@@ -32,7 +32,8 @@ public class BouncyCastleJsseProvider
3232 private final Map <String , BcJsseService > serviceMap = new ConcurrentHashMap <String , BcJsseService >();
3333 private final Map <String , EngineCreator > creatorMap = new HashMap <String , EngineCreator >();
3434
35- private final boolean isInFipsMode ;
35+ private final boolean configFipsMode ;
36+ private final JcaTlsCryptoProvider configCryptoProvider ;
3637
3738 public BouncyCastleJsseProvider ()
3839 {
@@ -43,7 +44,10 @@ public BouncyCastleJsseProvider(boolean fipsMode)
4344 {
4445 super (PROVIDER_NAME , PROVIDER_VERSION , PROVIDER_INFO );
4546
46- this .isInFipsMode = configure (fipsMode , new JcaTlsCryptoProvider ());
47+ this .configFipsMode = fipsMode ;
48+ this .configCryptoProvider = new JcaTlsCryptoProvider ();
49+
50+ configure ();
4751 }
4852
4953 public BouncyCastleJsseProvider (Provider provider )
@@ -55,7 +59,10 @@ public BouncyCastleJsseProvider(boolean fipsMode, Provider provider)
5559 {
5660 super (PROVIDER_NAME , PROVIDER_VERSION , PROVIDER_INFO );
5761
58- this .isInFipsMode = configure (fipsMode , new JcaTlsCryptoProvider ().setProvider (provider ));
62+ this .configFipsMode = fipsMode ;
63+ this .configCryptoProvider = new JcaTlsCryptoProvider ().setProvider (provider );
64+
65+ configure ();
5966 }
6067
6168 public BouncyCastleJsseProvider (String config )
@@ -87,14 +94,20 @@ public BouncyCastleJsseProvider(String config)
8794 throw new IllegalArgumentException ("unable to set up JcaTlsCryptoProvider: " + e .getMessage (), e );
8895 }
8996
90- this .isInFipsMode = configure (fipsMode , cryptoProvider );
97+ this .configFipsMode = fipsMode ;
98+ this .configCryptoProvider = cryptoProvider ;
99+
100+ configure ();
91101 }
92102
93- public BouncyCastleJsseProvider (boolean fipsMode , JcaTlsCryptoProvider tlsCryptoProvider )
103+ public BouncyCastleJsseProvider (boolean fipsMode , JcaTlsCryptoProvider cryptoProvider )
94104 {
95105 super (PROVIDER_NAME , PROVIDER_VERSION , PROVIDER_INFO );
96106
97- this .isInFipsMode = configure (fipsMode , tlsCryptoProvider );
107+ this .configFipsMode = fipsMode ;
108+ this .configCryptoProvider = cryptoProvider ;
109+
110+ configure ();
98111 }
99112
100113 // for Java 11
@@ -150,8 +163,11 @@ private JcaTlsCryptoProvider createCryptoProvider(String cryptoName)
150163 }
151164 }
152165
153- private boolean configure (final boolean fipsMode , final JcaTlsCryptoProvider cryptoProvider )
166+ private void configure ()
154167 {
168+ final boolean fipsMode = configFipsMode ;
169+ final JcaTlsCryptoProvider cryptoProvider = configCryptoProvider ;
170+
155171 // TODO[jsse]: should X.509 be an alias.
156172 addAlgorithmImplementation ("KeyManagerFactory.X.509" , "org.bouncycastle.jsse.provider.KeyManagerFactory" , new EngineCreator ()
157173 {
@@ -225,8 +241,6 @@ public Object createInstance(Object constructorParameter) throws GeneralSecurity
225241 });
226242 addAlias ("Alg.Alias.SSLContext.SSL" , "TLS" );
227243 addAlias ("Alg.Alias.SSLContext.SSLV3" , "TLSV1" );
228-
229- return fipsMode ;
230244 }
231245
232246 void addAttribute (String key , String attributeName , String attributeValue )
@@ -372,7 +386,7 @@ private static List<String> specifyClientProtocols(String... protocols)
372386
373387 public boolean isFipsMode ()
374388 {
375- return isInFipsMode ;
389+ return configFipsMode ;
376390 }
377391
378392 private static class BcJsseService
0 commit comments