1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28 package org.apache.hc.client5.http.ssl;
29
30 import java.lang.reflect.InvocationTargetException;
31 import java.lang.reflect.Method;
32
33 import javax.net.ssl.HostnameVerifier;
34 import javax.net.ssl.SSLContext;
35 import javax.net.ssl.SSLEngine;
36 import javax.net.ssl.SSLParameters;
37
38 import org.apache.hc.core5.annotation.Contract;
39 import org.apache.hc.core5.annotation.ThreadingBehavior;
40 import org.apache.hc.core5.http.nio.ssl.TlsStrategy;
41 import org.apache.hc.core5.http2.ssl.H2TlsSupport;
42 import org.apache.hc.core5.reactor.ssl.SSLBufferMode;
43 import org.apache.hc.core5.reactor.ssl.TlsDetails;
44 import org.apache.hc.core5.ssl.SSLContexts;
45 import org.conscrypt.Conscrypt;
46
47
48
49
50
51
52 @Contract(threading = ThreadingBehavior.STATELESS)
53 public class ConscryptClientTlsStrategy extends AbstractClientTlsStrategy {
54
55 public static TlsStrategy getDefault() {
56 return new ConscryptClientTlsStrategy(
57 SSLContexts.createDefault(),
58 HttpsSupport.getDefaultHostnameVerifier());
59 }
60
61 public static TlsStrategy getSystemDefault() {
62 return new ConscryptClientTlsStrategy(
63 SSLContexts.createSystemDefault(),
64 HttpsSupport.getSystemProtocols(),
65 HttpsSupport.getSystemCipherSuits(),
66 SSLBufferMode.STATIC,
67 HttpsSupport.getDefaultHostnameVerifier());
68 }
69
70 public ConscryptClientTlsStrategy(
71 final SSLContext sslContext,
72 final String[] supportedProtocols,
73 final String[] supportedCipherSuites,
74 final SSLBufferMode sslBufferManagement,
75 final HostnameVerifier hostnameVerifier) {
76 super(sslContext, supportedProtocols, supportedCipherSuites, sslBufferManagement, hostnameVerifier);
77 }
78
79 public ConscryptClientTlsStrategy(
80 final SSLContext sslcontext,
81 final HostnameVerifier hostnameVerifier) {
82 this(sslcontext, null, null, SSLBufferMode.STATIC, hostnameVerifier);
83 }
84
85 public ConscryptClientTlsStrategy(final SSLContext sslcontext) {
86 this(sslcontext, HttpsSupport.getDefaultHostnameVerifier());
87 }
88
89 @Override
90 void applyParameters(final SSLEngine sslEngine, final SSLParameters sslParameters, final String[] appProtocols) {
91 if (Conscrypt.isConscrypt(sslEngine)) {
92 sslEngine.setSSLParameters(sslParameters);
93 Conscrypt.setApplicationProtocols(sslEngine, appProtocols);
94 } else {
95 H2TlsSupport.setApplicationProtocols(sslParameters, appProtocols);
96 sslEngine.setSSLParameters(sslParameters);
97 }
98 }
99
100 @Override
101 TlsDetails createTlsDetails(final SSLEngine sslEngine) {
102 if (Conscrypt.isConscrypt(sslEngine)) {
103 return new TlsDetails(sslEngine.getSession(), Conscrypt.getApplicationProtocol(sslEngine));
104 }
105 return null;
106 }
107
108 public static boolean isSupported() {
109 try {
110 final Class<?> clazz = Class.forName("org.conscrypt.Conscrypt");
111 final Method method = clazz.getMethod("isAvailable");
112 return (Boolean) method.invoke(null);
113 } catch (final ClassNotFoundException | NoSuchMethodException | IllegalAccessException | InvocationTargetException e) {
114 return false;
115 }
116 }
117
118 }