opensearch-project
diff --git a/‎distribution/tools/plugin-cli/build.gradle
+1 b/‎distribution/tools/plugin-cli/build.gradle
+1
diff --git a/‎server/licenses/bc-fips-2.0.0.jar.sha1 ‎distribution/tools/plugin-cli/licenses/bc-fips-2.0.0.jar.sha1 b/‎server/licenses/bc-fips-2.0.0.jar.sha1 ‎distribution/tools/plugin-cli/licenses/bc-fips-2.0.0.jar.sha1
diff --git a/‎distribution/tools/plugin-cli/src/main/java/org/opensearch/tools/cli/plugin/InstallPluginCommand.java
+1-2 b/‎distribution/tools/plugin-cli/src/main/java/org/opensearch/tools/cli/plugin/InstallPluginCommand.java
+1-2
diff --git a/‎distribution/tools/plugin-cli/src/test/java/org/opensearch/tools/cli/plugin/InstallPluginCommandTests.java
+1-2 b/‎distribution/tools/plugin-cli/src/test/java/org/opensearch/tools/cli/plugin/InstallPluginCommandTests.java
+1-2
diff --git a/‎gradle/fips.gradle
+2-2 b/‎gradle/fips.gradle
+2-2
diff --git a/‎server/build.gradle
-9 b/‎server/build.gradle
-9
diff --git a/‎server/licenses/bctls-fips-2.0.19.jar.sha1
-1 b/‎server/licenses/bctls-fips-2.0.19.jar.sha1
-1
diff --git a/‎server/licenses/bcutil-fips-2.0.3.jar.sha1
-1 b/‎server/licenses/bcutil-fips-2.0.3.jar.sha1
-1
diff --git a/‎server/licenses/bouncycastle-LICENSE.txt
-14 b/‎server/licenses/bouncycastle-LICENSE.txt
-14
diff --git a/‎server/licenses/bouncycastle-NOTICE.txt
-1 b/‎server/licenses/bouncycastle-NOTICE.txt
-1
@@ -37,6 +37,7 @@ base {
 dependencies {
   compileOnly project(":server")
   compileOnly project(":libs:opensearch-cli")
+  api "org.bouncycastle:bc-fips:${versions.bouncycastle_jce}"
   api "org.bouncycastle:bcpg-fips:${versions.bouncycastle_pg}"
   testImplementation(project(":test:framework"))
   testImplementation 'com.google.jimfs:jimfs:1.3.0'
 
@@ -40,7 +40,6 @@
 import org.apache.lucene.util.CollectionUtil;
 import org.apache.lucene.util.Constants;
 import org.bouncycastle.bcpg.ArmoredInputStream;
-import org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider;
 import org.bouncycastle.openpgp.PGPException;
 import org.bouncycastle.openpgp.PGPPublicKey;
 import org.bouncycastle.openpgp.PGPPublicKeyRingCollection;
@@ -633,7 +632,7 @@ void verifySignature(final Path zip, final String urlString) throws IOException,
             // compute the signature of the downloaded plugin zip
             final PGPPublicKeyRingCollection collection = new PGPPublicKeyRingCollection(ain, new JcaKeyFingerprintCalculator());
             final PGPPublicKey key = collection.getPublicKey(signature.getKeyID());
-            signature.init(new JcaPGPContentVerifierBuilderProvider().setProvider(new BouncyCastleFipsProvider()), key);
+            signature.init(new JcaPGPContentVerifierBuilderProvider().setProvider("BCFIPS"), key);
             final byte[] buffer = new byte[1024];
             int read;
             while ((read = fin.read(buffer)) != -1) {
 
@@ -40,7 +40,6 @@
 import org.bouncycastle.bcpg.ArmoredOutputStream;
 import org.bouncycastle.bcpg.BCPGOutputStream;
 import org.bouncycastle.bcpg.HashAlgorithmTags;
-import org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider;
 import org.bouncycastle.openpgp.PGPEncryptedData;
 import org.bouncycastle.openpgp.PGPException;
 import org.bouncycastle.openpgp.PGPKeyPair;
@@ -1362,7 +1361,7 @@ public PGPSecretKey newSecretKey() throws NoSuchAlgorithmException, NoSuchProvid
             null,
             null,
             new JcaPGPContentSignerBuilder(pkp.getPublicKey().getAlgorithm(), HashAlgorithmTags.SHA256),
-            new JcePBESecretKeyEncryptorBuilder(PGPEncryptedData.AES_192, sha1Calc).setProvider(new BouncyCastleFipsProvider())
+            new JcePBESecretKeyEncryptorBuilder(PGPEncryptedData.AES_192, sha1Calc).setProvider("BCFIPS")
                 .build("passphrase".toCharArray())
         );
     }
 
@@ -36,8 +36,8 @@ if (BuildParams.inFipsJvm) {
       fipsPolicy = new File(fipsResourcesDir, "fips_java_bcjsse_11.policy")
     }
     File fipsTrustStore = new File(fipsResourcesDir, 'cacerts.bcfks')
-    def bcFips = dependencies.create('org.bouncycastle:bc-fips:2.0.0')
-    def bcTlsFips = dependencies.create('org.bouncycastle:bctls-fips:2.0.19')
+    def bcFips = dependencies.create('org.bouncycastle:bc-fips:1.0.2.1')
+    def bcTlsFips = dependencies.create('org.bouncycastle:bctls-fips:1.0.12.2')
 
     pluginManager.withPlugin('java') {
       TaskProvider<ExportOpenSearchBuildResourcesTask> fipsResourcesTask = project.tasks.register('fipsResources', ExportOpenSearchBuildResourcesTask)
 
@@ -115,11 +115,6 @@ dependencies {
   // https://mvnrepository.com/artifact/org.roaringbitmap/RoaringBitmap
   api libs.roaringbitmap
 
-  // BC security provider
-  api libs.bcjce
-  api libs.bctls
-  api libs.bcutil
-
   testImplementation 'org.awaitility:awaitility:4.3.0'
   testImplementation(project(":test:framework")) {
     // tests use the locally compiled version of server
@@ -169,10 +164,6 @@ tasks.named("testingConventions").configure {
     }
 }
 
-tasks.named("dependencyLicenses").configure {
-    mapping from: /bc.*/, to: 'bouncycastle'
-}
-
 // Set to current version by default
 def japicmpCompareTarget = System.getProperty("japicmp.compare.version")
 if (japicmpCompareTarget == null) { /* use latest released version */