Security Issue: switch to jdk18on bouncycastle jars because of CVEs in unmaintained jdk15on jars

[pjfanning]

Bouncycastle no longer release jdk15on jars. Best to switch to the jdk18on ones.
This is a critical security library and the old jdk15on jars have multiple security bugs (CVEs).

• https://mvnrepository.com/artifact/org.bouncycastle/bcprov-jdk15on
• https://mvnrepository.com/artifact/org.bouncycastle/bcprov-jdk18on

The switchover is usually very easy. Same classes, just compiled with Java 8.

[github-actions]

We're closing this issue because it hasn't been updated in a while.
If you'd like to revive this issue, please reopen it and feel free a maintainer to remove the Stale tag!