From 4a5e7b9c11fab681bd6de7905361a1e16ee53824 Mon Sep 17 00:00:00 2001
From: Leo Galambos <lg@hq.egothor.org>
Date: Wed, 3 Jun 2026 21:02:35 +0200
Subject: [PATCH] fix(vuln): bouncycastle security issue

---
 .../main/groovy/buildlogic.java-common-conventions.gradle | 2 +-
 .../main/java/zeroecho/core/alg/bike/BikeKemContext.java  | 8 ++++----
 samples/build.gradle                                      | 2 +-
 3 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/buildSrc/src/main/groovy/buildlogic.java-common-conventions.gradle b/buildSrc/src/main/groovy/buildlogic.java-common-conventions.gradle
index 3d39487..8c6a62b 100644
--- a/buildSrc/src/main/groovy/buildlogic.java-common-conventions.gradle
+++ b/buildSrc/src/main/groovy/buildlogic.java-common-conventions.gradle
@@ -32,7 +32,7 @@ dependencies {
         // Define dependency versions as constraints
         implementation 'org.apache.commons:commons-text:1.15.0'
         implementation 'commons-cli:commons-cli:1.11.0'
-        implementation 'org.bouncycastle:bcpkix-jdk18on:1.83'
+        implementation 'org.bouncycastle:bcpkix-jdk18on:1.84'
         implementation 'org.egothor:conflux:[1.0,2.0)'
         implementation 'org.apache.commons:commons-imaging:1.0.0-alpha6'
     }
diff --git a/lib/src/main/java/zeroecho/core/alg/bike/BikeKemContext.java b/lib/src/main/java/zeroecho/core/alg/bike/BikeKemContext.java
index e27c53c..af7a69f 100644
--- a/lib/src/main/java/zeroecho/core/alg/bike/BikeKemContext.java
+++ b/lib/src/main/java/zeroecho/core/alg/bike/BikeKemContext.java
@@ -44,12 +44,12 @@ import java.util.Objects;
 import javax.security.auth.DestroyFailedException;
 
 import org.bouncycastle.crypto.SecretWithEncapsulation;
-import org.bouncycastle.pqc.crypto.bike.BIKEKEMExtractor;
-import org.bouncycastle.pqc.crypto.bike.BIKEKEMGenerator;
-import org.bouncycastle.pqc.crypto.bike.BIKEPrivateKeyParameters;
-import org.bouncycastle.pqc.crypto.bike.BIKEPublicKeyParameters;
 import org.bouncycastle.pqc.crypto.util.PrivateKeyFactory;
 import org.bouncycastle.pqc.crypto.util.PublicKeyFactory;
+import org.bouncycastle.pqc.legacy.bike.BIKEKEMExtractor;
+import org.bouncycastle.pqc.legacy.bike.BIKEKEMGenerator;
+import org.bouncycastle.pqc.legacy.bike.BIKEPrivateKeyParameters;
+import org.bouncycastle.pqc.legacy.bike.BIKEPublicKeyParameters;
 
 import zeroecho.core.CryptoAlgorithm;
 import zeroecho.core.context.KemContext;
diff --git a/samples/build.gradle b/samples/build.gradle
index 454e11f..d8b0e5e 100644
--- a/samples/build.gradle
+++ b/samples/build.gradle
@@ -5,7 +5,7 @@ plugins {
 dependencies {
     testImplementation(project(":lib"))
     testImplementation 'org.egothor:conflux:[1.0,2.0)'
-    testImplementation("org.bouncycastle:bcpkix-jdk18on:1.81")
+    testImplementation("org.bouncycastle:bcpkix-jdk18on:1.84")
     testImplementation(platform("org.junit:junit-bom:5.10.2"))
     testImplementation 'org.junit.jupiter:junit-jupiter'