View Javadoc
1   /*
2    * Copyright 2014 The Netty Project
3    *
4    * The Netty Project licenses this file to you under the Apache License,
5    * version 2.0 (the "License"); you may not use this file except in compliance
6    * with the License. You may obtain a copy of the License at:
7    *
8    *   https://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12   * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13   * License for the specific language governing permissions and limitations
14   * under the License.
15   */
16  package io.netty5.handler.ssl;
17  
18  import io.netty5.util.ReferenceCounted;
19  import io.netty5.util.internal.UnstableApi;
20  
21  import java.security.Provider;
22  
23  /**
24   * An enumeration of SSL/TLS protocol providers.
25   */
26  public enum SslProvider {
27      /**
28       * JDK's default implementation.
29       */
30      JDK,
31      /**
32       * OpenSSL-based implementation.
33       */
34      OPENSSL,
35      /**
36       * OpenSSL-based implementation which does not have finalizers and instead implements {@link ReferenceCounted}.
37       */
38      @UnstableApi
39      OPENSSL_REFCNT;
40  
41      /**
42       * Returns {@code true} if the specified {@link SslProvider} supports
43       * <a href="https://tools.ietf.org/html/rfc7301#section-6">TLS ALPN Extension</a>, {@code false} otherwise.
44       */
45      @SuppressWarnings("deprecation")
46      public static boolean isAlpnSupported(final SslProvider provider) {
47          switch (provider) {
48              case JDK:
49                  return JdkAlpnApplicationProtocolNegotiator.isAlpnSupported();
50              case OPENSSL:
51              case OPENSSL_REFCNT:
52                  return OpenSsl.isAlpnSupported();
53              default:
54                  throw new Error("Unknown SslProvider: " + provider);
55          }
56      }
57  
58      /**
59       * Returns {@code true} if the specified {@link SslProvider} supports
60       * <a href="https://tools.ietf.org/html/rfc8446">TLS 1.3</a>, {@code false} otherwise.
61       */
62      public static boolean isTlsv13Supported(final SslProvider sslProvider) {
63          return isTlsv13Supported(sslProvider, null);
64      }
65  
66      /**
67       * Returns {@code true} if the specified {@link SslProvider} supports
68       * <a href="https://tools.ietf.org/html/rfc8446">TLS 1.3</a>, {@code false} otherwise.
69       */
70      public static boolean isTlsv13Supported(final SslProvider sslProvider, Provider provider) {
71          switch (sslProvider) {
72              case JDK:
73                  return SslUtils.isTLSv13SupportedByJDK(provider);
74              case OPENSSL:
75              case OPENSSL_REFCNT:
76                  return OpenSsl.isTlsv13Supported();
77              default:
78                  throw new Error("Unknown SslProvider: " + sslProvider);
79          }
80      }
81  
82      /**
83       * Returns {@code true} if the specified {@link SslProvider} enables
84       * <a href="https://tools.ietf.org/html/rfc8446">TLS 1.3</a> by default, {@code false} otherwise.
85       */
86      static boolean isTlsv13EnabledByDefault(final SslProvider sslProvider, Provider provider) {
87          switch (sslProvider) {
88              case JDK:
89                  return SslUtils.isTLSv13EnabledByJDK(provider);
90              case OPENSSL:
91              case OPENSSL_REFCNT:
92                  return OpenSsl.isTlsv13Supported();
93              default:
94                  throw new Error("Unknown SslProvider: " + sslProvider);
95          }
96      }
97  }