Limit the scope of BouncyCastle dependency (#30358) #30959
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Limits the scope of the runtime dependency on BouncyCastle so that it can be eventually removed. * Splits functionality related to reading and generating certificates and keys in two utility classes so that reading certificates and keys doesn't require BouncyCastle. * Implements a class for parsing PEM Encoded key material (which also adds support for reading PKCS8 encoded encrypted private keys). * Removes BouncyCastle dependency for all of our test suites(except for the tests that explicitly test certificate generation) by using pre-generated keys/certificates/keystores.
|
Pinging @elastic/es-security |
|
This has been reviewed and approved in #30358. I am backporting via a PR in order to get the benefit of a full CI run |
) * Ensure that a purposefully wrong key is used Uses a specific keypair for tests that require a purposefully wrong keypair instead of selecting one randomly from the same pull from which the correct one is selected. Entropy is low because of the small space and the same key can be randomly selected as both the correct one and the wrong one, causing the tests to fail. The purposefully wrong key is also used in testSigningKeyIsReloadedForEachRequest and needs to be cleaned up afterwards so the rest of the tests don't use that for signing. Resolves elastic#30970
dnhatn
added a commit
that referenced
this pull request
May 31, 2018
* 6.x: HLRest: Allow caller to set per request options (#30490) Limit the scope of BouncyCastle dependency (#30959) Deprecates indexing and querying a context completion field without context (#31006) [DOCS] Clarify not all PKCS12 usable as truststores (#30750) Harmonize include_defaults tests (#30700) [DOCS] Update readme for testing x-pack code snippets (#30696) [Docs] Fix typo in Min Aggregation reference (#30899)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Limits the scope of the runtime dependency on
BouncyCastle so that it can be eventually removed.
and keys in two utility classes so that reading certificates and
keys doesn't require BouncyCastle.
adds support for reading PKCS8 encoded encrypted private keys).
for the tests that explicitly test certificate generation) by using
pre-generated keys/certificates/keystores.