Update BouncyCastle patch for BC 1.77 (Closes: #1057683)

c45215e7 · Tony Mancill · 90e586dc · c45215e7
Commit c45215e7 authored 1 year ago by Tony Mancill
--- a/debian/patches/01-bouncycastle-compatibility.patch
+++ b/debian/patches/01-bouncycastle-compatibility.patch
@@ -3,9 +3,11 @@ Origin: vendor
 Bug: https://issues.apache.org/jira/browse/PDFBOX-1587
     https://issues.apache.org/jira/browse/PDFBOX-1669
 Author: Gregor Herrmann <gregoa@debian.org>, Tony Mancill <tmancill@debian.org>
+Last-Update: 2023-12-14
+
 --- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/PublicKeySecurityHandler.java
 +++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/PublicKeySecurityHandler.java
-@@ -27,6 +27,7 @@ import java.security.KeyStoreException;
+@@ -27,6 +27,7 @@
 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
 import java.security.NoSuchProviderException;
@@ -13,7 +15,7 @@ Author: Gregor Herrmann <gregoa@debian.org>, Tony Mancill <tmancill@debian.org>
 import java.security.SecureRandom;
 import java.security.cert.X509Certificate;
 import java.util.Iterator;
-@@ -38,8 +39,8 @@ import org.apache.commons.logging.Log;
+@@ -38,10 +39,10 @@
 import org.apache.commons.logging.LogFactory;
 
 import org.bouncycastle.asn1.ASN1InputStream;
@@ -21,10 +23,13 @@ Author: Gregor Herrmann <gregoa@debian.org>, Tony Mancill <tmancill@debian.org>
 -import org.bouncycastle.asn1.DERObjectIdentifier;
 +import org.bouncycastle.asn1.ASN1Primitive;
 +import org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import org.bouncycastle.asn1.ASN1OutputStream;
 import org.bouncycastle.asn1.DEROctetString;
- import org.bouncycastle.asn1.DEROutputStream;
+-import org.bouncycastle.asn1.DEROutputStream;
 import org.bouncycastle.asn1.DERSet;
-@@ -56,6 +57,7 @@ import org.bouncycastle.asn1.x509.TBSCer
+ import org.bouncycastle.asn1.cms.ContentInfo;
+ import org.bouncycastle.asn1.cms.EncryptedContentInfo;
+@@ -56,6 +57,7 @@
 import org.bouncycastle.cms.CMSEnvelopedData;
 import org.bouncycastle.cms.CMSException;
 import org.bouncycastle.cms.RecipientInformation;
@@ -32,7 +37,7 @@ Author: Gregor Herrmann <gregoa@debian.org>, Tony Mancill <tmancill@debian.org>
 import org.apache.pdfbox.cos.COSArray;
 import org.apache.pdfbox.cos.COSString;
 import org.apache.pdfbox.exceptions.CryptographyException;
-@@ -185,7 +187,7 @@ public class PublicKeySecurityHandler ex
+@@ -185,7 +187,7 @@
                     if (ri.getRID().match(material.getCertificate()) && !foundRecipient)
                     {
                         foundRecipient = true;
@@ -41,7 +46,7 @@ Author: Gregor Herrmann <gregoa@debian.org>, Tony Mancill <tmancill@debian.org>
                         break;
                     }
                 }
-@@ -239,10 +241,6 @@ public class PublicKeySecurityHandler ex
+@@ -239,10 +241,6 @@
         {
             throw new CryptographyException(e);
         }
@@ -52,7 +57,7 @@ Author: Gregor Herrmann <gregoa@debian.org>, Tony Mancill <tmancill@debian.org>
         catch (NoSuchAlgorithmException e)
         {
             throw new CryptographyException(e);
-@@ -311,7 +309,7 @@ public class PublicKeySecurityHandler ex
+@@ -311,11 +309,11 @@
                 pkcs7input[22] = two;
                 pkcs7input[23] = one;
 
@@ -61,7 +66,12 @@ Author: Gregor Herrmann <gregoa@debian.org>, Tony Mancill <tmancill@debian.org>
 
                 ByteArrayOutputStream baos = new ByteArrayOutputStream();
 
-@@ -378,7 +376,7 @@ public class PublicKeySecurityHandler ex
+-                DEROutputStream k = new DEROutputStream(baos);
+                ASN1OutputStream k = ASN1OutputStream.create(baos);
+ 
+                 k.writeObject(obj);
+ 
+@@ -378,7 +376,7 @@
 
     }
 
@@ -70,7 +80,7 @@ Author: Gregor Herrmann <gregoa@debian.org>, Tony Mancill <tmancill@debian.org>
         throws IOException,
                GeneralSecurityException
     {
-@@ -389,7 +387,7 @@ public class PublicKeySecurityHandler ex
+@@ -389,7 +387,7 @@
         AlgorithmParameters algorithmparameters = algorithmparametergenerator.generateParameters();
         ByteArrayInputStream bytearrayinputstream = new ByteArrayInputStream(algorithmparameters.getEncoded("ASN.1"));
         ASN1InputStream asn1inputstream = new ASN1InputStream(bytearrayinputstream);
@@ -79,7 +89,7 @@ Author: Gregor Herrmann <gregoa@debian.org>, Tony Mancill <tmancill@debian.org>
         KeyGenerator keygenerator;
         try
         {
-@@ -409,13 +407,13 @@ public class PublicKeySecurityHandler ex
+@@ -409,13 +407,13 @@
         DEROctetString deroctetstring = new DEROctetString(abyte1);
         KeyTransRecipientInfo keytransrecipientinfo = computeRecipientInfo(cert, secretkey.getEncoded());
         DERSet derset = new DERSet(new RecipientInfo(keytransrecipientinfo));
@@ -96,3 +106,12 @@ Author: Gregor Herrmann <gregoa@debian.org>, Tony Mancill <tmancill@debian.org>
     }
 
     private KeyTransRecipientInfo computeRecipientInfo(X509Certificate x509certificate, byte[] abyte0)
+@@ -430,7 +428,7 @@
+             new IssuerAndSerialNumber(
+                 tbscertificatestructure.getIssuer(),
+                 tbscertificatestructure.getSerialNumber().getValue());
+-        Cipher cipher = Cipher.getInstance(algorithmidentifier.getObjectId().getId());
+        Cipher cipher = Cipher.getInstance(algorithmidentifier.getAlgorithm().getId());
+         cipher.init(1, x509certificate.getPublicKey());
+         DEROctetString deroctetstring = new DEROctetString(cipher.doFinal(abyte0));
+         RecipientIdentifier recipId = new RecipientIdentifier(issuerandserialnumber);