freebsd-ports/java/bouncycastle15/Makefile
Eugene Grosbein efadb98a29 bouncycastle15: update to version 1.59
This release fixes CVE-2017-13098 ("ROBOT"), a Bleichenbacher oracle in TLS
when RSA key exchange is negotiated. This potentially affected BCJSSE servers
and any other TLS servers configured to use JCE for the underlying crypto -
note the two TLS implementations using the BC lightweight APIs
are not affected by this.

Some of additional fixes, features and functionality:

* GOST3410-94 private keys encoded using ASN.1 INTEGER are now accepted
  in private key info objects; GOST3412-2015 has been added
  to the JCE provider and the lightweight API.
* SCRYPT is now supported as a SecretKeyFactory in the provider and
  in the PKCS8 APIs.
* The BCJSSE provider now supports Server Name Indication,
  session resumption in clients, the jdk.tls.namedGroups and
  org.bouncycastle.jsse.ec.disableChar2 system properties.
* ECGOST-2012 public keys were being encoded with the wrong OID
  for the digest parameter in the algorithm parameter set. This has been fixed.
* The BCJSSE SSLEngine implementation now correctly wraps/unwraps
  application data only in whole records.

Further details on other additions and bug fixes can be found in the
release notes at:

https://www.bouncycastle.org/releasenotes.html

Security:	CVE-2017-13098
2017-12-29 09:21:11 +00:00

79 lines
2.3 KiB
Makefile

# Created by: Eugene Grosbein <ports@grosbein.net>
# $FreeBSD$
PORTNAME= bouncycastle
PORTVERSION= 1.59
CATEGORIES= java security
MASTER_SITES= http://www.bouncycastle.org/download/ \
http://polydistortion.net/bc/download/
PKGNAMESUFFIX= 15
DISTNAME= crypto-${DVERSION}
MAINTAINER= eugen@FreeBSD.org
COMMENT= Cleanroom build of Java Cryptography Extensions
LICENSE= MIT
BUILD_DEPENDS= ${JAVALIBDIR}/activation.jar:java/jaf \
${JAVALIBDIR}/mail.jar:java/javamail \
${JAVALIBDIR}/junit.jar:java/junit
RUN_DEPENDS= ${JAVALIBDIR}/activation.jar:java/jaf \
${JAVALIBDIR}/mail.jar:java/javamail
OPTIONS_DEFINE= DOCS ZIPSRC
OPTIONS_DEFAULT= ZIPSRC
OPTIONS_SUB= yes
ZIPSRC_DESC= Install bundled ZIP source files
CONFLICTS_INSTALL= bouncycastle-1.4*
DVERSION= ${PORTVERSION:S/.//}
NO_ARCH= yes
CPE_PRODUCT= legion-of-the-bouncy-castle-java-crytography-api
CPE_VENDOR= ${PORTNAME}
USE_JAVA= yes
USES= cpe
JAVA_VERSION= 1.6+
JDKMVERSION= 1.5
JDKNVERSION= 15
USE_ANT= yes
MAKE_ENV= ANT_INCLUDE_SHARED_JARS=YES
MAKE_ARGS= -f ant/jdk${JDKNVERSION}+.xml
ALL_TARGET= build-provider build zip-src
JARS_SRC= bcmail bcpkix bcprov bcpg
JARS_DOCS= ${JARS_SRC} bctest bctls
JARS= ${JARS_DOCS} bcprov-ext
PORTDOCS= *
.include <bsd.port.options.mk>
# PR 220612: remove fork="true" in javac and fork="yes" in junit tasks
.if ${ARCH} == armv6 || ${ARCH} == armv7
EXTRA_PATCHES+= ${FILESDIR}/armv6-patch-bc+-build.xml
.endif
do-install:
.for jar in ${JARS}
${INSTALL_DATA} ${WRKSRC}/build/artifacts/jdk${JDKMVERSION}/jars/${jar}-jdk${JDKNVERSION}on-${DVERSION}.jar \
${STAGEDIR}${JAVAJARDIR}/${jar}.jar
.endfor
${INSTALL_DATA} ${WRKSRC}/jars/bcprov-jdk${JDKNVERSION}on-${DVERSION}.jar \
${STAGEDIR}${JAVAJARDIR}/bcprov.jar
.if ${PORT_OPTIONS:MZIPSRC}
@${MKDIR} ${STAGEDIR}${DATADIR}
.for jar in ${JARS_SRC}
${INSTALL_DATA} ${WRKSRC}/build/artifacts/jdk${JDKMVERSION}/${jar}-jdk${JDKNVERSION}on-${DVERSION}/src.zip \
${STAGEDIR}${DATADIR}/${jar}-src.zip
.endfor
.endif
do-install-DOCS-on:
@${MKDIR} ${STAGEDIR}${DOCSDIR}
${INSTALL_DATA} ${WRKSRC}/*.html ${STAGEDIR}${DOCSDIR}
.for jar in ${JARS_DOCS}
@${MKDIR} ${STAGEDIR}${DOCSDIR}/${jar}
@cd ${WRKSRC}/build/artifacts/jdk${JDKMVERSION}/${jar}-jdk${JDKNVERSION}on-${DVERSION}/docs/ && \
${COPYTREE_SHARE} . ${STAGEDIR}${DOCSDIR}/${jar}
.endfor
.include <bsd.port.mk>