diff --git a/adapters/oidc/adapter-core/pom.xml b/adapters/oidc/adapter-core/pom.xml index fc339d314a6..2baddd35d19 100755 --- a/adapters/oidc/adapter-core/pom.xml +++ b/adapters/oidc/adapter-core/pom.xml @@ -55,7 +55,7 @@ org.bouncycastle - bcprov-jdk15on + bcprov-jdk18on provided diff --git a/adapters/oidc/installed/pom.xml b/adapters/oidc/installed/pom.xml index 5f9476fa919..985b81d485f 100755 --- a/adapters/oidc/installed/pom.xml +++ b/adapters/oidc/installed/pom.xml @@ -45,7 +45,7 @@ org.bouncycastle - bcprov-jdk15on + bcprov-jdk18on org.apache.httpcomponents diff --git a/adapters/oidc/jakarta-servlet-filter/pom.xml b/adapters/oidc/jakarta-servlet-filter/pom.xml index 01ec205e50f..c2105f8e1e9 100755 --- a/adapters/oidc/jakarta-servlet-filter/pom.xml +++ b/adapters/oidc/jakarta-servlet-filter/pom.xml @@ -81,7 +81,7 @@ org.bouncycastle - bcprov-jdk15on + bcprov-jdk18on com.fasterxml.jackson.core diff --git a/adapters/oidc/jetty/jetty-core/pom.xml b/adapters/oidc/jetty/jetty-core/pom.xml index 75f187e9370..f36d9780af3 100755 --- a/adapters/oidc/jetty/jetty-core/pom.xml +++ b/adapters/oidc/jetty/jetty-core/pom.xml @@ -68,7 +68,7 @@ org.bouncycastle - bcprov-jdk15on + bcprov-jdk18on com.fasterxml.jackson.core diff --git a/adapters/oidc/jetty/jetty9.4/pom.xml b/adapters/oidc/jetty/jetty9.4/pom.xml index ff4454ba86f..3ddd0b2fa93 100644 --- a/adapters/oidc/jetty/jetty9.4/pom.xml +++ b/adapters/oidc/jetty/jetty9.4/pom.xml @@ -64,7 +64,7 @@ org.bouncycastle - bcprov-jdk15on + bcprov-jdk18on com.fasterxml.jackson.core diff --git a/adapters/oidc/servlet-filter/pom.xml b/adapters/oidc/servlet-filter/pom.xml index 7cd29e60e8e..1e26928aa9b 100755 --- a/adapters/oidc/servlet-filter/pom.xml +++ b/adapters/oidc/servlet-filter/pom.xml @@ -73,7 +73,7 @@ org.bouncycastle - bcprov-jdk15on + bcprov-jdk18on com.fasterxml.jackson.core diff --git a/adapters/oidc/spring-security/pom.xml b/adapters/oidc/spring-security/pom.xml index a72e321e86a..c85b8180a24 100644 --- a/adapters/oidc/spring-security/pom.xml +++ b/adapters/oidc/spring-security/pom.xml @@ -89,7 +89,7 @@ org.bouncycastle - bcprov-jdk15on + bcprov-jdk18on runtime diff --git a/adapters/oidc/tomcat/tomcat-core/pom.xml b/adapters/oidc/tomcat/tomcat-core/pom.xml index 2936f82aa7f..b7859c0d7d2 100755 --- a/adapters/oidc/tomcat/tomcat-core/pom.xml +++ b/adapters/oidc/tomcat/tomcat-core/pom.xml @@ -57,7 +57,7 @@ org.bouncycastle - bcprov-jdk15on + bcprov-jdk18on com.fasterxml.jackson.core diff --git a/adapters/oidc/tomcat/tomcat/pom.xml b/adapters/oidc/tomcat/tomcat/pom.xml index ef54189b2a9..2a5d9614903 100755 --- a/adapters/oidc/tomcat/tomcat/pom.xml +++ b/adapters/oidc/tomcat/tomcat/pom.xml @@ -80,7 +80,7 @@ org.bouncycastle - bcprov-jdk15on + bcprov-jdk18on com.fasterxml.jackson.core diff --git a/adapters/oidc/undertow/pom.xml b/adapters/oidc/undertow/pom.xml index d91c8eadf8d..6d179ae84d8 100755 --- a/adapters/oidc/undertow/pom.xml +++ b/adapters/oidc/undertow/pom.xml @@ -69,7 +69,7 @@ org.bouncycastle - bcprov-jdk15on + bcprov-jdk18on com.fasterxml.jackson.core diff --git a/adapters/oidc/wildfly-elytron/pom.xml b/adapters/oidc/wildfly-elytron/pom.xml index f597b94cd1e..8a51fc6b28b 100755 --- a/adapters/oidc/wildfly-elytron/pom.xml +++ b/adapters/oidc/wildfly-elytron/pom.xml @@ -70,7 +70,7 @@ org.bouncycastle - bcprov-jdk15on + bcprov-jdk18on com.fasterxml.jackson.core diff --git a/adapters/saml/jakarta-servlet-filter/pom.xml b/adapters/saml/jakarta-servlet-filter/pom.xml index ba65ff19eca..f7ee0ee6bce 100755 --- a/adapters/saml/jakarta-servlet-filter/pom.xml +++ b/adapters/saml/jakarta-servlet-filter/pom.xml @@ -59,7 +59,7 @@ org.bouncycastle - bcprov-jdk15on + bcprov-jdk18on org.keycloak diff --git a/adapters/saml/jetty/jetty-core/pom.xml b/adapters/saml/jetty/jetty-core/pom.xml index de200d690bf..7ad70752396 100755 --- a/adapters/saml/jetty/jetty-core/pom.xml +++ b/adapters/saml/jetty/jetty-core/pom.xml @@ -73,7 +73,7 @@ org.bouncycastle - bcprov-jdk15on + bcprov-jdk18on org.eclipse.jetty diff --git a/adapters/saml/jetty/jetty9.4/pom.xml b/adapters/saml/jetty/jetty9.4/pom.xml index 57f610c81c2..91e5589f0b4 100644 --- a/adapters/saml/jetty/jetty9.4/pom.xml +++ b/adapters/saml/jetty/jetty9.4/pom.xml @@ -53,7 +53,7 @@ org.bouncycastle - bcprov-jdk15on + bcprov-jdk18on org.keycloak diff --git a/adapters/saml/servlet-filter/pom.xml b/adapters/saml/servlet-filter/pom.xml index 1c7a3307149..5fc02704295 100755 --- a/adapters/saml/servlet-filter/pom.xml +++ b/adapters/saml/servlet-filter/pom.xml @@ -49,7 +49,7 @@ org.bouncycastle - bcprov-jdk15on + bcprov-jdk18on org.keycloak diff --git a/adapters/saml/tomcat/tomcat-core/pom.xml b/adapters/saml/tomcat/tomcat-core/pom.xml index ea6f4eb6c84..9844e59f090 100755 --- a/adapters/saml/tomcat/tomcat-core/pom.xml +++ b/adapters/saml/tomcat/tomcat-core/pom.xml @@ -53,7 +53,7 @@ org.bouncycastle - bcprov-jdk15on + bcprov-jdk18on org.keycloak diff --git a/adapters/saml/tomcat/tomcat/pom.xml b/adapters/saml/tomcat/tomcat/pom.xml index 1be9994efd0..0dd64f673b3 100755 --- a/adapters/saml/tomcat/tomcat/pom.xml +++ b/adapters/saml/tomcat/tomcat/pom.xml @@ -72,7 +72,7 @@ org.bouncycastle - bcprov-jdk15on + bcprov-jdk18on junit diff --git a/adapters/spi/adapter-spi/pom.xml b/adapters/spi/adapter-spi/pom.xml index d214608201f..aab344d284b 100755 --- a/adapters/spi/adapter-spi/pom.xml +++ b/adapters/spi/adapter-spi/pom.xml @@ -43,7 +43,7 @@ org.bouncycastle - bcprov-jdk15on + bcprov-jdk18on provided diff --git a/adapters/spi/jboss-adapter-core/pom.xml b/adapters/spi/jboss-adapter-core/pom.xml index 63fcbce25dd..a184ae5e0d8 100755 --- a/adapters/spi/jboss-adapter-core/pom.xml +++ b/adapters/spi/jboss-adapter-core/pom.xml @@ -50,7 +50,7 @@ org.bouncycastle - bcprov-jdk15on + bcprov-jdk18on com.fasterxml.jackson.core diff --git a/crypto/default/pom.xml b/crypto/default/pom.xml index 3a9745d982e..2b0cf1fb234 100644 --- a/crypto/default/pom.xml +++ b/crypto/default/pom.xml @@ -56,11 +56,11 @@ org.bouncycastle - bcprov-jdk15on + bcprov-jdk18on org.bouncycastle - bcpkix-jdk15on + bcpkix-jdk18on org.jboss.logging diff --git a/dependencies/server-min/pom.xml b/dependencies/server-min/pom.xml index 9c2ac21c558..8749833cd6f 100755 --- a/dependencies/server-min/pom.xml +++ b/dependencies/server-min/pom.xml @@ -41,11 +41,11 @@ org.bouncycastle - bcprov-jdk15on + bcprov-jdk18on org.bouncycastle - bcpkix-jdk15on + bcpkix-jdk18on org.keycloak diff --git a/distribution/feature-packs/adapter-feature-pack/pom.xml b/distribution/feature-packs/adapter-feature-pack/pom.xml index c76f58d7f28..cd9b1baf68a 100755 --- a/distribution/feature-packs/adapter-feature-pack/pom.xml +++ b/distribution/feature-packs/adapter-feature-pack/pom.xml @@ -170,6 +170,16 @@ wildfly-feature-pack ${wildfly.version} zip + + + org.bouncycastle + bcprov-jdk15on + + + org.bouncycastle + bcpkix-jdk15on + + diff --git a/integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/util/ClassLoaderUtil.java b/integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/util/ClassLoaderUtil.java index 44d66072f3a..990cf8182e0 100644 --- a/integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/util/ClassLoaderUtil.java +++ b/integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/util/ClassLoaderUtil.java @@ -38,7 +38,7 @@ public class ClassLoaderUtil { // Detect if BC FIPS jars are present in the "client/lib" directory boolean bcFipsJarPresent = Stream.of(jarsInDir).anyMatch(file -> file.getName().startsWith("bc-fips")); - String[] validJarPrefixes = bcFipsJarPresent ? new String[] {"keycloak-crypto-fips1402", "bc-fips", "bctls-fips"} : new String[] {"keycloak-crypto-default", "bcprov-jdk15on"}; + String[] validJarPrefixes = bcFipsJarPresent ? new String[] {"keycloak-crypto-fips1402", "bc-fips", "bctls-fips"} : new String[] {"keycloak-crypto-default", "bcprov-jdk18on"}; URL[] usedJars = Stream.of(jarsInDir) .filter(file -> { for (String prefix : validJarPrefixes) { diff --git a/integration/client-cli/client-cli-dist/assembly.xml b/integration/client-cli/client-cli-dist/assembly.xml index 42cb0f2d7f8..cb56c0f331d 100755 --- a/integration/client-cli/client-cli-dist/assembly.xml +++ b/integration/client-cli/client-cli-dist/assembly.xml @@ -60,7 +60,7 @@ org.keycloak:keycloak-crypto-default org.keycloak:keycloak-crypto-fips1402 - org.bouncycastle:bcprov-jdk15on + org.bouncycastle:bcprov-jdk18on keycloak-client-tools/bin/client/lib diff --git a/integration/client-cli/client-cli-dist/pom.xml b/integration/client-cli/client-cli-dist/pom.xml index 18245b57728..5712241f7dd 100755 --- a/integration/client-cli/client-cli-dist/pom.xml +++ b/integration/client-cli/client-cli-dist/pom.xml @@ -60,7 +60,7 @@ org.bouncycastle - bcprov-jdk15on + bcprov-jdk18on * diff --git a/integration/client-cli/client-registration-cli/src/main/java/org/keycloak/client/registration/cli/util/ClassLoaderUtil.java b/integration/client-cli/client-registration-cli/src/main/java/org/keycloak/client/registration/cli/util/ClassLoaderUtil.java index ffaeab88772..72e2b2f5f2d 100644 --- a/integration/client-cli/client-registration-cli/src/main/java/org/keycloak/client/registration/cli/util/ClassLoaderUtil.java +++ b/integration/client-cli/client-registration-cli/src/main/java/org/keycloak/client/registration/cli/util/ClassLoaderUtil.java @@ -38,7 +38,7 @@ public class ClassLoaderUtil { // Detect if BC FIPS jars are present in the "client/lib" directory boolean bcFipsJarPresent = Stream.of(jarsInDir).anyMatch(file -> file.getName().startsWith("bc-fips")); - String[] validJarPrefixes = bcFipsJarPresent ? new String[] {"keycloak-crypto-fips1402", "bc-fips", "bctls-fips"} : new String[] {"keycloak-crypto-default", "bcprov-jdk15on"}; + String[] validJarPrefixes = bcFipsJarPresent ? new String[] {"keycloak-crypto-fips1402", "bc-fips", "bctls-fips"} : new String[] {"keycloak-crypto-default", "bcprov-jdk18on"}; URL[] usedJars = Stream.of(jarsInDir) .filter(file -> { for (String prefix : validJarPrefixes) { diff --git a/operator/pom.xml b/operator/pom.xml index 8d5c2367f99..b28548f5c60 100644 --- a/operator/pom.xml +++ b/operator/pom.xml @@ -101,11 +101,11 @@ org.bouncycastle - bcprov-jdk15on + bcprov-jdk18on org.bouncycastle - bcpkix-jdk15on + bcpkix-jdk18on diff --git a/pom.xml b/pom.xml index 4f9ff33a34e..704807462e8 100644 --- a/pom.xml +++ b/pom.xml @@ -64,7 +64,6 @@ 0.66.19 4.5.14 1.5.1.Final - 1.70 1.0.7 @@ -353,16 +352,6 @@ xsom ${org.glassfish.jaxb.xsom.version} - - org.bouncycastle - bcprov-jdk15on - ${bouncycastle-bcprov-jdk15on.version} - - - org.bouncycastle - bcpkix-jdk15on - ${bouncycastle-bcprov-jdk15on.version} - org.bouncycastle bcpkix-fips diff --git a/quarkus/runtime/src/main/java/org/keycloak/quarkus/runtime/configuration/mappers/ClassLoaderPropertyMappers.java b/quarkus/runtime/src/main/java/org/keycloak/quarkus/runtime/configuration/mappers/ClassLoaderPropertyMappers.java index a46df7289cf..2b622fe1866 100644 --- a/quarkus/runtime/src/main/java/org/keycloak/quarkus/runtime/configuration/mappers/ClassLoaderPropertyMappers.java +++ b/quarkus/runtime/src/main/java/org/keycloak/quarkus/runtime/configuration/mappers/ClassLoaderPropertyMappers.java @@ -38,7 +38,7 @@ final class ClassLoaderPropertyMappers { if (profile.getFeatures().get(Feature.FIPS)) { ignoredArtifacts.addAll(List.of( - "org.bouncycastle:bcprov-jdk15on", "org.bouncycastle:bcpkix-jdk15on", "org.bouncycastle:bcutil-jdk15on", "org.keycloak:keycloak-crypto-default")); + "org.bouncycastle:bcprov-jdk18on", "org.bouncycastle:bcpkix-jdk18on", "org.bouncycastle:bcutil-jdk18on", "org.keycloak:keycloak-crypto-default")); } else { ignoredArtifacts.addAll(List.of( "org.keycloak:keycloak-crypto-fips1402", "org.bouncycastle:bc-fips", "org.bouncycastle:bctls-fips", "org.bouncycastle:bcpkix-fips")); diff --git a/quarkus/tests/junit5/src/main/java/org/keycloak/Keycloak.java b/quarkus/tests/junit5/src/main/java/org/keycloak/Keycloak.java index 8e9d492baba..ebf945e4592 100644 --- a/quarkus/tests/junit5/src/main/java/org/keycloak/Keycloak.java +++ b/quarkus/tests/junit5/src/main/java/org/keycloak/Keycloak.java @@ -259,8 +259,8 @@ public class Keycloak { .addExclusion("org.jboss.logmanager", "log4j-jboss-logmanager"); if (fipsEnabled) { - serverDependency.addExclusion("org.bouncycastle", "bcprov-jdk15on"); - serverDependency.addExclusion("org.bouncycastle", "bcpkix-jdk15on"); + serverDependency.addExclusion("org.bouncycastle", "bcprov-jdk18on"); + serverDependency.addExclusion("org.bouncycastle", "bcpkix-jdk18on"); serverDependency.addExclusion("org.keycloak", "keycloak-crypto-default"); } else { serverDependency.addExclusion("org.keycloak", "keycloak-crypto-fips1402"); diff --git a/testsuite/integration-arquillian/servers/adapter-spi/undertow-adapter-jakarta/pom.xml b/testsuite/integration-arquillian/servers/adapter-spi/undertow-adapter-jakarta/pom.xml index 9904dc2dda1..7539a2caf5a 100644 --- a/testsuite/integration-arquillian/servers/adapter-spi/undertow-adapter-jakarta/pom.xml +++ b/testsuite/integration-arquillian/servers/adapter-spi/undertow-adapter-jakarta/pom.xml @@ -57,7 +57,7 @@ org.bouncycastle - bcprov-jdk15on + bcprov-jdk18on com.fasterxml.jackson.core diff --git a/testsuite/integration-arquillian/tests/base/pom.xml b/testsuite/integration-arquillian/tests/base/pom.xml index 4efc780e8fe..a85e30f5af2 100644 --- a/testsuite/integration-arquillian/tests/base/pom.xml +++ b/testsuite/integration-arquillian/tests/base/pom.xml @@ -56,8 +56,8 @@ keycloak-util-embedded-ldap - bouncycastle - bcprov-jdk15 + org.bouncycastle + bcprov-jdk15on diff --git a/testsuite/integration-arquillian/tests/pom.xml b/testsuite/integration-arquillian/tests/pom.xml index 3896d64ee0a..7f2d9ac5460 100644 --- a/testsuite/integration-arquillian/tests/pom.xml +++ b/testsuite/integration-arquillian/tests/pom.xml @@ -125,7 +125,7 @@ n -agentlib:jdwp=transport=dt_socket,server=y,suspend=${app.server.2.debug.suspend},address=localhost:${app.server.2.debug.port} 64m - 512m + 768m -Xms${app.server.memory.Xms} -Xmx${app.server.memory.Xmx} -XX:MetaspaceSize=${surefire.memory.metaspace} -XX:MaxMetaspaceSize=${surefire.memory.metaspace.max} false ${app.server.keystore.dir}/keycloak.truststore @@ -1810,11 +1810,11 @@ org.bouncycastle - bcprov-jdk15on + bcprov-jdk18on org.bouncycastle - bcpkix-jdk15on + bcpkix-jdk18on org.hamcrest diff --git a/testsuite/utils/pom.xml b/testsuite/utils/pom.xml index 8118efa619e..b487a2aa868 100755 --- a/testsuite/utils/pom.xml +++ b/testsuite/utils/pom.xml @@ -45,11 +45,11 @@ org.bouncycastle - bcprov-jdk15on + bcprov-jdk18on org.bouncycastle - bcpkix-jdk15on + bcpkix-jdk18on org.keycloak