> +<!-- + Licensed to the Apache Software Foundation (ASF) under one + or more contributor license agreements. See the NOTICE file + distributed with this work for additional information + regarding copyright ownership. The ASF licenses this file + to you under the Apache License, Version 2.0 (the + "License"); you may not use this file except in compliance + with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, + software distributed under the License is distributed on an + "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + KIND, either express or implied. See the License for the + specific language governing permissions and limitations + under the License. +--> +<classpath> + <classpathentry kind="src" path="src/java"/> + <classpathentry kind="src" path="test/java"/> + <classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER"/> + <classpathentry kind="lib" path="lib/ant.jar"/> + <classpathentry kind="lib" path="lib/ant-testutil.jar"/> + <classpathentry kind="lib" path="lib/commons-codec.jar"/> + <classpathentry kind="lib" path="lib/commons-httpclient.jar"/> + <classpathentry kind="lib" path="lib/commons-lang.jar"/> + <classpathentry kind="lib" path="lib/commons-logging.jar"/> + <classpathentry kind="lib" path="lib/commons-vfs.jar"/> + <classpathentry kind="lib" path="lib/jsch.jar"/> + <classpathentry kind="lib" path="lib/junit.jar"/> + <classpathentry kind="lib" path="lib/xmlunit.jar"/> + <classpathentry kind="lib" path="lib/oro.jar"/> + <classpathentry kind="lib" path="lib/bcpg-jdk15on.jar"/> + <classpathentry kind="lib" path="lib/bcprov-jdk15on.jar"/> + <classpathentry kind="lib" path="lib/jsch.agentproxy.connector-factory.jar"/> + <classpathentry kind="lib" path="lib/jsch.agentproxy.core.jar"/> + <classpathentry kind="lib" path="lib/jsch.agentproxy.jsch.jar"/> + <classpathentry kind="lib" path="lib/jsch.agentproxy.pageant.jar"/> + <classpathentry kind="lib" path="lib/jsch.agentproxy.sshagent.jar"/> + <classpathentry kind="lib" path="lib/jsch.agentproxy.usocket-jna.jar"/> + <classpathentry kind="lib" path="lib/jsch.agentproxy.usocket-nc.jar"/> + <classpathentry kind="output" path="bin"/> +</classpath> http://git-wip-us.apache.org/repos/asf/ant-ivy/blob/bb3ddfe4/doc/release-notes.html ---------------------------------------------------------------------- diff --git a/doc/release-notes.html b/doc/release-notes.html index 3c514c0..97471b3 100644 --- a/doc/release-notes.html +++ b/doc/release-notes.html @@ -36,6 +36,7 @@ reporting) project dependencies, characterized by flexibility, configurability, and tight integration with Apache Ant. Key features of this 2.5.0 release are +* Ivy nows uses BoucyCastle 1.52. Due to the non backward compatibility of that library, earlier versions are not supported. * TODO * TODO * TODO @@ -65,6 +66,7 @@ List of changes since Ivy 2.4.0: - FIX: useCacheOnly should allow lookup of changing dependencies in cache (IVY-1515) (Thanks to Ilya) - IMPROVEMENT: Optimization: limit the revision numbers scanned if revision prefix is specified (Thanks to Ernestas Vaiciukevičius) +- IMPROVEMENT: Update bouncycastle to 1.52 (IVY-1521) (Thanks to Michal Srb) - NEW: Lets ssh-based resolvers use an ~/.ssh/config file to find username/hostname/keyfile options (Thanks to Colin Stanfill) - NEW: Add ivy.maven.sources.lookup and ivy.maven.javadoc.lookup variables to control the lookup of the additional artifacts. Defaults to true, for backward compatibility (IVY-1529) @@ -202,6 +204,7 @@ Here is the list of people who have contributed source code and documentation up <li>John Shields</li> <li>Nihal Sinha</li> <li>Gene Smith</li> +<li>Michal Srb</li> <li>Colin Stanfill</li> <li>Simon Steiner</li> <li>Johan Stuyts</li> http://git-wip-us.apache.org/repos/asf/ant-ivy/blob/bb3ddfe4/ivy.xml ---------------------------------------------------------------------- diff --git a/ivy.xml b/ivy.xml index 552f3e7..ea0c6bb 100644 --- a/ivy.xml +++ b/ivy.xml @@ -53,8 +53,8 @@ <dependency org="com.jcraft" name="jsch.agentproxy" rev="0.0.6" conf="default,sftp->default" /> <dependency org="com.jcraft" name="jsch.agentproxy.connector-factory" rev="0.0.6" conf="default,sftp->default" /> <dependency org="com.jcraft" name="jsch.agentproxy.jsch" rev="0.0.6" conf="default,sftp->default" /> - <dependency org="org.bouncycastle" name="bcpg-jdk14" rev="1.45" conf="default" /> - <dependency org="org.bouncycastle" name="bcprov-jdk14" rev="1.45" conf="default" /> + <dependency org="org.bouncycastle" name="bcpg-jdk15on" rev="1.52" conf="default" /> + <dependency org="org.bouncycastle" name="bcprov-jdk15on" rev="1.52" conf="default" /> <!-- Test dependencies --> <dependency org="junit" name="junit" rev="3.8.2" conf="test->default" /> http://git-wip-us.apache.org/repos/asf/ant-ivy/blob/bb3ddfe4/src/java/org/apache/ivy/plugins/signer/bouncycastle/OpenPGPSignatureGenerator.java ---------------------------------------------------------------------- diff --git a/src/java/org/apache/ivy/plugins/signer/bouncycastle/OpenPGPSignatureGenerator.java b/src/java/org/apache/ivy/plugins/signer/bouncycastle/OpenPGPSignatureGenerator.java index af7beae..c90608b 100644 --- a/src/java/org/apache/ivy/plugins/signer/bouncycastle/OpenPGPSignatureGenerator.java +++ b/src/java/org/apache/ivy/plugins/signer/bouncycastle/OpenPGPSignatureGenerator.java @@ -23,10 +23,7 @@ import java.io.FileOutputStream; import java.io.IOException; import java.io.InputStream; import java.io.OutputStream; -import java.security.NoSuchAlgorithmException; -import java.security.NoSuchProviderException; import java.security.Security; -import java.security.SignatureException; import java.util.Iterator; import org.apache.ivy.plugins.signer.SignatureGenerator; @@ -41,6 +38,11 @@ import org.bouncycastle.openpgp.PGPSecretKeyRingCollection; import org.bouncycastle.openpgp.PGPSignature; import org.bouncycastle.openpgp.PGPSignatureGenerator; import org.bouncycastle.openpgp.PGPUtil; +import org.bouncycastle.openpgp.operator.PBESecretKeyDecryptor; +import org.bouncycastle.openpgp.operator.bc.BcKeyFingerprintCalculator; +import org.bouncycastle.openpgp.operator.bc.BcPBESecretKeyDecryptorBuilder; +import org.bouncycastle.openpgp.operator.bc.BcPGPContentSignerBuilder; +import org.bouncycastle.openpgp.operator.bc.BcPGPDigestCalculatorProvider; public class OpenPGPSignatureGenerator implements SignatureGenerator { @@ -101,11 +103,12 @@ public class OpenPGPSignatureGenerator implements SignatureGenerator { pgpSec = readSecretKey(keyIn); } - PGPPrivateKey pgpPrivKey = pgpSec.extractPrivateKey(password.toCharArray(), - BouncyCastleProvider.PROVIDER_NAME); - PGPSignatureGenerator sGen = new PGPSignatureGenerator(pgpSec.getPublicKey() - .getAlgorithm(), PGPUtil.SHA1, BouncyCastleProvider.PROVIDER_NAME); - sGen.initSign(PGPSignature.BINARY_DOCUMENT, pgpPrivKey); + PBESecretKeyDecryptor decryptor = new BcPBESecretKeyDecryptorBuilder( + new BcPGPDigestCalculatorProvider()).build(password.toCharArray()); + PGPPrivateKey pgpPrivKey = pgpSec.extractPrivateKey(decryptor); + PGPSignatureGenerator sGen = new PGPSignatureGenerator(new BcPGPContentSignerBuilder( + pgpSec.getPublicKey().getAlgorithm(), PGPUtil.SHA1)); + sGen.init(PGPSignature.BINARY_DOCUMENT, pgpPrivKey); in = new FileInputStream(src); out = new BCPGOutputStream(new ArmoredOutputStream(new FileOutputStream(dest))); @@ -116,22 +119,10 @@ public class OpenPGPSignatureGenerator implements SignatureGenerator { } sGen.generate().encode(out); - } catch (SignatureException e) { - IOException ioexc = new IOException(); - ioexc.initCause(e); - throw ioexc; } catch (PGPException e) { IOException ioexc = new IOException(); ioexc.initCause(e); throw ioexc; - } catch (NoSuchAlgorithmException e) { - IOException ioexc = new IOException(); - ioexc.initCause(e); - throw ioexc; - } catch (NoSuchProviderException e) { - IOException ioexc = new IOException(); - ioexc.initCause(e); - throw ioexc; } finally { if (out != null) { try { @@ -156,14 +147,16 @@ public class OpenPGPSignatureGenerator implements SignatureGenerator { private PGPSecretKey readSecretKey(InputStream in) throws IOException, PGPException { in = PGPUtil.getDecoderStream(in); - PGPSecretKeyRingCollection pgpSec = new PGPSecretKeyRingCollection(in); + PGPSecretKeyRingCollection pgpSec = new PGPSecretKeyRingCollection(in, + new BcKeyFingerprintCalculator()); PGPSecretKey key = null; - for (Iterator it = pgpSec.getKeyRings(); key == null && it.hasNext();) { - PGPSecretKeyRing kRing = (PGPSecretKeyRing) it.next(); + for (Iterator<PGPSecretKeyRing> it = pgpSec.getKeyRings(); key == null && it.hasNext();) { + PGPSecretKeyRing kRing = it.next(); - for (Iterator it2 = kRing.getSecretKeys(); key == null && it2.hasNext();) { - PGPSecretKey k = (PGPSecretKey) it2.next(); + for (Iterator<PGPSecretKey> it2 = kRing.getSecretKeys(); key == null + && it2.hasNext();) { + PGPSecretKey k = it2.next(); if ((keyId == null) && k.isSigningKey()) { key = k; }
