mirror/keycloak
1
0
Fork 0
mirror of https://github.com/keycloak/keycloak.git synced 2026-05-07 07:30:17 -05:00
Code Issues Packages Projects Releases Wiki Activity

Upgrade bc-fips to 1.0.2.5

Browse Source 
Closes #26568
Closes #27884

Signed-off-by: rmartinc <rmartinc@redhat.com>
This commit is contained in:
rmartinc
2024-06-22 11:07:42 +02:00
committed by Marek Posolda
parent 0f061a75e2
commit e9c9efc3f4
43 changed files with 76 additions and 78 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.github/scripts/run-fips-ut.sh
+1 -8
View File
@@ -15,11 +15,4 @@ export JAVA_HOME=/etc/alternatives/java_sdk_21
if [ $? -ne 0 ]; then
exit 1
fi
# NOTE the use of "org.bouncycastle.rsa.allow_pkcs15_enc" as per BCFIPS release notes:
#
# End of 2023 transition for RSA PKCS1.5 encryption. The provider blocks RSA with PKCS1.5 encryption.
# The following property can be used to override the default behavior:
# org.bouncycastle.rsa.allow_pkcs15_enc (allow use of PKCS1.5)
# This is required by crypto/fips1402/src/test/java/org/keycloak/crypto/fips/test/FIPS1402JWETest.java
./mvnw test -nsu -B -pl crypto/default,crypto/fips1402 -Dcom.redhat.fips=true -Dorg.bouncycastle.fips.approved_only=true -Dorg.bouncycastle.rsa.allow_pkcs15_enc=true
./mvnw test -nsu -B -pl crypto/default,crypto/fips1402 -Dcom.redhat.fips=true -Dorg.bouncycastle.fips.approved_only=true