From c3c3c7dfc445eeb0e31066855303e5825504df2d Mon Sep 17 00:00:00 2001 From: exceptionfactory Date: Sat, 5 Apr 2025 11:39:34 -0500 Subject: [PATCH 1/4] Removed Bouncy Castle dependency usage from PemUtils - Added PEM format parsing in PemUtils - Added unit test for PemUtils - Removed Bouncy Castle Provider dependency from service common module - Removed Bouncy Castle Provider dependency from quarkus service module - Removed Bouncy Castle references from LICENSE and NOTICE files --- gradle/libs.versions.toml | 1 - quarkus/admin/distribution/NOTICE | 9 - quarkus/server/distribution/LICENSE | 211 ++++++++---------- quarkus/server/distribution/NOTICE | 9 - quarkus/service/build.gradle.kts | 2 - service/common/build.gradle.kts | 2 - .../apache/polaris/service/auth/PemUtils.java | 38 +++- .../polaris/service/auth/PemUtilsTest.java | 130 +++++++++++ 8 files changed, 262 insertions(+), 140 deletions(-) create mode 100644 service/common/src/test/java/org/apache/polaris/service/auth/PemUtilsTest.java diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 12c024e440..889747c812 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -41,7 +41,6 @@ assertj-core = { module = "org.assertj:assertj-core", version = "3.27.3" } auth0-jwt = { module = "com.auth0:java-jwt", version = "4.5.0" } awssdk-bom = { module = "software.amazon.awssdk:bom", version = "2.31.45" } azuresdk-bom = { module = "com.azure:azure-sdk-bom", version = "1.2.34" } -bouncycastle-bcprov = { module = "org.bouncycastle:bcprov-jdk18on", version = "1.80" } caffeine = { module = "com.github.ben-manes.caffeine:caffeine", version = "3.2.0" } commons-codec1 = { module = "commons-codec:commons-codec", version = "1.18.0" } commons-lang3 = { module = "org.apache.commons:commons-lang3", version = "3.17.0" } diff --git a/quarkus/admin/distribution/NOTICE b/quarkus/admin/distribution/NOTICE index 15dd8de4a9..e062d40a10 100644 --- a/quarkus/admin/distribution/NOTICE +++ b/quarkus/admin/distribution/NOTICE @@ -335,15 +335,6 @@ NOTICE: | * HOMEPAGE: | * https://github.com/google/protobuf | -| This product optionally depends on 'Bouncy Castle Crypto APIs' to generate -| a temporary self-signed X.509 certificate when the JVM does not provide the -| equivalent functionality. It can be obtained at: -| -| * LICENSE: -| * license/LICENSE.bouncycastle.txt (MIT License) -| * HOMEPAGE: -| * https://www.bouncycastle.org/ -| | This product optionally depends on 'Snappy', a compression library produced | by Google Inc, which can be obtained at: | diff --git a/quarkus/server/distribution/LICENSE b/quarkus/server/distribution/LICENSE index ce5ff26a97..9a1ce013cd 100644 --- a/quarkus/server/distribution/LICENSE +++ b/quarkus/server/distribution/LICENSE @@ -210,17 +210,17 @@ Group: io.github.crac Name: org-crac Version: 0.1.3 Project URL: https://github.com/crac/org.crac License: BSD 2-Clause | Copyright 2017-2022 Azul Systems, Inc. -| +| | Redistribution and use in source and binary forms, with or without | modification, are permitted provided that the following conditions are met: -| +| | 1. Redistributions of source code must retain the above copyright notice, | this list of conditions and the following disclaimer. -| +| | 2. Redistributions in binary form must reproduce the above copyright notice, | this list of conditions and the following disclaimer in the documentation | and/or other materials provided with the distribution. -| +| | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -376,19 +376,19 @@ Group: com.auth0 Name: java-jwt Version: 4.5.0 Project URL: https://github.com/auth0/java-jwt License: MIT License | The MIT License (MIT) -| +| | Copyright (c) 2015 Auth0, Inc. (http://auth0.com) -| +| | Permission is hereby granted, free of charge, to any person obtaining a copy | of this software and associated documentation files (the "Software"), to deal | in the Software without restriction, including without limitation the rights | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell | copies of the Software, and to permit persons to whom the Software is | furnished to do so, subject to the following conditions: -| +| | The above copyright notice and this permission notice shall be included in all | copies or substantial portions of the Software. -| +| | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -411,19 +411,19 @@ Group: com.azure Name: azure-xml Version: 1.2.0 Project URL: https://github.com/Azure/azure-sdk-for-java License: MIT License | The MIT License (MIT) -| +| | Copyright (c) 2015 Microsoft -| +| | Permission is hereby granted, free of charge, to any person obtaining a copy | of this software and associated documentation files (the "Software"), to deal | in the Software without restriction, including without limitation the rights | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell | copies of the Software, and to permit persons to whom the Software is | furnished to do so, subject to the following conditions: -| +| | The above copyright notice and this permission notice shall be included in all | copies or substantial portions of the Software. -| +| | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -489,7 +489,7 @@ License: BSD 3-Clause | Redistribution and use in source and binary forms, with or without | modification, are permitted provided that the following conditions are | met: -| +| | * Redistributions of source code must retain the above copyright | notice, this list of conditions and the following disclaimer. | * Redistributions in binary form must reproduce the above @@ -499,7 +499,7 @@ License: BSD 3-Clause | * Neither the name of Google Inc. nor the names of its | contributors may be used to endorse or promote products derived from | this software without specific prior written permission. -| +| | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS | "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT | LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR @@ -520,11 +520,11 @@ Group: com.google.api Name: gax-httpjson Version: 2.65.0 Project URL: https://github.com/googleapis/gax-java License: BSD 3-Clause | Copyright 2016, Google Inc. All rights reserved. -| +| | Redistribution and use in source and binary forms, with or without | modification, are permitted provided that the following conditions are | met: -| +| | * Redistributions of source code must retain the above copyright | notice, this list of conditions and the following disclaimer. | * Redistributions in binary form must reproduce the above @@ -534,7 +534,7 @@ License: BSD 3-Clause | * Neither the name of Google Inc. nor the names of its | contributors may be used to endorse or promote products derived from | this software without specific prior written permission. -| +| | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS | "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT | LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR @@ -570,22 +570,22 @@ Group: com.google.auth Name: google-auth-library-oauth2-http Version: 1.34.0 Project URL: https://github.com/googleapis/google-auth-library-java License: BSD 3-Clause | Copyright 2014, Google Inc. All rights reserved. -| +| | Redistribution and use in source and binary forms, with or without | modification, are permitted provided that the following conditions are | met: -| +| | * Redistributions of source code must retain the above copyright | notice, this list of conditions and the following disclaimer. | * Redistributions in binary form must reproduce the above | copyright notice, this list of conditions and the following disclaimer | in the documentation and/or other materials provided with the | distribution. -| +| | * Neither the name of Google Inc. nor the names of its | contributors may be used to endorse or promote products derived from | this software without specific prior written permission. -| +| | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS | "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT | LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR @@ -677,11 +677,11 @@ Group: com.google.protobuf Name: protobuf-java-util Version: 3.25.5 Project URL: https://developers.google.com/protocol-buffers/ License: BSD 3-Clause | Copyright 2008 Google Inc. All rights reserved. -| +| | Redistribution and use in source and binary forms, with or without | modification, are permitted provided that the following conditions are | met: -| +| | * Redistributions of source code must retain the above copyright | notice, this list of conditions and the following disclaimer. | * Redistributions in binary form must reproduce the above @@ -691,7 +691,7 @@ License: BSD 3-Clause | * Neither the name of Google Inc. nor the names of its | contributors may be used to endorse or promote products derived from | this software without specific prior written permission. -| +| | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS | "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT | LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR @@ -703,7 +703,7 @@ License: BSD 3-Clause | THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -| +| | Code generated by the Protocol Buffer compiler is owned by the owner | of the input file used when generating it. This code is not | standalone and requires a support library to be linked with it. This @@ -716,25 +716,25 @@ Project URL: http://github.com/google/re2j License: Go License | This is a work derived from Russ Cox's RE2 in Go, whose license | http://golang.org/LICENSE is as follows: -| +| | Copyright (c) 2009 The Go Authors. All rights reserved. -| +| | Redistribution and use in source and binary forms, with or without | modification, are permitted provided that the following conditions are | met: -| +| | * Redistributions of source code must retain the above copyright | notice, this list of conditions and the following disclaimer. -| +| | * Redistributions in binary form must reproduce the above copyright | notice, this list of conditions and the following disclaimer in | the documentation and/or other materials provided with the | distribution. -| +| | * Neither the name of Google Inc. nor the names of its contributors | may be used to endorse or promote products derived from this | software without specific prior written permission. -| +| | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS | "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT | LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR @@ -752,22 +752,22 @@ License: Go License Group: com.jcraft Name: jsch Version: 0.1.55 Project URL: http://www.jcraft.com/jsch/ License: BSD License -| Copyright (c) 2002-2015 Atsuhiko Yamanaka, JCraft,Inc. +| Copyright (c) 2002-2015 Atsuhiko Yamanaka, JCraft,Inc. | All rights reserved. -| +| | Redistribution and use in source and binary forms, with or without | modification, are permitted provided that the following conditions are met: -| +| | 1. Redistributions of source code must retain the above copyright notice, | this list of conditions and the following disclaimer. -| -| 2. Redistributions in binary form must reproduce the above copyright -| notice, this list of conditions and the following disclaimer in +| +| 2. Redistributions in binary form must reproduce the above copyright +| notice, this list of conditions and the following disclaimer in | the documentation and/or other materials provided with the distribution. -| +| | 3. The names of the authors may not be used to endorse or promote products | derived from this software without specific prior written permission. -| +| | THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES, | INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND | FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL JCRAFT, @@ -786,19 +786,19 @@ Group: com.microsoft.azure Name: msal4j-persistence-extension Version: 1.3.0 Project URL: https://github.com/AzureAD/microsoft-authentication-library-for-java License: MIT License | MIT License -| +| | Copyright (c) Microsoft Corporation. All rights reserved. -| +| | Permission is hereby granted, free of charge, to any person obtaining a copy | of this software and associated documentation files (the "Software"), to deal | in the Software without restriction, including without limitation the rights | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell | copies of the Software, and to permit persons to whom the Software is | furnished to do so, subject to the following conditions: -| +| | The above copyright notice and this permission notice shall be included in all | copies or substantial portions of the Software. -| +| | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -894,23 +894,23 @@ License: BSD 3-Clause | Copyright (c) 1998-2019, Brian Wellington | Copyright (c) 2005 VeriSign. All rights reserved. | Copyright (c) 2019-2023, dnsjava authors -| +| | All rights reserved. -| +| | Redistribution and use in source and binary forms, with or without | modification, are permitted provided that the following conditions are met: -| +| | 1. Redistributions of source code must retain the above copyright notice, this | list of conditions and the following disclaimer. -| +| | 2. Redistributions in binary form must reproduce the above copyright notice, | this list of conditions and the following disclaimer in the documentation | and/or other materials provided with the distribution. -| +| | 3. Neither the name of the copyright holder nor the names of its | contributors may be used to endorse or promote products derived from | this software without specific prior written permission. -| +| | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE @@ -1324,33 +1324,20 @@ License: Apache License 2.0 - https://www.apache.org/licenses/LICENSE-2.0.txt -------------------------------------------------------------------------------- -Group: org.bouncycastle Name: bcprov-jdk18on Version: 1.80 -Project URL: https://www.bouncycastle.org/download/bouncy-castle-java/ -License: MIT License -| Copyright (c) 2000 - 2024 The Legion of the Bouncy Castle Inc. (https://www.bouncycastle.org) -| -| Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: -| -| The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. -| -| THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. - --------------------------------------------------------------------------------- - Group: org.checkerframework Name: checker-qual Version: 3.49.1 Project URL: https://checkerframework.org/ License: MIT License | The Checker Framework | Copyright 2004-present by the Checker Framework developers -| -| +| +| | Most of the Checker Framework is licensed under the GNU General Public | License, version 2 (GPL2), with the classpath exception. The text of this | license appears below. This is the same license used for OpenJDK. -| +| | A few parts of the Checker Framework have more permissive licenses, notably | the parts that you might want to include with your own program. -| +| | * The annotations and utility files are licensed under the MIT License. | (The text of this license also appears below.) This applies to | checker-qual*.jar and checker-util.jar and all the files that appear in @@ -1359,24 +1346,24 @@ License: MIT License | third-party annotations (in checker/src/testannotations/, | framework/src/main/java/org/jmlspecs/, and | framework/src/main/java/com/google/). -| +| | The Checker Framework includes annotations for some libraries. Those in | .astub files use the MIT License. Those in https://github.com/typetools/jdk | (which appears in the annotated-jdk directory of file checker.jar) use the | GPL2 license. -| +| | Some external libraries that are included with the Checker Framework | distribution have different licenses. Here are some examples. -| +| | * JavaParser is dual licensed under the LGPL or the Apache license -- you | may use it under whichever one you want. (The JavaParser source code | contains a file with the text of the GPL, but it is not clear why, since | JavaParser does not use the GPL.) See | https://github.com/typetools/stubparser . -| +| | * Annotation Tools (https://github.com/typetools/annotation-tools) uses | the MIT license. -| +| | * Libraries in plume-lib (https://github.com/plume-lib/) are licensed | under the MIT License. @@ -1392,19 +1379,19 @@ Group: org.codehaus.mojo Name: animal-sniffer-annotations Version: 1.24 Project URL: https://www.mojohaus.org/animal-sniffer License: MIT license | The MIT License -| +| | Copyright (c) 2009 codehaus.org. -| +| | Permission is hereby granted, free of charge, to any person obtaining a copy | of this software and associated documentation files (the "Software"), to deal | in the Software without restriction, including without limitation the rights | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell | copies of the Software, and to permit persons to whom the Software is | furnished to do so, subject to the following conditions: -| +| | The above copyright notice and this permission notice shall be included in | all copies or substantial portions of the Software. -| +| | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -1420,20 +1407,20 @@ Group: org.codehaus.woodstox Name: stax2-api Version: 4.2.2 Project URL: http://github.com/FasterXML/stax2-api License: BSD 2-Clause | BSD 2-Clause License -| +| | Copyright (c) 2008+, FasterXML, LLC | All rights reserved. -| +| | Redistribution and use in source and binary forms, with or without | modification, are permitted provided that the following conditions are met: -| +| | * Redistributions of source code must retain the above copyright notice, this | list of conditions and the following disclaimer. -| +| | * Redistributions in binary form must reproduce the above copyright notice, | this list of conditions and the following disclaimer in the documentation | and/or other materials provided with the distribution. -| +| | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE @@ -1502,7 +1489,7 @@ License: BSD 2-Clause | The code in this repository code was Written by Gil Tene, Michael Barker, | and Matt Warren, and released to the public domain, as explained at | http://creativecommons.org/publicdomain/zero/1.0/ -| +| | For users of this code who wish to consume it under the "BSD" license | rather than under the public domain or CC0 contribution text mentioned | above, the code found under this directory is *also* provided under the @@ -1510,25 +1497,25 @@ License: BSD 2-Clause | license does not detract from the above stated release of the code into | the public domain, and simply represents an additional license granted by | the Author. -| +| | ----------------------------------------------------------------------------- | ** Beginning of "BSD 2-Clause License" text. ** -| +| | Copyright (c) 2012, 2013, 2014, 2015, 2016 Gil Tene | Copyright (c) 2014 Michael Barker | Copyright (c) 2014 Matt Warren | All rights reserved. -| +| | Redistribution and use in source and binary forms, with or without | modification, are permitted provided that the following conditions are met: -| +| | 1. Redistributions of source code must retain the above copyright notice, | this list of conditions and the following disclaimer. -| +| | 2. Redistributions in binary form must reproduce the above copyright notice, | this list of conditions and the following disclaimer in the documentation | and/or other materials provided with the distribution. -| +| | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -1586,7 +1573,7 @@ Project URL: http://latencyutils.github.io/LatencyUtils/ License: BSD 2-Clause | * This code was Written by Gil Tene of Azul Systems, and released to the | * public domain, as explained at http://creativecommons.org/publicdomain/zero/1.0/ -| +| | For users of this code who wish to consume it under the "BSD" license | rather than under the public domain or CC0 contribution text mentioned | above, the code found under this directory is *also* provided under the @@ -1594,23 +1581,23 @@ License: BSD 2-Clause | license does not detract from the above stated release of the code into | the public domain, and simply represents an additional license granted by | the Author. -| +| | ----------------------------------------------------------------------------- | ** Beginning of "BSD 2-Clause License" text. ** -| +| | Copyright (c) 2012, 2013, 2014 Gil Tene | All rights reserved. -| +| | Redistribution and use in source and binary forms, with or without | modification, are permitted provided that the following conditions are met: -| +| | 1. Redistributions of source code must retain the above copyright notice, | this list of conditions and the following disclaimer. -| +| | 2. Redistributions in binary form must reproduce the above copyright notice, | this list of conditions and the following disclaimer in the documentation | and/or other materials provided with the distribution. -| +| | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -1631,7 +1618,7 @@ License: BSD 3-Clause | ASM: a very small and fast Java bytecode manipulation framework | Copyright (c) 2000-2011 INRIA, France Telecom | All rights reserved. -| +| | Redistribution and use in source and binary forms, with or without | modification, are permitted provided that the following conditions | are met: @@ -1643,7 +1630,7 @@ License: BSD 3-Clause | 3. Neither the name of the copyright holders nor the names of its | contributors may be used to endorse or promote products derived from | this software without specific prior written permission. -| +| | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -1662,18 +1649,18 @@ Group: org.postgresql Name: postgresql Version: 42.7.5 Project URL: https://jdbc.postgresql.org/ License: BSD 2-Clause | Copyright (c) 1997, PostgreSQL Global Development Group All rights reserved. -| +| | Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: -| +| | 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. | 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer | in the documentation and/or other materials provided with the distribution. -| +| | This Software Is Provided By The Copyright Holders And Contributors “as Is” And Any Express Or Implied Warranties, Including, But | Not Limited To, The Implied Warranties Of Merchantability And Fitness For A Particular Purpose Are Disclaimed. In No Event Shall | The Copyright Owner Or Contributors Be Liable For Any Direct, Indirect, Incidental, Special, Exemplary, Or Consequential Damages | (including, But Not Limited To, Procurement Of Substitute Goods Or Services; Loss Of Use, Data, Or Profits; Or Business -| Interruption) However Caused And On Any Theory Of Liability, Whether In Contract, Strict Liability, Or Tort (including Negligence Or +| Interruption) However Caused And On Any Theory Of Liability, Whether In Contract, Strict Liability, Or Tort (including Negligence Or | Otherwise) Arising In Any Way Out Of The Use Of This Software, Even If Advised Of The Possibility Of Such Damage. -------------------------------------------------------------------------------- @@ -1682,11 +1669,11 @@ Group: org.reactivestreams Name: reactive-streams Version: 1.0.4 Project URL: http://www.reactive-streams.org/ License: MIT License | MIT No Attribution -| +| | Copyright 2014 Reactive Streams -| +| | Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so. -| +| | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. -------------------------------------------------------------------------------- @@ -1708,7 +1695,7 @@ Project URL: http://www.slf4j.org License: MIT License | Copyright (c) 2004-2022 QOS.ch Sarl (Switzerland) | All rights reserved. -| +| | Permission is hereby granted, free of charge, to any person obtaining | a copy of this software and associated documentation files (the | "Software"), to deal in the Software without restriction, including @@ -1716,10 +1703,10 @@ License: MIT License | distribute, sublicense, and/or sell copies of the Software, and to | permit persons to whom the Software is furnished to do so, subject to | the following conditions: -| +| | The above copyright notice and this permission notice shall be | included in all copies or substantial portions of the Software. -| +| | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, | EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF | MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND @@ -1734,23 +1721,23 @@ Group: org.threeten Name: threetenbp Version: 1.7.0 Project URL: https://www.threeten.org/threetenbp License: BSD 3-Clause | Copyright (c) 2007-present, Stephen Colebourne & Michael Nascimento Santos. -| +| | All rights reserved. -| +| | Redistribution and use in source and binary forms, with or without | modification, are permitted provided that the following conditions are met: -| +| | * Redistributions of source code must retain the above copyright notice, | this list of conditions and the following disclaimer. -| +| | * Redistributions in binary form must reproduce the above copyright notice, | this list of conditions and the following disclaimer in the documentation | and/or other materials provided with the distribution. -| +| | * Neither the name of JSR-310 nor the names of its contributors | may be used to endorse or promote products derived from this software | without specific prior written permission. -| +| | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS | "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT | LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR diff --git a/quarkus/server/distribution/NOTICE b/quarkus/server/distribution/NOTICE index 13c749d0e8..0bc6c1f980 100644 --- a/quarkus/server/distribution/NOTICE +++ b/quarkus/server/distribution/NOTICE @@ -370,15 +370,6 @@ NOTICE: | * HOMEPAGE: | * https://github.com/google/protobuf | -| This product optionally depends on 'Bouncy Castle Crypto APIs' to generate -| a temporary self-signed X.509 certificate when the JVM does not provide the -| equivalent functionality. It can be obtained at: -| -| * LICENSE: -| * license/LICENSE.bouncycastle.txt (MIT License) -| * HOMEPAGE: -| * https://www.bouncycastle.org/ -| | This product optionally depends on 'Snappy', a compression library produced | by Google Inc, which can be obtained at: | diff --git a/quarkus/service/build.gradle.kts b/quarkus/service/build.gradle.kts index 0c34075bfb..a7dcd14c43 100644 --- a/quarkus/service/build.gradle.kts +++ b/quarkus/service/build.gradle.kts @@ -70,8 +70,6 @@ dependencies { implementation(libs.auth0.jwt) - implementation(libs.bouncycastle.bcprov) - compileOnly(libs.jakarta.annotation.api) compileOnly(libs.spotbugs.annotations) diff --git a/service/common/build.gradle.kts b/service/common/build.gradle.kts index d38838a85c..2f5d958259 100644 --- a/service/common/build.gradle.kts +++ b/service/common/build.gradle.kts @@ -75,8 +75,6 @@ dependencies { implementation(libs.auth0.jwt) - implementation(libs.bouncycastle.bcprov) - implementation(platform(libs.google.cloud.storage.bom)) implementation("com.google.cloud:google-cloud-storage") diff --git a/service/common/src/main/java/org/apache/polaris/service/auth/PemUtils.java b/service/common/src/main/java/org/apache/polaris/service/auth/PemUtils.java index fd4a0be628..6e3786fa43 100644 --- a/service/common/src/main/java/org/apache/polaris/service/auth/PemUtils.java +++ b/service/common/src/main/java/org/apache/polaris/service/auth/PemUtils.java @@ -20,6 +20,7 @@ import static java.nio.charset.StandardCharsets.UTF_8; +import java.io.BufferedReader; import java.io.BufferedWriter; import java.io.FileNotFoundException; import java.io.IOException; @@ -36,8 +37,6 @@ import java.security.spec.PKCS8EncodedKeySpec; import java.security.spec.X509EncodedKeySpec; import java.util.Base64; -import org.bouncycastle.util.io.pem.PemObject; -import org.bouncycastle.util.io.pem.PemReader; public class PemUtils { @@ -46,9 +45,38 @@ private static byte[] parsePEMFile(Path pemPath) throws IOException { throw new FileNotFoundException( String.format("The file '%s' doesn't exist.", pemPath.toAbsolutePath())); } - try (PemReader reader = new PemReader(Files.newBufferedReader(pemPath, UTF_8))) { - PemObject pemObject = reader.readPemObject(); - return pemObject.getContent(); + try (BufferedReader reader = Files.newBufferedReader(pemPath, UTF_8)) { + final StringBuilder encodedBuilder = new StringBuilder(); + + boolean headerFound = false; + boolean footerFound = false; + + String line = reader.readLine(); + while (line != null) { + if (line.startsWith("-----BEGIN")) { + headerFound = true; + } else if (line.startsWith("-----END")) { + footerFound = true; + } else if (!line.isBlank()) { + encodedBuilder.append(line); + } + + line = reader.readLine(); + } + + final byte[] parsed; + if (headerFound) { + if (footerFound) { + final String encoded = encodedBuilder.toString(); + parsed = Base64.getMimeDecoder().decode(encoded); + } else { + throw new IOException("PEM Footer not found"); + } + } else { + throw new IOException("PEM Header not found"); + } + + return parsed; } } diff --git a/service/common/src/test/java/org/apache/polaris/service/auth/PemUtilsTest.java b/service/common/src/test/java/org/apache/polaris/service/auth/PemUtilsTest.java new file mode 100644 index 0000000000..49b6fc0a3a --- /dev/null +++ b/service/common/src/test/java/org/apache/polaris/service/auth/PemUtilsTest.java @@ -0,0 +1,130 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.polaris.service.auth; + +import static org.junit.jupiter.api.Assertions.assertEquals; + +import java.io.IOException; +import java.nio.file.Files; +import java.nio.file.Path; +import java.security.KeyPair; +import java.security.KeyPairGenerator; +import java.security.NoSuchAlgorithmException; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.util.Base64; +import org.junit.jupiter.api.BeforeAll; +import org.junit.jupiter.api.Test; +import org.junit.jupiter.api.io.TempDir; + +public class PemUtilsTest { + private static final String RSA_ALGORITHM = "RSA"; + + private static final String PUBLIC_KEY_HEADER = "-----BEGIN PUBLIC KEY-----"; + + private static final String PUBLIC_KEY_FOOTER = "-----END PUBLIC KEY-----"; + + private static final String PRIVATE_KEY_HEADER = "-----BEGIN PRIVATE KEY-----"; + + private static final String PRIVATE_KEY_FOOTER = "-----END PRIVATE KEY-----"; + + private static final String LINE_SEPARATOR = System.lineSeparator(); + + private static final String RSA_PUBLIC_KEY_FILE = "rsa-public-key.pem"; + + private static final String RSA_PRIVATE_KEY_FILE = "rsa-private-key.pem"; + + private static final Base64.Encoder encoder = Base64.getMimeEncoder(); + + @TempDir private static Path tempDir; + + private static Path rsaRublicKeyPath; + + private static PublicKey rsaPublicKey; + + private static Path rsaPrivateKeyPath; + + private static PrivateKey rsaPrivateKey; + + @BeforeAll + public static void setKeyPair() throws NoSuchAlgorithmException, IOException { + final KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(RSA_ALGORITHM); + final KeyPair keyPair = keyPairGenerator.generateKeyPair(); + rsaPublicKey = keyPair.getPublic(); + rsaPrivateKey = keyPair.getPrivate(); + + final String publicKeyEncoded = getPublicKeyEncoded(rsaPublicKey); + final String privateKeyEncoded = getPrivateKeyEncoded(rsaPrivateKey); + + rsaRublicKeyPath = tempDir.resolve(RSA_PUBLIC_KEY_FILE); + Files.writeString(rsaRublicKeyPath, publicKeyEncoded); + + rsaPrivateKeyPath = tempDir.resolve(RSA_PRIVATE_KEY_FILE); + Files.writeString(rsaPrivateKeyPath, privateKeyEncoded); + } + + @Test + public void testReadPublicKeyFromFileRSA() throws IOException { + final PublicKey publicKeyRead = PemUtils.readPublicKeyFromFile(rsaRublicKeyPath, RSA_ALGORITHM); + + assertEquals(rsaPublicKey, publicKeyRead); + } + + @Test + public void testReadPrivateKeyFromFileRSA() throws IOException { + final PrivateKey privateKeyRead = + PemUtils.readPrivateKeyFromFile(rsaPrivateKeyPath, RSA_ALGORITHM); + + assertEquals(rsaPrivateKey, privateKeyRead); + } + + private static String getPublicKeyEncoded(final PublicKey publicKey) { + final StringBuilder builder = new StringBuilder(); + + builder.append(PUBLIC_KEY_HEADER); + builder.append(LINE_SEPARATOR); + + final byte[] publicKeyEncoded = publicKey.getEncoded(); + final String encoded = encoder.encodeToString(publicKeyEncoded); + builder.append(encoded); + builder.append(LINE_SEPARATOR); + + builder.append(PUBLIC_KEY_FOOTER); + builder.append(LINE_SEPARATOR); + + return builder.toString(); + } + + private static String getPrivateKeyEncoded(final PrivateKey privateKey) { + final StringBuilder builder = new StringBuilder(); + + builder.append(PRIVATE_KEY_HEADER); + builder.append(LINE_SEPARATOR); + + final byte[] privateKeyEncoded = privateKey.getEncoded(); + final String encoded = encoder.encodeToString(privateKeyEncoded); + builder.append(encoded); + builder.append(LINE_SEPARATOR); + + builder.append(PRIVATE_KEY_FOOTER); + builder.append(LINE_SEPARATOR); + + return builder.toString(); + } +} From abf595c45d483cc62a66615f19688a6e0c46b8e5 Mon Sep 17 00:00:00 2001 From: exceptionfactory Date: Mon, 7 Apr 2025 07:44:47 -0500 Subject: [PATCH 2/4] Reverted LICENSE and NOTICE changes to retain Bouncy Castle --- quarkus/admin/distribution/NOTICE | 9 +++++++++ quarkus/server/distribution/NOTICE | 9 +++++++++ 2 files changed, 18 insertions(+) diff --git a/quarkus/admin/distribution/NOTICE b/quarkus/admin/distribution/NOTICE index e062d40a10..15dd8de4a9 100644 --- a/quarkus/admin/distribution/NOTICE +++ b/quarkus/admin/distribution/NOTICE @@ -335,6 +335,15 @@ NOTICE: | * HOMEPAGE: | * https://github.com/google/protobuf | +| This product optionally depends on 'Bouncy Castle Crypto APIs' to generate +| a temporary self-signed X.509 certificate when the JVM does not provide the +| equivalent functionality. It can be obtained at: +| +| * LICENSE: +| * license/LICENSE.bouncycastle.txt (MIT License) +| * HOMEPAGE: +| * https://www.bouncycastle.org/ +| | This product optionally depends on 'Snappy', a compression library produced | by Google Inc, which can be obtained at: | diff --git a/quarkus/server/distribution/NOTICE b/quarkus/server/distribution/NOTICE index 0bc6c1f980..13c749d0e8 100644 --- a/quarkus/server/distribution/NOTICE +++ b/quarkus/server/distribution/NOTICE @@ -370,6 +370,15 @@ NOTICE: | * HOMEPAGE: | * https://github.com/google/protobuf | +| This product optionally depends on 'Bouncy Castle Crypto APIs' to generate +| a temporary self-signed X.509 certificate when the JVM does not provide the +| equivalent functionality. It can be obtained at: +| +| * LICENSE: +| * license/LICENSE.bouncycastle.txt (MIT License) +| * HOMEPAGE: +| * https://www.bouncycastle.org/ +| | This product optionally depends on 'Snappy', a compression library produced | by Google Inc, which can be obtained at: | From 16aa2e054d25ebfbe8fe0debe6aae0496849d4a2 Mon Sep 17 00:00:00 2001 From: exceptionfactory Date: Mon, 7 Apr 2025 07:52:58 -0500 Subject: [PATCH 3/4] Added tests for empty file and multiple PEM objects --- .../apache/polaris/service/auth/PemUtils.java | 2 ++ .../polaris/service/auth/PemUtilsTest.java | 28 +++++++++++++++++++ 2 files changed, 30 insertions(+) diff --git a/service/common/src/main/java/org/apache/polaris/service/auth/PemUtils.java b/service/common/src/main/java/org/apache/polaris/service/auth/PemUtils.java index 6e3786fa43..3755990138 100644 --- a/service/common/src/main/java/org/apache/polaris/service/auth/PemUtils.java +++ b/service/common/src/main/java/org/apache/polaris/service/auth/PemUtils.java @@ -57,6 +57,8 @@ private static byte[] parsePEMFile(Path pemPath) throws IOException { headerFound = true; } else if (line.startsWith("-----END")) { footerFound = true; + // Stop reading after finding footer + break; } else if (!line.isBlank()) { encodedBuilder.append(line); } diff --git a/service/common/src/test/java/org/apache/polaris/service/auth/PemUtilsTest.java b/service/common/src/test/java/org/apache/polaris/service/auth/PemUtilsTest.java index 49b6fc0a3a..c84114bc85 100644 --- a/service/common/src/test/java/org/apache/polaris/service/auth/PemUtilsTest.java +++ b/service/common/src/test/java/org/apache/polaris/service/auth/PemUtilsTest.java @@ -19,6 +19,7 @@ package org.apache.polaris.service.auth; import static org.junit.jupiter.api.Assertions.assertEquals; +import static org.junit.jupiter.api.Assertions.assertThrows; import java.io.IOException; import java.nio.file.Files; @@ -50,6 +51,10 @@ public class PemUtilsTest { private static final String RSA_PRIVATE_KEY_FILE = "rsa-private-key.pem"; + private static final String RSA_PUBLIC_KEY_AND_PRIVATE_KEY_FILE = "rsa-public-key-and-private-key.pem"; + + private static final String EMPTY_FILE = "empty.pem"; + private static final Base64.Encoder encoder = Base64.getMimeEncoder(); @TempDir private static Path tempDir; @@ -62,6 +67,10 @@ public class PemUtilsTest { private static PrivateKey rsaPrivateKey; + private static Path rsaPublicKeyAndPrivateKeyPath; + + private static Path emptyFilePath; + @BeforeAll public static void setKeyPair() throws NoSuchAlgorithmException, IOException { final KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(RSA_ALGORITHM); @@ -77,6 +86,13 @@ public static void setKeyPair() throws NoSuchAlgorithmException, IOException { rsaPrivateKeyPath = tempDir.resolve(RSA_PRIVATE_KEY_FILE); Files.writeString(rsaPrivateKeyPath, privateKeyEncoded); + + rsaPublicKeyAndPrivateKeyPath = tempDir.resolve(RSA_PUBLIC_KEY_AND_PRIVATE_KEY_FILE); + final String rsaPublicKeyAndPrivateKey = publicKeyEncoded + LINE_SEPARATOR + privateKeyEncoded; + Files.writeString(rsaPublicKeyAndPrivateKeyPath, rsaPublicKeyAndPrivateKey); + + emptyFilePath = tempDir.resolve(EMPTY_FILE); + Files.write(emptyFilePath, new byte[0]); } @Test @@ -94,6 +110,18 @@ public void testReadPrivateKeyFromFileRSA() throws IOException { assertEquals(rsaPrivateKey, privateKeyRead); } + @Test + public void testReadPublicKeyFromFileRSAWithPrivateKeyIgnored() throws IOException { + final PublicKey publicKeyRead = PemUtils.readPublicKeyFromFile(rsaPublicKeyAndPrivateKeyPath, RSA_ALGORITHM); + + assertEquals(rsaPublicKey, publicKeyRead); + } + + @Test + public void testReadEmptyFIle() { + assertThrows(IOException.class, () -> PemUtils.readPublicKeyFromFile(emptyFilePath, RSA_ALGORITHM)); + } + private static String getPublicKeyEncoded(final PublicKey publicKey) { final StringBuilder builder = new StringBuilder(); From 29525eccc76d8c3a5a22ad15c4982e7e1c7c151c Mon Sep 17 00:00:00 2001 From: exceptionfactory Date: Mon, 7 Apr 2025 08:44:36 -0500 Subject: [PATCH 4/4] Applied spotless formatting --- quarkus/server/distribution/LICENSE | 211 ++++++++++-------- .../polaris/service/auth/PemUtilsTest.java | 8 +- 2 files changed, 117 insertions(+), 102 deletions(-) diff --git a/quarkus/server/distribution/LICENSE b/quarkus/server/distribution/LICENSE index 9a1ce013cd..ce5ff26a97 100644 --- a/quarkus/server/distribution/LICENSE +++ b/quarkus/server/distribution/LICENSE @@ -210,17 +210,17 @@ Group: io.github.crac Name: org-crac Version: 0.1.3 Project URL: https://github.com/crac/org.crac License: BSD 2-Clause | Copyright 2017-2022 Azul Systems, Inc. -| +| | Redistribution and use in source and binary forms, with or without | modification, are permitted provided that the following conditions are met: -| +| | 1. Redistributions of source code must retain the above copyright notice, | this list of conditions and the following disclaimer. -| +| | 2. Redistributions in binary form must reproduce the above copyright notice, | this list of conditions and the following disclaimer in the documentation | and/or other materials provided with the distribution. -| +| | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -376,19 +376,19 @@ Group: com.auth0 Name: java-jwt Version: 4.5.0 Project URL: https://github.com/auth0/java-jwt License: MIT License | The MIT License (MIT) -| +| | Copyright (c) 2015 Auth0, Inc. (http://auth0.com) -| +| | Permission is hereby granted, free of charge, to any person obtaining a copy | of this software and associated documentation files (the "Software"), to deal | in the Software without restriction, including without limitation the rights | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell | copies of the Software, and to permit persons to whom the Software is | furnished to do so, subject to the following conditions: -| +| | The above copyright notice and this permission notice shall be included in all | copies or substantial portions of the Software. -| +| | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -411,19 +411,19 @@ Group: com.azure Name: azure-xml Version: 1.2.0 Project URL: https://github.com/Azure/azure-sdk-for-java License: MIT License | The MIT License (MIT) -| +| | Copyright (c) 2015 Microsoft -| +| | Permission is hereby granted, free of charge, to any person obtaining a copy | of this software and associated documentation files (the "Software"), to deal | in the Software without restriction, including without limitation the rights | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell | copies of the Software, and to permit persons to whom the Software is | furnished to do so, subject to the following conditions: -| +| | The above copyright notice and this permission notice shall be included in all | copies or substantial portions of the Software. -| +| | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -489,7 +489,7 @@ License: BSD 3-Clause | Redistribution and use in source and binary forms, with or without | modification, are permitted provided that the following conditions are | met: -| +| | * Redistributions of source code must retain the above copyright | notice, this list of conditions and the following disclaimer. | * Redistributions in binary form must reproduce the above @@ -499,7 +499,7 @@ License: BSD 3-Clause | * Neither the name of Google Inc. nor the names of its | contributors may be used to endorse or promote products derived from | this software without specific prior written permission. -| +| | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS | "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT | LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR @@ -520,11 +520,11 @@ Group: com.google.api Name: gax-httpjson Version: 2.65.0 Project URL: https://github.com/googleapis/gax-java License: BSD 3-Clause | Copyright 2016, Google Inc. All rights reserved. -| +| | Redistribution and use in source and binary forms, with or without | modification, are permitted provided that the following conditions are | met: -| +| | * Redistributions of source code must retain the above copyright | notice, this list of conditions and the following disclaimer. | * Redistributions in binary form must reproduce the above @@ -534,7 +534,7 @@ License: BSD 3-Clause | * Neither the name of Google Inc. nor the names of its | contributors may be used to endorse or promote products derived from | this software without specific prior written permission. -| +| | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS | "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT | LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR @@ -570,22 +570,22 @@ Group: com.google.auth Name: google-auth-library-oauth2-http Version: 1.34.0 Project URL: https://github.com/googleapis/google-auth-library-java License: BSD 3-Clause | Copyright 2014, Google Inc. All rights reserved. -| +| | Redistribution and use in source and binary forms, with or without | modification, are permitted provided that the following conditions are | met: -| +| | * Redistributions of source code must retain the above copyright | notice, this list of conditions and the following disclaimer. | * Redistributions in binary form must reproduce the above | copyright notice, this list of conditions and the following disclaimer | in the documentation and/or other materials provided with the | distribution. -| +| | * Neither the name of Google Inc. nor the names of its | contributors may be used to endorse or promote products derived from | this software without specific prior written permission. -| +| | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS | "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT | LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR @@ -677,11 +677,11 @@ Group: com.google.protobuf Name: protobuf-java-util Version: 3.25.5 Project URL: https://developers.google.com/protocol-buffers/ License: BSD 3-Clause | Copyright 2008 Google Inc. All rights reserved. -| +| | Redistribution and use in source and binary forms, with or without | modification, are permitted provided that the following conditions are | met: -| +| | * Redistributions of source code must retain the above copyright | notice, this list of conditions and the following disclaimer. | * Redistributions in binary form must reproduce the above @@ -691,7 +691,7 @@ License: BSD 3-Clause | * Neither the name of Google Inc. nor the names of its | contributors may be used to endorse or promote products derived from | this software without specific prior written permission. -| +| | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS | "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT | LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR @@ -703,7 +703,7 @@ License: BSD 3-Clause | THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -| +| | Code generated by the Protocol Buffer compiler is owned by the owner | of the input file used when generating it. This code is not | standalone and requires a support library to be linked with it. This @@ -716,25 +716,25 @@ Project URL: http://github.com/google/re2j License: Go License | This is a work derived from Russ Cox's RE2 in Go, whose license | http://golang.org/LICENSE is as follows: -| +| | Copyright (c) 2009 The Go Authors. All rights reserved. -| +| | Redistribution and use in source and binary forms, with or without | modification, are permitted provided that the following conditions are | met: -| +| | * Redistributions of source code must retain the above copyright | notice, this list of conditions and the following disclaimer. -| +| | * Redistributions in binary form must reproduce the above copyright | notice, this list of conditions and the following disclaimer in | the documentation and/or other materials provided with the | distribution. -| +| | * Neither the name of Google Inc. nor the names of its contributors | may be used to endorse or promote products derived from this | software without specific prior written permission. -| +| | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS | "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT | LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR @@ -752,22 +752,22 @@ License: Go License Group: com.jcraft Name: jsch Version: 0.1.55 Project URL: http://www.jcraft.com/jsch/ License: BSD License -| Copyright (c) 2002-2015 Atsuhiko Yamanaka, JCraft,Inc. +| Copyright (c) 2002-2015 Atsuhiko Yamanaka, JCraft,Inc. | All rights reserved. -| +| | Redistribution and use in source and binary forms, with or without | modification, are permitted provided that the following conditions are met: -| +| | 1. Redistributions of source code must retain the above copyright notice, | this list of conditions and the following disclaimer. -| -| 2. Redistributions in binary form must reproduce the above copyright -| notice, this list of conditions and the following disclaimer in +| +| 2. Redistributions in binary form must reproduce the above copyright +| notice, this list of conditions and the following disclaimer in | the documentation and/or other materials provided with the distribution. -| +| | 3. The names of the authors may not be used to endorse or promote products | derived from this software without specific prior written permission. -| +| | THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES, | INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND | FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL JCRAFT, @@ -786,19 +786,19 @@ Group: com.microsoft.azure Name: msal4j-persistence-extension Version: 1.3.0 Project URL: https://github.com/AzureAD/microsoft-authentication-library-for-java License: MIT License | MIT License -| +| | Copyright (c) Microsoft Corporation. All rights reserved. -| +| | Permission is hereby granted, free of charge, to any person obtaining a copy | of this software and associated documentation files (the "Software"), to deal | in the Software without restriction, including without limitation the rights | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell | copies of the Software, and to permit persons to whom the Software is | furnished to do so, subject to the following conditions: -| +| | The above copyright notice and this permission notice shall be included in all | copies or substantial portions of the Software. -| +| | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -894,23 +894,23 @@ License: BSD 3-Clause | Copyright (c) 1998-2019, Brian Wellington | Copyright (c) 2005 VeriSign. All rights reserved. | Copyright (c) 2019-2023, dnsjava authors -| +| | All rights reserved. -| +| | Redistribution and use in source and binary forms, with or without | modification, are permitted provided that the following conditions are met: -| +| | 1. Redistributions of source code must retain the above copyright notice, this | list of conditions and the following disclaimer. -| +| | 2. Redistributions in binary form must reproduce the above copyright notice, | this list of conditions and the following disclaimer in the documentation | and/or other materials provided with the distribution. -| +| | 3. Neither the name of the copyright holder nor the names of its | contributors may be used to endorse or promote products derived from | this software without specific prior written permission. -| +| | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE @@ -1324,20 +1324,33 @@ License: Apache License 2.0 - https://www.apache.org/licenses/LICENSE-2.0.txt -------------------------------------------------------------------------------- +Group: org.bouncycastle Name: bcprov-jdk18on Version: 1.80 +Project URL: https://www.bouncycastle.org/download/bouncy-castle-java/ +License: MIT License +| Copyright (c) 2000 - 2024 The Legion of the Bouncy Castle Inc. (https://www.bouncycastle.org) +| +| Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: +| +| The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. +| +| THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + +-------------------------------------------------------------------------------- + Group: org.checkerframework Name: checker-qual Version: 3.49.1 Project URL: https://checkerframework.org/ License: MIT License | The Checker Framework | Copyright 2004-present by the Checker Framework developers -| -| +| +| | Most of the Checker Framework is licensed under the GNU General Public | License, version 2 (GPL2), with the classpath exception. The text of this | license appears below. This is the same license used for OpenJDK. -| +| | A few parts of the Checker Framework have more permissive licenses, notably | the parts that you might want to include with your own program. -| +| | * The annotations and utility files are licensed under the MIT License. | (The text of this license also appears below.) This applies to | checker-qual*.jar and checker-util.jar and all the files that appear in @@ -1346,24 +1359,24 @@ License: MIT License | third-party annotations (in checker/src/testannotations/, | framework/src/main/java/org/jmlspecs/, and | framework/src/main/java/com/google/). -| +| | The Checker Framework includes annotations for some libraries. Those in | .astub files use the MIT License. Those in https://github.com/typetools/jdk | (which appears in the annotated-jdk directory of file checker.jar) use the | GPL2 license. -| +| | Some external libraries that are included with the Checker Framework | distribution have different licenses. Here are some examples. -| +| | * JavaParser is dual licensed under the LGPL or the Apache license -- you | may use it under whichever one you want. (The JavaParser source code | contains a file with the text of the GPL, but it is not clear why, since | JavaParser does not use the GPL.) See | https://github.com/typetools/stubparser . -| +| | * Annotation Tools (https://github.com/typetools/annotation-tools) uses | the MIT license. -| +| | * Libraries in plume-lib (https://github.com/plume-lib/) are licensed | under the MIT License. @@ -1379,19 +1392,19 @@ Group: org.codehaus.mojo Name: animal-sniffer-annotations Version: 1.24 Project URL: https://www.mojohaus.org/animal-sniffer License: MIT license | The MIT License -| +| | Copyright (c) 2009 codehaus.org. -| +| | Permission is hereby granted, free of charge, to any person obtaining a copy | of this software and associated documentation files (the "Software"), to deal | in the Software without restriction, including without limitation the rights | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell | copies of the Software, and to permit persons to whom the Software is | furnished to do so, subject to the following conditions: -| +| | The above copyright notice and this permission notice shall be included in | all copies or substantial portions of the Software. -| +| | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -1407,20 +1420,20 @@ Group: org.codehaus.woodstox Name: stax2-api Version: 4.2.2 Project URL: http://github.com/FasterXML/stax2-api License: BSD 2-Clause | BSD 2-Clause License -| +| | Copyright (c) 2008+, FasterXML, LLC | All rights reserved. -| +| | Redistribution and use in source and binary forms, with or without | modification, are permitted provided that the following conditions are met: -| +| | * Redistributions of source code must retain the above copyright notice, this | list of conditions and the following disclaimer. -| +| | * Redistributions in binary form must reproduce the above copyright notice, | this list of conditions and the following disclaimer in the documentation | and/or other materials provided with the distribution. -| +| | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE @@ -1489,7 +1502,7 @@ License: BSD 2-Clause | The code in this repository code was Written by Gil Tene, Michael Barker, | and Matt Warren, and released to the public domain, as explained at | http://creativecommons.org/publicdomain/zero/1.0/ -| +| | For users of this code who wish to consume it under the "BSD" license | rather than under the public domain or CC0 contribution text mentioned | above, the code found under this directory is *also* provided under the @@ -1497,25 +1510,25 @@ License: BSD 2-Clause | license does not detract from the above stated release of the code into | the public domain, and simply represents an additional license granted by | the Author. -| +| | ----------------------------------------------------------------------------- | ** Beginning of "BSD 2-Clause License" text. ** -| +| | Copyright (c) 2012, 2013, 2014, 2015, 2016 Gil Tene | Copyright (c) 2014 Michael Barker | Copyright (c) 2014 Matt Warren | All rights reserved. -| +| | Redistribution and use in source and binary forms, with or without | modification, are permitted provided that the following conditions are met: -| +| | 1. Redistributions of source code must retain the above copyright notice, | this list of conditions and the following disclaimer. -| +| | 2. Redistributions in binary form must reproduce the above copyright notice, | this list of conditions and the following disclaimer in the documentation | and/or other materials provided with the distribution. -| +| | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -1573,7 +1586,7 @@ Project URL: http://latencyutils.github.io/LatencyUtils/ License: BSD 2-Clause | * This code was Written by Gil Tene of Azul Systems, and released to the | * public domain, as explained at http://creativecommons.org/publicdomain/zero/1.0/ -| +| | For users of this code who wish to consume it under the "BSD" license | rather than under the public domain or CC0 contribution text mentioned | above, the code found under this directory is *also* provided under the @@ -1581,23 +1594,23 @@ License: BSD 2-Clause | license does not detract from the above stated release of the code into | the public domain, and simply represents an additional license granted by | the Author. -| +| | ----------------------------------------------------------------------------- | ** Beginning of "BSD 2-Clause License" text. ** -| +| | Copyright (c) 2012, 2013, 2014 Gil Tene | All rights reserved. -| +| | Redistribution and use in source and binary forms, with or without | modification, are permitted provided that the following conditions are met: -| +| | 1. Redistributions of source code must retain the above copyright notice, | this list of conditions and the following disclaimer. -| +| | 2. Redistributions in binary form must reproduce the above copyright notice, | this list of conditions and the following disclaimer in the documentation | and/or other materials provided with the distribution. -| +| | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -1618,7 +1631,7 @@ License: BSD 3-Clause | ASM: a very small and fast Java bytecode manipulation framework | Copyright (c) 2000-2011 INRIA, France Telecom | All rights reserved. -| +| | Redistribution and use in source and binary forms, with or without | modification, are permitted provided that the following conditions | are met: @@ -1630,7 +1643,7 @@ License: BSD 3-Clause | 3. Neither the name of the copyright holders nor the names of its | contributors may be used to endorse or promote products derived from | this software without specific prior written permission. -| +| | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -1649,18 +1662,18 @@ Group: org.postgresql Name: postgresql Version: 42.7.5 Project URL: https://jdbc.postgresql.org/ License: BSD 2-Clause | Copyright (c) 1997, PostgreSQL Global Development Group All rights reserved. -| +| | Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: -| +| | 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. | 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer | in the documentation and/or other materials provided with the distribution. -| +| | This Software Is Provided By The Copyright Holders And Contributors “as Is” And Any Express Or Implied Warranties, Including, But | Not Limited To, The Implied Warranties Of Merchantability And Fitness For A Particular Purpose Are Disclaimed. In No Event Shall | The Copyright Owner Or Contributors Be Liable For Any Direct, Indirect, Incidental, Special, Exemplary, Or Consequential Damages | (including, But Not Limited To, Procurement Of Substitute Goods Or Services; Loss Of Use, Data, Or Profits; Or Business -| Interruption) However Caused And On Any Theory Of Liability, Whether In Contract, Strict Liability, Or Tort (including Negligence Or +| Interruption) However Caused And On Any Theory Of Liability, Whether In Contract, Strict Liability, Or Tort (including Negligence Or | Otherwise) Arising In Any Way Out Of The Use Of This Software, Even If Advised Of The Possibility Of Such Damage. -------------------------------------------------------------------------------- @@ -1669,11 +1682,11 @@ Group: org.reactivestreams Name: reactive-streams Version: 1.0.4 Project URL: http://www.reactive-streams.org/ License: MIT License | MIT No Attribution -| +| | Copyright 2014 Reactive Streams -| +| | Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so. -| +| | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. -------------------------------------------------------------------------------- @@ -1695,7 +1708,7 @@ Project URL: http://www.slf4j.org License: MIT License | Copyright (c) 2004-2022 QOS.ch Sarl (Switzerland) | All rights reserved. -| +| | Permission is hereby granted, free of charge, to any person obtaining | a copy of this software and associated documentation files (the | "Software"), to deal in the Software without restriction, including @@ -1703,10 +1716,10 @@ License: MIT License | distribute, sublicense, and/or sell copies of the Software, and to | permit persons to whom the Software is furnished to do so, subject to | the following conditions: -| +| | The above copyright notice and this permission notice shall be | included in all copies or substantial portions of the Software. -| +| | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, | EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF | MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND @@ -1721,23 +1734,23 @@ Group: org.threeten Name: threetenbp Version: 1.7.0 Project URL: https://www.threeten.org/threetenbp License: BSD 3-Clause | Copyright (c) 2007-present, Stephen Colebourne & Michael Nascimento Santos. -| +| | All rights reserved. -| +| | Redistribution and use in source and binary forms, with or without | modification, are permitted provided that the following conditions are met: -| +| | * Redistributions of source code must retain the above copyright notice, | this list of conditions and the following disclaimer. -| +| | * Redistributions in binary form must reproduce the above copyright notice, | this list of conditions and the following disclaimer in the documentation | and/or other materials provided with the distribution. -| +| | * Neither the name of JSR-310 nor the names of its contributors | may be used to endorse or promote products derived from this software | without specific prior written permission. -| +| | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS | "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT | LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR diff --git a/service/common/src/test/java/org/apache/polaris/service/auth/PemUtilsTest.java b/service/common/src/test/java/org/apache/polaris/service/auth/PemUtilsTest.java index c84114bc85..36e62ceae5 100644 --- a/service/common/src/test/java/org/apache/polaris/service/auth/PemUtilsTest.java +++ b/service/common/src/test/java/org/apache/polaris/service/auth/PemUtilsTest.java @@ -51,7 +51,7 @@ public class PemUtilsTest { private static final String RSA_PRIVATE_KEY_FILE = "rsa-private-key.pem"; - private static final String RSA_PUBLIC_KEY_AND_PRIVATE_KEY_FILE = "rsa-public-key-and-private-key.pem"; + private static final String RSA_PUBLIC_KEY_AND_PRIVATE_KEY_FILE = "rsa-public-key-pair.pem"; private static final String EMPTY_FILE = "empty.pem"; @@ -112,14 +112,16 @@ public void testReadPrivateKeyFromFileRSA() throws IOException { @Test public void testReadPublicKeyFromFileRSAWithPrivateKeyIgnored() throws IOException { - final PublicKey publicKeyRead = PemUtils.readPublicKeyFromFile(rsaPublicKeyAndPrivateKeyPath, RSA_ALGORITHM); + final PublicKey publicKeyRead = + PemUtils.readPublicKeyFromFile(rsaPublicKeyAndPrivateKeyPath, RSA_ALGORITHM); assertEquals(rsaPublicKey, publicKeyRead); } @Test public void testReadEmptyFIle() { - assertThrows(IOException.class, () -> PemUtils.readPublicKeyFromFile(emptyFilePath, RSA_ALGORITHM)); + assertThrows( + IOException.class, () -> PemUtils.readPublicKeyFromFile(emptyFilePath, RSA_ALGORITHM)); } private static String getPublicKeyEncoded(final PublicKey publicKey) {