View Javadoc

1   /*
2    * Copyright 2017 The Netty Project
3    *
4    * The Netty Project licenses this file to you under the Apache License,
5    * version 2.0 (the "License"); you may not use this file except in compliance
6    * with the License. You may obtain a copy of the License at:
7    *
8    *   http://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12   * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13   * License for the specific language governing permissions and limitations
14   * under the License.
15   */
16  package io.netty.handler.ssl;
17  
18  import io.netty.util.internal.PlatformDependent;
19  
20  import javax.net.ssl.SSLEngine;
21  import java.lang.reflect.Method;
22  
23  /**
24   * Contains methods that can be used to detect if conscrypt is usable.
25   */
26  final class Conscrypt {
27      // This class exists to avoid loading other conscrypt related classes using features only available in JDK8+,
28      // because we need to maintain JDK6+ runtime compatibility.
29      private static final Class<?> CONSCRYPT_CLASS = getConscryptClass();
30  
31      /**
32       * Indicates whether or not conscrypt is available on the current system.
33       */
34      static boolean isAvailable() {
35          return CONSCRYPT_CLASS != null && PlatformDependent.javaVersion() >= 8;
36      }
37  
38      static boolean isEngineSupported(SSLEngine engine) {
39          return isAvailable() && isConscryptEngine(engine, CONSCRYPT_CLASS);
40      }
41  
42      private static Class<?> getConscryptClass() {
43          try {
44              Class<?> conscryptClass = Class.forName("org.conscrypt.Conscrypt", true,
45                      ConscryptAlpnSslEngine.class.getClassLoader());
46              // Ensure that it also has the isConscrypt method.
47              getIsConscryptMethod(conscryptClass);
48              return conscryptClass;
49          } catch (Throwable ignore) {
50              // Conscrypt was not loaded.
51              return null;
52          }
53      }
54  
55      private static boolean isConscryptEngine(SSLEngine engine, Class<?> conscryptClass) {
56          try {
57              Method method = getIsConscryptMethod(conscryptClass);
58              return (Boolean) method.invoke(null, engine);
59          } catch (Throwable ignore) {
60              return false;
61          }
62      }
63  
64      private static Method getIsConscryptMethod(Class<?> conscryptClass) throws NoSuchMethodException {
65          return conscryptClass.getMethod("isConscrypt", SSLEngine.class);
66      }
67  
68      private Conscrypt() { }
69  }