1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28 package org.apache.hc.core5.http2.ssl;
29
30 import java.net.SocketAddress;
31
32 import javax.net.ssl.SSLContext;
33
34 import org.apache.hc.core5.http.HttpHost;
35 import org.apache.hc.core5.http.URIScheme;
36 import org.apache.hc.core5.http.nio.ssl.TlsStrategy;
37 import org.apache.hc.core5.reactor.ssl.SSLBufferMode;
38 import org.apache.hc.core5.reactor.ssl.SSLSessionInitializer;
39 import org.apache.hc.core5.reactor.ssl.SSLSessionVerifier;
40 import org.apache.hc.core5.reactor.ssl.TransportSecurityLayer;
41 import org.apache.hc.core5.util.Args;
42 import org.apache.hc.core5.util.Timeout;
43
44
45
46
47
48
49
50 public class ConscryptClientTlsStrategy implements TlsStrategy {
51
52 private final SSLContext sslContext;
53 private final SSLBufferMode sslBufferMode;
54 private final SSLSessionInitializer initializer;
55 private final SSLSessionVerifier verifier;
56
57 public ConscryptClientTlsStrategy(
58 final SSLContext sslContext,
59 final SSLBufferMode sslBufferMode,
60 final SSLSessionInitializer initializer,
61 final SSLSessionVerifier verifier) {
62 this.sslContext = Args.notNull(sslContext, "SSL context");
63 this.sslBufferMode = sslBufferMode;
64 this.initializer = initializer;
65 this.verifier = verifier;
66 }
67
68 public ConscryptClientTlsStrategy(
69 final SSLContext sslContext,
70 final SSLSessionInitializer initializer,
71 final SSLSessionVerifier verifier) {
72 this(sslContext, null, initializer, verifier);
73 }
74
75 public ConscryptClientTlsStrategy(
76 final SSLContext sslContext,
77 final SSLSessionVerifier verifier) {
78 this(sslContext, null, null, verifier);
79 }
80
81 public ConscryptClientTlsStrategy(final SSLContext sslContext) {
82 this(sslContext, null, null, null);
83 }
84
85 @Override
86 public boolean upgrade(
87 final TransportSecurityLayer tlsSession,
88 final HttpHost host,
89 final SocketAddress localAddress,
90 final SocketAddress remoteAddress,
91 final Object attachment,
92 final Timeout handshakeTimeout) {
93 final String scheme = host != null ? host.getSchemeName() : null;
94 if (URIScheme.HTTPS.same(scheme)) {
95 tlsSession.startTls(
96 sslContext,
97 host,
98 sslBufferMode,
99 ConscryptSupport.initialize(attachment, initializer),
100 ConscryptSupport.verify(verifier),
101 handshakeTimeout);
102 return true;
103 }
104 return false;
105 }
106
107 }