Address comments 3

KostasTsiounis · Nov 1, 2024 · 6ed541a · 6ed541a
1 parent 18b03c9
commit 6ed541a
Show file tree

Hide file tree

Showing 2 changed files with 16 additions and 11 deletions.
diff --git a/closed/src/java.base/share/classes/jdk/crypto/jniprovider/NativeCrypto.java b/closed/src/java.base/share/classes/jdk/crypto/jniprovider/NativeCrypto.java
@@ -71,8 +71,6 @@ public class NativeCrypto {
     private static final boolean traceEnabled = Boolean.parseBoolean(
             GetPropertyAction.privilegedGetProperty("jdk.nativeCryptoTrace", "false"));
 
-    private static final Set<String> disallowedAlgosFIPS = Set.of("ChaCha20", "MD5");
-
     private static final class InstanceHolder {
         private static final NativeCrypto instance = new NativeCrypto();
     }
@@ -204,16 +202,23 @@ public static final boolean isAlgorithmAvailable(String algorithm) {
         boolean isAlgorithmAvailable = false;
         if (isAllowedAndLoaded()) {
             if (isOpenSSLFIPSVersion()) {
-                if (disallowedAlgosFIPS.contains(algorithm)) {
-                    isAlgorithmAvailable = false;
+                switch (algorithm) {
+                case "ChaCha20":
+                case "MD5":
+                    // not available
+                    break;
+                default:
+                    isAlgorithmAvailable = true;
+                    break;
                 }
             } else {
                 switch (algorithm) {
-                    case "MD5":
-                        isAlgorithmAvailable = isMD5Available();
-                        break;
-                    default:
-                        isAlgorithmAvailable = true;
+                case "MD5":
+                    isAlgorithmAvailable = isMD5Available();
+                    break;
+                default:
+                    isAlgorithmAvailable = true;
+                    break;
                 }
             }
         }

diff --git a/closed/src/java.base/share/native/libjncrypto/NativeCrypto.c b/closed/src/java.base/share/native/libjncrypto/NativeCrypto.c
@@ -458,15 +458,15 @@ JNIEXPORT jlong JNICALL Java_jdk_crypto_jniprovider_NativeCrypto_loadCrypto
     /* Check whether the loaded OpenSSL library is in FIPS mode. */
     if (ossl_ver >= OPENSSL_VERSION_3_0_0) {
         typedef int OSSL_fipsmode_t(OSSL_LIB_CTX *);
-        OSSL_fipsmode_t* ossl_fipsmode = (OSSL_fipsmode_t*)find_crypto_symbol(crypto_library, "EVP_default_properties_is_fips_enabled");
+        OSSL_fipsmode_t *ossl_fipsmode = (OSSL_fipsmode_t *)find_crypto_symbol(crypto_library, "EVP_default_properties_is_fips_enabled");
         if ((NULL != ossl_fipsmode) && (1 == (*ossl_fipsmode)(NULL))) {
             OSSL_IS_FIPS = JNI_TRUE;
         } else {
             OSSL_IS_FIPS = JNI_FALSE;
         }
     } else {
         typedef int OSSL_fipsmode_t(void);
-        OSSL_fipsmode_t* ossl_fipsmode = (OSSL_fipsmode_t*)find_crypto_symbol(crypto_library, "FIPS_mode");
+        OSSL_fipsmode_t *ossl_fipsmode = (OSSL_fipsmode_t *)find_crypto_symbol(crypto_library, "FIPS_mode");
         if ((NULL != ossl_fipsmode) && (1 == (*ossl_fipsmode)())) {
             OSSL_IS_FIPS = JNI_TRUE;
         } else {