1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28 package org.apache.hc.client5.http.ssl;
29
30 import java.lang.reflect.InvocationTargetException;
31 import java.lang.reflect.Method;
32
33 import javax.net.ssl.HostnameVerifier;
34 import javax.net.ssl.SSLContext;
35 import javax.net.ssl.SSLEngine;
36 import javax.net.ssl.SSLParameters;
37
38 import org.apache.hc.core5.annotation.Contract;
39 import org.apache.hc.core5.annotation.ThreadingBehavior;
40 import org.apache.hc.core5.http.nio.ssl.TlsStrategy;
41 import org.apache.hc.core5.reactor.ssl.SSLBufferMode;
42 import org.apache.hc.core5.reactor.ssl.TlsDetails;
43 import org.apache.hc.core5.ssl.SSLContexts;
44 import org.conscrypt.Conscrypt;
45
46
47
48
49
50
51 @Contract(threading = ThreadingBehavior.STATELESS)
52 public class ConscryptClientTlsStrategy extends AbstractClientTlsStrategy {
53
54 public static TlsStrategy getDefault() {
55 return new ConscryptClientTlsStrategy(
56 SSLContexts.createDefault(),
57 HostnameVerificationPolicy.BOTH,
58 HttpsSupport.getDefaultHostnameVerifier());
59 }
60
61 public static TlsStrategy getSystemDefault() {
62 return new ConscryptClientTlsStrategy(
63 SSLContexts.createSystemDefault(),
64 HttpsSupport.getSystemProtocols(),
65 HttpsSupport.getSystemCipherSuits(),
66 SSLBufferMode.STATIC,
67 HostnameVerificationPolicy.BOTH,
68 HttpsSupport.getDefaultHostnameVerifier());
69 }
70
71 public ConscryptClientTlsStrategy(
72 final SSLContext sslContext,
73 final String[] supportedProtocols,
74 final String[] supportedCipherSuites,
75 final SSLBufferMode sslBufferManagement,
76 final HostnameVerifier hostnameVerifier) {
77 this(sslContext, supportedProtocols, supportedCipherSuites, sslBufferManagement, HostnameVerificationPolicy.CLIENT, hostnameVerifier);
78 }
79
80
81
82
83 public ConscryptClientTlsStrategy(
84 final SSLContext sslContext,
85 final String[] supportedProtocols,
86 final String[] supportedCipherSuites,
87 final SSLBufferMode sslBufferManagement,
88 final HostnameVerificationPolicy hostnameVerificationPolicy,
89 final HostnameVerifier hostnameVerifier) {
90 super(sslContext, supportedProtocols, supportedCipherSuites, sslBufferManagement, hostnameVerificationPolicy, hostnameVerifier);
91 }
92
93 public ConscryptClientTlsStrategy(
94 final SSLContext sslContext,
95 final HostnameVerifier hostnameVerifier) {
96 this(sslContext, null, null, SSLBufferMode.STATIC, hostnameVerifier);
97 }
98
99
100
101
102 public ConscryptClientTlsStrategy(
103 final SSLContext sslContext,
104 final HostnameVerificationPolicy hostnameVerificationPolicy,
105 final HostnameVerifier hostnameVerifier) {
106 this(sslContext, null, null, SSLBufferMode.STATIC, hostnameVerificationPolicy, hostnameVerifier);
107 }
108
109 public ConscryptClientTlsStrategy(final SSLContext sslContext) {
110 this(sslContext, HttpsSupport.getDefaultHostnameVerifier());
111 }
112
113 @Override
114 void applyParameters(final SSLEngine sslEngine, final SSLParameters sslParameters, final String[] appProtocols) {
115 if (Conscrypt.isConscrypt(sslEngine)) {
116 sslEngine.setSSLParameters(sslParameters);
117 Conscrypt.setApplicationProtocols(sslEngine, appProtocols);
118 } else {
119 sslParameters.setApplicationProtocols(appProtocols);
120 sslEngine.setSSLParameters(sslParameters);
121 }
122 }
123
124 @Override
125 TlsDetails createTlsDetails(final SSLEngine sslEngine) {
126 if (Conscrypt.isConscrypt(sslEngine)) {
127 return new TlsDetails(sslEngine.getSession(), Conscrypt.getApplicationProtocol(sslEngine));
128 }
129 return null;
130 }
131
132 public static boolean isSupported() {
133 try {
134 final Class<?> clazz = Class.forName("org.conscrypt.Conscrypt");
135 final Method method = clazz.getMethod("isAvailable");
136 return ((Boolean) method.invoke(null)).booleanValue();
137 } catch (final ClassNotFoundException | NoSuchMethodException | IllegalAccessException | InvocationTargetException e) {
138 return false;
139 }
140 }
141
142 }