In addition to that, Bouncy Castle has lots of utilities for reading arcane formats like PEM and ASN.1 that no sane person would want to rewrite themselves.

In Pulsar, security and crypto have dependencies on BouncyCastle Jars. For the detailed installing and configuring Bouncy Castle FIPS, see , especially the User Guides and Security Policy PDFs.

Bouncy Castle provides both FIPS and non-FIPS version. But in a JVM, you can not include both of the 2 versions, and you need to exclude the current version before include the other.

In Pulsar, the security and crypto methods also depends on Bouncy Castle, especially in and Transport Encryption. This document contains the configuration between BouncyCastle FIPS(BC-FIPS) and non-FIPS(BC-non-FIPS) version while using Pulsar.

Pulsar module bouncy-castle-bc, which defined by bouncy-castle/bc/pom.xml contains the needed non-FIPS jars for Pulsar.

And based on Pulsar module , Pulsar shades a fat jar in module bouncy-castle-bc-shaded that contains needed classes of BouncyCastle non-FIPS jars. By using this bouncy-castle-bc-shaded module, user can easily include and exclude BouncyCastle non-FIPS jars.

Pulsar Client(pulsar-client-original) module include BouncyCastle non-FIPS jars by add dependency like this:

And Pulsar Broker (pulsar-broker) module include BouncyCastle non-FIPS jars by indirectly include Pulsar Client(pulsar-client-original) module.

BC-FIPS

Pulsar module , which defined by bouncy-castle/bcfips/pom.xml contains the needed FIPS jars for Pulsar.

User can choose include module bouncy-castle-bcfips module directly, or include original BC-FIPS jars.

例如:

Besides this, module bouncy-castle-bcfips builds contain an output with format NAR, you can set java environment by -DBcPath='nar/file/path', Pulsar will auto load it.