View Javadoc
1   /*
2    * Copyright 2017 The Netty Project
3    *
4    * The Netty Project licenses this file to you under the Apache License,
5    * version 2.0 (the "License"); you may not use this file except in compliance
6    * with the License. You may obtain a copy of the License at:
7    *
8    *   https://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12   * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13   * License for the specific language governing permissions and limitations
14   * under the License.
15   */
16  package io.netty.handler.ssl;
17  
18  import io.netty.util.internal.PlatformDependent;
19  
20  import javax.net.ssl.SSLEngine;
21  import java.lang.reflect.InvocationTargetException;
22  import java.lang.reflect.Method;
23  
24  /**
25   * Contains methods that can be used to detect if conscrypt is usable.
26   */
27  final class Conscrypt {
28      // This class exists to avoid loading other conscrypt related classes using features only available in JDK8+,
29      // because we need to maintain JDK6+ runtime compatibility.
30      private static final Method IS_CONSCRYPT_SSLENGINE;
31  
32      static {
33          Method isConscryptSSLEngine = null;
34  
35          if ((PlatformDependent.javaVersion() >= 8 &&
36                  // Only works on Java14 and earlier for now
37                  // See https://github.com/google/conscrypt/issues/838
38                  PlatformDependent.javaVersion() < 15) || PlatformDependent.isAndroid()) {
39              try {
40                  Class<?> providerClass = Class.forName("org.conscrypt.OpenSSLProvider", true,
41                          PlatformDependent.getClassLoader(ConscryptAlpnSslEngine.class));
42                  providerClass.newInstance();
43  
44                  Class<?> conscryptClass = Class.forName("org.conscrypt.Conscrypt", true,
45                          PlatformDependent.getClassLoader(ConscryptAlpnSslEngine.class));
46                  isConscryptSSLEngine = conscryptClass.getMethod("isConscrypt", SSLEngine.class);
47              } catch (Throwable ignore) {
48                  // ignore
49              }
50          }
51          IS_CONSCRYPT_SSLENGINE = isConscryptSSLEngine;
52      }
53  
54      /**
55       * Indicates whether or not conscrypt is available on the current system.
56       */
57      static boolean isAvailable() {
58          return IS_CONSCRYPT_SSLENGINE != null;
59      }
60  
61      /**
62       * Returns {@code true} if the passed in {@link SSLEngine} is handled by Conscrypt, {@code false} otherwise.
63       */
64      static boolean isEngineSupported(SSLEngine engine) {
65          try {
66              return IS_CONSCRYPT_SSLENGINE != null && (Boolean) IS_CONSCRYPT_SSLENGINE.invoke(null, engine);
67          } catch (IllegalAccessException ignore) {
68              return false;
69          } catch (InvocationTargetException ex) {
70              throw new RuntimeException(ex);
71          }
72      }
73  
74      private Conscrypt() { }
75  }