diff --git a/constants.properties b/constants.properties index 63f4c9383b..383e011516 100644 --- a/constants.properties +++ b/constants.properties @@ -24,7 +24,7 @@ jdkClassifier11=jdk11 dockerJavaVersion=3.2.5 proguardVersion=6.1.1 // bouncy castle version must not be changed on a patch release. Needs a full release test cycle to flush out any issues. -bouncycastleVersion=1.69 +bouncycastleVersion=1.72 classgraphVersion=4.8.135 disruptorVersion=3.4.2 typesafeConfigVersion=1.3.4 diff --git a/core-deterministic/build.gradle b/core-deterministic/build.gradle index dbf572f06d..b5db332a1e 100644 --- a/core-deterministic/build.gradle +++ b/core-deterministic/build.gradle @@ -49,8 +49,8 @@ dependencies { // These dependencies will become "runtime" scoped in our published POM. // See publish.dependenciesFrom.defaultScope. - deterministicLibraries "org.bouncycastle:bcprov-jdk15on:$bouncycastle_version" - deterministicLibraries "org.bouncycastle:bcpkix-jdk15on:$bouncycastle_version" + deterministicLibraries "org.bouncycastle:bcprov-jdk15to18:$bouncycastle_version" + deterministicLibraries "org.bouncycastle:bcpkix-jdk15to18:$bouncycastle_version" deterministicLibraries "net.i2p.crypto:eddsa:$eddsa_version" } diff --git a/core/build.gradle b/core/build.gradle index 3939983353..3d117c5195 100644 --- a/core/build.gradle +++ b/core/build.gradle @@ -73,8 +73,8 @@ dependencies { compile "net.i2p.crypto:eddsa:$eddsa_version" // Bouncy castle support needed for X509 certificate manipulation - compile "org.bouncycastle:bcprov-jdk15on:${bouncycastle_version}" - compile "org.bouncycastle:bcpkix-jdk15on:${bouncycastle_version}" + compile "org.bouncycastle:bcprov-jdk15to18:${bouncycastle_version}" + compile "org.bouncycastle:bcpkix-jdk15to18:${bouncycastle_version}" // JPA 2.2 annotations. compile "javax.persistence:javax.persistence-api:2.2" diff --git a/node-api/src/main/kotlin/net/corda/nodeapi/internal/protonwrapper/netty/SSLHelper.kt b/node-api/src/main/kotlin/net/corda/nodeapi/internal/protonwrapper/netty/SSLHelper.kt index 98910a673f..87e6a3e4cb 100644 --- a/node-api/src/main/kotlin/net/corda/nodeapi/internal/protonwrapper/netty/SSLHelper.kt +++ b/node-api/src/main/kotlin/net/corda/nodeapi/internal/protonwrapper/netty/SSLHelper.kt @@ -19,8 +19,8 @@ import net.corda.nodeapi.internal.config.CertificateStore import net.corda.nodeapi.internal.crypto.toBc import net.corda.nodeapi.internal.crypto.x509 import net.corda.nodeapi.internal.protonwrapper.netty.revocation.ExternalSourceRevocationChecker +import org.bouncycastle.asn1.ASN1IA5String import org.bouncycastle.asn1.ASN1InputStream -import org.bouncycastle.asn1.DERIA5String import org.bouncycastle.asn1.DEROctetString import org.bouncycastle.asn1.x509.AuthorityKeyIdentifier import org.bouncycastle.asn1.x509.CRLDistPoint @@ -71,7 +71,7 @@ fun X509Certificate.distributionPoints() : Set? { val dpNames = distPoint.distributionPoints.mapNotNull { it.distributionPoint }.filter { it.type == DistributionPointName.FULL_NAME } val generalNames = dpNames.flatMap { GeneralNames.getInstance(it.name).names.asList() } - return generalNames.filter { it.tagNo == GeneralName.uniformResourceIdentifier}.map { DERIA5String.getInstance(it.name).string }.toSet() + return generalNames.filter { it.tagNo == GeneralName.uniformResourceIdentifier}.map { ASN1IA5String.getInstance(it.name).string }.toSet() } fun X509Certificate.distributionPointsToString() : String {