Compare commits
7 Commits
8abd8e8708
...
9d3cbf5957
Author | SHA1 | Date |
---|---|---|
Paul Schaub | 9d3cbf5957 | |
Paul Schaub | fc7101cdef | |
Paul Schaub | 36c29cd167 | |
Paul Schaub | 0cf7fb6289 | |
Paul Schaub | 7224230493 | |
Paul Schaub | caeeaf6751 | |
Paul Schaub | 9cf15e3d7c |
|
@ -5,6 +5,12 @@ SPDX-License-Identifier: CC0-1.0
|
|||
|
||||
# PGPainless Changelog
|
||||
|
||||
## 1.6.7
|
||||
- SOP: Fix OOM error when detached-signing large amounts of data (fix #432)
|
||||
- Move `CachingBcPublicKeyDataDecryptorFactory` from `org.bouncycastle` packet to `org.pgpainless.decryption_verification` to avoid package split (partially addresses #428)
|
||||
- Basic support for Java Modules for `pgpainless-core` and `pgpainless-sop`
|
||||
- Added `Automatic-Module-Name` directive to gradle build files
|
||||
|
||||
## 1.6.6
|
||||
- Downgrade `logback-core` and `logback-classic` to `1.2.13` to fix #426
|
||||
|
||||
|
|
|
@ -191,7 +191,7 @@ repositories {
|
|||
}
|
||||
|
||||
dependencies {
|
||||
implementation 'org.pgpainless:pgpainless-core:1.6.6'
|
||||
implementation 'org.pgpainless:pgpainless-core:1.6.7'
|
||||
}
|
||||
```
|
||||
|
||||
|
|
|
@ -32,4 +32,4 @@ Valid security issues will be fixed ASAP.
|
|||
PGPainless has received a security audit by [cure53.de](https://cure53.de) in late 2021.
|
||||
The [penetrationj test and audit](https://cure53.de/pentest-report_pgpainless.pdf) covered PGPainless
|
||||
release candidate 1.0.0-rc6.
|
||||
Security fixes for discovered flaws were deployed before the final 1.0.0 release.
|
||||
Security fixes for discovered flaws were deployed before the final 1.0.0 release.
|
||||
|
|
|
@ -27,3 +27,10 @@ dependencies {
|
|||
// @Nullable, @Nonnull annotations
|
||||
implementation "com.google.code.findbugs:jsr305:3.0.2"
|
||||
}
|
||||
|
||||
// https://docs.gradle.org/current/userguide/java_library_plugin.html#sec:java_library_modular_auto
|
||||
tasks.named('jar') {
|
||||
manifest {
|
||||
attributes('Automatic-Module-Name': 'org.pgpainless.core')
|
||||
}
|
||||
}
|
||||
|
|
|
@ -1,8 +0,0 @@
|
|||
// SPDX-FileCopyrightText: 2022 Paul Schaub <vanitasvitae@fsfe.org>
|
||||
//
|
||||
// SPDX-License-Identifier: Apache-2.0
|
||||
|
||||
/**
|
||||
* Classes which could be upstreamed to BC at some point.
|
||||
*/
|
||||
package org.bouncycastle;
|
|
@ -1,8 +1,8 @@
|
|||
// SPDX-FileCopyrightText: 2022 Paul Schaub <vanitasvitae@fsfe.org>
|
||||
// SPDX-FileCopyrightText: 2024 Paul Schaub <vanitasvitae@fsfe.org>
|
||||
//
|
||||
// SPDX-License-Identifier: Apache-2.0
|
||||
|
||||
package org.bouncycastle;
|
||||
package org.pgpainless.decryption_verification;
|
||||
|
||||
import org.bouncycastle.openpgp.PGPException;
|
||||
import org.bouncycastle.openpgp.PGPPrivateKey;
|
||||
|
@ -10,7 +10,6 @@ import org.bouncycastle.openpgp.operator.PublicKeyDataDecryptorFactory;
|
|||
import org.bouncycastle.openpgp.operator.bc.BcPublicKeyDataDecryptorFactory;
|
||||
import org.bouncycastle.util.encoders.Base64;
|
||||
import org.bouncycastle.util.encoders.Hex;
|
||||
import org.pgpainless.decryption_verification.CustomPublicKeyDataDecryptorFactory;
|
||||
import org.pgpainless.key.SubkeyIdentifier;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
|
@ -18,6 +18,7 @@ import org.bouncycastle.util.io.Streams;
|
|||
import org.junit.jupiter.api.Test;
|
||||
import org.pgpainless.PGPainless;
|
||||
import org.pgpainless.algorithm.EncryptionPurpose;
|
||||
import org.pgpainless.decryption_verification.CachingBcPublicKeyDataDecryptorFactory;
|
||||
import org.pgpainless.decryption_verification.ConsumerOptions;
|
||||
import org.pgpainless.decryption_verification.DecryptionStream;
|
||||
import org.pgpainless.key.SubkeyIdentifier;
|
||||
|
|
|
@ -23,7 +23,7 @@ To start using pgpainless-sop in your code, include the following lines in your
|
|||
...
|
||||
dependencies {
|
||||
...
|
||||
implementation "org.pgpainless:pgpainless-sop:1.6.6"
|
||||
implementation "org.pgpainless:pgpainless-sop:1.6.7"
|
||||
...
|
||||
}
|
||||
|
||||
|
@ -34,7 +34,7 @@ dependencies {
|
|||
<dependency>
|
||||
<groupId>org.pgpainless</groupId>
|
||||
<artifactId>pgpainless-sop</artifactId>
|
||||
<version>1.6.6</version>
|
||||
<version>1.6.7</version>
|
||||
</dependency>
|
||||
...
|
||||
</dependencies>
|
||||
|
|
|
@ -34,3 +34,10 @@ test {
|
|||
useJUnitPlatform()
|
||||
environment("test.implementation", "sop.testsuite.pgpainless.PGPainlessSopInstanceFactory")
|
||||
}
|
||||
|
||||
// https://docs.gradle.org/current/userguide/java_library_plugin.html#sec:java_library_modular_auto
|
||||
tasks.named('jar') {
|
||||
manifest {
|
||||
attributes('Automatic-Module-Name': 'org.pgpainless.sop')
|
||||
}
|
||||
}
|
||||
|
|
|
@ -4,7 +4,6 @@
|
|||
|
||||
package org.pgpainless.sop;
|
||||
|
||||
import java.io.ByteArrayOutputStream;
|
||||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
import java.io.OutputStream;
|
||||
|
@ -92,10 +91,10 @@ public class DetachedSignImpl implements DetachedSign {
|
|||
}
|
||||
}
|
||||
|
||||
ByteArrayOutputStream buffer = new ByteArrayOutputStream();
|
||||
OutputStream sink = new NullOutputStream();
|
||||
try {
|
||||
EncryptionStream signingStream = PGPainless.encryptAndOrSign()
|
||||
.onOutputStream(buffer)
|
||||
.onOutputStream(sink)
|
||||
.withOptions(ProducerOptions.sign(signingOptions)
|
||||
.setAsciiArmor(armor));
|
||||
|
||||
|
|
|
@ -0,0 +1,17 @@
|
|||
// SPDX-FileCopyrightText: 2024 Paul Schaub <vanitasvitae@fsfe.org>
|
||||
//
|
||||
// SPDX-License-Identifier: Apache-2.0
|
||||
|
||||
package org.pgpainless.sop;
|
||||
|
||||
import java.io.OutputStream;
|
||||
|
||||
/**
|
||||
* {@link OutputStream} that simply discards bytes written to it.
|
||||
*/
|
||||
public class NullOutputStream extends OutputStream {
|
||||
@Override
|
||||
public void write(int b) {
|
||||
// NOP
|
||||
}
|
||||
}
|
|
@ -4,7 +4,7 @@
|
|||
|
||||
allprojects {
|
||||
ext {
|
||||
shortVersion = '1.6.7'
|
||||
shortVersion = '1.6.8'
|
||||
isSnapshot = true
|
||||
pgpainlessMinAndroidSdk = 10
|
||||
javaSourceCompatibility = 1.8
|
||||
|
|
Loading…
Reference in New Issue