Issue: 26568 - bcfips version bump and fixes

* bump BCFIPS to 1.0.2.5
               * fix bc-fips related test error
               * remove unused imports

               Closes: #26568

Signed-off-by: Andre F de M <trixpan@users.noreply.github.com>

.github/scripts/run-fips-ut.sh

@@ -6,7 +6,6 @@ fips-mode-setup --is-enabled
 if [ $? -ne 0 ]; then
   exit 1
 fi
-echo "fips.provider.7=XMLDSig" >>/etc/alternatives/java_sdk_21/conf/security/java.security
 export JAVA_HOME=/etc/alternatives/java_sdk_21
 
 # Build all dependent modules
@@ -16,4 +15,11 @@ export JAVA_HOME=/etc/alternatives/java_sdk_21
 if [ $? -ne 0 ]; then
   exit 1
 fi
-./mvnw test -nsu -B -pl crypto/default,crypto/fips1402 -Dcom.redhat.fips=true -Dorg.bouncycastle.fips.approved_only=true
+
+# NOTE the use of  "org.bouncycastle.rsa.allow_pkcs15_enc" as per BCFIPS release notes:
+#
+# End of 2023 transition for RSA PKCS1.5 encryption. The provider blocks RSA with PKCS1.5 encryption.
+# The following property can be used to override the default behavior:
+# org.bouncycastle.rsa.allow_pkcs15_enc (allow use of PKCS1.5)
+# This is required by crypto/fips1402/src/test/java/org/keycloak/crypto/fips/test/FIPS1402JWETest.java
+./mvnw test -nsu -B -pl crypto/default,crypto/fips1402 -Dcom.redhat.fips=true -Dorg.bouncycastle.fips.approved_only=true -Dorg.bouncycastle.rsa.allow_pkcs15_enc=true