1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28 package org.apache.hc.client5.http.ssl;
29
30 import java.lang.reflect.InvocationTargetException;
31 import java.lang.reflect.Method;
32
33 import javax.net.ssl.HostnameVerifier;
34 import javax.net.ssl.SSLContext;
35 import javax.net.ssl.SSLEngine;
36 import javax.net.ssl.SSLParameters;
37
38 import org.apache.hc.core5.annotation.Contract;
39 import org.apache.hc.core5.annotation.ThreadingBehavior;
40 import org.apache.hc.core5.http.nio.ssl.TlsStrategy;
41 import org.apache.hc.core5.reactor.ssl.SSLBufferMode;
42 import org.apache.hc.core5.reactor.ssl.TlsDetails;
43 import org.apache.hc.core5.ssl.SSLContexts;
44 import org.conscrypt.Conscrypt;
45
46
47
48
49
50
51 @Contract(threading = ThreadingBehavior.STATELESS)
52 public class ConscryptClientTlsStrategy extends AbstractClientTlsStrategy {
53
54 public static TlsStrategy getDefault() {
55 return new ConscryptClientTlsStrategy(
56 SSLContexts.createDefault(),
57 HttpsSupport.getDefaultHostnameVerifier());
58 }
59
60 public static TlsStrategy getSystemDefault() {
61 return new ConscryptClientTlsStrategy(
62 SSLContexts.createSystemDefault(),
63 HttpsSupport.getSystemProtocols(),
64 HttpsSupport.getSystemCipherSuits(),
65 SSLBufferMode.STATIC,
66 HttpsSupport.getDefaultHostnameVerifier());
67 }
68
69 public ConscryptClientTlsStrategy(
70 final SSLContext sslContext,
71 final String[] supportedProtocols,
72 final String[] supportedCipherSuites,
73 final SSLBufferMode sslBufferManagement,
74 final HostnameVerifier hostnameVerifier) {
75 super(sslContext, supportedProtocols, supportedCipherSuites, sslBufferManagement, hostnameVerifier);
76 }
77
78 public ConscryptClientTlsStrategy(
79 final SSLContext sslContext,
80 final HostnameVerifier hostnameVerifier) {
81 this(sslContext, null, null, SSLBufferMode.STATIC, hostnameVerifier);
82 }
83
84 public ConscryptClientTlsStrategy(final SSLContext sslContext) {
85 this(sslContext, HttpsSupport.getDefaultHostnameVerifier());
86 }
87
88 @Override
89 void applyParameters(final SSLEngine sslEngine, final SSLParameters sslParameters, final String[] appProtocols) {
90 if (Conscrypt.isConscrypt(sslEngine)) {
91 sslEngine.setSSLParameters(sslParameters);
92 Conscrypt.setApplicationProtocols(sslEngine, appProtocols);
93 } else {
94 sslParameters.setApplicationProtocols(appProtocols);
95 sslEngine.setSSLParameters(sslParameters);
96 }
97 }
98
99 @Override
100 TlsDetails createTlsDetails(final SSLEngine sslEngine) {
101 if (Conscrypt.isConscrypt(sslEngine)) {
102 return new TlsDetails(sslEngine.getSession(), Conscrypt.getApplicationProtocol(sslEngine));
103 }
104 return null;
105 }
106
107 public static boolean isSupported() {
108 try {
109 final Class<?> clazz = Class.forName("org.conscrypt.Conscrypt");
110 final Method method = clazz.getMethod("isAvailable");
111 return ((Boolean) method.invoke(null)).booleanValue();
112 } catch (final ClassNotFoundException | NoSuchMethodException | IllegalAccessException | InvocationTargetException e) {
113 return false;
114 }
115 }
116
117 }