diff --git a/0001-added-back-support-for-subject-key-identifier-check-.patch b/0001-added-back-support-for-subject-key-identifier-check-.patch
deleted file mode 100644
index a2e2481f493a0a84298129998a7b01f838ea3b63..0000000000000000000000000000000000000000
--- a/0001-added-back-support-for-subject-key-identifier-check-.patch
+++ /dev/null
@@ -1,32 +0,0 @@
-From d1fb007090813ce348a2d439f12fa347a8d5010c Mon Sep 17 00:00:00 2001
-From: David Hook <dgh@cryptoworkshop.com>
-Date: Wed, 12 Jan 2022 15:02:59 +1100
-Subject: [PATCH] added back support for subject key identifier check where
- serial number is not provided.
-
----
- .../java/org/bouncycastle/x509/PKIXCertPathReviewer.java  | 8 ++++++++
- 1 file changed, 8 insertions(+)
-
-diff --git a/prov/src/main/java/org/bouncycastle/x509/PKIXCertPathReviewer.java b/prov/src/main/java/org/bouncycastle/x509/PKIXCertPathReviewer.java
-index 58a07d6c7..a78e97735 100644
---- a/prov/src/main/java/org/bouncycastle/x509/PKIXCertPathReviewer.java
-+++ b/prov/src/main/java/org/bouncycastle/x509/PKIXCertPathReviewer.java
-@@ -2492,6 +2492,14 @@ protected Collection getTrustAnchors(X509Certificate cert, Set trustanchors) thr
-                 {
-                     certSelectX509.setSerialNumber(authID.getAuthorityCertSerialNumber());
-                 }
-+                else
-+                {
-+                    byte[] keyID = authID.getKeyIdentifier();
-+                    if (keyID != null)
-+                    {
-+                        certSelectX509.setSubjectKeyIdentifier(new DEROctetString(keyID).getEncoded());
-+                    }
-+                }
-             }
-         }
-         catch (IOException ex)
--- 
-2.34.1
-
diff --git a/bcmail-jdk15on-1.70.pom b/bcmail-jdk18on-1.78.pom
similarity index 80%
rename from bcmail-jdk15on-1.70.pom
rename to bcmail-jdk18on-1.78.pom
index 140e13f5fa6b4196550127fe57b61a0e28885ae6..c18ad336d9c59a08eb79bea5c567a2fa62c784b3 100644
--- a/bcmail-jdk15on-1.70.pom
+++ b/bcmail-jdk18on-1.78.pom
@@ -2,11 +2,11 @@
 <project>
   <modelVersion>4.0.0</modelVersion>
   <groupId>org.bouncycastle</groupId>
-  <artifactId>bcmail-jdk15on</artifactId>
+  <artifactId>bcmail-jdk18on</artifactId>
   <packaging>jar</packaging>
   <name>Bouncy Castle S/MIME API</name>
-  <version>1.70</version>
-  <description>The Bouncy Castle Java S/MIME APIs for handling S/MIME protocols. This jar contains S/MIME APIs for JDK 1.5 and up. The APIs can be used in conjunction with a JCE/JCA provider such as the one provided with the Bouncy Castle Cryptography APIs. The JavaMail API and the Java activation framework will also be needed.</description>
+  <version>1.78</version>
+  <description>The Bouncy Castle Java S/MIME APIs for handling S/MIME protocols. This jar contains S/MIME APIs for JDK 1.8 and up. The APIs can be used in conjunction with a JCE/JCA provider such as the one provided with the Bouncy Castle Cryptography APIs. The JavaMail API and the Java activation framework will also be needed.</description>
   <url>https://www.bouncycastle.org/java.html</url>
   <licenses>
     <license>
@@ -32,20 +32,20 @@
   <dependencies>
     <dependency>
       <groupId>org.bouncycastle</groupId>
-      <artifactId>bcprov-jdk15on</artifactId>
-      <version>1.70</version>
+      <artifactId>bcprov-jdk18on</artifactId>
+      <version>1.78</version>
       <type>jar</type>
     </dependency>
     <dependency>
       <groupId>org.bouncycastle</groupId>
-      <artifactId>bcutil-jdk15on</artifactId>
-      <version>1.70</version>
+      <artifactId>bcutil-jdk18on</artifactId>
+      <version>1.78</version>
       <type>jar</type>
     </dependency>
     <dependency>
       <groupId>org.bouncycastle</groupId>
-      <artifactId>bcpkix-jdk15on</artifactId>
-      <version>1.70</version>
+      <artifactId>bcpkix-jdk18on</artifactId>
+      <version>1.78</version>
       <type>jar</type>
     </dependency>
   </dependencies>
diff --git a/bcpg-jdk15on-1.70.pom b/bcpg-jdk18on-1.78.pom
similarity index 79%
rename from bcpg-jdk15on-1.70.pom
rename to bcpg-jdk18on-1.78.pom
index e16fdc21460fed278e29679f3e8db202c1259d44..c8e82313b7ed265fc269b5700b57fee9cd7f21a1 100644
--- a/bcpg-jdk15on-1.70.pom
+++ b/bcpg-jdk18on-1.78.pom
@@ -2,11 +2,11 @@
 <project>
   <modelVersion>4.0.0</modelVersion>
   <groupId>org.bouncycastle</groupId>
-  <artifactId>bcpg-jdk15on</artifactId>
+  <artifactId>bcpg-jdk18on</artifactId>
   <packaging>jar</packaging>
   <name>Bouncy Castle OpenPGP API</name>
-  <version>1.70</version>
-  <description>The Bouncy Castle Java API for handling the OpenPGP protocol. This jar contains the OpenPGP API for JDK 1.5 and up. The APIs can be used in conjunction with a JCE/JCA provider such as the one provided with the Bouncy Castle Cryptography APIs.</description>
+  <version>1.78</version>
+  <description>The Bouncy Castle Java API for handling the OpenPGP protocol. This jar contains the OpenPGP API for JDK 1.8 and up. The APIs can be used in conjunction with a JCE/JCA provider such as the one provided with the Bouncy Castle Cryptography APIs.</description>
   <url>https://www.bouncycastle.org/java.html</url>
   <licenses>
     <license>
@@ -15,8 +15,8 @@
       <distribution>repo</distribution>
     </license>
     <license>
-      <name>Apache Software License, Version 1.1</name>
-      <url>https://www.apache.org/licenses/LICENSE-1.1</url>
+      <name>Apache Software License, Version 2.0</name>
+      <url>https://www.apache.org/licenses/LICENSE-2.0</url>
       <distribution>repo</distribution>
     </license>
   </licenses>
@@ -37,8 +37,8 @@
   <dependencies>
     <dependency>
       <groupId>org.bouncycastle</groupId>
-      <artifactId>bcprov-jdk15on</artifactId>
-      <version>1.70</version>
+      <artifactId>bcprov-jdk18on</artifactId>
+      <version>1.78</version>
       <type>jar</type>
     </dependency>
   </dependencies>
diff --git a/bcpkix-jdk15on-1.70.pom b/bcpkix-jdk18on-1.78.pom
similarity index 82%
rename from bcpkix-jdk15on-1.70.pom
rename to bcpkix-jdk18on-1.78.pom
index 01353ff1466a7f78acc97aa68bc08806d5711202..1ebddf3a36b3c389ce0238673d00639fb181a0e3 100644
--- a/bcpkix-jdk15on-1.70.pom
+++ b/bcpkix-jdk18on-1.78.pom
@@ -2,11 +2,11 @@
 <project>
   <modelVersion>4.0.0</modelVersion>
   <groupId>org.bouncycastle</groupId>
-  <artifactId>bcpkix-jdk15on</artifactId>
+  <artifactId>bcpkix-jdk18on</artifactId>
   <packaging>jar</packaging>
   <name>Bouncy Castle PKIX, CMS, EAC, TSP, PKCS, OCSP, CMP, and CRMF APIs</name>
-  <version>1.70</version>
-  <description>The Bouncy Castle Java APIs for CMS, PKCS, EAC, TSP, CMP, CRMF, OCSP, and certificate generation. This jar contains APIs for JDK 1.5 and up. The APIs can be used in conjunction with a JCE/JCA provider such as the one provided with the Bouncy Castle Cryptography APIs.</description>
+  <version>1.78</version>
+  <description>The Bouncy Castle Java APIs for CMS, PKCS, EAC, TSP, CMP, CRMF, OCSP, and certificate generation. This jar contains APIs for JDK 1.8 and up. The APIs can be used in conjunction with a JCE/JCA provider such as the one provided with the Bouncy Castle Cryptography APIs.</description>
   <url>https://www.bouncycastle.org/java.html</url>
   <licenses>
     <license>
@@ -32,14 +32,14 @@
   <dependencies>
     <dependency>
       <groupId>org.bouncycastle</groupId>
-      <artifactId>bcprov-jdk15on</artifactId>
-      <version>1.70</version>
+      <artifactId>bcprov-jdk18on</artifactId>
+      <version>1.78</version>
       <type>jar</type>
     </dependency>
     <dependency>
       <groupId>org.bouncycastle</groupId>
-      <artifactId>bcutil-jdk15on</artifactId>
-      <version>1.70</version>
+      <artifactId>bcutil-jdk18on</artifactId>
+      <version>1.78</version>
       <type>jar</type>
     </dependency>
   </dependencies>
diff --git a/bcprov-jdk15on-1.70.pom b/bcprov-jdk18on-1.78.pom
similarity index 90%
rename from bcprov-jdk15on-1.70.pom
rename to bcprov-jdk18on-1.78.pom
index ea5148262ce83bcf4e3ce7d0597138bcba0872c4..66973034ed5e39a9631d0059be8baf52e252d565 100644
--- a/bcprov-jdk15on-1.70.pom
+++ b/bcprov-jdk18on-1.78.pom
@@ -2,11 +2,11 @@
 <project>
   <modelVersion>4.0.0</modelVersion>
   <groupId>org.bouncycastle</groupId>
-  <artifactId>bcprov-jdk15on</artifactId>
+  <artifactId>bcprov-jdk18on</artifactId>
   <packaging>jar</packaging>
   <name>Bouncy Castle Provider</name>
-  <version>1.70</version>
-  <description>The Bouncy Castle Crypto package is a Java implementation of cryptographic algorithms. This jar contains JCE provider and lightweight API for the Bouncy Castle Cryptography APIs for JDK 1.5 and up.</description>
+  <version>1.78</version>
+  <description>The Bouncy Castle Crypto package is a Java implementation of cryptographic algorithms. This jar contains JCE provider and lightweight API for the Bouncy Castle Cryptography APIs for JDK 1.8 and up.</description>
   <url>https://www.bouncycastle.org/java.html</url>
   <licenses>
     <license>
diff --git a/bctls-jdk15on-1.70.pom b/bctls-jdk18on-1.78.pom
similarity index 84%
rename from bctls-jdk15on-1.70.pom
rename to bctls-jdk18on-1.78.pom
index 7612c05afcb194e96208cd85f937347b04ddab52..3ff0eae74c76576a0099603a0006711f58fdf60d 100644
--- a/bctls-jdk15on-1.70.pom
+++ b/bctls-jdk18on-1.78.pom
@@ -2,10 +2,10 @@
 <project>
   <modelVersion>4.0.0</modelVersion>
   <groupId>org.bouncycastle</groupId>
-  <artifactId>bctls-jdk15on</artifactId>
+  <artifactId>bctls-jdk18on</artifactId>
   <packaging>jar</packaging>
   <name>Bouncy Castle JSSE provider and TLS/DTLS API</name>
-  <version>1.70</version>
+  <version>1.78</version>
   <description>The Bouncy Castle Java APIs for TLS and DTLS, including a provider for the JSSE.</description>
   <url>https://www.bouncycastle.org/java.html</url>
   <licenses>
@@ -32,14 +32,14 @@
   <dependencies>
     <dependency>
       <groupId>org.bouncycastle</groupId>
-      <artifactId>bcprov-jdk15on</artifactId>
-      <version>1.70</version>
+      <artifactId>bcprov-jdk18on</artifactId>
+      <version>1.78</version>
       <type>jar</type>
     </dependency>
     <dependency>
       <groupId>org.bouncycastle</groupId>
-      <artifactId>bcutil-jdk15on</artifactId>
-      <version>1.70</version>
+      <artifactId>bcutil-jdk18on</artifactId>
+      <version>1.78</version>
       <type>jar</type>
     </dependency>
   </dependencies>
diff --git a/bcutil-jdk15on-1.70.pom b/bcutil-jdk18on-1.78.pom
similarity index 85%
rename from bcutil-jdk15on-1.70.pom
rename to bcutil-jdk18on-1.78.pom
index 994c9354051d04169cb47e7f1b9472a21f1d0c9b..0afe6570d8f2c75cbb4e16e73735749dd365b48a 100644
--- a/bcutil-jdk15on-1.70.pom
+++ b/bcutil-jdk18on-1.78.pom
@@ -2,11 +2,11 @@
 <project>
   <modelVersion>4.0.0</modelVersion>
   <groupId>org.bouncycastle</groupId>
-  <artifactId>bcutil-jdk15on</artifactId>
+  <artifactId>bcutil-jdk18on</artifactId>
   <packaging>jar</packaging>
   <name>Bouncy Castle ASN.1 Extension and Utility APIs</name>
-  <version>1.70</version>
-  <description>The Bouncy Castle Java APIs for ASN.1 extension and utility APIs used to support bcpkix and bctls. This jar contains APIs for JDK 1.5 and up.</description>
+  <version>1.78</version>
+  <description>The Bouncy Castle Java APIs for ASN.1 extension and utility APIs used to support bcpkix and bctls. This jar contains APIs for JDK 1.8 and up.</description>
   <url>https://www.bouncycastle.org/java.html</url>
   <licenses>
     <license>
@@ -32,8 +32,8 @@
   <dependencies>
     <dependency>
       <groupId>org.bouncycastle</groupId>
-      <artifactId>bcprov-jdk15on</artifactId>
-      <version>1.70</version>
+      <artifactId>bcprov-jdk18on</artifactId>
+      <version>1.78</version>
       <type>jar</type>
     </dependency>
   </dependencies>
diff --git a/bouncycastle.spec b/bouncycastle.spec
index 1361381f95864a3a10a6f5c602e3561cc6a7ae8e..91d888e11c1e3f4246b4406f5e00248da3a30bf7 100644
--- a/bouncycastle.spec
+++ b/bouncycastle.spec
@@ -1,30 +1,30 @@
-%define anolis_release 2
+%define anolis_release 1
 
-%global gittag r1rv70
+%global gittag r1rv78
 %global classname org.bouncycastle.jce.provider.BouncyCastleProvider
 
 Summary:          Bouncy Castle Cryptography APIs for Java
 Name:             bouncycastle
-Version:          1.70
+Version:          1.78
 Release:          %{anolis_release}%{?dist}
 License:          MIT
 URL:              http://www.bouncycastle.org
 
-Source0:          https://github.com/bcgit/bc-java/archive/%{gittag}.tar.gz
+Source0:          https://github.com/bcgit/bc-java/archive/refs/tags/%{gittag}.tar.gz
 
 # POMs from Maven Central
-Source1:          https://repo1.maven.org/maven2/org/bouncycastle/bcprov-jdk15on/%{version}/bcprov-jdk15on-%{version}.pom
-Source2:          https://repo1.maven.org/maven2/org/bouncycastle/bcpkix-jdk15on/%{version}/bcpkix-jdk15on-%{version}.pom
-Source3:          https://repo1.maven.org/maven2/org/bouncycastle/bcpg-jdk15on/%{version}/bcpg-jdk15on-%{version}.pom
-Source4:          https://repo1.maven.org/maven2/org/bouncycastle/bcmail-jdk15on/%{version}/bcmail-jdk15on-%{version}.pom
-Source5:          https://repo1.maven.org/maven2/org/bouncycastle/bctls-jdk15on/%{version}/bctls-jdk15on-%{version}.pom
-Source6:          https://repo1.maven.org/maven2/org/bouncycastle/bcutil-jdk15on/%{version}/bcutil-jdk15on-%{version}.pom
+Source1:          https://repo1.maven.org/maven2/org/bouncycastle/bcprov-jdk18on/%{version}/bcprov-jdk18on-%{version}.pom
+Source2:          https://repo1.maven.org/maven2/org/bouncycastle/bcpkix-jdk18on/%{version}/bcpkix-jdk18on-%{version}.pom
+Source3:          https://repo1.maven.org/maven2/org/bouncycastle/bcpg-jdk18on/%{version}/bcpg-jdk18on-%{version}.pom
+Source4:          https://repo1.maven.org/maven2/org/bouncycastle/bcmail-jdk18on/%{version}/bcmail-jdk18on-%{version}.pom
+Source5:          https://repo1.maven.org/maven2/org/bouncycastle/bctls-jdk18on/%{version}/bctls-jdk18on-%{version}.pom
+Source6:          https://repo1.maven.org/maven2/org/bouncycastle/bcutil-jdk18on/%{version}/bcutil-jdk18on-%{version}.pom
 
 # Script to fetch POMs from Maven Central
 Source7:          get-poms.sh
 
 # Backport fix for regression in bouncycastle 1.70
-Patch0:           0001-added-back-support-for-subject-key-identifier-check-.patch
+#Patch0:           0001-added-back-support-for-subject-key-identifier-check-.patch
 
 BuildArch:        noarch
 ExclusiveArch:  %{java_arches} noarch
@@ -94,7 +94,7 @@ API documentation for the Bouncy Castle Cryptography APIs.
 
 %prep
 %setup -q -n bc-java-%{gittag}
-%patch0 -p1
+#%%patch0 -p1
 
 # Remove bundled binary libs
 find . -type f -name "*.class" -exec rm -f {} \;
@@ -105,11 +105,11 @@ sed -i -e '/<javadoc/aadditionalparam="-Xdoclint:none" encoding="UTF-8" source="
        -e '/<javac/aencoding="UTF-8"' ant/bc+-build.xml
 
 # Mail and Activation do not yet provide jakarta packages, so don't build jmail module
-sed -i -e '/target="build-jmail"/d' ant/jdk15+.xml
+sed -i -e '/target="build-jmail"/d' ant/jdk18+.xml
 
 # Not shipping lw/lcrypto (lightweight crypto) jar
-sed -i -e '/target="build-lw"/d' ant/jdk15+.xml
-sed -i -e '/target="javadoc-lw"/d' ant/jdk15+.xml
+sed -i -e '/target="build-lw"/d' ant/jdk18+.xml
+sed -i -e '/target="javadoc-lw"/d' ant/jdk18+.xml
 
 cp -p %{SOURCE1} bcprov.pom
 cp -p %{SOURCE2} bcpkix.pom
@@ -119,7 +119,7 @@ cp -p %{SOURCE5} bctls.pom
 cp -p %{SOURCE6} bcutil.pom
 
 %build
-ant -f ant/jdk15+.xml \
+ant -f ant/jdk18+.xml \
   -Djunit.jar.home=$(build-classpath junit) \
   -Dmail.jar.home=$(build-classpath jakarta-mail/jakarta.mail) \
   -Dactivation.jar.home=$(build-classpath jakarta-activation/jakarta.activation) \
@@ -133,12 +133,12 @@ EOF
 
 for bc in bcprov bcutil bcpkix bcpg bcmail bctls ; do
   # Make into OSGi bundle
-  bnd wrap -b $bc -v %{version} -p bnd.bnd -o $bc.jar build/artifacts/jdk1.5/jars/$bc-jdk15on-*.jar
+  bnd wrap -b $bc -v %{version} -p bnd.bnd -o $bc.jar build/artifacts/jdk1.8/jars/$bc-jdk18on-*.jar
 
   # Request Maven installation
-  %mvn_file ":$bc-jdk15on" $bc
-  %mvn_package ":$bc-jdk15on" $bc
-  %mvn_alias ":$bc-jdk15on" "org.bouncycastle:$bc-jdk16" "org.bouncycastle:$bc-jdk15"
+  %mvn_file ":$bc-jdk18on" $bc
+  %mvn_package ":$bc-jdk18on" $bc
+  %mvn_alias ":$bc-jdk18on" "org.bouncycastle:$bc-jdk16" "org.bouncycastle:$bc-jdk15"
   %mvn_artifact $bc.pom $bc.jar
 done
 
@@ -146,7 +146,7 @@ done
 install -dm 755 $RPM_BUILD_ROOT%{_sysconfdir}/java/security/security.d
 touch $RPM_BUILD_ROOT%{_sysconfdir}/java/security/security.d/2000-%{classname}
 
-%mvn_install -J build/artifacts/jdk1.5/javadoc
+%mvn_install -J build/artifacts/jdk1.8/javadoc
 
 %post
 {
@@ -197,29 +197,36 @@ if [ "$1" -eq 0 ] ; then
 fi
 
 %files -f .mfiles-bcprov
-%license build/artifacts/jdk1.5/bcprov-jdk15on-*/LICENSE.html
+%license build/artifacts/jdk1.8/bcprov-jdk18on-*/LICENSE.html
 %doc docs/ *.html
 %{_sysconfdir}/java/security/security.d/2000-%{classname}
 
 %files pkix -f .mfiles-bcpkix
-%license build/artifacts/jdk1.5/bcpkix-jdk15on-*/LICENSE.html
+%license build/artifacts/jdk1.8/bcpkix-jdk18on-*/LICENSE.html
 
 %files pg -f .mfiles-bcpg
-%license build/artifacts/jdk1.5/bcpg-jdk15on-*/LICENSE.html
+%license build/artifacts/jdk1.8/bcpg-jdk18on-*/LICENSE.html
 
 %files mail -f .mfiles-bcmail
-%license build/artifacts/jdk1.5/bcmail-jdk15on-*/LICENSE.html
+%license build/artifacts/jdk1.8/bcmail-jdk18on-*/LICENSE.html
 
 %files tls -f .mfiles-bctls
-%license build/artifacts/jdk1.5/bctls-jdk15on-*/LICENSE.html
+%license build/artifacts/jdk1.8/bctls-jdk18on-*/LICENSE.html
 
 %files util -f .mfiles-bcutil
-%license build/artifacts/jdk1.5/bcutil-jdk15on-*/LICENSE.html
+%license build/artifacts/jdk1.8/bcutil-jdk18on-*/LICENSE.html
 
 %files javadoc -f .mfiles-javadoc
 %license LICENSE.html
 
 %changelog
+* Thu Aug 01 2024 Kaiqiang Wang <wangkaiqiang@inspur.com> - 1.78-1
+- update to 1.78
+- fix CVE-2024-2955
+
+* Fri Jun 14 2024 mgb01105731 <mgb01105731@alibaba-inc.com> - 1.73-1
+- update to 1.73
+
 * Wed Dec 27 2023 mgb01105731 <mgb01105731@alibaba-inc.com> - 1.70-2
 - rebuild
 
diff --git a/download b/download
deleted file mode 100644
index 0755c20b8499d7f4ad83977ddb70147942448783..0000000000000000000000000000000000000000
--- a/download
+++ /dev/null
@@ -1 +0,0 @@
-dfb9fe299291ebad193e37cbc8d0eef9  r1rv70.tar.gz
diff --git a/r1rv78.tar.gz b/r1rv78.tar.gz
new file mode 100644
index 0000000000000000000000000000000000000000..90e6f1794f3a986ee797b685f5a1b6e3f2714ac2
Binary files /dev/null and b/r1rv78.tar.gz differ