diff --git a/build-tools-internal/version.properties b/build-tools-internal/version.properties
index 603ae345d7824..2792aa05fa949 100644
--- a/build-tools-internal/version.properties
+++ b/build-tools-internal/version.properties
@@ -26,7 +26,7 @@ antlr4 = 4.11.1
# - x-pack/plugin/security
bouncycastle=1.64
# used by security and idp (need to be in sync due to cross-dependency in testing)
-opensaml = 4.0.1
+opensaml = 4.3.0
# client dependencies
httpclient = 4.5.13
diff --git a/gradle/verification-metadata.xml b/gradle/verification-metadata.xml
index ce9661d635ccf..eb763293cc422 100644
--- a/gradle/verification-metadata.xml
+++ b/gradle/verification-metadata.xml
@@ -1554,6 +1554,11 @@
+
+
+
+
+
@@ -2693,6 +2698,11 @@
+
+
+
+
+
@@ -2946,6 +2956,11 @@
+
+
+
+
+
@@ -3466,76 +3481,151 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/settings.gradle b/settings.gradle
index 271b6ef34f6d1..fbaf783d76aa7 100644
--- a/settings.gradle
+++ b/settings.gradle
@@ -147,6 +147,7 @@ addSubProjects('', new File(rootProject.projectDir, 'plugins'))
addSubProjects('', new File(rootProject.projectDir, 'qa'))
addSubProjects('test', new File(rootProject.projectDir, 'test/external-modules'))
addSubProjects('', new File(rootProject.projectDir, 'x-pack'))
+addSubProjects('', new File(rootProject.projectDir, 'x-pack/libs'))
include projects.toArray(new String[0])
diff --git a/x-pack/libs/build.gradle b/x-pack/libs/build.gradle
new file mode 100644
index 0000000000000..e69de29bb2d1d
diff --git a/x-pack/libs/es-opensaml-security-api/build.gradle b/x-pack/libs/es-opensaml-security-api/build.gradle
new file mode 100644
index 0000000000000..95064f6730133
--- /dev/null
+++ b/x-pack/libs/es-opensaml-security-api/build.gradle
@@ -0,0 +1,32 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0 and the Server Side Public License, v 1; you may not use this file except
+ * in compliance with, at your election, the Elastic License 2.0 or the Server
+ * Side Public License, v 1.
+ */
+
+apply plugin: 'elasticsearch.build'
+apply plugin: 'com.github.johnrengelman.shadow'
+
+dependencies {
+ implementation "org.opensaml:opensaml-security-api:${versions.opensaml}"
+ compileOnly "org.opensaml:opensaml-core:${versions.opensaml}"
+}
+
+['jarHell', 'thirdPartyAudit', 'splitPackagesAudit', 'forbiddenApisMain', 'licenseHeaders' ].each {
+ tasks.named(it).configure {
+ enabled = false
+ }
+}
+
+tasks.named("dependencyLicenses").configure {
+ mapping from: /opensaml-.*/, to: 'shibboleth'
+}
+
+tasks.named("shadowJar").configure {
+ manifest {
+ attributes 'Automatic-Module-Name': 'org.opensaml.security'
+ }
+ exclude 'META-INF/services/org.opensaml.security.crypto.ec.NamedCurve'
+}
diff --git a/x-pack/libs/es-opensaml-security-api/licenses/shibboleth-LICENSE.txt b/x-pack/libs/es-opensaml-security-api/licenses/shibboleth-LICENSE.txt
new file mode 100644
index 0000000000000..d645695673349
--- /dev/null
+++ b/x-pack/libs/es-opensaml-security-api/licenses/shibboleth-LICENSE.txt
@@ -0,0 +1,202 @@
+
+ Apache License
+ Version 2.0, January 2004
+ http://www.apache.org/licenses/
+
+ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+ 1. Definitions.
+
+ "License" shall mean the terms and conditions for use, reproduction,
+ and distribution as defined by Sections 1 through 9 of this document.
+
+ "Licensor" shall mean the copyright owner or entity authorized by
+ the copyright owner that is granting the License.
+
+ "Legal Entity" shall mean the union of the acting entity and all
+ other entities that control, are controlled by, or are under common
+ control with that entity. For the purposes of this definition,
+ "control" means (i) the power, direct or indirect, to cause the
+ direction or management of such entity, whether by contract or
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
+ outstanding shares, or (iii) beneficial ownership of such entity.
+
+ "You" (or "Your") shall mean an individual or Legal Entity
+ exercising permissions granted by this License.
+
+ "Source" form shall mean the preferred form for making modifications,
+ including but not limited to software source code, documentation
+ source, and configuration files.
+
+ "Object" form shall mean any form resulting from mechanical
+ transformation or translation of a Source form, including but
+ not limited to compiled object code, generated documentation,
+ and conversions to other media types.
+
+ "Work" shall mean the work of authorship, whether in Source or
+ Object form, made available under the License, as indicated by a
+ copyright notice that is included in or attached to the work
+ (an example is provided in the Appendix below).
+
+ "Derivative Works" shall mean any work, whether in Source or Object
+ form, that is based on (or derived from) the Work and for which the
+ editorial revisions, annotations, elaborations, or other modifications
+ represent, as a whole, an original work of authorship. For the purposes
+ of this License, Derivative Works shall not include works that remain
+ separable from, or merely link (or bind by name) to the interfaces of,
+ the Work and Derivative Works thereof.
+
+ "Contribution" shall mean any work of authorship, including
+ the original version of the Work and any modifications or additions
+ to that Work or Derivative Works thereof, that is intentionally
+ submitted to Licensor for inclusion in the Work by the copyright owner
+ or by an individual or Legal Entity authorized to submit on behalf of
+ the copyright owner. For the purposes of this definition, "submitted"
+ means any form of electronic, verbal, or written communication sent
+ to the Licensor or its representatives, including but not limited to
+ communication on electronic mailing lists, source code control systems,
+ and issue tracking systems that are managed by, or on behalf of, the
+ Licensor for the purpose of discussing and improving the Work, but
+ excluding communication that is conspicuously marked or otherwise
+ designated in writing by the copyright owner as "Not a Contribution."
+
+ "Contributor" shall mean Licensor and any individual or Legal Entity
+ on behalf of whom a Contribution has been received by Licensor and
+ subsequently incorporated within the Work.
+
+ 2. Grant of Copyright License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ copyright license to reproduce, prepare Derivative Works of,
+ publicly display, publicly perform, sublicense, and distribute the
+ Work and such Derivative Works in Source or Object form.
+
+ 3. Grant of Patent License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ (except as stated in this section) patent license to make, have made,
+ use, offer to sell, sell, import, and otherwise transfer the Work,
+ where such license applies only to those patent claims licensable
+ by such Contributor that are necessarily infringed by their
+ Contribution(s) alone or by combination of their Contribution(s)
+ with the Work to which such Contribution(s) was submitted. If You
+ institute patent litigation against any entity (including a
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
+ or a Contribution incorporated within the Work constitutes direct
+ or contributory patent infringement, then any patent licenses
+ granted to You under this License for that Work shall terminate
+ as of the date such litigation is filed.
+
+ 4. Redistribution. You may reproduce and distribute copies of the
+ Work or Derivative Works thereof in any medium, with or without
+ modifications, and in Source or Object form, provided that You
+ meet the following conditions:
+
+ (a) You must give any other recipients of the Work or
+ Derivative Works a copy of this License; and
+
+ (b) You must cause any modified files to carry prominent notices
+ stating that You changed the files; and
+
+ (c) You must retain, in the Source form of any Derivative Works
+ that You distribute, all copyright, patent, trademark, and
+ attribution notices from the Source form of the Work,
+ excluding those notices that do not pertain to any part of
+ the Derivative Works; and
+
+ (d) If the Work includes a "NOTICE" text file as part of its
+ distribution, then any Derivative Works that You distribute must
+ include a readable copy of the attribution notices contained
+ within such NOTICE file, excluding those notices that do not
+ pertain to any part of the Derivative Works, in at least one
+ of the following places: within a NOTICE text file distributed
+ as part of the Derivative Works; within the Source form or
+ documentation, if provided along with the Derivative Works; or,
+ within a display generated by the Derivative Works, if and
+ wherever such third-party notices normally appear. The contents
+ of the NOTICE file are for informational purposes only and
+ do not modify the License. You may add Your own attribution
+ notices within Derivative Works that You distribute, alongside
+ or as an addendum to the NOTICE text from the Work, provided
+ that such additional attribution notices cannot be construed
+ as modifying the License.
+
+ You may add Your own copyright statement to Your modifications and
+ may provide additional or different license terms and conditions
+ for use, reproduction, or distribution of Your modifications, or
+ for any such Derivative Works as a whole, provided Your use,
+ reproduction, and distribution of the Work otherwise complies with
+ the conditions stated in this License.
+
+ 5. Submission of Contributions. Unless You explicitly state otherwise,
+ any Contribution intentionally submitted for inclusion in the Work
+ by You to the Licensor shall be under the terms and conditions of
+ this License, without any additional terms or conditions.
+ Notwithstanding the above, nothing herein shall supersede or modify
+ the terms of any separate license agreement you may have executed
+ with Licensor regarding such Contributions.
+
+ 6. Trademarks. This License does not grant permission to use the trade
+ names, trademarks, service marks, or product names of the Licensor,
+ except as required for reasonable and customary use in describing the
+ origin of the Work and reproducing the content of the NOTICE file.
+
+ 7. Disclaimer of Warranty. Unless required by applicable law or
+ agreed to in writing, Licensor provides the Work (and each
+ Contributor provides its Contributions) on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied, including, without limitation, any warranties or conditions
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+ PARTICULAR PURPOSE. You are solely responsible for determining the
+ appropriateness of using or redistributing the Work and assume any
+ risks associated with Your exercise of permissions under this License.
+
+ 8. Limitation of Liability. In no event and under no legal theory,
+ whether in tort (including negligence), contract, or otherwise,
+ unless required by applicable law (such as deliberate and grossly
+ negligent acts) or agreed to in writing, shall any Contributor be
+ liable to You for damages, including any direct, indirect, special,
+ incidental, or consequential damages of any character arising as a
+ result of this License or out of the use or inability to use the
+ Work (including but not limited to damages for loss of goodwill,
+ work stoppage, computer failure or malfunction, or any and all
+ other commercial damages or losses), even if such Contributor
+ has been advised of the possibility of such damages.
+
+ 9. Accepting Warranty or Additional Liability. While redistributing
+ the Work or Derivative Works thereof, You may choose to offer,
+ and charge a fee for, acceptance of support, warranty, indemnity,
+ or other liability obligations and/or rights consistent with this
+ License. However, in accepting such obligations, You may act only
+ on Your own behalf and on Your sole responsibility, not on behalf
+ of any other Contributor, and only if You agree to indemnify,
+ defend, and hold each Contributor harmless for any liability
+ incurred by, or claims asserted against, such Contributor by reason
+ of your accepting any such warranty or additional liability.
+
+ END OF TERMS AND CONDITIONS
+
+ APPENDIX: How to apply the Apache License to your work.
+
+ To apply the Apache License to your work, attach the following
+ boilerplate notice, with the fields enclosed by brackets "[]"
+ replaced with your own identifying information. (Don't include
+ the brackets!) The text should be enclosed in the appropriate
+ comment syntax for the file format. We also recommend that a
+ file or class name and description of purpose be included on the
+ same "printed page" as the copyright notice for easier
+ identification within third-party archives.
+
+ Copyright [yyyy] [name of copyright owner]
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
diff --git a/x-pack/libs/es-opensaml-security-api/licenses/shibboleth-NOTICE.txt b/x-pack/libs/es-opensaml-security-api/licenses/shibboleth-NOTICE.txt
new file mode 100644
index 0000000000000..e69de29bb2d1d
diff --git a/x-pack/libs/es-opensaml-security-api/src/main/java/org/opensaml/security/config/org/elasticsearch/OpenSamlXpackSecurityConfigurationPropertiesSource.java b/x-pack/libs/es-opensaml-security-api/src/main/java/org/opensaml/security/config/org/elasticsearch/OpenSamlXpackSecurityConfigurationPropertiesSource.java
new file mode 100644
index 0000000000000..bd6242b5856f1
--- /dev/null
+++ b/x-pack/libs/es-opensaml-security-api/src/main/java/org/opensaml/security/config/org/elasticsearch/OpenSamlXpackSecurityConfigurationPropertiesSource.java
@@ -0,0 +1,33 @@
+/*
+ * Licensed to Elasticsearch B.V. under one or more contributor
+ * license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright
+ * ownership. Elasticsearch B.V. licenses this file to you under
+ * the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.opensaml.security.config.org.elasticsearch;
+
+import org.opensaml.core.config.ConfigurationPropertiesSource;
+
+import java.util.Properties;
+
+public class OpenSamlXpackSecurityConfigurationPropertiesSource implements ConfigurationPropertiesSource {
+ @Override
+ public Properties getProperties() {
+ Properties properties = new Properties();
+ properties.setProperty("opensaml.config.ecdh.defaultKDF", "PBKDF2");
+ return properties;
+ }
+}
diff --git a/x-pack/libs/es-opensaml-security-api/src/main/resources/META-INF/services/org.opensaml.core.config.ConfigurationPropertiesSource b/x-pack/libs/es-opensaml-security-api/src/main/resources/META-INF/services/org.opensaml.core.config.ConfigurationPropertiesSource
new file mode 100644
index 0000000000000..17b3df8ee1e77
--- /dev/null
+++ b/x-pack/libs/es-opensaml-security-api/src/main/resources/META-INF/services/org.opensaml.core.config.ConfigurationPropertiesSource
@@ -0,0 +1 @@
+org.opensaml.security.config.org.elasticsearch.OpenSamlXpackSecurityConfigurationPropertiesSource
diff --git a/x-pack/plugin/identity-provider/build.gradle b/x-pack/plugin/identity-provider/build.gradle
index 115f090de382e..65b8e777e4c74 100644
--- a/x-pack/plugin/identity-provider/build.gradle
+++ b/x-pack/plugin/identity-provider/build.gradle
@@ -22,7 +22,7 @@ dependencies {
api "org.opensaml:opensaml-saml-impl:${versions.opensaml}"
api "org.opensaml:opensaml-messaging-api:${versions.opensaml}"
api "org.opensaml:opensaml-messaging-impl:${versions.opensaml}"
- api "org.opensaml:opensaml-security-api:${versions.opensaml}"
+ api project(path: ':x-pack:libs:es-opensaml-security-api', configuration: 'shadow')
api "org.opensaml:opensaml-security-impl:${versions.opensaml}"
api "org.opensaml:opensaml-profile-api:${versions.opensaml}"
api "org.opensaml:opensaml-profile-impl:${versions.opensaml}"
@@ -32,13 +32,14 @@ dependencies {
api "org.opensaml:opensaml-soap-impl:${versions.opensaml}"
api "org.opensaml:opensaml-storage-api:${versions.opensaml}"
api "org.opensaml:opensaml-storage-impl:${versions.opensaml}"
- api "net.shibboleth.utilities:java-support:8.0.0"
+ api "net.shibboleth.utilities:java-support:8.4.0"
api "com.google.code.findbugs:jsr305:3.0.2"
- api "org.apache.santuario:xmlsec:2.1.8"
+ api "org.apache.santuario:xmlsec:2.3.2"
api "io.dropwizard.metrics:metrics-core:4.1.4"
- api ("org.cryptacular:cryptacular:1.2.4") {
+ api ( "org.cryptacular:cryptacular:1.2.5") {
exclude group: 'org.bouncycastle'
}
+
api "org.slf4j:slf4j-api:${versions.slf4j}"
runtimeOnly "org.slf4j:slf4j-nop:${versions.slf4j}"
// runtimeOnly("org.apache.logging.log4j:log4j-slf4j-impl:${versions.log4j}") https://github.com/elastic/elasticsearch/issues/93714
@@ -47,7 +48,7 @@ dependencies {
api "org.apache.httpcomponents:httpasyncclient:${versions.httpasyncclient}"
api "org.apache.httpcomponents:httpcore-nio:${versions.httpcore}"
api "org.apache.httpcomponents:httpclient-cache:${versions.httpclient}"
- runtimeOnly 'com.google.guava:guava:28.2-jre'
+ runtimeOnly 'com.google.guava:guava:31.1-jre'
runtimeOnly 'com.google.guava:failureaccess:1.0.1'
runtimeOnly "commons-codec:commons-codec:${versions.commonscodec}"
@@ -110,17 +111,6 @@ tasks.named("thirdPartyAudit").configure {
'org.apache.velocity.context.Context',
'org.apache.velocity.runtime.resource.loader.StringResourceLoader',
'org.apache.velocity.runtime.resource.util.StringResourceRepository',
- // [missing classes] OpenSAML depends on Apache XML security which depends on Xalan, but only for functionality that OpenSAML doesn't use
- 'org.apache.xml.dtm.DTM',
- 'org.apache.xml.utils.PrefixResolver',
- 'org.apache.xpath.Expression',
- 'org.apache.xpath.NodeSetDTM',
- 'org.apache.xpath.XPath',
- 'org.apache.xpath.XPathContext',
- 'org.apache.xpath.compiler.FunctionTable',
- 'org.apache.xpath.functions.Function',
- 'org.apache.xpath.objects.XNodeSet',
- 'org.apache.xpath.objects.XObject',
// [missing classes] OpenSAML storage has an optional LDAP storage impl
'org.ldaptive.AttributeModification',
'org.ldaptive.AttributeModificationType',
@@ -174,7 +164,7 @@ tasks.named("thirdPartyAudit").configure {
'org.bouncycastle.asn1.ASN1Primitive',
'org.bouncycastle.asn1.ASN1Sequence',
'org.bouncycastle.asn1.ASN1TaggedObject',
- 'org.bouncycastle.asn1.DEROctetString',
+ // 'org.bouncycastle.asn1.DEROctetString',
'org.bouncycastle.asn1.pkcs.EncryptedPrivateKeyInfo',
'org.bouncycastle.asn1.pkcs.EncryptionScheme',
'org.bouncycastle.asn1.pkcs.KeyDerivationFunc',
@@ -212,7 +202,7 @@ tasks.named("thirdPartyAudit").configure {
'org.bouncycastle.crypto.Digest',
'org.bouncycastle.crypto.PBEParametersGenerator',
'org.bouncycastle.crypto.StreamCipher',
- // 'org.bouncycastle.crypto.agreement.kdf.ConcatenationKDFGenerator',
+ 'org.bouncycastle.crypto.agreement.kdf.ConcatenationKDFGenerator',
// 'org.bouncycastle.crypto.ec.CustomNamedCurves',
'org.bouncycastle.crypto.modes.AEADBlockCipher',
'org.bouncycastle.crypto.paddings.BlockCipherPadding',
diff --git a/x-pack/plugin/security/build.gradle b/x-pack/plugin/security/build.gradle
index 3735114bb8080..6ee43268b8746 100644
--- a/x-pack/plugin/security/build.gradle
+++ b/x-pack/plugin/security/build.gradle
@@ -42,7 +42,8 @@ dependencies {
api "org.opensaml:opensaml-saml-impl:${versions.opensaml}"
api "org.opensaml:opensaml-messaging-api:${versions.opensaml}"
api "org.opensaml:opensaml-messaging-impl:${versions.opensaml}"
- api "org.opensaml:opensaml-security-api:${versions.opensaml}"
+ api project(path: ':x-pack:libs:es-opensaml-security-api', configuration: 'shadow')
+// api "org.opensaml:opensaml-security-api:${versions.opensaml}"
api "org.opensaml:opensaml-security-impl:${versions.opensaml}"
api "org.opensaml:opensaml-profile-api:${versions.opensaml}"
api "org.opensaml:opensaml-profile-impl:${versions.opensaml}"
@@ -52,11 +53,11 @@ dependencies {
api "org.opensaml:opensaml-soap-impl:${versions.opensaml}"
api "org.opensaml:opensaml-storage-api:${versions.opensaml}"
api "org.opensaml:opensaml-storage-impl:${versions.opensaml}"
- api "net.shibboleth.utilities:java-support:8.0.0"
+ api "net.shibboleth.utilities:java-support:8.4.0"
api "com.google.code.findbugs:jsr305:3.0.2"
- api "org.apache.santuario:xmlsec:2.1.8"
+ api "org.apache.santuario:xmlsec:2.3.2"
api "io.dropwizard.metrics:metrics-core:4.1.4"
- api ( "org.cryptacular:cryptacular:1.2.4") {
+ api ( "org.cryptacular:cryptacular:1.2.5") {
exclude group: 'org.bouncycastle'
}
api "org.slf4j:slf4j-api:${versions.slf4j}"
@@ -68,7 +69,7 @@ dependencies {
api "org.apache.httpcomponents:httpasyncclient:${versions.httpasyncclient}"
api "org.apache.httpcomponents:httpcore-nio:${versions.httpcore}"
api "org.apache.httpcomponents:httpclient-cache:${versions.httpclient}"
- runtimeOnly 'com.google.guava:guava:28.2-jre'
+ runtimeOnly 'com.google.guava:guava:31.1-jre'
runtimeOnly 'com.google.guava:failureaccess:1.0.1'
runtimeOnly "commons-codec:commons-codec:${versions.commonscodec}"
runtimeOnly "joda-time:joda-time:2.10.10"
@@ -219,17 +220,6 @@ tasks.named("thirdPartyAudit").configure {
'org.apache.velocity.context.Context',
'org.apache.velocity.runtime.resource.loader.StringResourceLoader',
'org.apache.velocity.runtime.resource.util.StringResourceRepository',
- // [missing classes] OpenSAML depends on Apache XML security which depends on Xalan, but only for functionality that OpenSAML doesn't use
- 'org.apache.xml.dtm.DTM',
- 'org.apache.xml.utils.PrefixResolver',
- 'org.apache.xpath.Expression',
- 'org.apache.xpath.NodeSetDTM',
- 'org.apache.xpath.XPath',
- 'org.apache.xpath.XPathContext',
- 'org.apache.xpath.compiler.FunctionTable',
- 'org.apache.xpath.functions.Function',
- 'org.apache.xpath.objects.XNodeSet',
- 'org.apache.xpath.objects.XObject',
// [missing classes] OpenSAML storage has an optional LDAP storage impl
'org.ldaptive.AttributeModification',
'org.ldaptive.AttributeModificationType',
@@ -283,7 +273,7 @@ tasks.named("thirdPartyAudit").configure {
'org.bouncycastle.asn1.ASN1Primitive',
'org.bouncycastle.asn1.ASN1Sequence',
'org.bouncycastle.asn1.ASN1TaggedObject',
- 'org.bouncycastle.asn1.DEROctetString',
+ // 'org.bouncycastle.asn1.DEROctetString',
'org.bouncycastle.asn1.pkcs.EncryptedPrivateKeyInfo',
'org.bouncycastle.asn1.pkcs.EncryptionScheme',
'org.bouncycastle.asn1.pkcs.KeyDerivationFunc',
@@ -322,7 +312,7 @@ tasks.named("thirdPartyAudit").configure {
'org.bouncycastle.crypto.Digest',
'org.bouncycastle.crypto.PBEParametersGenerator',
'org.bouncycastle.crypto.StreamCipher',
- // 'org.bouncycastle.crypto.agreement.kdf.ConcatenationKDFGenerator',
+ 'org.bouncycastle.crypto.agreement.kdf.ConcatenationKDFGenerator',
// 'org.bouncycastle.crypto.ec.CustomNamedCurves',
'org.bouncycastle.crypto.engines.AESEngine',
'org.bouncycastle.crypto.generators.BCrypt',