exceptionfactory opened a new pull request, #1318: URL: https://github.com/apache/polaris/pull/1318
This pull request removes use of the Bouncy Castle Provider library for the `PemUtils` class for parsing public and private key files. The Bouncy Castle library includes a large number of cryptographic capabilities, some of which are duplicative of current capabilities in recent versions of Java. Parsing PEM-encoded files is the only direct use of Bouncy Castle in Polaris based on imported classes, so replacing this usage with an alternative solution removes the need for a significant direct dependency. The `PemUtils` class already uses standard Java Security components for parsing decoded public keys and private key material, so the changes are scoped to replacing the initial PEM content parsing and Base64 decoding. The changes include a new `PemUtilsTest` class that exercises parsing RSA public key and private key files. The `PemUtils` class usage is limited to JWT asymmetric token support, narrowing the scope of changes to this specific token signing implementation. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
