1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28 package org.apache.hc.core5.http2.ssl;
29
30 import java.net.SocketAddress;
31
32 import javax.net.ssl.SSLContext;
33
34 import org.apache.hc.core5.concurrent.FutureCallback;
35 import org.apache.hc.core5.http.HttpHost;
36 import org.apache.hc.core5.http.URIScheme;
37 import org.apache.hc.core5.http.nio.ssl.TlsStrategy;
38 import org.apache.hc.core5.net.NamedEndpoint;
39 import org.apache.hc.core5.reactor.ssl.SSLBufferMode;
40 import org.apache.hc.core5.reactor.ssl.SSLSessionInitializer;
41 import org.apache.hc.core5.reactor.ssl.SSLSessionVerifier;
42 import org.apache.hc.core5.reactor.ssl.TransportSecurityLayer;
43 import org.apache.hc.core5.ssl.SSLContexts;
44 import org.apache.hc.core5.util.Args;
45 import org.apache.hc.core5.util.Timeout;
46
47
48
49
50
51
52
53 public class ConscryptClientTlsStrategy implements TlsStrategy {
54
55 private final SSLContext sslContext;
56 private final SSLBufferMode sslBufferMode;
57 private final SSLSessionInitializer initializer;
58 private final SSLSessionVerifier verifier;
59
60 public ConscryptClientTlsStrategy(
61 final SSLContext sslContext,
62 final SSLBufferMode sslBufferMode,
63 final SSLSessionInitializer initializer,
64 final SSLSessionVerifier verifier) {
65 this.sslContext = Args.notNull(sslContext, "SSL context");
66 this.sslBufferMode = sslBufferMode;
67 this.initializer = initializer;
68 this.verifier = verifier;
69 }
70
71 public ConscryptClientTlsStrategy(
72 final SSLContext sslContext,
73 final SSLSessionInitializer initializer,
74 final SSLSessionVerifier verifier) {
75 this(sslContext, null, initializer, verifier);
76 }
77
78 public ConscryptClientTlsStrategy(
79 final SSLContext sslContext,
80 final SSLSessionVerifier verifier) {
81 this(sslContext, null, null, verifier);
82 }
83
84 public ConscryptClientTlsStrategy(final SSLContext sslContext) {
85 this(sslContext, null, null, null);
86 }
87
88
89
90
91
92
93 public ConscryptClientTlsStrategy() {
94 this(SSLContexts.createSystemDefault(), null, null, null);
95 }
96
97
98
99
100
101
102 public ConscryptClientTlsStrategy(final SSLSessionVerifier verifier) {
103 this(SSLContexts.createSystemDefault(), verifier);
104 }
105
106 @Override
107 public void upgrade(
108 final TransportSecurityLayer tlsSession,
109 final NamedEndpoint endpoint,
110 final Object attachment,
111 final Timeout handshakeTimeout,
112 final FutureCallback<TransportSecurityLayer> callback) {
113 tlsSession.startTls(
114 sslContext,
115 endpoint,
116 sslBufferMode,
117 ConscryptSupport.initialize(attachment, initializer),
118 ConscryptSupport.verify(verifier),
119 handshakeTimeout,
120 callback);
121 }
122
123
124
125
126 @Deprecated
127 @Override
128 public boolean upgrade(
129 final TransportSecurityLayer tlsSession,
130 final HttpHost host,
131 final SocketAddress localAddress,
132 final SocketAddress remoteAddress,
133 final Object attachment,
134 final Timeout handshakeTimeout) {
135 final String scheme = host != null ? host.getSchemeName() : null;
136 if (URIScheme.HTTPS.same(scheme)) {
137 upgrade(tlsSession, host, attachment, handshakeTimeout, null);
138 return true;
139 }
140 return false;
141 }
142
143 }