Skip to content

Commit 935bdcc

Browse files
APegaDavisAPegaDavis
authored
Merge pull request #232 from APegaDavis/add-bc-jars-for-infinity-25
Include bc jars for Infinity 25+
2 parents 69951fe + 52c0f21 commit 935bdcc

File tree

2 files changed

+29
-19
lines changed

2 files changed

+29
-19
lines changed

Dockerfile

+24-16
Original file line numberDiff line numberDiff line change
@@ -217,23 +217,31 @@ RUN apt-get update && \
217217
gpg --import /keys/prometheus.asc && \
218218
gpg --verify /tmp/jmx_prometheus_javaagent-0.18.0.jar.asc /opt/pega/prometheus/jmx_prometheus_javaagent.jar && \
219219
rm /tmp/jmx_prometheus_javaagent-0.18.0.jar.asc && \
220-
curl -sL -o /opt/pega/bcfips/bc-fips-2.0.0.jar https://repo1.maven.org/maven2/org/bouncycastle/bc-fips/2.0.0/bc-fips-2.0.0.jar && \
221-
curl -sL -o /tmp/bc-fips-2.0.0.jar.asc https://repo1.maven.org/maven2/org/bouncycastle/bc-fips/2.0.0/bc-fips-2.0.0.jar.asc && \
222-
curl -sL -o /opt/pega/bcfips/bctls-fips-2.0.19.jar https://repo1.maven.org/maven2/org/bouncycastle/bctls-fips/2.0.19/bctls-fips-2.0.19.jar && \
223-
curl -sL -o /tmp/bctls-fips-2.0.19.jar.asc https://repo1.maven.org/maven2/org/bouncycastle/bctls-fips/2.0.19/bctls-fips-2.0.19.jar.asc && \
224-
curl -sL -o /opt/pega/bcfips/bcpkix-fips-2.0.7.jar https://repo1.maven.org/maven2/org/bouncycastle/bcpkix-fips/2.0.7/bcpkix-fips-2.0.7.jar && \
225-
curl -sL -o /tmp/bcpkix-fips-2.0.7.jar.asc https://repo1.maven.org/maven2/org/bouncycastle/bcpkix-fips/2.0.7/bcpkix-fips-2.0.7.jar.asc && \
226-
curl -sL -o /opt/pega/bcfips/bcutil-fips-2.0.3.jar https://repo1.maven.org/maven2/org/bouncycastle/bcutil-fips/2.0.3/bcutil-fips-2.0.3.jar && \
227-
curl -sL -o /tmp/bcutil-fips-2.0.3.jar.asc https://repo1.maven.org/maven2/org/bouncycastle/bcutil-fips/2.0.3/bcutil-fips-2.0.3.jar.asc && \
220+
curl -sL -o /opt/pega/bcfips/bc-fips-2.1.0.jar https://repo1.maven.org/maven2/org/bouncycastle/bc-fips/2.1.0/bc-fips-2.1.0.jar && \
221+
curl -sL -o /tmp/bc-fips-2.1.0.jar.asc https://repo1.maven.org/maven2/org/bouncycastle/bc-fips/2.1.0/bc-fips-2.1.0.jar.asc && \
222+
curl -sL -o /opt/pega/bcfips/bctls-fips-2.1.20.jar https://repo1.maven.org/maven2/org/bouncycastle/bctls-fips/2.1.20/bctls-fips-2.1.20.jar && \
223+
curl -sL -o /tmp/bctls-fips-2.1.20.jar.asc https://repo1.maven.org/maven2/org/bouncycastle/bctls-fips/2.1.20/bctls-fips-2.1.20.jar.asc && \
224+
curl -sL -o /opt/pega/bcfips/bcpkix-fips-2.1.9.jar https://repo1.maven.org/maven2/org/bouncycastle/bcpkix-fips/2.1.9/bcpkix-fips-2.1.9.jar && \
225+
curl -sL -o /tmp/bcpkix-fips-2.1.9.jar.asc https://repo1.maven.org/maven2/org/bouncycastle/bcpkix-fips/2.1.9/bcpkix-fips-2.1.9.jar.asc && \
226+
curl -sL -o /opt/pega/bcfips/bcutil-fips-2.1.4.jar https://repo1.maven.org/maven2/org/bouncycastle/bcutil-fips/2.1.4/bcutil-fips-2.1.4.jar && \
227+
curl -sL -o /tmp/bcutil-fips-2.1.4.jar.asc https://repo1.maven.org/maven2/org/bouncycastle/bcutil-fips/2.1.4/bcutil-fips-2.1.4.jar.asc && \
228+
curl -sL -o /opt/pega/bcfips/bcmail-fips-2.1.6.jar https://repo1.maven.org/maven2/org/bouncycastle/bcmail-fips/2.1.6/bcmail-fips-2.1.6.jar && \
229+
curl -sL -o /tmp/bcmail-fips-2.1.6.jar.asc https://repo1.maven.org/maven2/org/bouncycastle/bcmail-fips/2.1.6/bcmail-fips-2.1.6.jar.asc && \
230+
curl -sL -o /opt/pega/bcfips/bcpg-fips-2.1.10.jar https://repo1.maven.org/maven2/org/bouncycastle/bcpg-fips/2.1.10/bcpg-fips-2.1.10.jar && \
231+
curl -sL -o /tmp/bcpg-fips-2.1.10.jar.asc https://repo1.maven.org/maven2/org/bouncycastle/bcpg-fips/2.1.10/bcpg-fips-2.1.10.jar.asc && \
228232
gpg --import /keys/bc_maven_public_key.asc && \
229-
gpg --verify /tmp/bc-fips-2.0.0.jar.asc /opt/pega/bcfips/bc-fips-2.0.0.jar && \
230-
rm /tmp/bc-fips-2.0.0.jar.asc && \
231-
gpg --verify /tmp/bctls-fips-2.0.19.jar.asc /opt/pega/bcfips/bctls-fips-2.0.19.jar && \
232-
rm /tmp/bctls-fips-2.0.19.jar.asc && \
233-
gpg --verify /tmp/bcpkix-fips-2.0.7.jar.asc /opt/pega/bcfips/bcpkix-fips-2.0.7.jar && \
234-
rm /tmp/bcpkix-fips-2.0.7.jar.asc && \
235-
gpg --verify /tmp/bcutil-fips-2.0.3.jar.asc /opt/pega/bcfips/bcutil-fips-2.0.3.jar && \
236-
rm /tmp/bcutil-fips-2.0.3.jar.asc && \
233+
gpg --verify /tmp/bc-fips-2.1.0.jar.asc /opt/pega/bcfips/bc-fips-2.1.0.jar && \
234+
rm /tmp/bc-fips-2.1.0.jar.asc && \
235+
gpg --verify /tmp/bctls-fips-2.1.20.jar.asc /opt/pega/bcfips/bctls-fips-2.1.20.jar && \
236+
rm /tmp/bctls-fips-2.1.20.jar.asc && \
237+
gpg --verify /tmp/bcpkix-fips-2.1.9.jar.asc /opt/pega/bcfips/bcpkix-fips-2.1.9.jar && \
238+
rm /tmp/bcpkix-fips-2.1.9.jar.asc && \
239+
gpg --verify /tmp/bcutil-fips-2.1.4.jar.asc /opt/pega/bcfips/bcutil-fips-2.1.4.jar && \
240+
rm /tmp/bcutil-fips-2.1.4.jar.asc && \
241+
gpg --verify /tmp/bcmail-fips-2.1.6.jar.asc /opt/pega/bcfips/bcmail-fips-2.1.6.jar && \
242+
rm /tmp/bcmail-fips-2.1.6.jar.asc && \
243+
gpg --verify /tmp/bcpg-fips-2.1.10.jar.asc /opt/pega/bcfips/bcpg-fips-2.1.10.jar && \
244+
rm /tmp/bcpg-fips-2.1.10.jar.asc && \
237245
apt-get autoremove --purge -y gpg && \
238246
chgrp -R 0 /opt/pega/prometheus && \
239247
chmod -R g+rw /opt/pega/prometheus && \

tomcat-bin/setenv.sh

+5-3
Original file line numberDiff line numberDiff line change
@@ -41,10 +41,12 @@ else
4141
echo "No krb5.conf was specified in ${krb5_conf}."
4242
fi
4343

44-
if [ "${FIPS_140_3_MODE}" == "true" ]; then
45-
JAVA_OPTS="${JAVA_OPTS} -Dorg.bouncycastle.fips.approved_only=true"
44+
if [ "${IS_PEGA_25_OR_LATER}" == "true" ]; then
4645
export CLASSPATH="/opt/pega/bcfips/*"
47-
HIGHLY_SECURE_CRYPTO_MODE_ENABLED=true
46+
if [ "${FIPS_140_3_MODE}" == "true" ]; then
47+
JAVA_OPTS="${JAVA_OPTS} -Dorg.bouncycastle.fips.approved_only=true"
48+
HIGHLY_SECURE_CRYPTO_MODE_ENABLED=true
49+
fi
4850
fi
4951

5052
if [ "${HIGHLY_SECURE_CRYPTO_MODE_ENABLED}" == "true" ]; then

0 commit comments

Comments
 (0)