View Javadoc
1   /*
2    * Copyright 2017 The Netty Project
3    *
4    * The Netty Project licenses this file to you under the Apache License,
5    * version 2.0 (the "License"); you may not use this file except in compliance
6    * with the License. You may obtain a copy of the License at:
7    *
8    *   https://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12   * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13   * License for the specific language governing permissions and limitations
14   * under the License.
15   */
16  package io.netty.handler.ssl;
17  
18  import io.netty.util.internal.PlatformDependent;
19  
20  import java.lang.reflect.InvocationTargetException;
21  import java.lang.reflect.Method;
22  import javax.net.ssl.SSLEngine;
23  
24  /**
25   * Contains methods that can be used to detect if conscrypt is usable.
26   */
27  final class Conscrypt {
28      // This class exists to avoid loading other conscrypt related classes using features only available in JDK8+,
29      // because we need to maintain JDK6+ runtime compatibility.
30      private static final Method IS_CONSCRYPT_SSLENGINE;
31  
32      static {
33          Method isConscryptSSLEngine = null;
34  
35          // Only works on Java14 and earlier for now
36          // See https://github.com/google/conscrypt/issues/838
37          if (PlatformDependent.javaVersion() < 15 || PlatformDependent.isAndroid()) {
38              try {
39                  Class<?> providerClass = Class.forName("org.conscrypt.OpenSSLProvider", true,
40                          PlatformDependent.getClassLoader(ConscryptAlpnSslEngine.class));
41                  providerClass.newInstance();
42  
43                  Class<?> conscryptClass = Class.forName("org.conscrypt.Conscrypt", true,
44                          PlatformDependent.getClassLoader(ConscryptAlpnSslEngine.class));
45                  isConscryptSSLEngine = conscryptClass.getMethod("isConscrypt", SSLEngine.class);
46              } catch (Throwable ignore) {
47                  // ignore
48              }
49          }
50          IS_CONSCRYPT_SSLENGINE = isConscryptSSLEngine;
51      }
52  
53      /**
54       * Indicates whether or not conscrypt is available on the current system.
55       */
56      static boolean isAvailable() {
57          return IS_CONSCRYPT_SSLENGINE != null;
58      }
59  
60      /**
61       * Returns {@code true} if the passed in {@link SSLEngine} is handled by Conscrypt, {@code false} otherwise.
62       */
63      static boolean isEngineSupported(SSLEngine engine) {
64          try {
65              return IS_CONSCRYPT_SSLENGINE != null && (Boolean) IS_CONSCRYPT_SSLENGINE.invoke(null, engine);
66          } catch (IllegalAccessException ignore) {
67              return false;
68          } catch (InvocationTargetException ex) {
69              throw new RuntimeException(ex);
70          }
71      }
72  
73      private Conscrypt() { }
74  }