[Jython-checkins] jython: Upgrade BouncyCastle JARs to 1.61 (fixes #2742)
jeff.allen
jython-checkins at python.org
Sun May 12 08:54:20 EDT 2019
https://hg.python.org/jython/rev/811692d463ac
changeset: 8244:811692d463ac
user: Jeff Allen <ja.py at farowl.co.uk>
date: Sat May 11 10:44:22 2019 +0100
summary:
Upgrade BouncyCastle JARs to 1.61 (fixes #2742)
Small change to _sslcerts.py addresses change in exceptions raised.
files:
Lib/_sslcerts.py | 23 +++++++++++++------
NEWS | 1 +
build.gradle | 3 ++
build.xml | 4 +-
extlibs/bcpkix-jdk15on-1.57.jar | Bin
extlibs/bcpkix-jdk15on-1.61.jar | Bin
extlibs/bcprov-jdk15on-1.57.jar | Bin
extlibs/bcprov-jdk15on-1.61.jar | Bin
8 files changed, 21 insertions(+), 10 deletions(-)
diff --git a/Lib/_sslcerts.py b/Lib/_sslcerts.py
--- a/Lib/_sslcerts.py
+++ b/Lib/_sslcerts.py
@@ -40,9 +40,10 @@
from org.bouncycastle.jce.provider import BouncyCastleProvider
from org.bouncycastle.jce import ECNamedCurveTable
from org.bouncycastle.jce.spec import ECNamedCurveSpec
- from org.bouncycastle.openssl import PEMKeyPair, PEMParser, PEMEncryptedKeyPair, PEMException, \
- EncryptionException
+ from org.bouncycastle.openssl import PEMKeyPair, PEMParser, PEMEncryptedKeyPair, \
+ PEMException, EncryptionException
from org.bouncycastle.openssl.jcajce import JcaPEMKeyConverter, JcePEMDecryptorProviderBuilder
+ from org.bouncycastle.util.encoders import DecoderException
except ImportError:
# jarjar-ed version
from org.python.bouncycastle.asn1.pkcs import PrivateKeyInfo
@@ -51,9 +52,10 @@
from org.python.bouncycastle.jce.provider import BouncyCastleProvider
from org.python.bouncycastle.jce import ECNamedCurveTable
from org.python.bouncycastle.jce.spec import ECNamedCurveSpec
- from org.python.bouncycastle.openssl import PEMKeyPair, PEMParser, PEMEncryptedKeyPair, PEMException, \
- EncryptionException
+ from org.python.bouncycastle.openssl import PEMKeyPair, PEMParser, PEMEncryptedKeyPair, \
+ PEMException, EncryptionException
from org.python.bouncycastle.openssl.jcajce import JcaPEMKeyConverter, JcePEMDecryptorProviderBuilder
+ from org.python.bouncycastle.util.encoders import DecoderException
log = logging.getLogger("_socket")
Security.addProvider(BouncyCastleProvider())
@@ -243,6 +245,11 @@
def _read_pem_cert_from_data(f, password, key_converter, cert_converter):
+
+ def PEM_SSLError(err): # Shorthand
+ from _socket import SSLError, SSL_ERROR_SSL
+ return SSLError(SSL_ERROR_SSL, "PEM lib ({})".format(err))
+
certs = []
private_key = None
@@ -255,8 +262,9 @@
try:
obj = PEMParser(br).readObject()
except PEMException as err:
- from _socket import SSLError, SSL_ERROR_SSL
- raise SSLError(SSL_ERROR_SSL, "PEM lib ({})".format(err))
+ raise PEM_SSLError(err)
+ except DecoderException as err:
+ raise PEM_SSLError(err)
if obj is None:
break
@@ -272,8 +280,7 @@
try:
key_pair = key_converter.getKeyPair(obj.decryptKeyPair(provider))
except EncryptionException as err:
- from _socket import SSLError, SSL_ERROR_SSL
- raise SSLError(SSL_ERROR_SSL, "PEM lib ({})".format(err))
+ raise PEM_SSLError(err)
private_key = key_pair.getPrivate()
else:
diff --git a/NEWS b/NEWS
--- a/NEWS
+++ b/NEWS
@@ -5,6 +5,7 @@
Development tip
Bugs fixed
+ - [ 2742 ] JARs for bouncycastle out of date (upgrade to 1.16)
- [ 2762 ] Upgrade Apache commons-compress to 1.18
- [ GH-108 ] Updates to JNR/JFFI to improve ARM HF support
- [ 2445 ] Eclipse's DelegatingFeatureMap has MRO conflict (and IBM's MQQueue)
diff --git a/build.gradle b/build.gradle
--- a/build.gradle
+++ b/build.gradle
@@ -149,6 +149,9 @@
implementation group: 'org.apache.commons', name: 'commons-compress', version: '1.18'
+ implementation group: 'org.bouncycastle', name: 'bcpkix-jdk15on', version: '1.61'
+ implementation group: 'org.bouncycastle', name: 'bcprov-jdk15on', version: '1.61'
+
implementation group: 'org.ow2.asm', name: 'asm', version: '7.0'
implementation group: 'org.ow2.asm', name: 'asm-commons', version: '7.0'
implementation group: 'org.ow2.asm', name: 'asm-util', version: '7.0'
diff --git a/build.xml b/build.xml
--- a/build.xml
+++ b/build.xml
@@ -553,9 +553,9 @@
<zipfileset src="extlibs/asm-commons-7.0.jar"/>
<zipfileset src="extlibs/asm-util-7.0.jar"/>
<rule pattern="org.objectweb.asm.**" result="org.python.objectweb.asm. at 1"/>
- <zipfileset src="extlibs/bcpkix-jdk15on-1.57.jar" excludes="META-INF/**"/>
+ <zipfileset src="extlibs/bcpkix-jdk15on-1.61.jar" excludes="META-INF/**"/>
<rule pattern="org.bouncycastle.**" result="org.python.bouncycastle. at 1"/>
- <zipfileset src="extlibs/bcprov-jdk15on-1.57.jar" excludes="META-INF/**"/>
+ <zipfileset src="extlibs/bcprov-jdk15on-1.61.jar" excludes="META-INF/**"/>
<rule pattern="org.bouncycastle.**" result="org.python.bouncycastle. at 1"/>
<zipfileset src="extlibs/commons-compress-1.18.jar"/>
<rule pattern="org.apache.**" result="org.python.apache. at 1"/>
diff --git a/extlibs/bcpkix-jdk15on-1.57.jar b/extlibs/bcpkix-jdk15on-1.57.jar
deleted file mode 100644
index 5ce7d5c5cc49c03102e3bb5248405b52431f9ebd..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391
GIT binary patch
[stripped]
diff --git a/extlibs/bcpkix-jdk15on-1.61.jar b/extlibs/bcpkix-jdk15on-1.61.jar
new file mode 100644
index e69de29bb2d1d6434b8b29ae775ad8c2e48c5391..c9657cdbe99a935787404edc2a83d1e6b1732cf9
GIT binary patch
[stripped]
diff --git a/extlibs/bcprov-jdk15on-1.57.jar b/extlibs/bcprov-jdk15on-1.57.jar
deleted file mode 100644
index 5a10986b3aac075df6f5400028cf2a6a0a8eb9fa..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391
GIT binary patch
[stripped]
diff --git a/extlibs/bcprov-jdk15on-1.61.jar b/extlibs/bcprov-jdk15on-1.61.jar
new file mode 100644
index e69de29bb2d1d6434b8b29ae775ad8c2e48c5391..1fdff384b720e6ac563c80a6bdf7e8bc9f883367
GIT binary patch
[stripped]
--
Repository URL: https://hg.python.org/jython
More information about the Jython-checkins
mailing list