public void registerBouncyCastleProvider()

in extensions-support/bouncycastle/runtime/src/main/java/org/apache/camel/quarkus/support/bouncycastle/BouncyCastleRecorder.java [36:83]

• 41 lines of code
• 7 McCabe index (conditional complexity)

    public void registerBouncyCastleProvider(List<String> cipherTransformations, ShutdownContext shutdownContext) {
        Provider provider = Security.getProvider(SecurityProviderUtils.BOUNCYCASTLE_PROVIDER_NAME);
        if (provider == null) {
            provider = Security.getProvider(SecurityProviderUtils.BOUNCYCASTLE_FIPS_PROVIDER_NAME);
        }
        if (provider == null) {
            // TODO: Fix BuildStep execution order so that this is not required
            // https://github.com/apache/camel-quarkus/issues/3472
            try {
                provider = (Provider) Thread.currentThread().getContextClassLoader()
                        .loadClass(SecurityProviderUtils.BOUNCYCASTLE_PROVIDER_CLASS_NAME).getConstructor().newInstance();
                Security.addProvider(provider);
            } catch (ClassNotFoundException | InvocationTargetException | InstantiationException | IllegalAccessException
                    | NoSuchMethodException e) {
                try {
                    //try to load BCFIPS
                    provider = (Provider) Thread.currentThread().getContextClassLoader()
                            .loadClass(SecurityProviderUtils.BOUNCYCASTLE_FIPS_PROVIDER_CLASS_NAME).getConstructor()
                            .newInstance();
                    Security.addProvider(provider);
                } catch (ClassNotFoundException | InvocationTargetException | InstantiationException | IllegalAccessException
                        | NoSuchMethodException e2) {
                    throw new RuntimeException("Neither BC nor BCFIPS provider can be registered. \nBC: " + e.getMessage()
                            + "\nBCFIPS " + e2.getMessage());
                }
            }
        }

        // Make it explicit to the static analysis that below security services should be registered as they are reachable at runtime
        for (String cipherTransformation : cipherTransformations) {
            try {
                LOG.debugf(
                        "Making it explicit to the static analysis that a Cipher with transformation %s could be used at runtime",
                        cipherTransformation);
                Cipher.getInstance(cipherTransformation, provider);
            } catch (Exception e) {
                // The cipher algorithm or padding is not present at runtime, a runtime error will be reported as usual
            }
        }

        shutdownContext.addShutdownTask(new Runnable() {
            @Override
            public void run() {
                Security.removeProvider(SecurityProviderUtils.BOUNCYCASTLE_PROVIDER_NAME);
                LOG.debug("Removed Bouncy Castle security provider");
            }
        });
    }