-
-
Save bbrowning/759c7feff7f3d1d0d950b65bb12e10ed to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
diff --git a/src/main/java/org/jruby/ext/openssl/SecurityHelper.java b/src/main/java/org/jruby/ext/openssl/SecurityHelper.java | |
index 302ae10..8825f08 100644 | |
--- a/src/main/java/org/jruby/ext/openssl/SecurityHelper.java | |
+++ b/src/main/java/org/jruby/ext/openssl/SecurityHelper.java | |
@@ -99,6 +99,7 @@ import org.bouncycastle.operator.bc.BcRSAContentVerifierProviderBuilder; | |
public abstract class SecurityHelper { | |
private static String BC_PROVIDER_CLASS = "org.bouncycastle.jce.provider.BouncyCastleProvider"; | |
+ private static String BC_PROVIDER_NAME = "BC"; | |
static boolean setBouncyCastleProvider = true; // (package access for tests) | |
static Provider securityProvider; // 'BC' provider (package access for tests) | |
private static volatile Boolean registerProvider = null; | |
@@ -198,7 +199,21 @@ public abstract class SecurityHelper { | |
static CertificateFactory getCertificateFactory(final String type, final Provider provider) | |
throws CertificateException { | |
- final CertificateFactorySpi spi = (CertificateFactorySpi) getImplEngine("CertificateFactory", type); | |
+ final CertificateFactorySpi spi; | |
+ boolean addedBC = false; | |
+ synchronized(SecurityHelper.class) { | |
+ try { | |
+ if (provider.getName().equals(BC_PROVIDER_NAME) && Security.getProvider(BC_PROVIDER_NAME) == null) { | |
+ Security.addProvider(provider); | |
+ addedBC = true; | |
+ } | |
+ spi = (CertificateFactorySpi) getImplEngine("CertificateFactory", type); | |
+ } finally { | |
+ if (addedBC) { | |
+ Security.removeProvider(BC_PROVIDER_NAME); | |
+ } | |
+ } | |
+ } | |
if ( spi == null ) throw new CertificateException(type + " not found"); | |
return newInstance(CertificateFactory.class, | |
new Class[]{ CertificateFactorySpi.class, Provider.class, String.class }, |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment